Cloudflare and CNAME record issue

When I try to enter to my website with mail.domain.com, I get “Invalid Certificate” error message (Code: 526)
But everything else is working fine (https://domain.com and www.domain.com)
In my CF panel i set up Full (Strict) mode and I have let’s encrypt installed on my origin server.
Also, when I try to request new cetificate on my webmin I get error message for mail.domain.com

That means that whatever server you’ve pointed mail.example.com to doesn’t have a valid SSL certificate for that hostname (mail.example.com).

Okay, but if I remove CNAME record from cf’s DNS, will my origin IP be exposed?

Your origin IP address has to be exposed to receive email. That’s the downside of hosting email and websites on the same server.

But I’m sending mails only via third yandex’s SMTP server, not directly via PHP Mail from my server. Will it still be exposed?
I also have set up DKIM and SPF

Noone knows the answer?