Mail not working after using cloudflare, how I can fix that ?

Hello ,
I'm not that expert so I hope you can help me with this problem ..I have installed CWP on a vps and made an account with the domain name I have with everything works fine.. after that I used cloudflare. now I can't receive emails but I can send them using roundcube.. also I can't use thunderbird which was working before cloudflare if that helps..so could you help me with this or advice me to give up cloudflare ?

Add mail A record and point it to the IP address of your VPS.

Then, MX record using mail.domainname.com with zero priority.

Hope it helps.

https://prnt.sc/h0v00k

make sure that your cloudflare dns setting looks similar and allow some time to propagate - usually 24h

also your domain  registrar dns records must be pointed to cloudflare namerservers

Above are my settings and working fine both sides - sending and receiving.

Best Regards,
Roman

first thank you both for your responds it helped me to write the dns in proper way (I guess) ..yes my domain pointed to the dns of the cloudflare..but I still have the problem.. it works only when I make A record for the hostname also if the records as " dns only " not as CDN. if I turn the CDN on I get error in the mail server " rDNS/PTR domain.com FAILED [Check SenderBase]"
here is how it worked for me .. by the way I have only one ip on the vps.
https://prnt.sc/h1jpdx

check what leafdns.com shows to you.

leafdns show no errors , and I enabled CDN again to the A record for the domain name and directly after that tested sending and receiving emails and it works now even with the error shown in the cwp " rDNS/PTR domain.com FAILED [Check SenderBase]" ...is it ok then to leave it as it is ? .. the only thing is that email goes to the junk folder with or without CDN on hotmail only ... gmail , yahoo are working fine.I installed + enabled DKIM & SPF, the SPF added also in the cloudflare dns and checked it with "https://250ok.com/tools/spf-analyzer/" and it says it's ok

when it goes to junk, then its not working right at the moment. allow some time to propagate. had similar issue and when you have basically same dns settings as i, then it should work fine. just allow at least 24hr to propagate and then test again. changing settings over and over wont help you much cus dns needs time "set up"

Ok . Thanks

If you use CloudFlare or any remote DNS provider, do you switch off BIND or do you keep it running? Should not all DNS records then be put into the remote one? Can you then delete all the .db files in the named folder?
And do you put the CloudFlare nameservers/IPs into the CWP NS/IP setup?
Any tried and tested advice most welcome

Hi, I use Cloudflare for all DNS.

• I have Bind turned off
• I put Cloudflare IP's in NS IP setup

You also need to add your DKIM & SPF records as text records to Cloudflare if you set these up on CWP mail server.

 

Hi, I use Cloudflare for all DNS.

• I have Bind turned off
• I put Cloudflare IP's in NS IP setup

You also need to add your DKIM & SPF records as text records to Cloudflare if you set these up on CWP mail server.

 

Thank you very much, it works!



Something else happened, maybe related to changes in the dns setup or cert files.
Now these errors come up:

"
host postfix/smtpd[36245]: connect from remote.server.com
host postfix/smtpd[36245]: Anonymous TLS connection established from remote.server.com: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bi$
host postfix/spawn[36328]: warning: command /usr/bin/python exit status 1
host postfix/smtpd[36245]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
host postfix/spawn[36328]: warning: command /usr/bin/python exit status 1
host postfix/smtpd[36245]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
host postfix/smtpd[36245]: warning: problem talking to server private/spfpolicy: Success
host postfix/smtpd[36245]: NOQUEUE: reject: RCPT from remote.server.com: 451 4.3.5 Server configuration problem; from=<postmaster@remote.server.com> to=<he$
host postfix/smtpd[36245]: disconnect from remote.server.com
"

and

"Mailserver rejected mail to postmaster. The Mailserver provided: unexpected response to [RCPT TO: ] | 451 4.3.5 Server configuration problem."
Consider, that the postmaster email address/mailbox exists and works, it can send and its emails are being received at the designated external recipient (e.g. at a gmail email address).

and

From another server to check the error out, this log came up:
  "
  ...
  SMTP>> STARTTLS
  SMTP<< 220 2.0.0 Ready to start TLS
LOG: MAIN
  [RemoteIP] SSL verify error: depth=0 error=unable to get local issuer certificate cert=/CN=host.remoteserver.com
LOG: MAIN
  [RemoteIP] SSL verify error: depth=0 error=unable to verify the first certificate cert=/CN=host.remoteserver.com
  SMTP>> EHLO host.localserver.com
  SMTP<< 250-host.remoteserver.com
         250-PIPELINING
         250-SIZE 204800000
         250-ETRN
         250-AUTH PLAIN LOGIN
         250-AUTH=PLAIN LOGIN
         250-ENHANCEDSTATUSCODES
         250-8BITMIME
         250 DSN
  SMTP>> MAIL FROM:<postmaster@localserver.com> SIZE=1616
  SMTP>> RCPT TO:<postmaster@remoteserver.com>
  SMTP>> DATA
  SMTP<< 250 2.1.0 Ok
  SMTP<< 451 4.3.5 Server configuration problem
  SMTP<< 454 4.5.1 Error: no valid recipients
  SMTP>> QUIT
  SMTP(close)>>
LOG: MAIN
  == postmaster@remoteserver.com R=dkim_lookuphost T=dkim_remote_smtp defer (-44) H=host.remoteserver.com [RemoteIP]: SMTP error from remote mail server after RCPT TO:<postmaster@remoteserver.com>: 451 4.3.5 Server configuration problem

for your postfix spf check issue you can see this instructions
http://forum.centos-webpanel.com/spf/policyd-spf-skip_addresses-not-ip-network/