Cloudflare and outgoing mail

I think Cloudflare is preventing my site from sending email. I did a connectivity test the following were the results.
:white_check_mark: :lock: Port 443 can be used with the Mandrill API.
:white_check_mark: :lock: Port 443 can be used with the SendGrid API.
:white_check_mark: :lock: Port 443 can be used with the Mailgun API.
:x: No outbound route between this site and the Internet on Port 465.
:x: No outbound route between this site and the Internet on Port 25.
:x: No outbound route between this site and the Internet on Port 587.

I dont think its my mail plugin as that was working after its last update, and stopped after i signed up for Cloudflare.
Any advice?

Outbound connections from “this site” (which I think means your origin server in this context) and the Internet do not pass via Cloudflare - so it won’t be Cloudflare causing this.

What that says to me is your origin server cannot make outbound connections on those ports - you’d need to speak to your host to confirm why.

1 Like

I checked with my host and they said those ports are open. I Think i mean my SMPTS. which handles the mail for my website. i wish could be more specific but i don’t know enough about what im even looking at

From what server is that connectivity test being run? That is where the issue will be. I’m assuming that test is running on your origin hence your hosts would need to help you understand why those ports cannot connect.

Im running the test from a word-press dashboard using a Post SMPT plugin. I don’t know if that means the test is run on the hosts server or not. i know that it worked after i updated that plugin 2 weeks ago, and stopped after i signed up for Cloudflare and updated the DNS information to Cloudflare.

Either way, thank you for taking some time to try to help me. A stranger on the internet really appreciates it.

1 Like

Hi stranger!

So yep if it’s a Wordpress plugin that plugin will be running wherever your Wordpress is installed. Wordpress doesn’t run on Cloudflare - it runs on your origin server. So, that test is telling you that your origin server has No outbound route between this site and the Internet on Port 465 for example.

That wording is strange to me - because it’s not clear exactly what it is attempting connecting to for that test. You’d be best to ask the plugin authors if your hosting provider confirms outbound connections from your server to the internet on Port 25/465/587 are not impeded - you could also test for yourself at the commandline of the server by running telnet a-mail-server.com 25 - replacing a-mail-server.com with a known working mail server.

Thank you for getting back to me!

My hosting companies exact response was
"Unfortunately, we can’t be much help. Port 465, 25 and 587 are open on your account.

It’s possible there’s an incorrect configuration at Cloudflare. You might want to check with them.

Or check with the plugin developer. If it turns out we need to update something on our end, we’re happy to do it."

I have left a comment on the support forum for the plugin, but it looks like responses there can be on the order of days. So im just trying other things while i wait for a response.

where would i find the command line for the server? somewhere on cpanel?

and thank you again. trying to diagnose a problem with my level of know how feels like throwing darts blindfolded. im not sure im even in the same room as the board and these darts might be pasta noodles.

1 Like

Greetings,

Thank you for asking.

I am sorry to hear you are experiencing an issue with receiving and/or sending e-mails while using Coudflare for your domain name.

Can you share your domain name?
Is A mail hostname unproxied and set to :grey: (DNS-only)?
Is your WordPress plugin configured to use A mail hostname for sending e-mails?
is your MX record pointed to unproxied :grey: (DNS-only) A mail hostname?

Kindly, I’d suggest you to download and install below plugin as far as it works perfectly for WordPress, just configure it to use your Google Workspace e-mail with the credentials:

Kindly, see below suggestions and tips for troubleshooting.

Usually, the MX record should point to a hostname such as mail , and the A (or CNAME ) type record for that hostname should be set to :grey: (DNS Only).

Furthermore, if you recently moved your domain to your Cloudflare account, I could try to troubleshoot at first sight without knowing anything other as it could be related to either:

  1. Wrongly setup e-mail related DNS records at the DNS tab of Cloudflare dashboard for your domain name
  2. Possibly missing some TXT/CNAME records (for SPF, DKIM, DMARC if so?)
  3. You are using a hostname like yourdomain.com which is :orange: (proxied) rather than the unproxied :grey: (DNS-only) like mail.yourdomain.com (possible this one not existing or is :orange: instead of being :grey:) at the DNS tab of Cloudflare dashboard, in your e-mail client for sending/receiving server (MS Outlook, Mozilla Thunderbird, etc.)

May I suggest checking below article if your e-mail records (usually the A mail and the MX record) are configured properly while you are using Cloudflare for your domain name:

1 Like

the domain name is goodbudsme.com

i think the mail hostname is unproxied if its the mx on the dns tab.
i think the plugin is configured to use SMTP, I’m not really sure im looking at the right thing though.

there is a A webmail that is proxied, a cname labeled mail that is proxied, and the MX which is not.

I will try to go through the trouble shooting, but im not sure i understand it

the target of the MX record is :orange:, and that is likely the cause of the issue. If the target is email, then the A record for email needs to be :grey:.

When I look up the MX record it looks like this;
goodbudsme.com. 300 IN MX 0 _dc-mx.8a6947b4ab2e.goodbudsme.com.

The _dc-mx convention is a change made by Cloudflare to make sure your email is still delivered when you incorrectly point the MX at a DNS record that is :orange:.

2 Likes

How do i tell which item in the dns tab is the A record for email? i tried turning off the one labeled webmail and the one labeled mail and that didn’t help

And thank you two for taking the time to try to help me. i really appreciate it

What is the target of your MX record? Whatever it is, look for the matching A record.

Okay, i shut off two of them and it seems to be doing better. i get regular emails sent, but not emails sent as text messages.

i ran the connectivity test again and port 465 is still showing closed and the summary of the test looks like
:white_check_mark: :lock: Port 25 can be used for SMTP to mail.goodbudsme.com. Warning: connected to netcoservers4.com instead of goodbudsme.com.
:white_check_mark: :lock: Port 443 can be used with the Mailgun API.
:white_check_mark: :lock: Port 443 can be used with the Mandrill API.
:white_check_mark: :lock: Port 587 can be used for SMTP to mail.goodbudsme.com. Warning: connected to netcoservers4.com instead of goodbudsme.com.
:white_check_mark: :lock: Port 443 can be used with the SendGrid API.
:white_check_mark: :lock: Port 465 can be used for SMTP to mail.goodbudsme.com. Warning: connected to netcoservers4.com instead of goodbudsme.com.

any ideas?

As it’s not default port, might always show close if it’s not open, otherwise any firewall running?
Furthermore, either if it is open, is postfix / email service configured for SMTPs and SSL and listening on port 465?
What tool are you using to check?

Thank you so much for checking beck in with me!

no firewall that i have set up. my hosting company might i suppose, but they told me the ports were open on their end.

mail type is set up for SMPT with security set to smpts. the out going mail server port is set to 465. the only tools i have used to check are part of the plugin.

i got a bounce back email for the email i tried to send via sms to my phone number last night. It contains some of the following, which i hope I have properly redacted

host vrz-sms.mx.a.cloudfilter.net [IP address redacted]
SMTP error from remote mail server after initial connection:
554 vrz-ibgw-5003a.ext.cloudfilter.net cmsmtp [ip address redacted] is listed on Cloudmark CSI-Global.

they want me to send them some information, I’m guessing i triggered some kind of anti spam stuff.

Google also sent me a dmarc support email which contained a file that seems to have some html code? not sure exactly

any advice would be appreciated

I’ve used this plugin forever (and since the new plugin developer took it over from it being abandoned about 5 years ago) - Post SMTP Mailer/Email Log – WordPress plugin | WordPress.org

Is this the one you’re using?

If so I recommend making sure your administrative user is the one on the Wordpress settings page - https://goodbudsme.com/wp-admin/options-general.php is the email you’d like to use. If you want to use a top level email from your domain I have better suggestions than relying on your host for assistance.

On your contact us page you are using a gmail. If that’s what you’d like to use and it is not in the WP setting then I understand the failure. I presume though that you are trying to use your domain mail and that is why the ports are failing even though your host guarantees the ports are open the way your MX is setup is the failure point.

The SMTP plugin relies on several factors and you are using “webmail” from your host which is a sore point in using SMTP anyway. If you hosted your mail on Google Workspace (small cost but if your in business should not be an issue to spend $10/month for reliability) or MS365 etc… Free Gmail is also and option and read below (I guarantee it will use the ports correctly as it has nothing to do on the server)

The reason why it shows success on sendgrid and mandrill is because you can offload mail using CNAMES with one of their free levels of service. If you want to use gmail then put your gmail (at least to test) in the WP settings page or get a workspace account either/or.

Workspace for professional mail is recommmended unless your a Microsoft person then I’d suggest MS365. Then you have 5 top level MX records (workspace) to do mail professionally and it will work out of the box. If you go with gmail or google workspace then you have the choice to build an actual app on google to deliver your mail from WordPress. (You will have to ensure the admin mail address is updated and the easiest workaround for this is to change it directly in your database on that USER ID line) if your mail is not working.

I host many woocommerce customers using these methods including the Sendgrid or Google APPs products and since they rely on us to make sure their customers are getting every mail, it would be a nightmare if we hadn’t used this setup going on for over 10 years.

You may be hesitant in moving your mail for fear of messing something up. Don’t be. I’ve movex folks from webmail to Google Apps, to MS365 and even Zoho (read below) and not everyone needs to migrate their mail but the mail on the previous server doesn’t get lost even when changing MX records. The records only serve to point and make the mail work.

Another free option (although I don’t recommend this as much as the ones above) is Zoho domain mail. It works reliably but doesn’t do the relaying of mail as good on a free account. A paid account on Zoho is (I think) only about $2 bucks a month.

I feel the frustration you must be having and DNS my sound easy from the outside but you have to work in it often to get comfortable.

Wow, thank you Stuart for taking the time to write all that!

I am using the Post SMPT plugin. Im not using the gmail account for this. I am using the domain mail for this. The administrative user on wordpress and the plugin are the same.

I got email going to and from working by changing some of the dns proxy setting on Cloudflare. but in the process seem to have triggered some kind of anti spam function. Now I cannot send messages to my [email protected] address from either my domain email account or from my regular google account. Which is unfortunate as that was how i was made aware of incoming orders. Though oddly enough an old yahoo account i have still sends to that phone number address just fine.

Yes i am absolutely terrified of messing something up and just breaking everything. I spent nearly 2 months working everyday to set this thing up and breaking it would be really disheartening. In hind sight i should have written down everything i did and why i did it.

I do not have time to try moving my mail at the moment, but I should have some time later today to look into your suggestions.

Again, thank you very much for taking the time to try and help me

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.