Overview
This guide demonstrates how to add a root domain or subdomain to Cloudflare and configure the (sub)domain with each Mailgun DNS record. This guide assumes that you have already created your Cloudflare account.
While this guide is intended to be as helpful and comprehensive as possible, there is a small possibility that you will encounter an error or issue of some kind while configuring your DNS records within Cloudflare. If that is the case, we recommend contacting Cloudflare's Support Team as they will be able to most quickly identify and resolve the issue (or, at minimum, provide next steps).
Deciding between a root domain or subdomain
Deciding which domain to use - especially whether to use your root domain or a subdomain of that root domain - is key before proceeding any further. As this can be a challenging decision to make, we recommend reviewing the following Mailgun articles if needed:
- Choosing a domain name
- The basics of email subdomains
- Can I use the same domain name for Mailgun and my personal email account?
Nevertheless, let's briefly review two key terms: root domains and subdomains.
Examples of root domains include mailgun.com, mydnsexample.com, or google.com. Examples of subdomains include relay.mailgun.com, mg.mydnsexample.com, or mail.google.com. Notice the pattern: subdomains have an extra prefix (or sometimes multiple prefixes) before the primary domain name itself. In most cases using a subdomain with Mailgun is preferred, but we cover this topic more comprehensively in the above articles.
Finally, once a decision has been reached, add the (sub)domain to your Mailgun account, and our system will generate the various DNS records needed . We cover adding (and deleting) domains in detail within this in-depth guide.
Adding the domain
There are three methods of adding a domain or subdomain within Cloudflare:
- Method 1: Registering a new domain/subdomain with Cloudflare
- Method 2: Transferring an existing (sub)domain's registration from another Domain Registrar to Cloudflare
- Method 3: Configuring an existing (sub)domain's nameservers within the Domain Registrar to reference Cloudflare rather than the current DNS provider
The first method of adding a (sub)domain within the Cloudflare Control Panel only takes 3 steps, and this is covered in this guide. We will list those steps below, but if desired, you can also reference Cloudflare's Adding (Buying) A Domain articles. If you already have a domain purchased and registered elsewhere, you'll need to transfer the domain to Cloudflare (see the next paragraph) or configure your nameserver records to reference Cloudflare (see the paragraph after the next paragraph).
However, the second method of adding a (sub)domain within the Cloudflare Control Panel is not covered in this article; nonetheless, Cloudflare documents how the transfer process works within their system. Transferring a domain's registration between Domain Registrars is an intricate process, and a mistake can have catastrophic impact upon your online presence. Therefore, it is our recommendation to contact the Domain Registrar if you have any questions or encounter any issues regarding with the Domain Registration and Nameserver Management processes. See also section "The Domain Registrar And Nameserver Records" of the guide for more details.
A third method, configuring an existing (sub)domain's nameservers within the Domain Registrar to reference Cloudflare rather than the current DNS provider, is partially covered in this guide. Similar to the explanation in the second method above, changes in your Domain Registrar must be carefully and precisely made. As such, working directly with the Domain Registrar may be imperative for ensuring the nameserver (NS) records are updated appropriately. Nonetheless, we cover the Cloudflare side of the equation below.
Tip: For larger images, right-click and select the option "Open Image in New Tab" (or Window).
Don't own a domain or need a new domain? (First Method)
If you need to create a new (sub)domain and have it hosted with Cloudflare, follow the below steps to register your new domain (or subdomain) with Cloudflare.
-
Login to your account.
-
Click the Domain Registration option (or better, the down arrow to it's right) on the left-hand navigation pane. Then, click the Register Domains suboption. Finally, enter the new domain name you wish to add (buy/purchase) from Cloudflare inside the center textbox.
-
Enter your contact information for ICANN and complete the domain registration process.
Already own a domain hosted somewhere else? (Third Method)
If you already own an existing (sub)domain that is registered elsewhere with another Domain Registrar, but you would like to manage the DNS at Cloudflare, this is possible by performing the following steps of adding a "website":
-
Login to your account.
-
Click the Websites option on the left-hand navigation pane. Then, click the Add Site button in the center of the page.
-
Enter your existing (sub)domain in the textbox. Then, click the Add site button.
-
Select the relevant plan for your needs. (This example selects the Free plan).
- Cloudflare will allow you to enter DNS records for your (sub)domain now. This is not required, however, and you can click the Continue button to add the records later.
- Once the "website" is added, you'll see your domain listed on the Website homepage. It will not show "Active" with a green checkmark until you add Cloudflare's NS records to your Domain Registrar. You can find your domain's specific Cloudflare NS records by following the steps outlined in this article. For the specific information of how/where to add the NS records within your Domain Registrar, the Domain Registrar themselves will be the best resource to consult.
- Once Cloudflare's NS records have been added to your Domain Registrar and Cloudflare verifies their presence, their site will display the below, which means the domain's DNS hosting is fully configured and active on their system.
Configuring the domain
Once the domain has been added, you may access it in the future using the following steps.
- If you're shown the Home page upon login, you'll see a list of domains in the center of the page. Click the box that contains the domain name in question.
-
Click the DNS option (or better, the down arrow to it's right) on the left-hand navigation pane. Then, click the Records suboption.
-
View, create, or edit the desired DNS records for the domain.
Configuring SPF
SPF records help protect your domain against spoofed emails and decrease* the likelihood your emails will be flagged as spam. (* Exceptions apply: e.g. actual spam/phishing emails will still be considered as such by mailbox providers even with the presence of an SPF record.)
Additionally to our guide, Cloudflare does provide their own SPF tutorial (though it is generalized for each type of record in their system). Interested in more extensive technical details concerning SPF records? Please reference this Mailgun article, RFC 7208, or Cloudflare's technical documentation.
Tip: For larger images, right-click and select the option "Open Image in New Tab" (or Window).
Configuring a root domain with the SPF record
Within your Cloudflare Control Panel, enter the SPF record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example domain called mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
TXT Notes:
|
Name |
@ Notes:
|
TTL |
5 min Notes:
|
Content |
v=spf1 include:mailgun.org ~all Notes:
|
Configuring a subdomain with the SPF record
Within your Cloudflare Control Panel, enter the SPF record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example subdomain called mg.mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
TXT Notes:
|
Name |
mg Notes:
|
TTL |
5 min Notes:
|
Content |
v=spf1 include:mailgun.org ~all Notes:
|
Configuring DKIM
DKIM records help authenticate your domain against forged emails and decrease* the likelihood your emails will be flagged as spam. (* Exceptions apply: e.g. actual spam/phishing emails will still be considered as such by mailbox providers even with the presence of an DKIM record.)
Additionally to our guide, Cloudflare does provide their own DKIM tutorial (though it is generalized for each type of record in their system). Interested in more extensive technical details concerning DKIM records? Please reference this Mailgun article, RFC 6376, or Cloudflare's technical documentation.
Tip: For larger images, right-click and select the option "Open Image in New Tab" (or Window).
Configuring a root domain with the DKIM record
Within your Cloudflare Control Panel, enter the DKIM record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example domain called mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
TXT Notes:
|
Name |
pic._domainkey Notes:
|
TTL |
5 min Notes:
|
Content |
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA Notes:
|
Configuring a subdomain with the DKIM record
Within your Cloudflare Control Panel, enter the DKIM record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example subdomain called mg.mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
TXT Notes:
|
Name |
pic._domainkey.mg Notes:
|
TTL |
5 min Notes:
|
Content |
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA Notes:
|
Configuring MX
MX records describe where emails intended for your domain should be sent.
Additionally to our guide, Cloudflare does provide their own MX tutorial (though it is generalized for each type of record in their system). Interested in more extensive technical details concerning MX records? Please reference RFC 5321 or Cloudflare's technical documentation.
Tip: For larger images, right-click and select the option "Open Image in New Tab" (or Window).
Configuring a root domain with the MX records
Within your Cloudflare Control Panel, enter the MX records information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example domain called mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
MX Notes:
|
Name |
@ Notes:
|
Mail server |
mxa.mailgun.org mxb.mailgun.org Notes:
|
TTL |
5 min Notes:
|
Priority |
10 Notes:
|
Configuring a subdomain with the MX records
Within your Cloudflare Control Panel, enter the MX records information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example subdomain called mg.mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
MX Notes:
|
Name |
mg Notes:
|
Mail server |
mxa.mailgun.org mxb.mailgun.org Notes:
|
TTL |
5 min Notes:
|
Priority |
10 Notes:
|
Configuring CNAME
CNAME records alias (point or direct) one domain name to another domain name, which in this case effectively associates your emails with Mailgun and allows tracking of opens and clicks.
Additionally to our guide, Cloudflare does provide their own CNAME tutorial (though it is generalized for each type of record in their system). Interested in more extensive technical details concerning MX records? Please reference RFC 1034 or Cloudflare's technical documentation.
Tip: For larger images, right-click and select the option "Open Image in New Tab" (or Window).
Configuring a root domain with the CNAME record
Within your Cloudflare Control Panel, enter the CNAME record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example domain called mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
CNAME Notes:
|
Name |
Notes:
|
Target |
mailgun.org Notes:
|
Proxy Status |
DNS only Notes:
|
TTL |
5 min Notes:
|
Configuring a subdomain with the CNAME record
Within your Cloudflare Control Panel, enter the CNAME record information that is displayed in your Mailgun Control Panel. (In the Mailgun Control Panel, you'll click on the Sending option followed by the Domain settings suboption found within in the left-hand navigation pane, and then click on the DNS records tab).
Both the image above and the table below - using an example subdomain called mg.mydnsexample.com - provide additional guidance for adapting certain values (such as the Hostname) into Cloudflare's system. Other DNS nuances and problematic scenarios that you may encounter are also explained in detail. Generally, the bolded-in-blue-text within the table can be copied-and-pasted for each field, unless it is noted otherwise (such as the DKIM value, which is unique for every Mailgun domain).
Field | Enter |
---|---|
Type |
CNAME Notes:
|
Name |
email.mg Notes:
|
Target |
mailgun.org Notes:
|
Proxy status |
DNS only Notes:
|
TTL |
5 min Notes:
|
The domain registrar and nameserver records
A somewhat common situation we witness concerns a customer having recently migrated (or currently being in the process of migrating) from one DNS hosting provider to another; however, their Mailgun DNS records are failing to verify within their Mailgun Control Panel. Perhaps you yourself are experiencing this exact situation. If so, there is a solution: update the domain's registration information.
Whenever anyone switches DNS hosting providers (e.g. from DigitalOcean to Cloudflare), they must also update their Nameserver (NS) records within their Registrar's system. Your Registrar is the company through whom you purchased the domain and with whom the domain is registered on the Internet. As a note, Cloudflare is a Domain Registrar, but they may not be your domain's Registrar.
If you need assistance identifying the Registrar for your domain, the ICANN WHOIS website can assist you in this task. Alternatively, you can use a MacOS/Linux terminal to obtain this information:
Scan the output results for the line that contains the Registrar URL information. It is this field that will identify the domain's Registrar and their website.
For more guidance on updating your registrar and the associated nameserver records to reflect your DNS hosting with Cloudflare, please review Cloudflare's nameserver documentation and registration documentation. Additionally, if you're experiencing a domain registration issue, it is best to reach out to the Registrar directly. Mailgun, in such a scenario, would not have any insight additional to the publicly available WHOIS information mentioned above.
Need Support?
Our Support Team here at Sinch Mailgun is happy to help! Reach out to us in the Support page of your Mailgun Control Panel, and we'll be with you shortly!