Problems with migration

Hey everyone, last Saturday I changed the nameservers of my domain to cloudflare nameservers. Since that "migration", I run in a lot of trouble. Like my IMAP-Service is not reachable anymore and sometimes my domain isn't reachable too. But for some users it's reachable at this moment, while for other users it isn't reachable. PS: I already tried the "Developers Mode", but those issues still there. So maybe someone of you can help me. If this isn't understandable, tell me so I can tell you more. Appreciate you, thanks! :)
32 Replies
Kilian
KilianOP5mo ago
If someone says: "Maybe the DNS-Records are wrong": They are not.
Erisa
Erisa5mo ago
Maybe the dns records are proxied when they shouldn't be? when you say not reachable, what error do you get?
Kilian
KilianOP5mo ago
If I active the „Developer Mode“ the proxied is deactivated, isn‘t it? Just the error it‘s not reachable.
Erisa
Erisa5mo ago
No the developer mode bypasses cache, not proxy. The requests still go through Cloudflare you most likely have a record proxied that shouldnt be, mail related records usually shouldnt be proxied
Kilian
KilianOP5mo ago
The are not proxied.
Erisa
Erisa5mo ago
Which ones? a screenshot or domain name might help, its difficult to keep shooting in the dark
Kilian
KilianOP5mo ago
one sec, dont like to reveal my ips
Kilian
KilianOP5mo ago
No description
No description
1.1.1.1
1.1.1.15mo ago
DNS over Discord: A records
triostate.net. A @8.8.8.8 +noall +answer
NAME | TTL | DATA
---------------+------+---------------
triostate.net. | 300s | 104.21.6.246
triostate.net. | 300s | 172.67.135.129
NAME | TTL | DATA
---------------+------+---------------
triostate.net. | 300s | 104.21.6.246
triostate.net. | 300s | 172.67.135.129
diggy diggy hole
Kilian
KilianOP5mo ago
okay I did Still not avaible. They are
Kilian
KilianOP5mo ago
No description
No description
Chaika
Chaika5mo ago
I don't see that? They look authoritative to me and respond fine, querying a generic cf ns server not assigned to him shows jen is the primary which checks out you'd have to be more specific on the error, I don't see enough info in here. If you are trying to use imap/some email client with your domain name (triostate.net), it'd have to be mail.triostate.net now since triostate.net is behind proxy
Kilian
KilianOP5mo ago
Isn't this specific enough?
Chaika
Chaika5mo ago
nope, no error or exact description. Imap service where? with what error? with what client?
Kilian
KilianOP5mo ago
ok I'm trying to add my mails to my next cloud and the only error I get i: IMAP-Server is not avaible.
Chaika
Chaika5mo ago
what config are you trying to use (blur anything sensitive like usernames/passes/etc)
Kilian
KilianOP5mo ago
And sometimes my whole domain is not reachable for some users one sec
Kilian
KilianOP5mo ago
No description
No description
Chaika
Chaika5mo ago
if you had two provider's nameservers set before and only fixed them when leo pointed it out, could just be from that. I would focus on imap issue for now & wait/see on that until after and the only thing it says is just "IMap-Server is not available"?
Kilian
KilianOP5mo ago
Yes, before I changed the ns it was reachable So I guess its a proxied issue
Chaika
Chaika5mo ago
mail.triostate.net isn't proxied, so not related
Kilian
KilianOP5mo ago
So why it's not working? You understand me? I've never started a post if I knew the anwser.
Chaika
Chaika5mo ago
the imap server on mail.triostate.net looks reachable. Did it work before changing ns?
Kilian
KilianOP5mo ago
Yes, as I said.
Chaika
Chaika5mo ago
Does it work with other email clients other then next cloud (may give more info on its failure)?
Kilian
KilianOP5mo ago
Havent tryed yet but np I use Outlook on mobile, it's unreachable too
Chaika
Chaika5mo ago
CF is just acting as a nameserver/dns here and returning 176.96.136.55 for mail.triostate.net.. Does that IP sound right? If you still have the old dns and dns config, I would double check it
Kilian
KilianOP5mo ago
It's right, have a lot (one sec)
Kilian
KilianOP5mo ago
there you go
No description
Kilian
KilianOP5mo ago
the old dns records
Chaika
Chaika5mo ago
opps didn't see, yea that looks fine. I poked around a bit more and you don't have a valid ssl/tls certificate being served for IMAP. https://testtls.com/mail.triostate.net/993 Looks like valid for webmail subdomain, could try that subdomain (disable proxy on it and use it) or get your host to issue a certificate for the mail subdomain. You could also disable the cert checking in nextcloud but really not recommended as you're throwing away security/possiblity of mitm
Kilian
KilianOP5mo ago
Hey, I renewed my ssl/tls certificate and it worked. To be honest I've not activated this certificate. Thanks for your help.
Want results from more Discord servers?
Add your server