I only have the Free Cloudflare account so I cannot open a trouble ticket but I’ve been having so many issues with Spoofing and SPAM through my Microsoft 365 accounts, that I can’t help but think it starts with my DNS entries.
I spent some time working on SPD, DKIM and DMARC over the last month or so but we are still having issues with Spoofing. I do have a rule set up in Exchange Online to approve/reject my emails pretending to be someone on our account but it comes from outside our organization.
I have opened up several tickets with Microsoft 365 and we do “this or that” to try to fix it but we continue to have issues.
I did notice in my Cloudflare DNS settings, an IP address of 192.185.. (masked it out for privacy) listed for the following:
Autoconfig
cpanel
ftp
webdisk
webmail
whm
Is this Cloudflare or something else? I tried a WhoIs and couldn’t find much information.
The hostnames you listed are stock names generated by cPanel web hosting.
If you aren’t using a DMARC monitoring service, and you don’t have a solid grasp on how all the the parts of an SMTP authentication policy work, it’s going to be hard to know what you need to fix. While Cloudflare does publish DNS, doesn’t provide any email authentication service at this time.
You may want to take a look at some third party DMARC tutorials and guides.