Just a quick tip I learned the hard way: if you want to host a website on GitHub Pages, make sure to only point the www-subdomain, and not the “naked”, apex domain, in case you’re using it for email mailboxes.
I learned the hard way that the A records pointing to GitHub’s IPs will cause all email, and I really mean ALL email, to be blocked. Not outgoing email – but incoming!
But as usual, we need to take a step back. What was I trying to do?
Background
I was following the guide from GitHub on how to set up a custom domain for GitHub Pages. I already knew from earlier experience that a website should be available from both “naked”/apex domain and www subdomain – because you will have people using both.
So in my case, both magpie.fi and www.magpie.fi needed to work.
I read through the docs and used this table as a reference:
Based on that, I created the following setup:
| magpie.fi. | A | 185.199.108.153 |
| magpie.fi. | A | 185.199.109.153 |
| magpie.fi. | A | 185.199.110.153 |
| magpie.fi. | A | 185.199.111.153 |
| www.magpie.fi. | CNAME | <user>.github.io |
The rest of my records (for example, subdomains like mail, cpanel, ftp etc) I configured to point to the IP address of the server my webhotel was hosted on.
Having set up the Apex domain and the subdomain, the site on GitHub Pages worked nicely. For a short moment, I was happy with my work.
Problem
That is, until I realized my emails weren’t coming through anymore.
Through into my mailbox. Outgoing mail worked just fine. Which was pretty weird.
Being the crafty old Exchange admin I am, I started to investigate using Message Trace in Exchange Admin center:
And in text form:
Error: 550 5.4.318 Message expired, connection reset (SuspiciousRemoteServerError), 450 4.4.318 Connection was closed abruptly (SuspiciousRemoteServerError)From the details, I pulled out this:
Reason: [{LED=450 4.4.318 Connection was closed abruptly (SuspiciousRemoteServerError)};{MSG=};{FQDN=mx1.cloudhosting.uk};{IP=185.53.56.44};{LRT=1/8/2025 3:59:04 PM}]. OutboundProxyTargetIP: 185.53.56.44. OutboundProxyTargetHostName: mx1.cloudhosting.uk… so my own web hosting provider’s email server is deciding my own mailbox is so suspicious, it doesn’t even deserve to receive email anymore? What on Earth?
Well – upon closer inspection (and a quick message to Krystal’s support), they verified all of the GitHub’s IP addresses I used for the configuration are black-/blocklisted by the anti-spam service they use.
Url below for your reference.
https://check.spamhaus.org/results?query=185.199.108.153
So I was left with 2 options:
- Disable anti-spam service, or
- Remove the GitHub IP addresses
Alright. So let’s fix it.
I wasn’t going to disable my anti-spam service. So I had to go through option 2.
Realizing I can just handle the magpie.fi -> www.magpie.fi traffic by a simple HTTP Redirection (HTTP 301), I was left with the final part.
Solution
What I actually needed, was the following configuration:
| www.magpie.fi | CNAME | <user>.github.io |
Admittedly, had I understood the documentation properly – scenarios are partially alternatives, not necessarily all applicable to your case – and were satisfied with the simple 301 redirect, I would’ve avoided losing a couple of days of emails to an email address I don’t really use. But we live and we learn, I guess.
He's been a developer from 2004 (starting with PHP and Java), and he's been working on .NET projects, Azure, Office 365, SharePoint and a lot of other stuff. He's also Microsoft MVP for Azure.
This is his personal professional (e.g. professional, but definitely personal) blog.
- Join my session at CTTT25 this week: Level Up Your Teams Extensibility Game with Blazor | Session materials from Cloud Technology Townhall Tallinn 2025! - January 28, 2025
- How to identify which wifi band your Decos are using? - January 21, 2025
- Don’t assign root domain to GitHub Pages if you use it for email! - January 14, 2025
