
Hijacking DNS with GitHub and Cloudflare - menduz
https://menduz.com/posts/2020.04.08
======
xxdesmus
Hi, I'm the Head of Trust & Safety at Cloudflare. I'd be happy to discuss the
specifics of your domain's DNS settings that lead to this if you'd like to
email me -- justinATcloudflareDOTcom

This general issue though is addressed here:
[https://support.cloudflare.com/hc/en-
us/articles/200168876-E...](https://support.cloudflare.com/hc/en-
us/articles/200168876-Email-undeliverable-when-using-Cloudflare)

Specifically: "Having an MX record for a root domain proxied through
Cloudflare will reveal your origin web server’s IP address to potential
attackers. See Why do I have a dc-######### subdomain? for further details."

This support document links to the following other support article on this
topic: [https://support.cloudflare.com/hc/en-
us/articles/36002029651...](https://support.cloudflare.com/hc/en-
us/articles/360020296512#h_84167303211544035341530)

This article includes the following quote: "If your mail server resides on the
same IP as your web server, your MX record will expose your origin IP
address."

