How to Add a Primary Domain or Subdomain in Cloudflare?
I. Prerequisites
Before you start, make sure you have:
- A domain name (e.g., example.com)
- A registered and logged-in Cloudflare account
- Your domain already added to Cloudflare (NS records pointed to Cloudflare)
II. Access the DNS Management Interface
- Log in to Cloudflare
- Select your domain
- Click DNS in the top menu
- Go to the Records page
III. Add DNS Records
Add the following records one by one using the parameters provided by your email service provider (uSpeedo).
1. Add SPF Record (TXT)
Used to specify which servers are allowed to send emails on behalf of your domain.
- Type: TXT
- Name: @ (or your domain)
- Content: v=spf1 include:xxx ~all
- TTL: Auto
2. Add DKIM Record (CNAME)
Used for email signature verification and improved deliverability.
- Type: CNAME
- Name: xxx._domainkey
- Target: xxx.uspeedo.net
- TTL: Auto
⚠️ Note:
- Must be set to DNS Only (gray cloud)
- Do not enable Cloudflare proxy (orange cloud)
3. Add DMARC Record (TXT)
Used to enforce email authentication policies.
- Type: TXT
- Name: _dmarc
- Content: v=DMARC1; p=none; rua=mailto:xxx@yourdomain.com
- TTL: Auto
4. Add MX Record (If You Need to Receive Emails)
If you also need to receive emails:
- Type: MX
- Name: @
- Value: Mail server address
- Priority: 10 (or as required by your provider)
IV. Important Configuration Notes
❗ 1. Disable Proxy (Critical) For these records:
- MX
- TXT (SPF / DMARC)
- CNAME (DKIM)
👉 Must be set to: DNS Only (gray cloud)
Otherwise:
- DNS will not resolve correctly
- Email authentication will fail
- Emails will go to spam
❗ 2. DNS Propagation Time
- Typical: 5 minutes ~ 2 hours
- Maximum: 24 ~ 48 hours
❗ 3. Incomplete Automatic DNS Scanning Cloudflare automatically scans existing records, but:
- May miss MX / email records
- Manual supplementation is required
V. Verify Domain Configuration
After completing DNS setup:
- Return to the uSpeedo Console
- Click Verify Domain
- Wait for the verification to pass
VI. FAQ
❓ Why does verification fail? Common causes:
- DKIM not set to DNS Only
- Incorrect SPF value
- DNS not yet propagated
- Wrong subdomain used
❓ Can I use a subdomain? Yes, recommended: mail.yourdomain.com
Benefits:
- Does not affect root domain reputation
- Easier to isolate sending traffic
❓ Does Cloudflare support CNAME? Yes, but:
- Root domain (example.com) does not support CNAME
- Subdomains can use CNAME
VII. Best Practices (Highly Recommended)
1. Use a Subdomain for Sending
Recommended:
- mail.xxx.com
- send.xxx.com
Not recommended:
- xxx.com (direct sending)
2. Separate by Purpose
Transactional emails:
- notify.xxx.com
Marketing emails:
- promo.xxx.com
3. Complete All Three Authentications
You must have all three:
- SPF
- DKIM
- DMARC
Otherwise: 👉 Emails will easily end up in the spam folder
VIII. Summary
Complete these steps to send emails normally:
- Add SPF / DKIM / DMARC
- Disable proxy (DNS Only)
- Wait for DNS propagation
- Verify the domain in the platform