Prattling Before the Pratfall

Dear Google Search AI: Can Cloudflare interfere with IMAP?

Yes, Cloudflare can interfere with IMAP (and SMTP/POP3) login if the mail subdomain is proxied (orange-clouded) in DNS settings.

- Cloudflare's standard proxy only handles HTTP/HTTPS traffic, so proxying mail traffic blocks the connection, causing login failures in apps like Outlook or Gmail.

- In the Cloudflare DNS dashboard, ensure the A/CNAME record for ://yourdomain.com is set to "DNS Only" (grey cloud) rather than "Proxied" (orange cloud).

- Correct Mail Subdomain: Ensure your email client uses a subdomain (like mail.example.com) that points directly to your mail server's IP, not the proxied root domain.

- Verify MX Records: Ensure your MX record points to a hostname that is not proxied. If you are seeing errors, it is likely because the mail client cannot reach the server's actual IP address.

That seems to be the likely cause of the problem I had today. With this in mind, I should be able to change the server entry for my e-mail accounts in a way that will avoid interacting with Cloudflare.

But wait, there’s more! Accessing the site on Firefox has this problem:

Error Code: SSL_ERROR_NO_CYPHER_OVERLAP

Everything is still, after all of this time, still so freakin’ delicate with computers and the Internet. One little tiny thing can cripple everything. As a learning experience, I will stay away from Cloudflare.

Bluehost has really pissed me off. If they don’t make me happy, I won’t wait until Trump is out office to shut down this site. I’ll do it before my plan renews at the beginning of next year.

What did Bluehost do to make me so mad? Here are a couple of comments I left for them on LinkedIn.

I am a 16-year customer, on a Bluehost chat right now, and I am not pleased. All of sudden, without prior notice, I need to buy a security certificate, just to log onto my email accounts with Thunderbird?! This is unacceptable!

SIXTEEN YEARS a customer, and out of nowhere you clobber my email client access without prior notification. Less marketing and more management, please! Send me a promo code for a Wildcard DV SSL to make me happy.

Follow-up: The LinkedIn complaint got a response. Cloudflare being the only change I have made in the past day, I put it on the table as a possible cause of the problem. Initially it seemed to be unrelated, because it should only affect website access, but now we aren’t so sure. Cloudflare is in the process of being deactivated. It remains to be seen if, assuming the process completes and Cloudflare is decoupled from my domain, e-mail client authentication works again. As I used to say at work, “Let’s swap all the tires until we find the flat one.”

Further Follow-up: Mail client access is working again for both sending and receiving messages. I’m waiting to hear what was broken and what fixed it.

Follow-follow-up: Bluehost doesn’t know. They’ve offered a suggestion as a workaround in case the problem returns, but that’s all it is. For the moment, it seems that Cloudflare, that should only touch WWW access, is mucking with MX access on my domain.

There is also the fact that whoever I was initially chatting with, AI or human, they guessed wrong and pointed me to a rabbit hole that would have caused me to buy an extra service that I don’t need. Major support points lost on that one.

The site is back to a “D” performance grade on Pingdom. 🙁 I will take reliability over performance every time.