I’ve just switched my dns records from my current website host ‘krystal’ to Cloudflare dns. Cloudflare copied all the records correctly but after changing the name servers and allowing for propagation my email stopped receiving. I found people with similar problems in the forum and realised it’s probably something to do with the proxy option in the Cloudflare dns settings. After switching off proxy on my apex domain the emails seem to work again, but I don’t understand why?
These are my current settings which were ported across, after switching off proxy on my A address
(I don’t even know what the mail CNAME is doing, or whether it’s needed?)
This setup works, but it doesn’t seem right that I’ve had to turn off proxy of the main A record…
Also I am planning on moving my website hosting to Cloudflare pages which will require a different DNS configuration - in the tutorial it wants me to remove that main A record and add a CNAME record pointing to my Cloudflare pages address
So i’m presuming this may have an effect on my email too…?
I possibly am not totally understanding how the mx records work, because at the moment they just point to the mail servers, which seems as simple as can be… so I don’t really understand why changing the proxy setting for the apex domain effects this?
Thanks for any help or insights you can give!
Possible that the “mail” subdomain is used for POP or IMAP traffic? Also possible it’s used for outbound SMTP mail sending FROM your domain? The MX records only control how incoming mail to your domain is processed.
Generally don’t orange-cloud something unless you’re certain it’s only used for HTTP traffic
(like your “ftp” subdomain, Cloudflare doesn’t proxy FTP so either grey-cloud it or just delete it if you don’t actually need it)
without knowing more about Krystal’s e-mail platform it’s hard to say why proxying your apex domain breaks stuff. possible that the apex DNS name is being used for outbound e-mail sending, which doesn’t sound good but I’ve seen much worse things.
Have you researched exactly how Krystal’s e-mail platform works or talked to them about it? You say you’re thinking of moving your web site to Cloudflare Pages, are you planning on staying with Krystal’s e-mail platform indefinitely?
(Here’s a wild guess, maybe your outbound mail is trying to use the “mail” subdomain as first choice, and when it fails [because it’s orange-clouded], it’s trying the apex domain as a backup. Hence why you see improvement when you grey-cloud the apex domain. But if you grey-cloud the mail subdomain it might go back to trying it first… hopefully?)
1 Like
I think I might have been on to something
so seems like they do utilize the “mail” subdomain… meaning you definitely don’t want it orange-clouded
2 Likes
Just gone 1am and I’m pretty sure i’m there! Thanks for sending me down the right direction!
You’re right the problem was with Krystal’s settings in cPanel. There’s a spam filter in cpanel called ‘spamexperts’ that has a destinations section which seems to define where it sends the mail after filtering it -
’ After incoming messages are processed, they are delivered to the destinations configured here - this is typically the final mail server for the recipient. …’
This was set by default to my domain name eg: ‘myaddres.co.uk’ - which I have now changed simply to the ip address of the mail server. I guess when proxy was turned on it couldn’t resolve for the email destination… or something like that… (can’t claim to understand it all fully!) I’ve turned the proxy back on for my A record and all seems to be working fine! So I expect I won’t have any problems switching over to my Cloudflare Pages site.
I found a thread with the same problem here - Yet another mail delivery issue?! - #19 by markopolo
The problem was with incoming mail, outgoing has been fine. the mail cname only seemed to be used in my email client, and when I totally deleted it my webmail account carried on the same but my email clients stopped working.
Yes, keeping the email on Krystal is just a temporary thing, focusing on switching website hosting first, then I’ll look for a cheaper email host and work out how to set transfer that properly another time…
Thanks for your help
