How to secure your custom website, and domain email services for free using Cloudflare

Posted on by Jeffrey Hein

You want a custom domain for your website and email, but you don’t want to pay someone to manage your email security?

Preparation:

  1. Sign up for a free Gmail.com account
  2. Sign up for Cloudflare.com

Steps:

  1. Register your domain with Cloudflare
  2. Add your website to Cloudflare
  3. Configure DNSEC, SPF, DKIM, and DMARC with Cloudflare
    • DNSEC is easy if your domain is registered with Cloudflare
    • Configure SPF to include Google (support.google.com/googl…), and your own website IP address.
    • Set up DKIM
    • Set up DMARC
  4. Set up email forwarding in Cloudflare to your Gmail account
  5. Set up “send as” address in Gmail
  6. Test sending and receiving email with your custom domain through your Gmail account
  7. Check your email deliverability score at mail-tester.com

More Reading:

Note: This guide assumes that you have already signed up for a Gmail account and Cloudflare account.

Email security is important to protect your organization from phishing attacks and email fraud. There are several email security features that you can enable for your custom domain, including DNSSEC, SPF, DKIM, and DMARC. DNSSEC is a security protocol that authenticates DNS data and can help prevent DNS spoofing attacks. SPF is a security protocol that helps to prevent email spoofing by verifying that email messages come from authorized senders. DKIM is a security protocol that uses digital signatures to verify the authenticity of email messages. DMARC is a security protocol that helps to prevent email spoofing by verifying the alignment of SPF and DKIM policies. Enabling these email security features for your custom domain can help to protect you from email fraud and phishing attacks. As well as make sure that your legitimate email is not marked as spam.

Preparation

Sign up for a free gmail.com account. Google has the best deliverability, and spam filters in my experience. I’d recommend signing up for cloudflare.com as well. They have the lowest cost domain registration as well. $8/year. They have a really good free account for everything else. They can help you set up the below domain, and email settings:

  • DNSSEC
  • SPF
  • DKIM
  • DMARC
  • Email forwarding to your gmail account.

Steps

  1. Sign up for gmail.com, protonmail.com, or your own mail server.
  2. Sign up for cloudlfare.com
  3. Register your domain with cloudflare
  4. Add your website to cloudflare
  5. Configure DNSEC, DKIM, SPF, and DMARC with cloudflare.
    1. DNSEC is easy if domain is registered with cloudflare.
    2. DKIM
    3. SPF (make sure to include google in your SPF) support.google.com/googl…
    4. DMARC
  6. Set up email forwarding in cloudflare to your gmail account
  7. Set up “send as” address in Gmail
  8. Test
    1. Test sending and receiving email with your custom domain through your gmail account.
    2. Test email deliverability score at www.mail-tester.com/

More reading

help.17hats.com/en/artic…

dmarcly.com/blog/how-to-…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.