EnglishHello! I’ve been trying to further secure my self-hosted Mailcow instance. Right now, I am port forwarding so that the A record points to my IP correctly. I tried using Cloudflare tunnels and turned off proxying and that did work however when I used https://mail-tester.com I got a 8.9/10 score since my rDNS records weren’t being recognized when using the tunnel. I was wondering if this is an acceptable score since using Cloudflare tunnels would be preferred.
Thanks in advance.
it depends. I got only 8.1 and the reason was how the test email was written.
It checks for newsletters, and not for private mails.
Have something to say?
Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!
If a wrong PTR is the reason for the reduced score, I’d say this being more important. A PTR should be valid if you want to reliably send emails.
Does Cloudflare Tunnels actually assign you a static IP? Not sure if you can change the PTR/rDNS for that IP.
pkernstock Thanks for the reply, yes, the reduced score is mainly from no reverse DNS (which is what I assume you mean when you said “PTR”). I’m not sure about the static IP, but since I turned off proxying I thought it would use my IP.
Thanks!
esackbauer Thanks for the reply, the reduced score is due to there being no reverse DNS recognised.
Thanks!
pkernstock I looked on the Cloudflare dashboard and it does seem you can add PTR records! I’m unsure what to put in the record though, as I’d be using a Cloudflare tunnel. Would I just put my public IP?
Thanks in advance.
I don’t know. The PTR needs to be set from the owner of the IP and is usually done from the owner of the IP. That having said - are you sure that you have public-reachable, static IPs with your pre-defined ports required for emailing when using Cloudflare tunnel?
pkernstock Thanks for the fast reply, I tried turning off port forwarding on my router and setting up a Cloudflare Tunnel and I could send emails to mail-tester.com. When I ran the test, I got a score of 8.9/10 again due to no rDNS being recognized. I added a PTR record but it didn’t allow me to add my public IP so I ended up just pointing the domain to itself which didn’t work.
Thanks!
