Configuration or rule for: "Failed Sending Notification" with the error "the domain is blacklisted"

Sam.Pillay · December 7, 2018, 2:47pm

Hello,

We have various environments for development and testing where all emails from Auth0 are trapped via a fake SMTP server (MailTrap in this case).
Our testers are using various fake email domains for their testing which appear to be black listed for emailing by Auth0.

When a user with a blacklisted email domain attempts to reset their password, they receieve a successful message:
“We’ve just sent you an email to reset your password.”
however the logs show “Success Change Password Request” for that user, followed by “Failed Sending Notification” with the error “the domain is blacklisted”.

I have tried follow the below for white listing the domaons, but I assume this is for access and not emailing:

The user also appears to be able to authenticate through Auth0, so I assume it is just emailing that is blacklisted?

I have yet to see any configuration to change the black listsing in our test environment, nor a rule example to work around this.
I have tried turning off the anomoly detection, but this did not seem to allow the email to send (and is not in the related Auth0 docs).

Any help or guidance would be greatly appreciated.
If configuration of this is not supported, this would be helpful to know so I can report this to our testers.

Thanks,
Sam

charsleysa · December 8, 2018, 2:56am

Hi @Sam.Pillay

Are you using the default Auth0 SMTP mailer or your own custom SMTP mailer?

If using the default Auth0 SMTP mailer there are restrictions and you may have more luck setting up your own SMTP mailer (docs).

Hope this helps!

Sam.Pillay · December 10, 2018, 8:09am

Thanks charsleysa,
We are using a Custom Email Provider via a thrid party SMTP server at the moment, so I will recheck all the settings.

Sam.Pillay · January 2, 2019, 10:56am

Hi, does anybody else in the community have any insight into this?
The settings used for a Custom Email Provider via a thrid party SMTP server do not appear to include any black listing options, so I am still under the impression this is done by Auth0.

Thanks,
Sam
Happy New Year!

Sam.Pillay · January 7, 2019, 9:29am

Hello,

Following communication with Auth0 Support, I can confirm this feature is not configurable and is not documented.
I have submitted feedback for this to be documented and potentially configurable for non-production environments.

Pending documentation, I have been informed the current email domain blacking listing includes:

'user.com',
'test.com',
'abc.com',
'example.com',
'test.com',
'b.c',
'1.com',
'11.com',
'2.com',
'3.com',
'4.com',
'a.com',
'test.be',
'test.dk',
'nope.com',
'abcdefg.com',
'nowhere.com',
'something.com',
'www.www'

Topic		Replies	Views
Auth0 blacklisted domain can still signup but can't receive mails Get Help login-experience , reset-password-prompt-new-experience	2	1360	May 10, 2023
Auth0 emails coming from black listed IP Get Help auth0	2	2359	December 14, 2020
Not Receiving OTP Emails – travel.world Domain Blacklisted in Auth0 Default Email Provider Get Help email-providers , free-trial	2	136	February 4, 2025
Password reset email shows successful in log, but isn't received by certain domain Get Help password-reset , email	2	1795	December 21, 2022
How do I un-blacklist an email domain? Get Help login-experience , new-universal-login-experience	2	236	December 18, 2024

Configuration or rule for: "Failed Sending Notification" with the error "the domain is blacklisted"

Related topics