5 months ago
I found your existing answer about root CNAME blocking email SPF records and suggesting Cloudflare, but I encountered significant issues when attempting that solution.
The Issue:
- My domain (headsup.bot) points to Railway via CNAME at root (@)
- Cannot add SPF records due to CNAME restriction (as you've documented)
- Business emails from @headsup.bot going to spam without authentication
Attempted Cloudflare Migration (per your recommendation):
1. Added domain to Cloudflare with all DNS records
2. Changed nameservers at Namecheap
3. Result: Complete site outage for hours
- Cloudflare showed "Pending" status
- During pending, Cloudflare returned REFUSED for all DNS queries
- Site showed NXDOMAIN errors globally
- Had to rollback, causing additional hours of propagation issues
- ISPs cached the failed state for 48+ hours
Current Situation:
- Rolled back to Namecheap to restore service
- Still cannot add SPF records
- Email deliverability severely impacted
Questions:
1. Do you have guidance for Cloudflare migration without the "Pending" downtime?
2. Are A/AAAA records on your roadmap as alternative to CNAME?
3. Do other Railway customers have a solution that keeps Namecheap DNS?
4. Would you consider documenting the Cloudflare migration risks/timeline in your docs?
Technical Details:
- Domain: headsup.bot
- Railway URL: gybyvfz1.up.railway.app
- DNS Provider: Namecheap
- Email Provider: Google Workspace
- Required SPF: v=spf1 include:_spf.google.com include:amazonses.com ~all
3 Replies
5 months ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open brody • 5 months ago
5 months ago
Railway requires a CNAME at your root domain, which blocks SPF/email records (DNS limitation). Your Cloudflare migration failed because you switched nameservers before setup was complete, causing hours of downtime.
Move Railway to www.headsup.bot instead of root. Point www to Railway via CNAME, redirect root→www using Namecheap's URL redirect, then add your SPF/MX records at root. Zero downtime, fixes email immediately, no provider changes needed.
If you must use root domain, either migrate to Cloudflare properly (pre-configure ALL records first, lower TTLs 24hrs before) or switch to DNS providers supporting ALIAS records (DNS Made Easy, NS1) which allow CNAME-like behavior with other records.
5 months ago
Thanks for the suggestion! Just to confirm the trade-offs: moving to http://www.headsup.bot would mean a permanent URL change with SEO implications from the 301 redirect, marketing materials would need updating and visitors would experience a redirect hop?
While this solves the email issue, it seems like a big architectural/seo tradeoff.
5 months ago
At a quick check online, a 301 redirect does mean that you have a new domain. However, modern search engines (like google) all recognize the 301 and propagate the new root.