How to prevent exposing origin IP address on Cloudflare?

爷,独闯天下 提交于 2019-12-22 01:48:37

问题


On Cloudflare DNS setting page it state that An A, AAAA, CNAME, or MX record is pointed to your origin server exposing your origin IP address.

I have an MX record on my domain pointing to mail.mydomain.com. I believe it is something needed for the mail to work. How can I prevent it from exposing my origin IP address?


回答1:


CloudFlare forwards your traffic through their network by replacing the IP in DNS records with CloudFlare's IP. This process works well in all situation except mail servers. CloudFlare does not offer any service for forwarding mail and as such when you take a MX record and point it to a CloudFlare forwarded domain, CloudFlare will give away server's real IP.

Instead a better practice is to use a third party mail service (such as Zoho, or Google Apps, etc.), or have your mail server running on a different IP. You can then point the MX record to the new record or mail server not located on your machine, and keep the real IP hidden safely.

Good luck




回答2:


1 of 2 solutions:

  1. Delete the MX record that CloudFlare uses. (Since they don't use it anyway.)

  2. Replace your MX domain text (mail.example.com) with its domain IP numbers (44.123.12.44). Then CloudFlare WILL replace it correctly.

I'm not sure why mail-servers IP addresses should be kept top-secret. It's pretty easy to guess that example.com often will use mail.example.com. And email NEEDS to know the address anyway... otherwise it won't function.



来源:https://stackoverflow.com/questions/36564586/how-to-prevent-exposing-origin-ip-address-on-cloudflare

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!