CloudFlare external DNS

Has anyone tried to setup their miab with cloudflare?

Hi m4rcs,

You are able to use CloudFlares Free DNS Service with your Mail in a Box. But this is not recommended.
CloudFlare does not support DNSSEC and DANE TLSA :wink:

But if you want to setup it with CloudFlare, just add your domain to your CloudFlare Account, and type in the records standing in the “External DNS” Section of your MiaB-Instance :wink: This will work fine :slight_smile:

Ehm DNSSEC is supported, so that why i’m asking.

Hi m4rcs,

Thank you for this information. That was new to me :smile:
I will test their implementation, but that sounds great!

So… I have tested it. It is right that you can use DNSSEC with CloudFlare now. But this is not working with MiaB.
These are the reasons, why not:

  • The DNSSEC Implementation of CloudFlare does only allow to use Keys generated by themself :wink: You cannot import the one generated by MiaB. (…and in my opinion you cannot import the key from CloudFlare to your MiaB because CloudFlare does not tell you the private part of the key ;))
  • Creating TLSA Records (for DANE TLS) is not supported (yet) by the DNS Editor of CloudFlare.

But you can still use CloudFlares DNS without DNSSEC or DANE TLS.

That’s fine. I don’t think it matters whose keys you use, as long as the ones that are actually in use correspond to the DS record that you set at your registrar. You’ll just have to ignore the box’s status checks about the DS record being incorrect configured.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.