Proxied DNS IP exposed

I recently moved to Cloudlare for my nameserver so that I could point a root domain to my heroku app via CNAME flattening. Cloudflare transferred all of my DNS records from my old nameserver upon setup. I setup DNSSEC and records for domain email security, an s1 and s2 domainkey and a DMARC policy record. I’m fairly inexperienced with DNS.

I am getting a warning message now on an SRV record with this name: _sip (dot) _tls and content: (port and priority ommited) sipdir (dot) online (dot) lync (dot) com

This record exposes the IP address used in the CNAME record on sip (dot) example (dot) com, which you have proxied through Cloudflare.

I am unable to proxy this record. Can I delete it?

I believe this record may have something to do with a Microsoft Outlook 365 domain email I have setup through GoDaddy, but I’m not sure. When I search sipdir (dot) online (dot) lync (dot) com, I get back information about Microsoft Teams DNS. Perhaps this is a DNS record for Microsoft Teams through my office 365 email. I don’t use Teams and don’t want to use teams, but I do want my email to work.

Welcome to the Cloudflare Community.

You are correct in your recognition of that record applying to Microsoft 365 Teams. The warning sounds scarier than it is. You have some Teams related CNAMEs that point to hostnames in the lync.com domain. They do not benefit from being proxied, nor is there any reason to be concerned about the exposure of those Microsoft IPs.

I would set those lync.com CNAMEs to DNS Only and call it done.

Thank you for the information. As long as it’s not exposing IPs that were being proxied because they needed to be, then I’m ok with that. I’ll assume Microsoft’s internal systems have robust safeguards in place to prevent attacks without the need to hide all of their IP addresses.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.