Checking and correcting DNS for mail delivery

Can I start by saying please be gentle - I’m not exactly sure what I’m doing…

I have a website which is hosted by a UK company and I use cPanel to set up email and things like that. I enabled Cloudflare a while ago, and I’ve got a much quicker loading time than I used to have. However, I’ve noticed that a lot of emails which I send, seem to be going into people’s Spam or Junk folders. Especially with gmail and outlook accounts.

I was pointed in the direction of DNS, and checked on my cPanel “Mail Deliverability” tab, to see a message reading: The system sends the domain “mydomain.co.uk” in the SMTP handshake for this domain’s email. “mydomain.co.uk” resolves to “172.67.193.xx” and “104.21.20.xx”, not “xx.xx.xxx.xx”.

To fix this problem, contact your system administrator and request that they create a DNS “A” record for “mydomain.co.uk” whose value is “xx.xx.xxx.xx”.

I asked for advice from their service desk, and was told "This issue was caused due that your domain pointed to the third party name servers, namely cloud flare
In order to resolve this problem, we recommend you to change MX record to mail.mydomain.co.uk and create A record for mail (xx.xx.xxx.xx)
Please contact cloudflare support, they should help you with this problem

I’ve looked at my cloudflare DNS panel, and I can see an MX record which I think is right. However the problem(s) still persist.

So can anyone help me through this - and is it safe to post the site names and IP addresses in this community, or am I doing the correct thing by “xx”-ing them?

Thanks to anyone who can advise - I really don’t understand much more than very simple DNS lookups.

1 Like

Hi @dave12,

Can you share the domain name here? Sharing the public Cloudflare IPs is fine, but it’s generally not recommended to share your origin server IP if you’re not sure.

Thank you - and yes, I’ll change the domain name in the original post. I wonder if that’s why it’s been marked as spam - as I used the phrase mydomain and I think that actually exists somewhere.

In fact - I can’t change it as I can’t see my post anymore - like you said, it’s been hidden.
Domain name is incawed.co.uk

Thanks for that, I’ve requested a moderator looks at your thread and unhides it. Not sure how long that will be, though.

With the issue, if you look in your Cloudflare dashboard, does the MX record with name incawed.co.uk point to mail.incawed.co.uk or just incawed.co.uk?

1 Like

Perfect, thanks.

Hopefully you also see an A record with name mail in there?

If so, can you edit that record and change the :orange: proxied status to :grey: unproxied?

Currently Cloudflare is trying to proxy the mail record, but that will not work, as it is not HTTP based traffic. Unproxying it should mean it resolves directly to your server and works as expected.

Excuse the dreadful scribble… That’s removed the ! from the MX record and the A record now looks like this?

1 Like

No worries, that looks like it should work now.

DNS Checker shows your MX pointing to the mail hostname → DNS Checker - DNS Check Propagation Tool
And that hostname resolving to your server’s IP → DNS Checker - DNS Check Propagation Tool

That means that Cloudflare isn’t involved in your mail any more and it should go directly to your server.

The warning mark is saying that the IP address of your server is exposed here, but as Cloudflare doesn’t proxy email, there is nothing you can do about this. If you host your website and emails on the same server, you will always have that warning.

Hopefully everything works as expected for you, now!

1 Like

Still have the same message in cPanel though - and since you can now see the IP via DNS checker, I might as well post a screenshot of the message to see if it makes sense to you…
Screenshot 2021-06-29 135600


Guessing this might need to be unproxied too, but wouldn’t that defeat the object?

Ah, I see. There is not a lot you can do about that warning as that is basically expecting you to disable Cloudflare.

Yes, that is what the message is referring to, but you are right, that would remove the benefits of using Cloudflare.

The fact that your website resolves to different IPs than your mail server should not cause an issue and it’s a very common setup. I’ll move this into a public thread which hopefully won’t get hidden and will merge it back to your original when a moderator is around. That way, hopefully someone else can shed some more light on this!

1 Like

Thanks a million for all your help!

1 Like

This shouldn’t actually be an issue, unfortunately that is something that will continue to show, unless you disable Cloudflare. It shouldn’t be like that, though as it should send the MX record’s domain, not the root.

Unless it doesn’t actually work because it prevents you, everything should be fine, provided you set-up SPF and DKIM correctly. The best solution is always to use better mail providers and not cPanel’s which is always a bit of an issue, in addition to exposing your IP.

1 Like

Sorry to sound naive, but does that mean I can have another supplier handle my emails and use cloud flare to split the DNS? I’d never thought of that…

Yes, most definitely. It doesn’t even require Cloudflare.

If you use one of the big ones (Google, Microsoft, etc.) you simply configure MX records that point to them and then access the mail from their UI. Your server will be totally free from handling those and you’ll get better everything (spam, UI, storage, search, etc.).

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.