It responds to SMTP on Port 25, but I guess that’s about it. So it will accept incoming email, but your mail clients might not be able to connect to retrieve email.
Sending / receiving emails still doesnt work and the setup is different than your tutorial so i am still not sure what setting is wrong.
I use Dovecot
Open ports you have currently:
443 80 25 143 587 993 465
Assuming you do not use an SSL for your email server?
25, 465, 587, 143, 993
all open and forwarding to the mail server
i use tls
email not working
the dns settings are still unclear
On the Cloudflare side, it is good configured now.
Moreover, you can later add SPF, DMARC, DKIM records.
From my perspective, the next thing needs to be configured at your email server for receiveing and sending an mail (add your domain mail.uk-cra.org to hosts, setup the rDNS, FcrDNS, make changes to config files like main.cf, master, dovecot.conf … and restart your email services).
Have you tried to send and receive some mail from like your Gmail?
I had that domain mail.uk-cra.org added and it didnt work.
Now I changed all setting to uk-cra.org and now it works.
How can this be? Why does it not work with mail.uk-cra.org? Isnt that the expected setting ?
Something on CLoudfalre side still not right.
I have two A records. When I Proxy the root domain A record, the email server does not work although traffice should still find its way through the other (grey) A record mail.rootdomain.org
What is wrong here?
I am worried more about your configuration files at your end rather than the Cloudflare DNS. Because when you have added your domain to your Cloudflare account, from this moment the Cloudflare DNS is the “headmaster” for the DNS entries of your domain uk-cra.org and it makes sure that any connection the visitor or some service request goes to the right location.
Moreover, if you have pointed mail.uk-cra.org to your IP address, then if configured correctly it should resolve at your end.
Is your domain (mail.uk-cra.org) added under the hosts file and configuration files of your email server (Dovecot, Postfix …)?
Moreover, have you used some tutorial to setup your mail server?
Or test here:
Hera are few good examples about your incomming and outgoing email server setup:
As far as I tested, you have not added your mail.uk-cra.org subdomain when you were generating an SSL certificate.
Meaning, yes it “works” as you stated because the only domain in the SSL is your main domain “uk-cra.org”, so when this record is cloud, it should work but then it is also related to your website not being proxied via Cloudflare.
So, current situations:
Having cloud for A www and A uk-cra.org records and email will work, but the Website will not use benefits and will not be proxied via Cloudflare
Having cloud for A www and A uk-cra.org records, while email will not work, but the Website will be proxied via Cloudflare
Solution is to, as is, adding another A record mail like you have already and make it cloud. Generate a SSL certificate and add all of yours like: mail.uk-cra.org uk-cra.org www.uk-cra.org to be sure all are covered in that case (you would also benefit having the End-to-end option for your Website, more about it here: https://support.cloudflare.com/hc/en-us/articles/200170416-End-to-end-HTTPS-with-Cloudflare-Part-3-SSL-options)
You would need to configure your mail server.
thanks for your pointers. I am working on this.
Can you let me know which site you use to test the mail server?
Sharing here a list of websites/tools I usually use to check, test or even generate something in case I forgot how does it go:
Hope they will help you too
thanks. It is strange that only ssl-tools.net shows an error
“host name mis match” while the others say the certificates are all OK
works now. I think ssl-tools uses some cached entries from yesterday. Now it has updated.
I am glad you have successfully resolved your issue.
Yes, there could be some cache and in that case there is also a button “Refresh” to gather new results upon the cached one.
As far as I have used the tool again on your domain, now the SSL certificate has your mail sub-domain added.
In the other topic you have asked about SPF, I checked that and it also exists.
Needed ports are also open (was before).
Moreover, when I try to access your website it shows up Error 526 - Invalid SSL certificate.
Since you have an SSL certificate (which is self-signed or you generated it via Let’s Encrypt?) that covers your uk-cra.org and mail.uk-cra-org, and port 80 and 443 are both open on the domain and your IP address of your web server, I assume your web server is running, isn’t it right?
Just quick check which SSL option do you have enabled at Cloudflare dashboard?
- Should be “Full SSL” and as hopefully as already is cloud on the next records:
- A uk-cra.org
- A www
Your A mail record should stay as it is now currently on
Moreover, see more information about your 526 error regarding website here:
Since it would be a good way to create another topic regarding your new issue, nevertheless let’s try to fix that issue too and you are good to go
This topic was automatically closed after 31 days. New replies are no longer allowed.