How to set up DNS records with Cloudflare

If you own a domain — for example, mydomain.com — ProtonMail allows you to create a custom email address that uses your domain name instead of the regular @protonmail.com, @protonmail.ch, or @pm.me. 

To set up a custom domain email address with Cloudflare and use it to exchange emails, you need to change your domain DNS records.

If you are interested in other domain registers, you can read our guides for Amazon Web Services, GoDaddy, Namecheap, OVH, Gandi, and Google Domains.

If you own a domain from a different registrar, set your custom email address with the help of our guides for DNS records setup and anti-spoofing measures (SPF, DKIM, and DMARC).

Add your custom domain in ProtonMail

1. Log into your ProtonMail account at mail.protonmail.com and go to Settings -> Domains.

2. Click on “Add Custom Domain”. This will take you to step 1 of the setup wizard.

3. Type in your domain name and click “Next”.

4. Enter your ProtonMail password (and 2FA code, if enabled) and click “Submit”.

Verify that you own the domain

1. Log in to your Cloudflare account and select the domain you would like to use.

2. Select the DNS tab and Add record. Enter the following values:

Type: TXT
Name: @
(If the @ value is not accepted, enter your domain instead)
Content:
Go back to the ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Content field.
TTL:
Select a low value to update your DNS record faster.

3. Save and go back to the ProtonMail setup window and Verify your domain.

Please note that you may have to wait up to 24 before you can move on to the next step.

Create MX records in Cloudflare

1. Similar to the steps above, select the DNS option for the domain you would like to use.

2. Add record and then, enter and save the following values:

Type: MX
Name: @ (If the @ value is not accepted, enter your domain instead)
Mail server: mail.protonmail.ch
TTL: Select a low value to update your DNS records faster.
Priority: 10

3. Create a second MX record using these values:

Type: MX
Name: @ (If the @ value is not accepted, enter your domain instead)
Mail server: mailsec.protonmail.ch
TTL: Select a low value to update your DNS records faster.
Priority: 20

Create SPF, DKIM, and DMARC records

For security reasons, we recommend adding SPF and DKIM records. Setting up DMARC is an optional, advanced feature.

Read more about SPF, DKIM, and DMARC

SPF and DMARC records are set up similarly to TXT records.

1. Similar to the steps above, select the DNS option for the domain you would like to use.

2. To create the SPF record, Add record. Enter and save these values:

Type: TXT
Name: @ (If the @ value isn’t accepted, enter your domain instead)
TTL: Select a low value to update your DNS record faster.
Content: Go back to the SPF section in ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Content field.

3. To create the DKIM record, repeat the steps and enter these values:

Type: CNAME
Name: protonmail._domainkey
Target: Go back to the DKIM section in ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Content field.
TTL: Select a low value to update your DNS record faster.
Proxy status: DNS only
Note: Please make sure you select the “DNS only” option from the Proxy status menu. Otherwise, the record will not propagate.

To add a second and third DKIM record, repeat these steps with the appropriate record names “protonmail2._domainkey” and “protonmail3._domainkey”.

4. To create the DMARC record, repeat the steps as shown below.

Type: TXT
Name: _dmarc
TTL: Select a low value to update your DNS record faster.
Content: Go back to the DMARC section in ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Content field.

Choose your email address

Add your new address in the ProtonMail window by choosing your username, the display name, and your email signature.

You should now be able to use your new custom domain email address.

Post Comment

8 comments

  1. Anonymous

    If I use Protonmail as my only email provider, could I not make this Priority 0 rather than Priority 10? Thanks

  2. ProtonMail Support

    Of course, you can set the priority to 0 if you want, but it won’t make a difference if you only have one MX record set up.

  3. Anonymous

    If i use cloudflare, would it make a difference to the email if i had it routed through cloudflare? I do this now for my domains email. Would it cause issues with proton mail?

  4. ProtonMail Support

    As long as your MX records point to ProtonMail, everything will be fine.

  5. liam holmes

    Hi

    I followed the verification steps in the DNS record-
    However, I am getting the error-

    DNS Validation Error (Code: 1004) Invalid TXT record. Record may only contain printable ASCII

    https://protonmail.com/support/knowledge-base/dns-records-cloudflare/

  6. ProtonMail Support

    Please contact our Support Team: https://protonmail.com/support-form.

  7. liam holmes

    Do we need to delete the MX records of the legacy email system?
    (or can we leave both in place)

    https://protonmail.com/support/knowledge-base/dns-records-cloudflare/

  8. ProtonMail Support

    As long as ProtonMail’s MX records have the highest priority, there should be no issue with having other MX records as well.

Leave a Reply to liam holmes Click here to cancel reply.