Home Blog Tutorials
Tutorials

Cloudflare DNS Setup Guide for Email and Web Hosting

Lex Mar 21, 2026 2 min read 0 views
Cloudflare DNS Setup Guide for Email and Web Hosting

Cloudflare is the most popular DNS provider, but misconfiguring it for email is extremely common. Here's how to set it up correctly.

Adding Your Domain

  • Create a Cloudflare account at cloudflare.com
  • Click "Add a Site" and enter your domain
  • Select a plan (Free works fine for DNS)
  • Cloudflare scans your existing records
  • Update your nameservers to Cloudflare's

Proxy vs DNS-Only — Critical Difference

Proxied (orange cloud): Traffic goes through Cloudflare's CDN. Use for web traffic only.

DNS-only (gray cloud): DNS resolves directly to your server. Required for all email records.

Critical rule: Never proxy email-related records. MX records and mail server A records must be DNS-only.

Website Records

Type: A | Name: @ | Content: YOUR_SERVER_IP | Proxy: ONchr(10)Type: A | Name: www | Content: YOUR_SERVER_IP | Proxy: ON

Mail Server Records

Type: A | Name: mail | Content: YOUR_MAIL_IP | Proxy: OFFchr(10)Type: MX | Name: @ | Server: mail.yourdomain.com | Priority: 10

SPF Record

Type: TXT | Name: @ | Content: v=spf1 ip4:YOUR_MAIL_IP ~all

Add include: entries for any third-party services that send on your behalf.

DKIM Record

Type: TXT | Name: default._domainkey | Content: v=DKIM1; k=rsa; p=YOUR_KEY

Cloudflare handles long TXT records well — paste the full key value.

DMARC Record

Type: TXT | Name: _dmarc | Content: v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com

Common Mistakes

  • Proxying MX records — email will completely fail
  • Proxying mail server A record — SMTP connections will fail
  • Missing SPF record — easy to forget when migrating to Cloudflare
  • Multiple SPF records — must combine into one TXT record
  • Wrong DKIM selector — must match your SMTP server config
  • TTL too high — use Auto or 300 seconds during initial setup

Verifying Your Setup

After configuring everything:

  • Use smtpcheck.lexlabtools.com to verify all records
  • Send a test email and check headers
  • Use dig to verify records resolve correctly:
dig MX yourdomain.comchr(10)dig TXT yourdomain.comchr(10)dig TXT default._domainkey.yourdomain.com

Cloudflare propagation is fast — records should resolve within a few minutes.

Check your DNS setup

Use our free DNS/SMTP Health Checker, or let us handle the full DNS configuration for you.

Free DNS Checker
#Cloudflare #DKIM #DMARC #DNS #SPF #email
Share:
L

Lex

Technical writer at LexLab Tools, covering email infrastructure, web development, and digital business solutions.

About LexLab →

Related Articles

Setting Up a VPS for Email Sending: Complete Checklist
Tutorials

Setting Up a VPS for Email Sending: Complete Checklist

Mar 14 2 min
How to Secure Your VPS in 10 Steps
Tutorials

How to Secure Your VPS in 10 Steps

Mar 10 2 min