Help Center

Sending Email from Cloudflare Workers using MailChannels Send API

MailChannels Send API lets you send emails from your Cloudflare Workers apps. Unlike other transactional email services that lack powerful anti-abuse capabilities, MailChannels automatically identifies and blocks harmful content such as spam and phishing, letting Cloudflare Workers customers email without any domain verification or login required.

You do not need an account with MailChannels to start sending emails; however, you do need a Domain Lockdown DNS record authorizing your Worker to send emails for your domain. If you do not have a Domain Lockdown record, your API calls will fail with a 500 error.

Please also note that because of the way Cloudflare sends requests from the "quick edit" environment, you will get an authorization failure when testing this API from the quick edit environment.

How it Works

After creating an appropriate Domain Lockdown TXT record for each domain you wish to send from, sending an email is easy. Just follow the code example below.

The following code snippet illustrates how you can use the MailChannels Send API to deliver email through MailChannels infrastructure to any recipient. This example renders web visitors a simple form with a "Send" button that causes an email to be sent to

addEventListener("fetch", event => {
async function handleRequest(request) {
    let content = "";
    for( var i of request.headers.entries() ) {
        content += i[0] + ": " + i[1] + "\n";
    let send_request = new Request("", {
        "method": "POST",
        "headers": {
            "content-type": "application/json",
        "body": JSON.stringify({
            "personalizations": [
                { "to": [ {"email": "",
                        "name": "Test Recipient"}]}
            "from": {
                "email": "",
                "name": "Test Sender",
            "subject": "Test Subject",
            "content": [{
                "type": "text/plain",
                "value": "Test message content\n\n" + content,
    let respContent = "";
    // only send the mail on "POST", to avoid spiders, etc.
    if( request.method == "POST" ) {
        const resp = await fetch(send_request);
        const respText = await resp.text();
        respContent = resp.status + " " + resp.statusText + "\n\n" + respText;
    let htmlContent = "<html><head></head><body><pre>" +
        "</pre><p>Click to send message: <form method="post"><input type="submit" value="Send"/></form></p>" +
        "<pre>" + respContent + "</pre>" +
    return new Response(htmlContent, {
        headers: { "content-type": "text/html" },

Frequently Asked Questions

  • Can I send email from any domain? Yes. You can send from any valid TLD domain, but you must use our Domain Lockdown feature to verify that you have the right to send from the domain first.
  • Why do I have to create a Domain Lockdown record? Without a Domain Lockdown record, anyone using MailChannels to send email would be able to impersonate your domain. And you would be able to impersonate their domain from your Workers code.
  • Do I need an SPF record? If you use Sender Policy Framework (SPF) with your domain, you should add MailChannels SPF records to authorize sending from our IPs. Instructions are here:
  • How do you prevent abuse? MailChannels operates the world's largest email sending service for the web hosting industry. We have extensive anti-abuse protections built into the platform to prevent spam and phishing and identify abusive senders.
  • What if I need support? Please submit a ticket and we will be happy to assist you. Please include your Cloudflare Workers zone in the support request so that we can locate your logs.
  • Is my privacy protected? As an email service provider, we take privacy seriously.
    • Messages can be stored for up to six hours in our outgoing message queue; typically, messages are delivered within seconds.
    • After delivery, message content is permanently destroyed. We have no ability to recover messages after they have been sent.
    • Some meta-information about the message data is retained for anti-abuse purposes, including the subject line, sender, and recipient address, and your Cloudflare worker zone.
    • If you have more sophisticated needs around privacy, please contact our support team.
  • What are your terms and conditions? Use of our APIs and other services are governed by our Terms of Service.
Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request


  • Avatar

    If you using CloudFlare Workers with your code - getting syntax error on line 42
    It seems that you need to use single quotes to mask the line with double quotes inside.
    Here is the fixed line code:

    '</pre><p>Click to send message: <form method="post"><input type="submit" value="Send"/></form></p>' +
    Edited by Vladislav
    Comment actions Permalink
  • Avatar

    Thanks very much for this correction, Vladislav.

    Comment actions Permalink
  • Avatar
    Daniel Lees

    Is this service still free? I have tried the attached code in a worker but when I send a request using the quick editor in Cloudflare I get a 401 Authorization Required error back from MailChannels

    Comment actions Permalink
  • Avatar

    Daniel, yes it is. I think what's happening here is that Cloudflare has added some new IPs to the Workers service and we need to update our records to allow connections from them. We will do that. This should be resolved soon.

    Another possibility is that if you're running tests in the Cloudflare Workers "quick edit" environment, those requests will be running in Google Cloud (ironically) and we do not allow requests from Google Cloud. In other words, you will have to test your code in production on Workers.

    Edited by Simpson
    Comment actions Permalink
  • Avatar

    Is there a testing/dummy API entrypoint allows us tests our apps with your API in cloudflare worker testing environment?

    The test/dummy API won't send real email, it will send it to a virtual mailbox instead and we can check it in your website.

    Comment actions Permalink

Article is closed for comments.