Do I need Cloudflare SPF if Cloudflare is not providing outbound Emai?

The Cloudflare console says “Email Routing DNS records misconfigured” because this line is missing

TXT joshuafox.com v=spf1 include:_spf.mx.cloudflare.net ~all

However, I use Cloudflare for inbound email (forwarded to Gmail), and for outbound I use Mailgun.

In fact, I have these DNS records

joshuafox.com. 1 IN TXT v=spf1 include:mailgun.org ~all
mg.joshuafox.com. 1 IN TXT v=spf1 include:mailgun.org ~all

Do I need the SPF for Cloudflare? In seems that there might be more risk of SPF failure if I have such contradictory records.

Technically Cloudflare’s servers are “sending” mail on your behalf to your origin server on your behalf. If your receiving MTA doesn’t enforce SPF checks then no, you don’t need that entry.

1 Like

When I set up the recommended Cloudflare SPF, I get this message at the Cloudflare console.

Conflicting records.
The records listed below were found on the DNS … These records need to be deleted for Email Routing to work properly."

So should I merge them as recommended and here, producing this?

joshuafox.com.	1	IN	TXT	"v=spf1 include:mailgun.org include:_spf.mx.cloudflare.net ~all"
mg.joshuafox.com.	1	IN	TXT	"v=spf1 include:mailgun.org include:_spf.mx.cloudflare.net ~all"

It’s not that you should, you must. The spec doesn’t allow multiple records, they must all be in a single one, per hostname.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.