By weblora
Upon switching over to Cloudflare, the mail server that I have set up with PostFix and Dovecot stops working. By “stops working”, I mean that I am no longer able to send or receive mail from my Thunderbird client. As soon as I switch back to Digital Ocean’s nameservers, I am able to receive the mails that had queued up while on Cloudflare’s NS.
So the mailserver doesn’t stop working entirely, however when I try to authenticate/login to my mail account through Thunderbird, to send/receive, the connection just times out/server doesn’t respond.
My mailserver has DKIM and SPF records in use.
Any help would be much appreciated!
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
make sure you have all the DNS records same on cloudflare as Digitalocean. and those related with your emails should be gray clouded.
CloudFlare only resolves the DNS entries that you provide, so if you’re not receiving e-mail after switching to their DNS, the issue would most likely be due to misconfiguration.
The DNS that shows here at DigitalOcean should be identical to that which is setup for CloudFlare (i.e. all A, CNAME, MX, TXT, etc). You also have to modify your domains DNS to use CloudFlare’s provided DNS servers after your setup.
If you can, please provide links to a screenshot of your DNS setup with DigitalOcean as well as a screenshot of what shows up for the same domain in CloudFlare’s CP. I’ll be more than happy to take a look at it for you.
Starting a new reply as there’s not an option to reply to your last comment.
So, as far as your DNS at DigitalOcean, as long as those are the correct IP’s, it looks perfect! I wouldn’t foresee any issues once you run CloudFlare to scan the domain.
As far as the errors on your MX lookup, the first one concerning DMARC is something you can handle by configuring DMARC through your mail configuration, though it’s not a huge concern for the initial setup or getting things working. Some providers are checking DMARC, though I’ve not ran in to any issues with providers rejecting e-mail on domains that do not have it setup (at least currently).
The HTTP error showing up simply means that either your web server isn’t setup to receive requests (i.e. NGINX or Apache isn’t serving requests) or there was a failure on initial request. As long as you’re able to access your domain and view the page once your server is setup, that one can be overlooked for now.
The third error is a blacklist error on the mail servers IP. This happens as the IP’s that DigitalOcean assigns are used by many users before they become yours. It’s possible that DigitalOcean had a spammer come on board, send boatloads of e-mails, and the result was that the IP was blacklisted at one of the spam databases.
There’s good and bad news with the blacklist. The good is that it’s not one of the major spam databases, so you’re not likely to see mail bounce as a result. The bad, even if you do, they don’t offer a way to remove the listing just yet.
You can keep at eye on:
… which will allow you to keep up with when you can apply to remove the IP. Essentially, once able, you’d get in touch and let them know that you are not the previous owner, are running a new mail server and it’s for personal mail (or something similar). They’ll check the IP against their records and if they find the submission to be valid, they will remove it.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.