Email failing after cloudflare switch

We have added cloudflare CDN before our server by changing the NS record at domainlevel and added same DNS record (NS1 and 2 along with all MX, A, CNAME, TXT) with cloudflare.

Website is working fine, but emails are failing. Please help.

It is likely you have proxied a DNS record that is required for mail. Cloudflare can only proxy HTTP traffic (unless using Spectrum) so any records associated with mail should be set to “DNS only”.

If you give the domain we can check.

[add] You also don’t need the NS records unless you are delegating nameservers for a subdomain

1 Like

Thanks Sjr, domain name is carnity dot com

Here is how cloudflare imported all records, please advise what to change make email work again, thanks a lot for quick help

If your mail clients are connecting to mail.carnity.com then you should change mail to “DNS only”. If that is also for webmail, consider using webmail as a subdomain and proxy that instead.

Your MX record points to carnity.com which is proxied, but Cloudflare will work round that for you automatically.

FTP should also be set to “DNS only”. If you don’t use it, just delete it.

Details here…
https://cf.sjr.org.uk/tools/check?4fcf4a95baf643d381b51f68464fec92#dns-mail

1 Like

Thanks Sjr, much appreciate your detail help on resolving specific concern.

I have changed mail dot carnity dot com to DNS only
Changed FTP to DNS only.

But I didn’t understand how to change/fix/delete (u meant) for MX, can you please explain that.

You don’t need to change the MX record. Cloudflare has fixed that for you automatically.

Thanks Sjr, is these all settings correct now for email to start working soon?

Just wondering what’s warning mark on 4 settings means?

The warning is there because your IP address 135.125.98.171 is used for both proxied (web) and unproxied (mail) records.

Some people like to keep their origin IP addresses “secret” to try to prevent direct attacks but if used for “DNS only” the IP address will be public, so the dashboard is just warning you of this.

For users with web and mail servers on the same IP address, there’s nothing you can do about this as the mail can’t be proxied.

1 Like

Understood, thanks.

Now how long does this change take for emails to start working again?

The records are now correct so your mail clients should be connecting.
https://cf.sjr.org.uk/tools/check?9a57201cbca04f38a1abbf8e234ba7b7

Working from here…

dig +short carnity.com mx
0 _dc-mx.a4825876551e.carnity.com.

telnet _dc-mx.a4825876551e.carnity.com 993
Trying 135.125.98.171...
Connected to _dc-mx.a4825876551e.carnity.com.
Escape character is '^]'.
^]
telnet> close
Connection closed.

telnet _dc-mx.a4825876551e.carnity.com 587
Trying 135.125.98.171...
Connected to _dc-mx.a4825876551e.carnity.com.
Escape character is '^]'.
220-server.thehighbeam.com ESMTP Exim 4.96.2 #2 Wed, 13 Dec 2023 15:01:51 +0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
quit
221 server.thehighbeam.com closing connection
Connection closed by foreign host.
1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.