MX stands for Mail Exchange Records. MX records are DNS settings associated with your domain that direct its mail to the servers hosting your users’ mail accounts. MX records are used in DNS records (or Zone files) to specify how email should be routed with the Simple Mail Transfer Protocol (SMTP). It tells senders how to send email for your domain. MX record is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient’s domain, and a preference value used to prioritize mail delivery if multiple mail servers are available.

Where are my MX records?

Your authoritative MX records are on your DNS provider’s server. When you change the MX record on your DNS provider, other servers will make copies of these updated MX records over time. When your domain is registered, it’s assigned several DNS records, which enable it to be located on the Internet. These include MX records, which direct the domain’s mail flow. Each MX record points to an email server that’s configured to process mail for that domain. There’s typically one record that points to a primary server, then additional records that point to one or more backup servers. For users to send and receive email, their domain’s MX records must point to a server that can process their mail.

How MX records do looks like?

This is how a typical DNS record (for mydomain.com) looks like.

;

; Zone file for mydomain.com

 

@ 14400 IN SOA ns.mynameserver.com. root.ns.mynameserver.com. (

                                                             109157199

                                                             86000

                                                             7200

                                                             3600000

                                                             600)

mydomain.com. 14400 IN NS ns.mynameserver.com.

mydomain.com. 14400 IN NS ns2.mynameserver.com.

mydomain.com. 14400 IN NS ns3.mynameserver.com.

 

; A Record

mydomain.com. 14400 IN A 208.15.18.18

 

localhost.mydomain.com. 14400 IN A 127.0.0.1

 

; MX record

mydomain.com. 14400 IN MX 0 mydomain.com.

 

mail 14400 IN CNAME mydomain.com.

www 14400 IN CNAME mydomain.com.

ftp 14400 IN CNAME mydomain.com.

Notice the line with the “MX” in it. This is called the MX record.

mydomain.com. 14400 IN MX 0 mydomain.com.

 

It is important that there be a dot (“.”) after the domain name in the MX record. If the dot is absent, it routes to “mydomain.com.mydomain.com”. The number 0, indicates Preference number. Mail is always routed to the server which has the lowest Preference number. If there is only one mail server, it is safe to mark it 0.

How do I update my MX records?

If your company has its own DNS servers, talk to your DNS administrator. Otherwise, contact your domain name provider.

To configure MX records for a domain:

  1. Sign in to the domain host’s administrative console for your domain.
  2. Locate the page on which you can update the domain MX records.The page is typically called something like DNS Management, Name Server Management, or Advanced Settings.
  3. Locate the MX records for your domain. You may have one or more MX records resembling:
Name/Host/AliasTime to Live (TTL)Record TypeValue / Answer / Destination
Blank or @86400MX10 mail1.example.com
Blank or @86400MX20 mail2.example.com
  1. Optionally, reduce the Time to Live (TTL) to 300 seconds for every existing MX record. This tells name servers across the internet to check every 300 seconds (or five minutes) whether you updated these DNS records. This allows you to apply changes to your DNS records much more quickly. Also, if necessary, you can revert any DNS record changes a lot quicker when you’ve set a low TTL.Any DNS record change will apply only after the initial TTL of that record expires. For example, a value of 86400 seconds = 1440 minutes = 24 hours before any update will be applied. This also means that you need to wait 24 hours after the TTL of a DNS record is updated once you change it to 300 from 86400.
  2. Update the existing MX records to include the value / answer / destination of the desired. Also create new MX records if necessary to include all servers listed on that page. To do this, you must:
    • Enter the fully qualified server name, such as ASPMX.L.GOOGLE.COM. Many domain hosts also require a trailing period at the end of the server name.
    • Set the priority for the MX record by preceding the server name with the priority number specified on the MX record values page. Some domain hosts may require you to set the priority in a separate field.Note: MX records with a lower number have higher priority than MX records with a higher number. Different domain hosts use different priority numbering systems. Regardless of the system, the important fact is the relative priorities of MX records.
  3. Delete MX records not pointing to our servers or give them a lower priority (priority value higher than 10) than those pointing to Google.
  4. Save your changes and wait until they take effect.

After updating MX record

MX record updates are not immediate. After you’ve updated your MX records, it will take a while for every sender to use the new MX records. Your original TTL setting determines how long (in seconds) this will take. Changing the TTL setting won’t speed this up. Once you update your MX records, mail will start flowing through the message security service. After your old previous TTL (in seconds) has expired, all your mail flows through the message security service. When your mail flows through the service, mail is bounced from IP addresses known to be a major source of spam attacks or viruses. Also, if you have Non-Account Virus Blocking, mail to users will be filtered for viruses as well. You’ll get complete mail filtering after you’ve added your users

As long as you enter the MX records correctly, you won’t lose any MX records. While your MX records are changing over, some mail will be delivered using your old MX information, and some mail will be delivered using your new MX information, but all of it will be delivered. If you type the incorrect delivery information in the MX record, some mail will bounce. The sender will receive a notice that the mail wasn’t delivered. If this happens, correct the MX records as soon as possible. Some mail may still bounce for a period of time (up to the length of the new TTL setting), but the sooner you update the MX records to the correct setting, the fewer messages will bounce.

The backup MX

A target server, i.e. one that knows how to deliver to the relevant user’s e-mail mailbox is typically one which is the most preferred. Lower priority servers, a.k.a. backup MX or secondary, usually keep the messages in a queue waiting for the primary server to become available. If both servers are online or in some way connected to one another, the backup MX will typically queue a message briefly and immediately forward it to the primary MX. The backup MX acts as a store-and-forward mail server.

 

Multiple mail servers

Multiple email servers are useful for the sake of redundancy. If the Highest Priority email server (one with the lowest Preference number) is down, then the email is routed to the Server with the second highest Preference number.

For example

mydomain.com. 14400 IN A 214.35.25.14.78

server2.mydomain.com. 14400 IN A 221.23.546.27

mydomain.com. 14400 IN MX 0 mydomain.com.

mydomain.com. 14400 IN MX 30 server2.mydomain.com.

You can have unlimited MX entries for fall back. If all the MX records are equal Preference numbers, the client simply attempts all equal Preference servers in random order, and then goes to MX record with the next highest Preference number.

 

Testing the MX record

Once you setup your MX record, always test it to see if it is setup correctly. You can do with tools like nslookup.

 [root@localhost]# nslookup> set q=mx> yahoo.comServer: 192.168.1.1 Address: 192.168.1.1#53Non-authoritative answer:yahoo.com mail exchanger = 1 mx1.mail.yahoo.com.yahoo.com mail exchanger = 1 mx2.mail.yahoo.com.yahoo.com mail exchanger = 1 mx3.mail.yahoo.com.yahoo.com mail exchanger = 5 mx4.mail.yahoo.com.Authoritative answers can be found from:yahoo.com nameserver = ns2.yahoo.com.yahoo.com nameserver = ns3.yahoo.com.yahoo.com nameserver = ns4.yahoo.com.yahoo.com nameserver = ns5.yahoo.com.yahoo.com nameserver = ns1.yahoo.com.mx1.mail.yahoo.com internet address = 4.79.181.14mx1.mail.yahoo.com internet address = 4.79.181.15mx1.mail.yahoo.com internet address = 67.28.113.10mx1.mail.yahoo.com internet address = 67.28.113.11ns1.yahoo.com internet address = 66.218.71.63ns2.yahoo.com internet address = 66.163.169.170ns3.yahoo.com internet address = 217.12.4.104ns4.yahoo.com internet address = 63.250.206.138ns5.yahoo.com internet address = 216.109.116.17

How spammers read your MX

Spammers will typically target your lowest priority Email servers, in the hopes of encountering a poorly configured box. The Spam program reads the MX records, locates the Email server with the lowest Priority (highest Preference number) and attempts to spam with that server. So it is important to equally update all your email servers with Antivirus and Antispam.