Can't Send or Receive EMail

We cannot access email from a client location, but CAN in other places. The trace stops at Cloudflare on the 14th hop. I’ve attached an image with our settings.

It WAS working until around 10 days ago… help!?

Here are my settings and the latest trace route.

We’ve clicked on those 2 orange clouds since, turning them gray but it made no change.

Well if the CloudFlare IPs are cached localy at your System you should wipe the DNS Cache entrys after bypassing the DNS (gray cloud) at CloudFlare Dashboard.
If you dont know how to do so:

wait untill the TTL passes and your Router/PC have to resolve the Domain again.

Also: pls never, never never proxy MX Entrys through CF!
This does not work…

1 Like

What I’m seeing right now doesn’t match your DNS picture.

You have an MX record that points to your main hostname. Your main hostname is set to :orange: in the picture, but a lookup shows it’s set to :grey:.

You have a CNAME for ‘mail’ that also points to your main hostname…which is set to :orange: in the picture. Mail services (IMAP/POP/SMTP) can involve servers set to :orange:.

Webmail is just a website, so reaching that isn’t an issue. But when ‘webmail’ tries to make a mail services connection, it’s those records I already mentioned that are going to be the problem.

1 Like

None of the clouds are any longer grey. I changed those earlier but it made no difference.

I believe that M4rtin is suggesting we clear the cache in Cloudflare, and I will do that, and then have them try restarting the router/modem tomorrow.

sdayman… what’s odd, is I know that webmail is a website, and from most locations we can access it, EXCEPT the location of the company. They can neither access email using Outlook OR Webmail. (but they were able to a week ago)

We’re wondering if the IP has been blacklisted by their provider or something, since it it traces to Cloudflare.

Any thoughts on that?

Just saw you did a lot of mistakes:

  1. you do have a seperate subdomain for Mail (mail.vulcanwaterproofing.com) but you point your MX entrys to vulcanwaterproofing.com instead of mail.vulcanwaterproofing.com
  2. also vulcanwaterproofing.com is getting proxied. All domains/subdomains your MX entrys are pointing at are not allowed to be proxied! Also if you CNAME them to any other DNS entry.

Pls set it up like this:

  • A vulcanwaterproofing.com (:orange:) --> 78.142.8.56
  • CNAME webdisk (:orange:) --> vulcanwaterproofing.com
  • CNAME webmail (:orange:) --> vulcanwaterproofing.com
  • A mail (:grey:) --> 78.142.8.56
  • MX vulcanwaterproofing.com --> mail.vulcanwaterproofing.com

Keep the rest. After this it will work, but if your Browser and the Servers have already cached the proxied result you may have to wait untill the TTL is reached and they resolves the Domain again.

Also I would recommend you never keep the Mail-Server and the Web-Server one the same physical machine! Thats bad practice and also exposes your origin Domain, even if CF gives your the chance to hide it. This will automatically be the case as you cant proxy Mail Requests and MX entrys

(…well you can but then it will not work anymore by definition!)

No… clear the DNS cache from your Server if he resolved your MX entrys while they have been proxied. CF Cache does not have to do anything with this problem right now.

this is the actual behaviour of your setup (at least of the one you provided with your screenshot) as you point your MX entry to your QDN (vulcanwaterproofing.com) which actually gets proxied by CF, so your MX entry will resolve to CF which makes it unusable. You shall not proxy any MX entrys

Solution (as shown above):

  1. point your MX entry to (mail.vulcanwaterproofing.com)
  2. point mail.vulcanwaterproofing.com with an unproxied (:grey:) A record to your plain IP on which your Mail Server is set up

This is what it looks like now… I will clear the cache on the server as well.

What is confusing is this has always worked as shown, until around 10 days ago.

Thanks you for your help…

Pls adjust your MX entry and point it to “mail.vulcanwaterproofing.com” Mail needs FQDN anyway

… ah ■■■■ just do as shown above :wink:

So edit the existing MX entry and create a NEW A record?

No, do it like this:

  1. edit the existing MX entry to point to ( mail.vulcanwaterproofing.com )
  2. delete the CNAME (mail)
  3. create a new A entry (mail) that points to 78.142.8.56 (without Proxy! :grey:)

Then test your Mail :slight_smile:

Ok… I wasn’t sure to change the webmail A entry or change the CNAME (mail) but I think I’ve got it.

They won’t be able to test it until they’re in tomorrow.

How does this look?

And I assume I need to clear the cache…

Should work now. Pls test it and report back.

Also: you can (and you should) proxy ALL entrys BUT NOT the one from A (mail & ftp). But all others.
Also it would be much more easy to manage if you convert the A-Records (all but not for mail & ftp) to CNAMES which are pointing to @ (vulcanwaterproofing.com) as the IP always stays the same.

Sounds good… I’ll report back tomorrow. Thank you SO MUCH!

Nick

They restarted everything at the location and said it’s still not working. I saw a post elsewhere saying the same thing, it was working and then suddenly around 10 days ago their email stopped as well.

I’m also sending in a ticket.

Sorry for the late response.
But this problem is not related to CF.

It have to be at the end of Centrilogic, Inc. as CloudFlare correctly bypassed it without proxying it.

Also https://mxtoolbox.com/SuperTool.aspx can not test your MailServer.
Just enter vulcanwaterproofing.com and click “Test Mail Server”

This topic was automatically closed after 31 days. New replies are no longer allowed.