Setting Up DNS Records in Cloudflare

This guide will walk you through adding the necessary DNS records to your Cloudflare domain to verify ownership and enable email authentication for Brew.

For official documentation from Cloudflare, please visit their Manage DNS Records page.

Prerequisites

  • A Cloudflare account with your domain already added
  • Your domain added to Brew (from the Set Sending Domain step)

Step-by-Step Instructions

1

Log in to Cloudflare

Go to Cloudflare.com and log in to your account.

2

Access your domain's DNS settings

  1. Select your domain from the dashboard
  2. Click on “DNS” in the left sidebar
  3. Navigate to the “DNS Records” tab

3

Add MX Record

  1. Click “Add record”
  2. Select “MX” from the Type dropdown
  3. For the Name field, enter the subdomain you’re using with Brew (e.g., “mail” or “news”)
  4. For the Mail server field, paste the MX value from your Brew dashboard
  5. Set Priority to 10
  6. Set TTL to Auto
  7. Ensure Proxy status is set to “DNS only” (gray cloud)
  8. Click “Save”

Setting the correct proxy status is critical. Make sure the proxy is disabled (gray cloud) for all email-related DNS records.

4

Add SPF Record (TXT)

  1. Click “Add record”
  2. Select “TXT” from the Type dropdown
  3. For the Name field, enter the same subdomain you used for the MX record
  4. For the Content field, paste the SPF value from your Brew dashboard
  5. Set TTL to Auto
  6. Ensure Proxy status is set to “DNS only” (gray cloud)
  7. Click “Save”

The SPF record value should look something like v=spf1 include:spf.getbrew.ai ~all

5

Add DKIM Records (CNAME)

For each DKIM record shown in your Brew dashboard:

  1. Click “Add record”
  2. Select “CNAME” from the Type dropdown
  3. For the Name field, enter the long string ending with ._domainkey (copy exactly as shown in Brew)
  4. For the Target field, paste the DKIM value from your Brew dashboard
  5. Set TTL to Auto
  6. IMPORTANT: Make sure Proxy status is set to “DNS only” (gray cloud)
  7. Click “Save”

Cloudflare will return ‘Code: 1004’ errors when adding DKIM records if the proxy is enabled. Always set the proxy status to “DNS only” for these records.

6

Add DMARC Record (Optional but Recommended)

  1. Click “Add record”
  2. Select “TXT” from the Type dropdown
  3. For the Name field, enter _dmarc
  4. For the Content field, enter v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com (replace yourdomain.com with your actual domain)
  5. Set TTL to Auto
  6. Ensure Proxy status is set to “DNS only” (gray cloud)
  7. Click “Save”

7

Verify DNS Records in Brew

  1. Return to your Brew dashboard
  2. Click the “Verify Records” button at the bottom of the DNS Records page
  3. Wait for the verification process to complete

DNS changes in Cloudflare typically propagate quickly, but can still take up to 30 minutes. If verification fails initially, wait and try again.

Common Issues with Cloudflare DNS Setup

Cloudflare-Specific Tips

Always Use DNS Only

For all email-related DNS records (MX, TXT for SPF/DMARC, CNAME for DKIM), always set the proxy to “DNS Only” (gray cloud). Proxying these records will cause email authentication to fail.

Check Page Rules

If you have Page Rules set up, ensure they don’t interfere with your email subdomain. Review your rules if you experience persistent verification issues.

Use Email Routing with Care

If you use Cloudflare’s Email Routing feature, be aware that it may interfere with custom MX records. Consider using a different subdomain for Brew.

Consider TTL Settings

While “Auto” TTL works fine for most cases, if you’re troubleshooting, you can try setting a shorter TTL (like 300 seconds) to speed up propagation during testing.

Need support?

We’re here to help!

Scheduled support

Book a call with the founders — we have time slots open most days

We’re more than happy to help you set up your DNS records. Ping us on Slack (we should have connected with you by now) or through one of the mechanisms above.