Emails suddenly stopped working after enabling Cloudflare, even though the server was stable. Here’s what actually caused it — and how we fixed it step by step.
Table of Contents
This is a real-world case where a client experienced:
- SMTP timeouts
- Thunderbird connection failures
- Forced fallback to Gmail
At first, it looked like a mail server issue.
But it wasn’t.
The Real Problem (Not What You Think)
After stabilizing the server and enabling Cloudflare, everything seemed fine — until email stopped working.
The key issue:
The server was working perfectly. The problem was how the mail server was being accessed.
Why Email Stops Working After Enabling Cloudflare
Email stops working after enabling Cloudflare because Cloudflare only proxies HTTP/HTTPS traffic and does not support SMTP, IMAP, or POP connections.
If your email client connects using the root domain instead of a dedicated mail hostname, it will result in:
- Connection timeouts
- SSL errors
- Authentication failures
What Happened in This Case
1. Cloudflare Was Enabled on the Root Domain
The domain: boomgos.com was routed through Cloudflare. This is correct for websites — but not for email.
2. Email Clients Were Connecting Incorrectly
Some connections were still attempting to use: boomgos.com
Instead of: mail.boomgos.com
👉 Result: Timeouts
3. Switching to Correct Hostname Revealed Another Issue
After switching to: mail.boomgos.com
The connection worked — but showed: ⚠️ “Certificate not trusted”
The Hidden Root Cause
The mail server was running, but it was using:
- Expired certificate
- Self-signed certificate
- Wrong hostname
This caused email clients like Thunderbird to reject the connection.
The Fix (Step-by-Step)
âś… Step 1: Use Correct Mail Hostname
All email apps must use: mail.boomgos.com
âś… Step 2: Create Dedicated SSL for Mail
Instead of relying on the main domain certificate, a separate SSL was created specifically for: mail.boomgos.com
âś… Step 3: Apply SSL to Mail Services
Mail services (Exim + Dovecot) were updated to use the correct certificate: fullchain.pem, privkey.pem
âś… Step 4: Restart Mail Services
systemctl restart exim4
systemctl restart dovecot
âś… Step 5: Verify the Fix
openssl s_client -connect mail.boomgos.com:587 -starttls smtp
Expected result:
CN = mail.boomgos.com
Issuer = Let's Encrypt
Final Result
After applying the fix:
- Emails sending normally
- No SSL warnings
- No connection timeouts
- Stable server performance
Key Takeaways
If you’re using Cloudflare with a VPS:
👉 Always separate traffic properly:
- Web traffic → Cloudflare
- Mail traffic → Direct connection
And remember:
đź”´ Web SSL does NOT automatically apply to mail services.
Need Help Fixing This Fast?
If your server is experiencing:
- Email sending failures
- SMTP timeouts
- 502 / 504 errors
- High CPU or database spikes
These issues are often connected — not isolated.
I specialize in diagnosing and fixing these problems quickly and properly.
Conclusion
This wasn’t a mail server failure.
It was a routing + SSL mismatch caused by Cloudflare setup.
Once you understand how traffic flows, these issues become easy to fix — but hard to diagnose if you don’t know where to look.
