Hi there, I’ve seen this problem before on other systems but am surprised to see it on Cloudflare.
I occasionally on Cloudflare see result “Delivery Failed” for an email that should be forwarded and when I expand, the message is
“Our system has detected an unusual4.7.28 rate of unsolicited mail originating from your IP address. To4.7.28 protect our users from spam, mail sent from your IP address has been4.7.28 temporarily rate limited.”
Now, the issue is that once this happens, Google will NEVER receive the email in question. I don’t know if Cloudflare is to blame – and they aren’t retrying delivery – or if Google is to blame – and the “temporarily rate limited” is a lie.
(I actually think from my own experimentation that it’s the latter, I’ve seen this on other domains where I have access to the queue, and the mail system will contact Google over and over trying to deliver the mail for days and never succeed, always getting the same message.)
I have email forwarding set up for a domain on Cloudflare and various aliases to Gmail email addresses. This all works usually, but sometimes it doesn’t, which is maddening.
It happens with some frequency that someone sends me email and I never get it and if I look back in the logs they did in fact email me and was logged at Cloudflare with that message.
Any suggestions, tips, ideas? It’s terrifying if Google is blocking, rate limiting, and or silently rejecting black listing emails that originate through Cloudflare email.
I, too, started getting a lot of these “temporary” failures over the past couple of weeks. I didn’t notice it, but one of my contacts emailed me a copy of a bounce message they were receiving from gmail.
I also have the proper SPF record in place, and I have been using the Cloudflare Email Routing service for many months. This seems to be a new problem.
I switched over to Cloudflare Email Routing when Google started charging money for their Workspaces (which they originally offered for free). Perhaps they are clamping down on CF users in order to get them to come back and pay?
A more likely explanation is that a lot of users that are sending their email to a Gmail account through Cloudflare Email Routing receive enough spam to trip Google’s detection threshold and in turn rate limit Cloudflare IPs. The best current practice on email forwarding is to not use it. The practice has been hindered for over a decade, long before Cloudflare released their Email Routing Beta. If you absolutely must forward email, it is best to make sure that it is heavily spam filtered prior to forwarding to prevent the forwarding relay from being flagged as a spam source.
In the rare isolated cases where I had users who needed to receive domain email in their Gmail account, I eliminated all forwarding to Gmail in favor of POP retrieval from a basic mailbox. Even then those domain accounts pass through a hosted spam-filter before they reach the basic mailbox that Gmail pulls from.
If you can find any way other than forwarding for delivery of mail that you intend to access via a user mailbox, I strongly encourage it. Forwarding domain mail to free email services is hit and miss at best.
Yeah, my biggest issue honestly is that Gmail is returning an error code and a message that indicates the delivery should be retried – temporary rate limiting – and in fact they will never accept the message once it’s bounced in this way.
I agree with the previous poster that we have CF configured correctly and emails that are decidedly not spam – inbound email to our custom domain from one of our vendors – is silently failing.
(CF doesn’t always provide a bounce message – in fact, from my analysis of the logs, usually it doesn’t.)
FWIW, I have switched over to forwardemail (.net) as a quick fix. The emails that were failing on CF came through the new MX within a few hours (some had been retrying for 3+ days). I will be keeping a close eye on things for a while… I feel like this will only be a temporary solution.
I have been using forwardemail for 4 months, but the service keeps having problems (spam issues, missed deliveries).
So I ended up registering to Google Workspace this week, using aliases. It costs me about 6$ a month for a single account, the lowest one, and it works like a charm.