Worker script Errors "destination address not verified" for routing adresses

I’m using a worker to process the catch-all emails I get via Cloudflare. Here I want to forward the email to one of the addresses I set up as a route, however, it fails with the error “destination address not verified”. While it is true that this address is not verified like a typical external address, it is an internal address since it is one of the Cloudflare email routing addresses. To me, this seems like unwanted behavior or even a bug.

To clarify with an example. I have a Cloudflare domain called mydomain.com and a personal email address [email protected], this address is verified within Cloudflare email routing and the address [email protected] is forwarded to [email protected]. When in a worker I forward the email to my personal email, all goes well, however, when I forward it to the cloudflare@ route I get “destination address not verified”, while it is a used address of the Cloudflare domain itself.

Is this a bug?

The issue is also apparent if you simply create a route to another route, so if I create a forwarding route from [email protected] to [email protected] I will need to verify that email address while it is a route itself.

In this example, you have verified the Gmail address as a destination, not the cloudflare@ one.

All destination addresses will need to be verified, regardless which domain they are at.

I would say no.

You’re supposed to call the forward towards the Gmail address, as that is the destination address that you have verified.

I understand I could use the Gmail address to forward but for my intended use case it is important that I can use the routes of my domain. To me it seems unnecessary to verify these since they are verified by transitivity. You do not have to verify each email address for routing in the current setup either, the email you use to create your original Cloudflare account is also auto-verified in the routing setup.

Assuming your account’s email address already has the verification status already, yes.

If not, you would also need to verify that one first.

Email Routing products like the one Cloudflare provides, uses the MX record(s) of the destination domain to figure out where to pass the message on to, routing to the same domain would therefore be creating “internal loops” within Cloudflare.

It also have the potential side effect of creating endless loops, where Cloudflare tries to pass it on to Cloudflare, that again tries to pass it on to Cloudflare, … and so on, which means that you may actually end up on losing important emails that way.

Troubleshooting / debugging would also be much more tough, if not even impossible, to do.

That being said, -

Can you perhaps elaborate on that use case you have, as well as why exactly it is so important to do it exactly as you explain?

Yes it would be possible to screw up and create an MX loop, but I guess you can always find a way to do so and I’m not intending on that in this setup. To elaborate on my usecase. I want to create a sort of regex on the incoming email route which routes it to people their personal addresses based on the name of the incoming route, specifically based on people their first names. However, people their personal email address do not always contain their first names so I need a way to control the specific string in the email address pointing to them, I can do this by first creating a route to their personal email address like [email protected] and then use this route to set up the script.