Cloudflare Docs
DNS
DNS
Visit DNS on GitHub
Set theme to dark (⇧+D)

Set up email records

There are two reasons to set up email records for your domain: to make sure email reaches your mail server and to prevent other email senders from spoofing your domain.


​​ Add MX records

To route emails to your mail server, you need to create two DNS records within Cloudflare:

  1. An A or AAAA record for your mail subdomain that points to the IP address of your mail server.

    TypeNameIPv4 addressProxy status
    Amail192.0.2.1DNS only
    API example
    Request
    curl -sX POST "https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/dns_records" \
    -H "x-auth-email: <EMAIL>" \
    -H "x-auth-key: <API_KEY>" \
    -H "Content-Type: application/json" \
    --data '{
    "type":"A",
    "name":"www.example.com",
    "content":"192.0.2.1",
    "ttl":3600,
    "proxied":false
    }'
    Response
    {
    "result": {
    "id": "<ID>",
    "zone_id": "<ZONE_ID>",
    "zone_name": "example.com",
    "name": "www.example.com",
    "type": "A",
    "content": "192.0.2.1",
    "proxiable": true,
    "proxied": false,
    "ttl": 1,
    "locked": false,
    "meta": {
    "auto_added": false,
    "managed_by_apps": false,
    "managed_by_argo_tunnel": false,
    "source": "primary"
    },
    "comment": null,
    "tags": [],
    "created_on": "2023-01-17T20:37:05.368097Z",
    "modified_on": "2023-01-17T20:37:05.368097Z"
    },
    "success": true,
    "errors": [],
    "messages": []
    }
  2. An MX record that points to that subdomain.

    TypeNameMail serverTTL
    MX@mail.example.comAuto
    API example
    Request
    curl -sX POST "https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/dns_records" \
    -H 'x-auth-email: <EMAIL>' \
    -H 'x-auth-key: <API_KEY>' \
    -H "Content-Type: application/json" \
    --data '{
    "type":"MX",
    "name":"example.com",
    "content":"mail.example.com",
    "ttl":3600
    }'
    Response
    {
    "result": {
    "id": "<ID>",
    "zone_id": "<ZONE_ID>",
    "zone_name": "example.com",
    "name": "example.com",
    "type": "MX",
    "content": "mail.example.com",
    "priority": 10,
    "proxiable": false,
    "proxied": false,
    "ttl": 3600,
    "locked": false,
    "meta": {
    "auto_added": false,
    "managed_by_apps": false,
    "managed_by_argo_tunnel": false,
    "source": "primary"
    },
    "comment": null,
    "tags": [],
    "created_on": "2023-01-17T20:54:23.660869Z",
    "modified_on": "2023-01-17T20:54:23.660869Z"
    },
    "success": true,
    "errors": [],
    "messages": []
    }

​​ Prevent domain spoofing

There are several DNS mechanisms to prevent others from sending emails on behalf of your domain. These all work as TXT records that need to be added on your domain:

​​ Configure email security records

Refer to Security records to learn how to set up your email security records.