The whole point of Cloudflare is to proxy inbound traffic and protect the servers real IP address.
If I send mail from our server, it reveals the origin IP. So we use a 3rd party smtp service SocketLabs but they also reveal our origin IP in the header.
Sendgrid and some others do hide this. SocketLabs say they will not hide it, so maybe they are just not suitable. However, they insist that there is some other way round it.
Any idea?
[
It sounds like a question better suited for SocketLabs, since they are telling you there is “some other way round it”. It’s not something that I would expect the Cloudflare Community can address since outbound email doesn’t involve any Cloudflare offering.
Yeah - for HTTP and HTTPS traffic.
SMTP is not covered unless you are using something like Cloudflare Spectrum - and that’s only for inbound too.
Cloudflare isn’t a forward proxy and isn’t going to stop your server’s outbound connections from showing it’s own IP.
Thanks people.
I was expecting loads of info online about this, but nothing.
SMPT defeats the point of Cloudflare then. From a security perspective, it would be very easy for someone with bad intentions, to find the real IP address of the server by looking at an email header.
Or checking the mail A record, if not proxied.
The solution, is to find a 3rd party SMTP service that does not forward the origin IP.
Its just quite a technical point, that I bet most Cloudflare users dont think of.
SocketLabs suggestion was that Cloudflare can re-route outbound smtp requests so they appear to be from the proxied IP address. I do not believe this is the case.?
Just use different servers for SMTP and HTTP?
How can Cloudflare do that when your outbound SMTP traffic never touches Cloudflare?
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.