mail2dns
    Latest v1.0.0

Set up Microsoft Outlook DNS on Cloudflare

outlook logo
+
cloudflare logo

This guide shows how to configure DNS records for Microsoft Outlook on Cloudflare, including SPF, DKIM, DMARC, MX, and domain verification records. The fastest way to do this is with the mail2dns CLI, which automatically creates all required records for your domain in seconds.

Setup

If needed, install mail2dns before following the below steps:

npm i -g mail2dns
Copied
Interactive Prompts
Environment Variables
Flags

That's it! After running the setup command, the required DNS records will be created for your domain at Cloudflare to work with Microsoft Outlook.

Optional Flags

-o --no-mx Skip MX records (set up DNS for outbound email only) -y --yes Skip confirmation prompts (the command will error if any required inputs are missing) --allow-insecure-flags Allow secrets to be passed via command-line flags (not recommended) -d --dry-run Show records that would be created without applying them

DNS records required for Microsoft Outlook

Microsoft Outlook requires the following DNS records to send and receive email from your domain. These are created automatically by the mail2dns setup command:

TXT Record

@{VERIFY_TXT}

MX Record

@{DOMAIN_DASHES}.mail.protection.outlook.com

TXT Record

@v=spf1 include:spf.protection.outlook.com -all

TXT Record

_dmarcv=DMARC1; p=none;

CNAME Record

autodiscoverautodiscover.outlook.com

CNAME Record

selector1._domainkey{DKIM_SELECTOR1_TARGET}

CNAME Record

selector2._domainkey{DKIM_SELECTOR2_TARGET}

If any of these records are missing or incorrect, email delivery may fail or messages may be more likely to be marked as spam.

Protecting Secrets

When running the mail2dns setup command, if you provide credentials via flags these will be visible in your shell history and process list. To avoid this, you can provide credentials via environment variables or interactively. If you understand the risks and still want to provide credentials via flags, you should take steps to ensure that the input is not saved in shell history, and avoid running it on a shared or public machine.

By default, the setup command will error if you provide secrets via flags: to enable them you must opt in by passing the --allow-insecure-flags option, or setting M2D_ALLOW_INSECURE_FLAGS=true environment variable.

Non-interactive mode

You may wish to run the mail2dns setup command without any confirmation prompts (by default, mail2dns asks you to confirm the DNS records it creates before applying them). To do this, use the ‑‑yes or ‑y flag with the setup command. Be sure to review the DNS records that will be created before running the command with this flag, as it will apply all changes without confirmation.

Any mix of flags and environment variables may be used to provide the required values. By default any missing values will be prompted for, or in non-interactive mode the command will produce an error if there are missing required values.

Related Setups

For Microsoft Outlook

For Cloudflare