メールレコードの設定

ドメインのメールレコードを設定する理由は3つあります：

• ドメインがメールを受信できることを確認するため。
• ドメインがメールを送受信できることを確認するため。
• 他のメール送信者があなたのドメインを偽装するのを防ぐため。

---

Receive email

If you only need to receive emails, Cloudflare offers Email Routing for free email forwarding to custom email addresses.

Send and receive email

To send and receive emails from your domain, you need:

• An SMTP provider.
• To create two DNS records within Cloudflare.

To route emails through Cloudflare and to your mail server:

1. Get the IP address and MX record details from your SMTP provider (vendor-specific guidelines).

2. Add an A or AAAA record for your mail subdomain that points to the IP address of your mail server.

   Type	Name	IPv4 address	Proxy status
   A	mail	192.0.2.1	DNS only

   API example

   Request

   curl "https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/dns_records" \
   --header "x-auth-email: <EMAIL>" \
   --header "x-auth-key: <API_KEY>" \
   --header "Content-Type: application/json" \
   --data '{
     "type":"A",
     "name":"www.example.com",
     "content":"192.0.2.1",
     "ttl":3600,
     "proxied":false
   }'

   Response

   {
     "result": {
       "id": "<ID>",
       "zone_id": "<ZONE_ID>",
       "zone_name": "example.com",
       "name": "www.example.com",
       "type": "A",
       "content": "192.0.2.1",
       "proxiable": true,
       "proxied": false,
       "ttl": 1,
       "locked": false,
       "meta": {
         "auto_added": false,
         "managed_by_apps": false,
         "managed_by_argo_tunnel": false,
         "source": "primary"
       },
       "comment": null,
       "tags": [],
       "created_on": "2023-01-17T20:37:05.368097Z",
       "modified_on": "2023-01-17T20:37:05.368097Z"
     },
     "success": true,
     "errors": [],
     "messages": []
   }

3. Add an MX record that points to that subdomain.

   Type	Name	Mail server	TTL
   MX	@	mail.example.com	Auto

   API example

   Request

   curl "https://api.cloudflare.com/client/v4/zones/<ZONE_ID>/dns_records" \
   --header "x-auth-email: <EMAIL>" \
   --header "x-auth-key: <API_KEY>" \
   --header "Content-Type: application/json" \
   --data '{
     "type":"MX",
     "name":"example.com",
     "content":"mail.example.com",
     "ttl":3600
   }'

   Response

   {
     "result": {
       "id": "<ID>",
       "zone_id": "<ZONE_ID>",
       "zone_name": "example.com",
       "name": "example.com",
       "type": "MX",
       "content": "mail.example.com",
       "priority": 10,
       "proxiable": false,
       "proxied": false,
       "ttl": 3600,
       "locked": false,
       "meta": {
         "auto_added": false,
         "managed_by_apps": false,
         "managed_by_argo_tunnel": false,
         "source": "primary"
       },
       "comment": null,
       "tags": [],
       "created_on": "2023-01-17T20:54:23.660869Z",
       "modified_on": "2023-01-17T20:54:23.660869Z"
     },
     "success": true,
     "errors": [],
     "messages": []
   }

ノート

If you encounter issues with your email setup, refer to our troubleshooting guide.

---

ドメインの偽装を防ぐ

There are several DNS mechanisms to prevent others from sending emails on behalf of your domain. These all work as TXT records that need to be added on your domain:

• Sender Policy Framework (SPF) ↗: List authorized IP addresses and domains that can send email on behalf of your domain.
• DomainKeys Identified Mail (DKIM) ↗: Ensure email authenticity by cryptographically signing emails.
• Domain-based Message Authentication Reporting and Conformance (DMARC) ↗: Receive aggregate reports about your email traffic and provide clear instructions for how email receivers should treat non-conforming emails.

ノート

For additional background on email security records, refer to the introductory blog post ↗.

メールセキュリティレコードの設定

セキュリティレコードを参照して、メールセキュリティレコードの設定方法を学んでください。