Cloudflare's Mail Servers?

Hi all

,

So I was reading the Cloudflare website here: https://www.cloudflare.com/learning/dns/dns-records/dns-spf-record/ and it said that SPF records should follow this format:

v=spf1 ip4:192.0.2.0 ip4:192.0.2.1 include:examplesender.email -all

v=spf1 ip4:192.0.2.0 ip4:192.0.2.1 include:examplesender.email -all

How can I include Cloudflare's mail servers though? What should I write for that? I couldn't find any documentation specifying what should be typed. ChatGPT said:

include:spf.cloudflare.com

include:spf.cloudflare.com

but I'm not sure if that's correct?

gunterOP•4/22/24, 7:21 PM

Additional info:

The reason I believe Cloudflare's mail servers has something to do with this is due to the above whenever I send mail ^

Ggunter Hi all 👋, So I was reading the Cloudflare website here: https://www.cloudflare...

Chaika•4/22/24, 7:22 PM

Cloudflare's mail servers would only be involved if you were using Cloudflare's Email Routing

Chaika•4/22/24, 7:22 PM

What email service are you using? You should have them in your spf record

Ggunter Additional info: ``` X-FEAS-SPF-Spam: spf-result=fail, ip=35.89.44.37, helo=omta...

gunterOP•4/22/24, 7:23 PM

It seems like is one of Cloudflare's mail servers. I actually whitelisted that IP address by adding it to my SPF record, however, new IP addresses kept showing up thereafter, and I can't keep whitelisting IP addresses

CChaika Cloudflare's mail servers would only be involved if you were using Cloudflare's ...

gunterOP•4/22/24, 7:23 PM

Hmm, I see

CChaika What email service are you using? You should have them in your spf record

gunterOP•4/22/24, 7:23 PM

I'm using HostGator

Ggunter It seems like `35.89.44.37` is one of Cloudflare's mail servers. I actually whit...

Chaika•4/22/24, 7:23 PM

no 35.89.44.37 is an AWS IP, looks like for proofpoint?

Chaika•4/22/24, 7:24 PM

https://www.cloudmark.com/en

Proofpoint

Messaging security for evolving threats | Cloudmark EN

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Ggunter I'm using HostGator

Chaika•4/22/24, 7:24 PM

they should tell you what SPF and DKIM records to add then

CChaika no 35.89.44.37 is an AWS IP, looks like for proofpoint?

gunterOP•4/22/24, 7:27 PM

Oh, I see. How could you tell which IP address is associated with which company? Here is another one:

The IP address is this time.

CChaika no 35.89.44.37 is an AWS IP, looks like for proofpoint?

gunterOP•4/22/24, 7:28 PM

What is proofpoint btw?

Ggunter Oh, I see. How could you tell which IP address is associated with which company?...

Chaika•4/22/24, 7:28 PM

there's various IP lookup tools and such: https://www.ip-tracker.org/lookup.php?ip=44.202.169.37

44.202.169.37 IP, Location: Ashburn, United States US

IP: 44.202.169.37 / AS14618, Type: IPv4, Hostname: omta038.useast.a.cloudfilter.net, IP Location Information: Ashburn, Virginia, United States US

CChaika https://www.cloudmark.com/en

gunterOP•4/22/24, 7:29 PM

Yeah, the message shows: and when I go to that site, it redirects me to this page you linked here

Chaika•4/22/24, 7:29 PM

on linux you can just do and get a more authoritive answer to who the ip block was assigned to

Chaika•4/22/24, 7:29 PM

but regardless you should look in or ask Hostgator what SPF and DKIM records you need for their email service, would be the fastest way

Chaika•4/22/24, 7:29 PM

there is going to be some simple list you can just include

gunterOP•4/22/24, 7:31 PM

I see

CChaika but regardless you should look in or ask Hostgator what SPF and DKIM records you...

gunterOP•4/22/24, 7:33 PM

Yeah, I got it:

Ggunter Yeah, I got it:

Chaika•4/22/24, 7:33 PM

it's not going to be Cloudflare's spf list

Chaika•4/22/24, 7:34 PM

CF doesn't do email proxying or anything, at most email forwarding and that's largely receive only, if you're sending out mail manually it's via some other avenue

gunterOP•4/22/24, 7:35 PM

But when I added