MX records on route 53, how setup cf w/out changing MX records


We have our MX records on route 53 and we don’t want to switch them as it causes unnecessary disturbances in the email flow. Is there a way we can configure our domain on Cloudflare without changing our MX records from Route53.

We are planning to purchase the business version of Cloudflare. But before that, we have a concern w.r.t configuration. So, we have our MX records on route 53 and we don’t want to switch them as it causes unnecessary disturbances in the email flow. Is there a way we can configure our domain on Cloudflare without changing our MX records from Route53? If yes, a somewhat clear explanation would help us a lot. Thanks in advance.

Absolutely, you actually have to keep mail off of Cloudflare as Cloudflare doesnt handle it. You simply keep the current mail configuration (MX records, etc.) as is and only make sure that anything mail related is not proxied but goes straight to the server (has to be :grey:).

1 Like

Hi Sandro,

Thanks for your response. So, our domain is registered on Bluehost, so right now, in the bluehost we are configuring the name servers to point to Route53. Within Route53, we have MX and Type A records set up. Now, if we need to move to cloudflare, if I’m not wrong, we have to update the name servers in bluehost to point to cloudflare as opposed to Route53. Now, even though the MX records reside in Route53, there is nothing that points to it in which case the mail flow affects. Are we missing something?

Cloudflare will (or should) import all (or most at least) records when you add your domain. This should include the MX records for example.

When adding your domain, simply make sure all relevant records (not only mail related) are being imported (or you add them manually) and should you be fine.

So, you mean we also have to port the MX records from Route53 to Cloudflare right?
We were wondering if there is a way to just port the TypeA and any other records and keep the MX records in Route53 itself. Is it possible?

I am not sure what you mean by that. As I said before you just need to make sure all your DNS records on Cloudflare reflect what you currently have.

Whats your domain? Have you already added it to Cloudflare?

Short answer: No. If you’re using Cloudflare they need to host all your DNS records. By default Cloudflare is not pulling all the records (including MX) that we have in Route53. I guess, we have to add them manually. We just wanted to make sure, even if we switch MX records from Route53 to Cloudflare, there shouldn’t be any downtime w.r.t mail flow.

You currently have one MX entry which points to Microsoft. Are you saying Cloudflare does not fetch it when adding the domain? That would surprise me but in that case simply add that one entry.

After you’ve added your domain to Cloudflare, you’ll need to manually copy over records from Route 53 that Cloudflare doesn’t automatically detect–for example, MX records from subdomains, SPF records, DKIM records, and DMARC records. Once everything is identical, you can switch the nameservers from Route 53 to Cloudflare with zero downtime. Leave the Route 53 zone live for at least 24 hours after switching, as some resolvers may continue querying the old nameservers for a while. This is fine as long as the records are identical–you shouldn’t experience any downtime.

You can’t serve some records from Cloudflare and others from Route 53 unless the records remaining in Route 53 belong to a subdomain. Even if they do belong to a subdomain, I would strongly recommend not attempting that approach unless you have a very strong understanding of DNS.

I’ve migrated 10k+ domains to Cloudflare’s DNS and not experienced any disturbances in email flow. DNS is DNS. If the records exist and are correct (:grey: where appropriate) there is 0 difference in the answer a Route53 server would provide vs. Cloudflare vs. Digital Ocean vs. Rackspace other than perhaps the speed at which an answer is returned.

You could configure your zone in a CNAME setup, but unless you’ve heavily invested in automation at Route 53 and don’t care about proxying the root domain through Cloudflare for WAF/CDN it’s generally not the recommended method as it’s slower and just adds complexity.

Amazon Route 53 is a Domain Name System (DNS) so I think if you are buying business version of Cloudflare you have 3 options

1.) Bring your NS records to Cloudflare and ditch Amazon Route 53
2.) Use Route 53 as hidden primary DNS and use Cloudflare DNS as Secondary DNS open to the world (Do not ask me how to do it)
3.) Configure Cloudflare as CNAME setup witch only protects subdomains and not the root domain.
in this option you can keep MX as it is and change only A records to cnames as necessary in Route 53

please correct me if i am wrong somebody

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.