Cloudflare has a blacklisted IP address for email deliverability


#1

We noticed that one of Cloudflare’s IP addresses associated with our domain is blacklisted by one of the DNS based email blacklists. Even if our domain is using good email practices, other domains using this Cloudflare IP might be getting marked as spam. I believe this can easily have a negative impact on our email deliverability.

So, I was wondering if we could prevent our app from using this particular IP address. Is this possible?

Blacklist check:
https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3A104.31.74.88&run=toolpage

Domains associated with this IP address:
https://viewdns.info/reverseip/?host=104.31.74.88&t=1


#2

Is this causing a problem with email delivery?


#3

Cloudflare IP addresses associated with a customer’s account are never used to send email. They are only used to accept inbound http/s requests.

This RBL has added the entire Cloudflare ASN, so there are no Cloudflare IP addresses not covered by this. They have also added all of Digital Ocean and AWS. An RBL can add any set of IP addresses they want… RBL maintainers tend to be zealots that way. No sane person would use this RBL.


#4

To my limited knowledge about email deliverability, I thought that the domain reputation as well as IP (for http requests) of your actual site also plays a role. For example, with Gmail your page rank can actually affect your deliverability. I could be wrong in this regard, though.

Glad that this particular list “Suomispam Reputation” is not one that should be taken seriously. Thanks for the prompt response and it seems there’s nothing here to be concerned with.


#5

Yes. it is causing email sent through a WordPress contact form to not be delivered. The IP used at CF is on a blacklist. The host IP is not the one being blocked. Is there a quick remedy for this? I have whitelisted the domain at the mail server and that fixed the issue for this client. I know others have had similar issues. I have several WP clients using CF and can’t whitelist the IP for them or when a second mail goes the submitter’s email. I have used SendGrid to circumvent this for one client but that was also a best practice for their needs and capabilities. This is not the best solution for my smaller clients.


#6

As @cscharff already pointed out above, when you send an email from your server it is sent from your server with its IP address. Cloudflare and its IP addresses are nowhere involved.


#7

.@cscharff is incorrect. The IP at CF is associated with the email. Emails are not hitting the mail server because they are being blocked. They are not getting filtered at the mail server. I can Whitelist the domain and the emails come through. When I looked into this issue using mxtoolbox I see the IP I am given at cloudflare is on the BL. (https://mxtoolbox.com/Problem/Blacklist/Suomispam-Reputation/?page=prob_blacklist&ip=104.31.72.205&link=button&action=blacklist:104.31.72.205&showLogin=1&hidetoc=1&reason=127.0.0.2) Checking if the domain (Palmtreecharters.com) or its dedicated IP are on the BL I find they are clean. So, Yes the IP is being associated with the mail sent from the form on my site; yes it is.


#8

Please elaborate, how should these IP addresses be associated when you send an email from your server. Where does Cloudflare come into play?


#9

I wish I knew. The assumption I am under is the apache mailer script is run at the server. So CF should not come into play. Now, I can imagine that the CF7 plugin calls the script by domain and not the path so, in theory, the mailer code is actually being executed at 104.31.72.205. Tell me that’s impossible…


#10

You should know where you mailing scripts are running, shouldnt you :wink:

I dont know what you mean by that, but thats not how it works. Cloudflare proxies HTTP requests. If one of them makes your server send an email, this is on your server and on its IP address. Once again Cloudflare is not involved.


#11

“Intelligent” filters not only look at which server an email was sent from, but also scan and lookup links/domains associated with that email. Including domains/links in content and email headers.

The faulty filters that use those kinds of RBL’s are to blame here. Cloudflare IP’s in such RBL’s should never play a factor in whether to classify an email as spam or not.


#12

Would you have any information about where such filters are in use? I’d find it hard to believe to be common, you just need one link(!) to a blacklisted site and your legitimate mail goes to spam.


#13

So the solution? CF is not the issue.
I have a specific problem and I am not the only person looking for an answer. I hear you that Cloudflare is not the problem it’s overzealous RBLs. I still have this issue I came to this forum to get ideas for a solution. I will look into the plugin or see if I can make the mailer run at the host IP. But first I will turn CF off for this domain until I can make a solution that works. I think it would be of value to the community and those coming to this page for help via Google that we enumerate the challange.
1- Yes, it is possible that your mail will be blocked from reaching your recipients if you use Cloudflare on a WordPress installation and use a common form mailer plugin such as WPForms, Contact Form 7 or Formidable.
2- Cloudflare’s hosts execute mail scripts and the IP of your account will be used in the header of the document.
3- It’s not Cloudflare’s fault.


#14

You find out why your emails are classified as spam.


#15

It’s not the Host IP or Domain that is on the BL. It is the IP at Cloudflare. That’s as far as I have gotten. I will write when I find the solution.


#16

Cloudflare’s IP address might be on a blacklist, but that is not necessarily the reason why your emails are blocked. You need to find out that reason and then we can continue to investigate.


#17

As an example, anyone running SpamAssassin can easily configure that kind of scanning with this rule:
https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Plugin_URIDNSBL.html

Not saying that just one link can cause mail to go to spam, but it can play a factor in determining the final score. How big that factor is depends on configuration.

We don’t know if this for sure is the reason that mails like this get blocked, so I agree with you that the only way of finding out is to investigate further.


#18

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.