How to Create DNS Records at Cloudflare

In my mail server tutorials, I recommend running mail server on ScalaHosting VPS, because their IP addresses are not on any blacklist. And I also recommend purchasing a domain name from NameCheap because the price is low and they give whois privacy protection free for life. It’s a good practice to buy web hosting and domain name from different vendors. This can minimize damages to your business if your account is compromised. You can transfer your domain name to NameCheap and learn how to create DNS records at NameCheap.

The DNS zone editor at ScalaHosting for self-managed VPS users is not very useful. If you accidentally bought a domain name from ScalaHosting, I recommend migrating your name server to Cloudflare, which features an easy-to-use DNS zone editor. Cloudflare can propagate your DNS records to the Internet in an instant, so you don’t have to wait several hours. Cloudflare also provides CDN (content delivery network) service and DDoS protection for free, so I highly recommend it.

Migrate Name Server to Cloudflare

To migrate name servers to Cloudflare, go to your ScalaHosting client area, click the Domains tab.

manage domain name at scalahosting

Then click the Manage button on the right and select Manage Nameservers.

scalahosting manage name servers

Choose theuse custom nameservers option and enter the following Cloudflare name servers.

  • brenda.ns.cloudflare.com
  • kurt.ns.cloudflare.com

scalahosting migrate name servers to cloudflare
Click the Change Nameservers button to apply your changes. Please note that DNS records can take up to 24 hours to propagate to the whole Internet. Next, you should go to https://cloudflare.com to create a free account at Cloudflare. Then click the Add a site button in your Cloudflare dashboard.

add a site on Cloudflare

Then enter your domain name.

Accelerate and protect your site with Cloudflare

On the next page, it will ask you to select a plan. You can choose the free plan, which is enough for a small/medium website. (I have been using Cloudflare for 5 years and never paid a penny.)

cloudflare plans and pricing

After that, Cloudflare will fetch your current DNS records and import them to your Cloudflare account. Simply click the Continue button.

cloudflare import DNS records

Once the transfer is complete, you can start editing DNS records at Cloudflare.

Create DNS Records at Cloudflare

Click the DNS tab in your Cloudflare dashboard to edit DNS records.

Create DNS Records at Cloudflare

Here are some DNS records you might want to add to your domain.

  • MX (Mail Exchanger) record: specifies which hosts are responsible for email delivery for a domain name, i.e. the hostnames of your mail server.
  • A (Address) record: Converts DNS names into IPv4 addresses.
  • TXT record: SPF, DKIM, DMARC, etc.

And I will show you how to add the above DNS records.

MX Record

The MX record specifies which host or hosts handle emails for a particular domain name. For example, the host that handles emails for linuxbabe.com is mail.linuxbabe.com. If someone with a Gmail account sends an email to [email protected], then Gmail server will query the MX record of linuxbabe.com. When it finds out that mail.linuxbabe.com is responsible for accepting email, it then queries the A record of mail.linuxbabe.com to get the IP address, thus the email can be delivered.

Note that when you create the MX record, you should enter @ or your apex domain name in the name field like below. An apex domain name is a domain name without sub-domain. The priority value can be any number between 0 and 65,356. A small number has a higher priority than a big number. It’s recommended that you set the value to 0, so this mail server will have the highest priority for receiving emails.

email server MX record

A Record

A Record (Address Record) maps a domain name to an IP address. After creating MX record, you also need to create an A record for mail.your-domain.com , so that it can be resolved to an IP address.

Enter mail in the Name field. Then enter the public IPv4 address of your mail server. Note that when you create A record for the hostname of your mail server, the Proxy status should be changed to DNS only. If it shows an orange cloud, click on it and it will change to a grey cloud icon. (Cloudflare does not support SMTP or IMAP proxy.)

cloudflare A record

SPF Record

SPF (Sender Policy Framework) is a type of TXT record. It specifies which hosts or IP address are allowed to send emails on behalf of a domain. You should allow only your own email server or your ISP’s server to send emails for your domain.

Create a new TXT record. Enter @ or your apex domain name in the Name field. Enter v=spf1 mx ~all in the Content field. Click the Save button to save your changes.

cloudflare SPF record

Explanation:

  • v=spf1 indicates this is an SPF record and the version is SPF1.
  • mx means all hosts listed in the MX records are allowed to send emails for your domain and all other hosts are disallowed.
  • ~all indicates that emails from your domain should only come from hosts specified in the SPF record. Emails that are from other hosts will be flagged as forged.

To check if your SPF record is propagated to the public Internet, you can use the dig utility on your Linux machine like below:

dig your-domain.com txt

The txt option tells dig that we only want to query TXT records.

DKIM Record

This is also a type of TXT record. DKIM (DomainKeys Identified Mail) uses a private key to digitally sign emails sent from your domain. Receiving SMTP servers verify the signature by using the public key, which is published in the DNS DKIM record.

The DKIM private/public key pair is produced by software on the mail server. The method to get the DKIM public key can be different depending on the software you use. If you follow my iRedMail or Modoboa tutorial, please read that tutorial to find how to get the DKIM public key.

Once you have the key, create a new TXT record in your Cloudflare dashboard. Enter dkim._domainkey in the Name field if you follow my iRedMail tutorial. Enter modoboa._domainkey in the Name field if you follow my Modoboa tutorial. Next, copy the DKIM public key to the Content filed. Note that you need to Delete all double quotes and line breaks. You can copy the DKIM public key to a text editor first, delete the double quotes and line breaks, then copy it to the Value field in ScalaHosting.

cloudflare DKIM record

Click the Save button to save your changes.

DMARC Record

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. DMARC can help receiving email servers to identify legitimate emails and prevent your domain name from being used by email spoofing.

Create a new TXT record. Enter _dmarc in the Host field. Enter v=DMARC1; p=none; pct=100; rua=mailto:[email protected] in the Value field. (You should create the [email protected] email address.) Click the check button to save your changes.

Cloudflare DMARC record

PTR record

A pointer record, or PTR record, maps an IP address to an FQDN (fully qualified domain name). It’s the counterpart to the A record and is used for reverse DNS lookup, which can help with blocking spammers. Many SMTP servers reject emails if no PTR record is found for the sending server.

To check the PTR record for an IP address, run this command:

dig -x IP-address +short

or

host IP-address

PTR record is not controlled by your domain registrar. Because you get IP address from your hosting provider or ISP, not from your domain registrar, so you must set PTR record for your IP in the control panel of your hosting provider, or ask your ISP. Its value should be your mail server’s hostname: mail.your-domain.com. If your server uses IPv6 address, be sure to add a PTR record for your IPv6 address as well.

To edit the reverse DNS record for your ScalaHosting VPS, log into ScalaHosting client area, then use the live chat on the bottom-right corner, tell the support team to update the PTR record of your server IP addresss to mail.your-domain.com.

Wrapping Up

I hope this article helped you create DNS record at Cloudflare. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks. Take care 🙂

Rate this tutorial
[Total: 0 Average: 0]

3 Responses to “How to Create DNS Records at Cloudflare

  • Michael Harris
    3 years ago

    I registered my domain name with Google, built a web server, coded a webpage on Apache2. Keep getting error on browser: “can’t resolve domain name”. Running out of ideas on how to get this up and running. Any help would be appreciated.

    • Xiao Guoan (Admin)
      3 years ago

      Depending on the domain registrar you use, it can take up to 24 hours for DNS records to propagate.
      Go to https://dnsmap.io/ to check DNS records propagation.
      Hint: Cloudflare DNS records propagate instantly.

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.

The maximum upload file size: 2 MB. You can upload: image. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here