#Cloudflare port confusion

Cf will only proxy http/s over the ported defined in this list https://developers.cloudflare.com/fundamentals/reference/network-ports/

If you need more than that you must use other unproxied hostnames or spectrum on enterprise

It's normal. Those ports arent listed in the link above and Cloudflare doesnt not proxy anything other than http and https unless you configure Spectrum which for these ports requires Enterprise

From the same doc
“

Due to the nature of Cloudflare’s Anycast network, ports other than 80 and 443 will be open so that Cloudflare can serve traffic for other customers on these ports. Tools like Netcat will report these non-standard HTTP ports as open.
The WAF’s Cloudflare Managed Ruleset includes a rule that will block traffic at the application layer (layer 7 in the OSI model), preventing HTTP/HTTPS requests over non-standard ports from reaching the origin server.
“

Non web protocols don’t have destination and source metadata making proxying on shared IPs difficult or impossible. If you need to proxy other ports and protocols you need enterprise with spectrum which is a l4 proxy

With normal proxying you can only use HTTP on
80
8080
8880
2052
2082
2086
2095
and https on
443
2053
2083
2087
2096
8443
anything more than that or not either HTTP or HTTPS requires a diferent product

so yes

so the issue here is that the ports i opened, 2052 2053 2082 2083, can only do http, and since i am not doing http, i am effectively blocked

and nothing can be done about that other than buying spectrum or w/e

we're trying to use SMTP for transactional mail over these ports

since turning on cloudflare blocks the usual ports for that

and it sounds like this just isn't possible for us?

correct

🪦

You can make a subdomain that isn't proxied if you want

https://tenor.com/view/thats-true-kramer-seinfeld-gif-6564373007119861775