How OhRelay uses Cloudflare email routing and Workers
A technical look at how OhRelay gets mail to the right inbox, preserves reply context, and avoids reading your email content to do so.
Why OhRelay sits inside Cloudflare’s infrastructure
OhRelay needs two things in one place: the ability to handle email at the domain level, and the ability to run routing logic on top of that.
Cloudflare provides both — Email Routing for inbound delivery, and Workers to execute code at the edge. The combination lets OhRelay receive mail, identify which customer-facing address it was sent to, apply the right routing rule, and preserve the reply context — all before the message reaches your inbox.
Why Cloudflare-managed DNS is part of the model
OhRelay depends on Cloudflare Email Routing, which in practice means your domain’s DNS needs to be managed on Cloudflare. DNS and email routing then live in the same control plane, which keeps setup predictable and keeps the inbound path close to the routing logic.
Cloudflare can also import existing DNS records, so moving DNS there is usually manageable even if the domain stays registered elsewhere.
How routing is determined
The core question is simple: which address did the customer write to, and where should the mail go?
OhRelay reads the recipient headers to identify the intended address, then matches it against your configured routing rules. Routing decisions are based on metadata — headers and configuration — not on the content of the email.
- Read recipient headers to identify the intended address
- Match the address against configured routes
- Attach the correct destination and reply sender information
What the Worker layer does
Cloudflare Workers is where OhRelay applies routing logic. Once the system has identified which address a message was sent to, it attaches the correct destination and reply information before the message lands in your inbox.
Workers also enforce safe failure behavior: if the system can’t establish a reliable address context, it blocks or defers rather than guessing.
What OhRelay doesn’t need to read
OhRelay doesn’t read message bodies to decide where mail should go. Routing is an address recognition and configuration problem — not a content understanding problem.
That creates a clear privacy boundary: OhRelay relies on headers and routing rules to make delivery decisions, not on reading private email content.
Keep your inbox. Run every domain address you manage.
14-day free trial.