Some of your DNS only records are exposing IPs that are proxied through Cloudflare

I’m getting this message from some time: Some of your DNS only records are exposing IPs that are proxied through Cloudflare. Make sure to proxy all A, AAAA, and CNAME records pointing to proxied records to avoid exposing your origin IP.!



To explain this further: Your settings might be correct . Most Common setting which cause this Warnung is when your server handles your website and email traffic.

Since Cloudflare does not proxy mail traffic your DNS record for mail handling needs to be set to :grey: In this case you would expose your orgin IP. No issue If you don’t want to hide it.

Share a screenshot of your DNS settings and we can have a look. Of course you can blurr your IPs or your domain if you have concerns.

You need to delete that second MX record. The one with a 10 priority. It points to a DNS record that’s set to :orange:.

imap, pop, and smtp also need to be set to :grey:.

1 Like

That one

Won’t open for me :crazy_face:

1 Like

Not working

Hi @prakeetsingh,

You haven’t done wnat @sdayman recommended.

1 Like

I did that…Now the error shifted to A record…And it keeps on telling me to make all the A records one by one to DNS only and then the website crashes

This is not an error, just a warning that your origing IP is exposed. Not an issue if you just want to improve the performance. If you need füll protection of you server, you should get a different server for your email traffic. Otherwise attackers can easily find your IP and bypass Cloudflare’s security.

Okay…at least the problem of sending and receiving the Emails got solved. So thank you

This somehow worked

Please solve this problem…I’m using a Bluehost server

There’s no problem. You confirmed that email is working now. If you want to get rid of this warning you need to use an external email service or rent a seperate VPS for a few bucks which handles your email traffic.

That’s up to you.

Now we are receiving emails of others but they are not getting our replies!..Maybe its due to that mail A record which exposes the IP behind.

To confirm, you were able to send email yesterday?

If you’re not getting an immediate error when sending the message, there’s a deliverability issue you need to track down. Here are some resources:

I doubt that there’s anything email related working.

There’s no A record for your MX

|confidence rating:|0 - Bad address|
|error :|BogusMXRecords - MX records for the email address domain do not have valid IP addresses.|
|canonical address:|<[email protected]>|

It has one, and it responds to SMTP:

I should paste all checks i run here :roll_eyes:
There was no A ecord

nslookup gave no result. Gateway, and the output above is from the email dossier at

nslookup                    Server:

Non-authoritative answer:
*** Can't find No answer

Chached by my pi-hole using Gateway as upstream.

I might get old, but… :thinking:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.