Catch-all report

Is cloudflare.com a catch-all domain?

This report shows the mail configuration for cloudflare.com and runs a live catch-all probe. A catch-all (accept-all) domain accepts mail for every address, which makes verifying individual cloudflare.com mailboxes less certain.

Test a domain for catch-all

This opens one SMTP conversation with the domain's mail server and asks whether a random mailbox is accepted. Many networks block outbound port 25, so a single check can be inconclusive.

Catch-all domains need smarter verification

On a catch-all domain, the server accepts everything, so SMTP alone cannot tell a real mailbox from a typo. Verifly combines multiple signals and flags catch-all addresses so you can decide how to send.

Verify a whole list with 100 free credits

Mail configuration for cloudflare.com

cloudflare.com accepts mail through 4 MX hosts.

PriorityMail server (MX)
5mxb-canary.global.inbound.cf-emailsecurity.net
5mxa-canary.global.inbound.cf-emailsecurity.net
10mxa.global.inbound.cf-emailsecurity.net
10mxb.global.inbound.cf-emailsecurity.net

What catch-all means for cloudflare.com

When a domain is catch-all, its server returns a 250 OK for any recipient — ceo@cloudflare.com, sales@cloudflare.com, or pure gibberish alike. That is convenient for the domain owner (typos still arrive) but it removes the signal a verifier relies on: acceptance no longer proves the mailbox exists.

The right way to treat a catch-all cloudflare.com address is as a middle tier — riskier than a confirmed mailbox, safer than a hard-invalid or disposable one. Verifly returns a dedicated is_catch_all flag so you can decide how aggressively to send instead of guessing.

FAQ — cloudflare.com catch-all & verification

Is cloudflare.com a catch-all domain?
A domain is catch-all when its mail server accepts mail for any address, including ones that do not exist. Run the live probe above to test cloudflare.com right now — it opens one SMTP conversation and asks the server whether a random, non-existent mailbox is accepted.
What are the MX records for cloudflare.com?
cloudflare.com routes mail through: mxb-canary.global.inbound.cf-emailsecurity.net, mxa-canary.global.inbound.cf-emailsecurity.net, mxa.global.inbound.cf-emailsecurity.net, mxb.global.inbound.cf-emailsecurity.net.
Why does catch-all matter when verifying cloudflare.com addresses?
On a catch-all domain an SMTP accept does not prove a specific mailbox exists — the server says yes to everything. So a verifier cannot promote a catch-all address to "valid" on acceptance alone; it should flag it separately, which Verifly does.
How do I verify cloudflare.com emails in bulk?
Use the Verifly API: GET https://verifly.email/api/v1/verify?email=name@cloudflare.com with a Bearer key returns a dedicated catch-all flag alongside syntax, MX, disposable and role signals. 100 free credits, no monthly fee.

Verify cloudflare.com emails at scale

The Verifly API returns catch-all, disposable, role and SMTP signals in one call — pay-as-you-go, 100 free credits, no monthly fee.