Issue with email deliverability after server migration


I’m having an issue with two domains (same server), both using Cloudflare for the DNS management, and mail delivery. Recently migrated server and since I’m mostly a dev and have little clue as to how all the DNS stuff works, I’m never really sure is all setup ‘correctly’. Before the migration it worked, so maybe something broke and I can’t tell why even after extensive googling (and searching in this forum).

The domains are: and

The records are like this:

pretty much the same for both.
Server details, it’s a dedicated server that hosts both sites, I’m not entirely sure if it might be an issue with using Cloudflare and the servers hostname? or something like that.

The issue I’m having is sending emails @outlook/hotmail/live, they bounce with an 550 5.7.1 error, from what I can tell it’s some issue some DNS configuration that is wrong. I’ve looked up both domains and the servers IP address in a bunch of spam-related tools like mxtools etc and none seem blocklisted.

Thank you in advanced.

Welcome to the Cloudflare Community. :logodrop:

The A (and AAAA, if any) records for the hostname in your MX record must be :grey: DNS Only. When they are :orange: they will return Cloudflare proxy IPs instead of your mailserver IP. The Cloudflare proxy will only pass HTTP and HTTPS traffic by default which means your email will not pass.

Cloudflare tries to be helpful by publishing an MX record containing a synthetic hostname, but it uses an invalid format that begins with a prohibited character, which creates inconsistent results. It is best to not let that configuration persist.

I’m not sure if I’m understanding correctly, but should the mail A record be DNS only then?
Beyond that tidbit, the issue I’m having is with @outlook/etc/microsoft and no other really, gmail, yahoo, etc all work fine for some strange reason.
I opened a ticket with microsoft but I still have no clue why this might’ve happened.

Yes. Any names that need to work with any protocol other HTTP and HTTPS need to be :grey: DNS Only.

Can you share the text of one of your NDRs for the domain? (The 550 5.7.1 response)

I talked to my hosting provider and apparently they didn’t configure the PTR record for the server (they think that’s the issue) and now they’ve done it.
The issue persists, but maybe because I have to request the IP ban gets lifted? Idk

1 Like

Not having a PTR could certainly result in refused email as per their linked Troubleshooting page. It may clear up on its own once the PTR is detected by Microsoft. You have forward confirming reverse DNS, so that should solve even strict PTR validation.

If delivery issues persist you may want to ask your host to contact Microsoft.

Can you edit that post to remove the user portion of that Hotmail address?

Hi @ignacio.olaizola, your topic has a solution here.

Let us know what you think of the solution by logging in and give it a :+1: or :-1:.

Solutions help the person that asked the question and anyone else that sees the answer later. Login to tell us what you think of the solution with a :+1: or :-1:.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.