Not sure if I should be asking this question here or on the Cloudflare forum really, but I am not having any luck getting email working on any domain hosted on my HestiaCP instance that use Cloudflare. I have other email accounts associated with other domains (not through Cloudflare) on my HestaCP instance that work fine, so I’m confident the settings I am using in Thunderbird to retrieve mail are correct. I understand for mail to work through Cloudflare I’m not supposed to proxy it, and if I add an MX record the Proxy Status shows as “DNS Only”. If I then check it on MXTools, it shows that the MX record for the domain resolves. If I then add this domain to MAIL → Domains in HestaCP it all seems OK, and the same goes for when I then create an email account for that domain. Unfortunately, if I try to download mail using Thunderbird, I just get “Connection refused”. I also noiticed that Thunderbird’s automatic config for new mail accounts failed, which seems fair enough if it cannot resolve the mail server.
I’ve tried deleting the MX record from Cloudflare, but then MXTools reports there’s no MX. I’ve also tried it using the mail. subdomain and without, but it makes no difference. I’m kinda stuck with what else to try now.
Has anyone got this working? What settings did you use?
You also need to add one “A” record and add IP of your “mail.domain.com” server, for which you configured the MX record “mail” as a subdomain in Cloudflare, which is a subdomain. Just adding one MX record is not enough.
You can send all the traffic through Cloudflare, but not the mail because you need allow the reverse resolution for delivery… so mail.example.com should not have the cloud activated. webmail.example.com can have the proxy activated.
Adding the A record only as suggested by @Bits_And_Dragons just makes the MX record go away. Thunderbird reports “Connection refused”, either with or without.
I can’t help you as long as you insist on censoring the domain name. Maybe you will have the good fortune that a psychic is reading your post. I am done. Good luck.
I’m trying… just because @dug forgot to hide the domain in one of the screenshots
Note: instead of the hidden domain, I’ll use example.net.
@dug, your domain lacks of several needed DNS records.
Righ now you have the A record for mail.example.net and the TXT _dmarc.example.net (that is not using the data provided by Hestia).
And these records are not set in Cloudflare for your domain:
The SPF record for your domain example.net with the data provided by Hestia.
The DKIM (TXT record) for mail._domainkey.example.net also with the data provided by Hestia.
The MX record pointing to mail.example.net
Re-check the DNS records for your domain in Cloudlfare.
I hope you had the volume up when you checked the site
Thanks for the reply, I added ALL those records to Cloudflare, and I get no mail server config errors in MXTOOLS now, and Thunderbird seems happy connecting on port 110 and checking mail.
Anything I send to the single account I have configured in Hestia CP for that domain just vanishes. I don’t get any delivery errors. There’s still some DNS issue preventing mail from getting past Cloudflare.
I never look at the pages of the domains that are shared on the forum.
You didn’t add the MX record for your domain, there is one mx record added to mail.example.net but you must add the MX record to example.net and point it to mail.example.net. Also, you must add the DKIM record (a TXT record for mail._domainkey)
