Cloudflare Email Routing Broken

TL;DR: Cloudflare email routing and support sucks, move your email forwarding to ImprovMX.


One of the problems with hosting your website on a service like DigitalOcean is the fact that they don’t offer email. If you want an email address associated with your domain you had to go elsewhere. For many years that was not a problem you could get a free Google Workspace account and have all the email accounts you needed, and then of course Google stopped allowing free Workspace accounts. But there were other options. Mailgun worked well for awhile, they they stopped offering the email forwarding service. Not long after Mailgun stopped letting people route email through them Cloudflare came out with Email Routing.

Cloudflare Email Routing seemed perfect! You could easily setup the DNS records on your Cloudflare dashboard, setup email addresses to forward that email to and it meant you did not need another service to manage your email routing. It seemed perfect, until it wasn’t. I was happy to move the email routing for lgr.ca to Cloudflare, until roughly two weeks ago when I discovered all email sent to my lgr.ca email addresses was being rejected by Gmail.

The specific error I could find in the Cloudflare Email Routing log was:

521 5.3.0 Upstream error, please check https://developers.cloudflare.com/email-routing/postmaster for possible reasons why.

Cloudflare Community Support

Searching Cloudflare Community support shows 26 results for 521 5.3.0 Upstream error. I went through all 26 of those posts looking for an answer. The common theme in the majority of those posts is there is no fix for this. There were four posts that had slightly more information or possible fixes.

Turn it off and on again fix
I kid you not. This fix could be straight out of the IT Crowd. Here is the short version.

I’ve disabled routing, including clearing MX records. I waited a few minutes, reactivated it and it worked.

In any case, I would like to know what happened so that it happens again.

Thank you all.

I tried this for my domain and had no luck. All emails continued to fail with the 521 error.

Emails being rejected with valid domain (google dot com)
This community post suggests that this is a problem specifically with Google (Gmail). It might be, I tried routing email to another email address that was not Gmail and it also failed. I do not have an Outlook email address and well, I could not be bothered to set one up to test. Even if it works with an Outlook email address this is not really a fix, it is merely an attempt to work around the problem that exists. If the problem is Google (Gmail) perhaps Cloudflare needs to work with them to find a way to make it work. After all how many people use Gmail as their primary email provider?

Emails bouncing when using Cloudflare Email forwarding
This is by far the most common type of community support post I found on my search. Simply, Cloudflare email routing does not work, and there is no reply from Cloudflare that will make it work. There is one more reply that I will touch on from the Community support board but it relates to what I did next.

Cloudflare Support Ticket

The lgr.ca domain having this problem is on a Cloudflare Pro plan and I get ticket support I thought I would just put in a support ticket. In the past Cloudflare ticket support has been helpful and usually pretty quick. I thought adding a support ticket surely I would get some help so I put in a ticket and wait for a reply. There were other issues along the way waiting for a reply, but here is the short version of my support ticket.

Ticket was submitted on February 28th, 2023. I did not get a reply from any one at Cloudflare support until March 10th. Now I understand that Pro plan customers don’t get priority support, but 10 days to even reply. The 10 day wait aside, surely the support ticket response would have a fix for my problem. Sadly, it did not. In fact this brings me back to the other community support post that I left out above. First here is the support ticket reply.

Hi there,

Apologies for the delay in getting back to you.

The below community thread may be useful to resolve the issue you are facing.
https://community.cloudflare.com/t/email-routing-521-5-3-0-upstream-error/422198

I hope this helps. Please let us know if you have any further questions or issues by replying to this e-mail or ticket.

Kind regards,

Think about this, the Cloudflare support solution is to send me to a community support post that first is not even from an official Cloudflare support person that says:

Turn off the sender verification in your destination mailserver for any forwarded recipient domains.

First off, how is that even a fix? It does not say how to turn off sender verification on any mail servers. It does not link to any other information about how to do this. This might be helpful for people that run their own mail servers, although it sounds more like a spam nightmare if you turn off sender verification on your email server. Google searching for how to turn off sender verification on a Gmail account shows very little helpful results. This apparently is the best reply that Cloudflare support can send to a customer after waiting 10 days for a reply. To say I was unimpressed being nice.

My ticket is still open. I replied the same day I got that reply. It has now been 18 days since my ticket was opened and it sits there, apparently being ignored by Cloudflare support with no further replies from them.

Cloudflare Email Routing Fix

The only fix that appears to work for Cloudflare email routing not working is simply to leave Cloudflare email routing. I had to move my email routing for this domain to ImprovMX and I highly recommend them so far. Looking at the logs of my forwarded email on ImprovMX also tells me that the suggested fix of turning off sender verification on Gmail is not the solution. The ImprovMX logs show that sender verification is still happening on Gmail and many spam emails are being prevented from showing up in my inbox. If I had gone ahead and actually found a way to turn off sender verification on my Gmail account I can only imagine the spam that I would have opened my inbox up to.

Closing Thoughts

Cloudflare has really dropped the ball on this. Email routing is a product many people need and it is convenient that Cloudflare offers it, but here is the most important thing. IT NEEDS TO WORK! With no answers on the Community support section being the norm to this issue and support tickets taking 10 plus days before being replied to with no real solutions it is no surprise that there are people that leave Cloudflare completely. When the best answer support can give is to pass the buck to the forwarding email server and it can be clearly shown using another service that is not the case Cloudflare needs to step up their support of this product OR retire it because their lousy support when it does not work just makes them look dumb.

In short you need to do better Cloudflare.

10 Session Recording and Heatmap Tools

Radiator Springs Racers

I just recently got back from Disneyland with my family and if there is one thing Disneyland does well it is managing crowds and people in the parks and rides. I am sure Disney does a great deal of testing to discover how best to manage the people and crowds at their parks and that testing pays off with people often not minding lining up for over an hour for some rides like Radiator Springs Racers. What do Disneyland rides and your website have in common? Well, like Disney, you can do user testing on your website and learn how to best help your visitors perform the actions that you want them to take on your website.

You no longer need to have a budget of thousands of dollars to find out if users are doing what you want them to be doing on your website. With the use of heatmaps, user session recording and even live sessions website owners can discover quickly and easily how users are using or perhaps not using their website. The best part is you can get basic usage of some of these services for free, so there is no reason to not do some basic testing of your website.

I have not personally tried all of these tools so if you have any opinions on them and how they work feel free to leave a comment.

Inspectlet

I currently have an account at Inspectlet and I am pleased with it. It particularly like the session recording to see what people are doing on my sites. They offer a free plan for up to one website and 100 recorded sessions. The paid plans start at $39.00/month for one website.

Crazy Egg

Crazy Egg was one of the first heatmap tools I used and I still have my account there. While it seems a little dated now since they do not offer session recording only heatmaps I still find it useful to use especially on sites where you just want to see where people are clicking. They offer free trials but no free plans anymore. Paid plans start at $9.00/month if paid annually for up to 10,000 tracking up to 10 pages.

MouseStats

With MouseStats you get session recording, heatmaps and some additional features like small surveys and form analytics. They offer a free plan with limits of 100 heatmaps, session recordings and form analytics. Paid plans start at $16/month. You can save some money if you go for an annual plan.

Decibel Insight

Decibel Insight offers heatmaps, session recording, form analytics, behavioral alerts and even error reporting. They offer a limited free account with 5,000 pageviews per month basic heatmaps and 50 session recordings. Paid plans start at $80.00/month if paid annually with 50,000 pageviews per month.

Mouseflow

Offering heatmaps and session recording Mouseflow also offers a limited free plan with 100
recorded sessions for 1 domain. If you need more or want the full version paid plans start at $19.00/month for 1,000 recorded sessions on one website.

Nirror

Nirror is a little different than the other services. It offers session recording and live support so you can interact with visitors in real time. The website mentions a free plan, but I could not find the details of the free plan only a free trial. Paid plans start at 12€/month with up to 1,000 visits per week for one domain and with one agent account.

Not an official video and really fuzzy but it gets the point across.

SessionCam

Along with session recording and heatmaps you also get form analytics with SessionCam. You can sign up for a free account and get full access to all areas of SessionCam and 500 free recorded pages per month. Paid plans start at $10.00/month for 1,000 recorded pages per month on one domain.

Statvoo

Statvoo is a little different as well and seems to offer a large set of features. Like many of the other services you get session recording but they also offer the ability to chat with site visitors. They do offer a free plan but paid plans are on a per site basis with no base price. That suggests to me they are expensive, but I might have to actually try them out to find out.

Could not find a video, so if I do try them I will look at recording one to add here.

LightedPages

From what I can tell you only get heatmaps, but the service is free with no listing if paid plans or options on the website. Perhaps I just missed it, but if you want a free heatmap service this might be your best option. Could not find a video for them but if you visit their website they do offer a decent demo you can try to see how the service works.

SimpleHeatMaps

Still in private beta and offering free access until it is out of beta. Looks like pricing starts at $5.00/month for one website. Looks like they offer session recording and heatmaps, despite the name just being about heatmaps. Could not find a video demo of the service.


Well there you have it 10 heatmap and session recording services. You have no excuse not to test your website and find out what your users are doing and how you can improve things. You might be surprised by what you learn and what you might want to change.

If you would like a hand setting up some heatmap and session recording drop me a message and I will be glad to help you start testing your website to help improve your website for your visitors.

Website Backup

A random photo from Unsplash that has nothing to do with this post but I liked it.
A random photo from Unsplash that has nothing to do with this post but I liked it.

I published a post yesterday over on Cloud Storage Buzz listing 10 ways to backup your website to the cloud. There are a lot of services out there that can help you protect your website and while many of the services I mentioned at Cloud Storage Buzz will help you keep a regular backup of your website I wanted to give you the TL:DR version here.

CodeGuard
If you just want an automated backup of your website files and databases these service is great. They are like the Backblaze of website backup, not only is the backup setup easy but more importantly restoring your website is easy.

Sucuri
Fantastic service and the only one I recommend if you need malware clean up on your website. They do a great job.

VaultPress
If you only use WordPress for your website and want to make absolutely sure it is backed up, get Vaultpress. That is all you need to know.

Go backup your website!

World Backup Day 2014

World Backup Day

Today, March 31st, is World Backup Day and I want to remind you to make sure you have a backup of your data. If you do already have a backup you need to make sure that backup is working and you can successfully restore data from your backup.

What should you be backing up?

Desktop and Laptop Computers
The most obvious answer of what you should be backing up is your desktop and laptop computers. You do your work on them, store your precious photos and home videos on them and they are all prone to hard drive failure or even virus threats like cyberlocker. You should have a local backup and one stored off site. There are many ways to create a local backup. Windows and Macs ship with backup software built in.

Off site backup can be easily done with cloud backup software like Backblaze, Carbonite, SpiderOak, and CrashPlan to name a few. Some software can even create and manage both your local and cloud backup at the same time. SpiderOak, CrashPlan, Zoolz and SOS Online Backup all come to mind. I can go one at length about them all, and do at Cloud Storage Buzz.

Your Smartphone and Tablet
Have you ever backed up your smartphone or tablet? For most people your smartphone has become your camera and video recorder. Backing up those photos and videos in the case you lose your device or it is destroyed is just as important as your desktop or laptop. There are many apps that will automatically copy your photos and videos from your smartphone or tablet to the cloud or your own computer. Some of my favourite apps to do this on both Android and iOS are Google+, Dropbox and Bittorrent Sync. If you already use a cloud backup service they might also offer an app that can backup your smartphone to your existing cloud backup. Carbonite and SOS Online Backup come to mind but there are others.

Your Website
Odds are if you read my blog or follow me on social media you probably have a website and obviously you need to make sure you have backup copies of your website files and databases. Many a great website has been taken offline for long periods of time because backups were not available. Depending on your website and your web host you might have several different options for backing up your website.

If your website is hosted on a web host that uses cPanel, it is pretty easy to manually login to your cPanel web hosting control panel and create a manual backup and download it. The downside of using the cPanel backup is it is a manual process that you need to remember to do. There are ways to automate your cPanel backup but that can get pretty complicated. Thankfully there are other easier options to backup your website.

One way is to sign up for Sucuri. Sucuri offers website malware monitoring and clean up. They are a a fantastic service that can help clean up your website in the event is has been compromised by malware. One of the additional services they offer is website backup. I have several clients that use Sucuri and it is an excellent service so far.

You can also take a look at Mover.io. They offer the ability to move files easily between cloud services. You can set it up to copy your website files and databases from your web host to your favourite cloud service. I have not done a great deal with them yet but the service does look promising.

Another way of making sure your website files and databases are protected are by signing up for a web host that does it automatically for you already. While I would recommend not relying solely on your web host backup it can be a great help if you need it. One of the web hosts I have been impressed with regarding backups is WPEngine. They make it easy to create backup points and to download them. Some hosts say they make backups but you do not have easy access to downloading them or restoring them.

If you use WordPress for your website there are also a number of plugins and other options available to regularly backup your database and files within WordPress. At the very least you can regularly export all of your content using the WordPress export tool.

Your Google Services
An area many people over look when they think about backup is backing up your Google services. I use many of Google’s services and I would be lost without having access to my GMail, Calendar and Drive files. While I do have a local copy of all my Google Drive files, I don’t use a desktop email or calendar program so my only copies of my GMail and Calendar are with Google. Thankfully you can backup your Google services with other cloud services. Two I have used are Spanning and Spinbackup. Both are good. Spanning can also backup Saleforce (if your company uses that) while Spinbackup can backup your Google+ photos.

Backing Up Is Easy!

Backing up your data has gotten much easier over the years I have been using computers. The tedious task of creating a backup to floppy disks (remember those) are long gone. There is simply no reason not to setup an automatic backup of your data any more. You will be thankful that you did when your hard drive dies and you still have access to your photos of your kids first steps, or first school play. I have seen far to many people lose all of their files, photos, and important work data, please don’t become one of them.

BACKUP YOUR DATA!

Use CloudFlare Page Rules to Protect WordPress from Brute Force Attacks

I have talked about CloudFlare before and there are many reasons why you should use them, from helping to speed up your website to making it easy to monetize your website using Viglink. If none of those reasons convinced you why you should use CloudFlare perhaps this one reason alone will help convince you. You can use CloudFlare page rules to protect your WordPress powered website!

One of the great things CloudFlare has introduced is page rules. You can define a page rule to have different rules from the rest of your website. To help protect your WordPress website from a brute force attack, where usually an automated bot, hits your wp-login.php page again and again and again trying to get entry you can simply create a page rule in CloudFlare to protect the page. This can slow and often stop the brute force attack because the bots will either be stopped dead by the CloudFlare check or slow them down so much that it will take them much longer to actually try to login.

Free accounts with CloudFlare only get three page rules, and you will need two of them to protect your wp-login file. You might be able to get this down to one if you do some .htaccess redirects but to keep it simple lets stick with the two CloudFlare page rules. The two page rule URL patterns I have been using for the WordPress login page are:

example.com/wp-login.*
*.example.com/wp-login.*

You have to enter each one separately but it is much easier than trying to do this through .htaccess. The important part after you have added a page rule URL match is in your rules make sure you turn the Security and Browser Integrity to ON and set the Security Level to Help, I’m Under Attack.

cloudflare-page-rules

This will cause CloudFlare to closely inspect every visit to your wp-login.php page. This will also slow you down when you go to login to your website unless you whitelist your IP address with CloudFlare. Then you will bypass this and be sent straight to the login.

cloudflare-wp-login

This will not totally protect your WordPress website but it will provide an extra layer of protection from brute force attacks. It is still important to use strong passwords, keep your WordPress install up to date and you can try some plugins that limit the number of login attempts.

High Resolution QR Codes

I decided a little while ago to attend Affiliate Summit in Las Vegas in January 2012. For the conference I needed some business cards and wanted to add a QR Code to the card to make it easy to contact me by scanning the code. The problem is most of the QR code generators that you find out on the Internet only generate a low resolution QR code that goes all blurry when you try to print them.

Thankfully doing a Google search for lead me to the QReate & Track QR Code Generator. They allow you to create high resolution QR codes for free if you do one at a time. If you need to do bulk QR code generation you would have to sign up and pay.

For my limited use all I needed was to create a couple of high resolution QR codes for printing on my business card. I used the web address generator since I wanted to allow people to come here to my website and visit either my contact page or a new tweet me page that allows people to send me a tweet easily. The generator allows you to create QR codes of more than just URL’s including email addresses, business card information, event information and more. You can choose the colour and then just have to download your high resolution QR code.

I just got my business cards and the codes work great. The colour is a little off from what I wanted but that is my own fault. Silly me for forgetting that RGB and CMYK print different. If I need to get more cards printed I will have to remember that.

Review Dropbox

Over two years ago I signed up with Dropbox and wrote a quick little review of it. Since then I have gotten constant comments on that post of people wanting to increase their Dropbox referral space by leaving their Dropbox referral code. At one point it got so bad I just finally turned off comments on the post and the flood stopped.

It would not have been so bad if people had actually left a short review of what they liked or did not like about Dropbox, but often it was just a short blurb like:

Sign up with my code and get extra space!

Well, last week I had an idea so I took a couple hours and created Review Dropbox. It simply is a place where people that are interested in Dropbox can come and read reviews by other Dropbox users.

Current Dropbox users can leave a short review of the service and in return their referral code is placed in a referral lottery and when someone clicks through to Dropbox one of the referral codes are used.

The site has already started to get some visitors and clicks through to Dropbox. If you are a Dropbox user already come and leave a review and your link. If you don’t use Dropbox come and read some of the review and click through to get and extra 250mb of space free. At the very least you can use your Dropbox account to help backup your blog.

SEO Site Tools

I realized that I have taken quite a break from updating my blog and thought I should get back into writing here more often. A lot has happened since I have been updating here regularly. Many of you have discovered how much better using Google Chrome is as a web browser. I was reluctant to switch to Chrome after it first came out, mainly because some of the extensions I loved in Firefox simply were not available for Chrome.

One of the Firefox addons I used regularly was SEO for Firefox and I still will start up Firefox for that alone, but I have discovered (well many months ago already) the SEO Site Tools extension for Google Chrome and it is one of the best tools I have come across.

Not only can you get some great information about a site while you are browsing it, the best part of SEO Site Tools is how it integrates with Google Webmaster Tools and Google Analytics. With the SEO Site Tools Google Chrome extension Google Webmaster Tools has become even more useful. My favourite is how it adds the links from the Webmaster Tools Search Queries page to Google Insight for Search. This one feature alone has helped me come up with new ideas for keywords for websites and helped tremendously to to help target existing keywords.

If you do SEO for your website at all and want to improve and make your SEO work more focused try the SEO Site Tools extension for Chrome. It has become a tool I use everyday.

A video overview of SEO Site Tools.

WordPress CSVPig Plugin

One of the tasks I have been doing regularly lately is converting older static HTML websites into WordPress websites. For smaller websites it is not difficult to copy and paste the data into the new WordPress site. The problem is, what do you do with a larger website of a few hundred to a few thousand pages? The very thought of copying and pasting that many pages from plain HTML into WordPress does not thrill me to say the least. Thankfully I have come across the BlogPig CSVPig Import plugin.

BlogPig makes several WordPress automation plugins, some of which could be seen as more on the darker side of blogging, but CSVPig is a tool that is badly needed to help import data into WordPress. It does pretty much exactly what you would expect it to do, it imports a CSV file into WordPress.

You can choose to create post or pages, create different templates depending on what you are importing and even schedule the posts to be published at some future date.

Now, you might be wondering how I use BlogPig CSVPig to import static HTML files, well it is pretty easy actually. I wrote a PHP script that takes a list of URL’s processes the page and saves the content into a CSV file. It helps that I created many of the sites that I am converting so I can make sure the HTML structure is consistent. I won’t post my script because there is a potential to use it to scrape a site.

You can also use BlogPig CSVPig for creating many other sites. I have seen it used to create affiliate based sites using merchants datafeeds. You could use it to create your own store or even to manage your own website using a spreadsheet if you are more comfortable using spreadsheet software.

For now I have found BlogPig CSVPig very useful to help clients transition from basic HTML based websites to a WordPress powered site where they have more control over their website and information.