How to secure your custom website, and domain email services for free using Cloudflare

You want a custom domain for your website and email, but you don’t want to pay someone to manage your email security?

Email security is important to protect your organization from phishing attacks and email fraud. There are several email security features that you can enable for your custom domain, including DNSSEC, SPF, DKIM, and DMARC. DNSSEC is a security protocol that authenticates DNS data and can help prevent DNS spoofing attacks. SPF is a security protocol that helps to prevent email spoofing by verifying that email messages come from authorized senders. DKIM is a security protocol that uses digital signatures to verify the authenticity of email messages. DMARC is a security protocol that helps to prevent email spoofing by verifying the alignment of SPF and DKIM policies. Enabling these email security features for your custom domain can help to protect you from email fraud and phishing attacks. As well as make sure that your legitimate email is not marked as spam.

Table of Contents

Preparation

Sign up for a free gmail.com account. has the best deliverability, and spam filters in my experience. I’d recommend signing up for cloudflare.com as well. They have the lowest cost domain registration as well. $8/year. They have a really good account for everything else. They can help you set up the below domain, and email settings:

  • DNSSEC
  • SPF
  • DKIM
  • DMARC
  • Email forwarding to your gmail account.

Steps

  1. Sign up for gmail.com, protonmail.com, or your own mail server.
  2. Sign up for cloudlfare.com
  3. Register your domain with cloudflare
  4. Add your website to cloudflare
  5. Configure DNSEC, DKIM, SPF, and DMARC with cloudflare.
    1. DNSEC is easy if domain is registered with cloudflare.
    2. DKIM
    3. SPF (make sure to include in your SPF) support.google.com/googl…
    4. DMARC
  6. Set up email forwarding in cloudflare to your gmail account
  7. Set up “send as” address in Gmail
  8. Test
    1. Test sending and receiving email with your custom domain through your gmail account.
    2. Test email deliverability score at www.mail-tester.com/

More reading

help.17hats.com/en/artic…

dmarcly.com/blog/how-to-…

No tags for this post.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.