Email problems after switching to CF

I switched to Cloudflare 10 days ago, having had my hosting service make the changes in nameservers. Ever since I have been unable to access my website’s email via POP3 or send through my site via SMTP. I use SSL for both. My hosting service has made a number of recommendations, but none have worked so far. I’ve made the appropriate SPF and DKIM changes to my DNS. I’ve turned off the proxy for my mail records. I’ve tried changing/adding MX and other records, but nothing has fixed the problem.

Here’s what the mail portion of my DNS looks like now:

Suggestions? Your help is appreciated. BTW, I’ve looked throughout the Community here for email related topics and have tried some of those suggestions, too, without success. Thanks.

Your MX and CNAME records points to your root domain, which is set to :orange:.

The ‘mail’ hostname should be an “A” record with the same IP address as all the others. And set to :grey:.

“webmail” can be set to :orange:, as it’s a website using HTTPS.

You Mx record should be @ for the hostname and

1 Like

So, if I’m reading both of your comments correctly, is this right?

That all looks good to me. Is it working for you now? (as long as your mail software points to the ‘mail’ subdomain for sending and receiving email).

Thanks, sdayman. No, I still get a timeout error when trying to connect to my POP3 server with Gmail. And I still get a connection error when trying to send email through my server. I am using GMail to collect my email into one spot, and I know I have the username, password, server and port set up correctly there. Is there a specific issue with using GMail?

I’m also getting a notice at my hosting service about needing a PTR record for Reverse DNS. However, I read in one thread to ignore that, as CF’s DNS doesn’t support or require reverse DNS lookups. Is that right?

The server responds to POP and SMTP connections. It could be that 1) DNS hasn’t fully propagated to Gmail, or 2) Your Gmail isn’t configured to connect to the ‘mail’ hostname.

Don’t worry about Reverse DNS, as that’s generally impossible to set for your own domain unless it’s a dedicated server…which it isn’t.

Okay, so I’m still wondering about using in my MX record. Per my hosting company, is the server for non-SSL, while is the server for SSL settings. Should I have a MX record for both?

You can’t use (your domain) for email connections while you’re using Cloudflare. The mail server on that machine should have an SSL certificate for SMTP, POP, and IMAP for the ‘mail’ subdomain. So the MX record should only send mail to the ‘mail’ subdomain.

Ask your host why they don’t have SSL on the ‘mail’ subdomain’s mail server. They can, and they should. Their answer is weak. Just as a web server can serve HTTP (unencrypted) and HTTPS (encrypted), so can a mail server. In both examples, they go to different ports (secure vs non-secure).

Thank you. That proved to be part of the problem. Another issue was my dedicated SSL certificate conflicting with the universal SSL of CF. Both issues now seem to be fixed at my host . . . and my inbox just got flooded. haha

1 Like

This topic was automatically closed after 31 days. New replies are no longer allowed.