One of the less well understood components of a working email system is the MX record. I do find a lot of IT administrators looking after Exchange servers who don’t really understand what an MX record is and how they work.
DNS Fundamentals
MX stands for “mail exchanger”. An MX record is a type of DNS record, so any understanding of MX records has to begin with an understanding of the fundamentals of the Domain Name System (DNS).
The most important role of DNS for the majority of us is translating names into IP addresses so that network communications can occur.
For example, when you type www.microsoft.com into your web browser, DNS is used to look up that name to determine the IP address of the server to connect to. The domain name in this example is microsoft.com.
So if that is how a simple web browser connection is made, what about when somebody sends email to an @microsoft.com address?
Again DNS comes into play, but this time the look up is slightly different. The sending mail server will look up the MX record in DNS by following a sequence along these lines:
- Look up the authoritative name servers for microsoft.com
- Query the microsoft.com name servers for the MX records
- Look up the names of the MX records in DNS to get their IP addresses
If you were to run your own manual DNS lookup of the MX records for microsoft.com it would look something like this:
C:\>nslookup Default Server: UnKnown Address: 10.0.1.9 > set type=mx > microsoft.com Server: UnKnown Address: 10.0.1.9 Non-authoritative answer: microsoft.com MX preference = 10, mail exchanger = mail.messaging.microsoft.com mail.messaging.microsoft.com internet address = 94.245.120.86
So the IP address of the “mail exchanger” for microsoft.com is 94.245.120.86.
MX Preferences
You may notice the “MX preference” in the output above and wonder what that is referring to. To better explain it here is another DNS lookup for the google.com domain.
> google.com Server: UnKnown Address: 10.0.1.9 Non-authoritative answer: google.com MX preference = 30, mail exchanger = alt2.aspmx.l.google.com google.com MX preference = 50, mail exchanger = alt4.aspmx.l.google.com google.com MX preference = 40, mail exchanger = alt3.aspmx.l.google.com google.com MX preference = 20, mail exchanger = alt1.aspmx.l.google.com google.com MX preference = 10, mail exchanger = aspmx.l.google.com alt2.aspmx.l.google.com internet address = 74.125.115.27 alt1.aspmx.l.google.com internet address = 74.125.91.27 aspmx.l.google.com internet address = 74.125.157.27
Notice that there are multiple MX records each with a different preference value. The preference is basically a way of setting the priority of each MX record. The lowest preference is the MX with the highest priority, ie the one that a sending mail server should try first.
The purpose of multiple MX records is to either:
- Provide some load balancing by using multiple MX records with the same preference set
- Provide a backup MX that can be used if the primary one is unavailable
The backup MX may be another mail server in your organization at a secondary site that has less bandwidth available to it. Or it could be a server hosted by a third party that provides backup MX services. Either way the purpose is to give sending email systems somewhere to send messages rather than have to store them and retry later.
Where Should Your MX Records Point?
Once you understand what an MX record does you then need to consider where your MX record should actually be pointing. Here are a few real world examples of where to point your MX records.
If your organization receives email directly then your MX record would point to a public IP address for your firewall or internet-facing email server (eg Edge Transport server).
If your organization uses a hosted cloud service for email filtering, then your MX record would point to their IP address (or an array of IP addresses depending on which service you are using).
Those are just two examples. There are numerous different scenarios that exist such as hybrid cloud/direct combinations, ge0-distributed networks, and so on. However in my experience with customers these are the two most common scenarios.
By now you should have a basic understanding of what an MX record is and how they work. If you have any questions please feel free to ask them in the comments below.
Hi , my MX record is in Symantec with priority 0 , but i notice my wintel guy publish the Microsoft mail-protectionxxxx in DNS as well with priority 20; any issue if i remove the microsoft record since i am not using? TQ
thanks what are literals in java learn literal in java Statement in free by CodeExampler website
Thank you for the information.
We were using a mail server where our web site is hosted. We implemented Microsoft365, moving our email account to MS365. However, our blast email service on the original web hosted server stopped working. I have added the old server address to the spf1 section of a txt record, leaving the entry for ms365 in place. Also added an MX record with the old IP address. None of this works while ms365 Outlook continues to be ok. What am I missing?
We use an application to generate emails in bulk. In side the application we point to our main mx servery (aspmx.l.google.com) supplied by google. But email to any google address never arrives. What are we missing?
Hello, my organization currently uses Microsoft O365 as our email provider but we also use a 3rd party email filter, so our MX records point to them. We would like to stop using the 3rd party filter and just point our MX records to O365, how/what is the best way to accomplish this. Thanks
Hello,
The best way is to replace the actual third party antispam by EOP .
Can hackers use gmail and multiple mx accounts? Is there a way for anyone to catch them bc PayPal or my account was hacked with all these fake emails. I would really like to catch them bc I’m not impressed with the fraud department at PayPal. I was using an iPhone and started getting calls from my bank so I immediately detached all. Very weird-
I have been searching about roadrunner email settings for iphone then finally, when I read this Article I get to know the correct information about it and I found this information is relevant. You have an ample amount of knowledge and that describes it very clearly and I thank you for giving me this type of knowledge and it helps me a lot.
Hi Paul i need help i’m having external email in my organization under office 365 bouncing and the error code we have is 5.0.0 and 5.7.1 how does one fix such issue or what step should i be taking to solve this problem?
Hello Paul,
We are changing internet providers the MX records will not be changing just the Public IP. Will I have to create an MX record for the Public IP or keep the current MX record and when the cutover for Internet happens should email resume normally? Thanks in advance
THE MX record will surely need to be changed to your new ISP Public IP address .Also, you have to inform him to create the srv record for your MX record.
Any way to find out who would be administrator over an account that didn’t have permission to do so and if so is there anything that can be done about it?
Pingback: How to Use Custom Domain in Gmail for Free with Mailgun
Thanks a bunch.
My client ‘s primary email server is mimecast. However, they would like to use Amazon Ses to send out marketing emails.
To use SES i have to plugin the MX record settings provided by SES. Client doesn’t want to move from mimecast as they are happy with it.
Can i use SES only to send outgoing emails and Mimecast continues to serve as incoming Server?
Or is there anyother solution?
Thanks in advance.
Pingback: Email Validation Glossary: The Terms You Want to Know - ZeroBounce Blog
Pingback: Cara menjadi bandar judi online
Hi Paul, hope you can help me. We have been running for quite awhile with pref 05 to our exchange server and pref 10 for fallover if the exchange server has problems (emails that cannot get thru to exchange are stored until it gets backup and running.
We are moving to O365 and have pref 40 setup for this. we are preparing for switchover we will disconnect our old exchange server but the emails will get diverted to the fallover box. Is the best solution get rid of the pref 10 record a couple of days earlier than the switch over to stop any diverts
Can u kindly explain me what is the purpose of NS record in DNS ? And how it will be used?
Hello, I have a SBS 2011 with Exchange Server 2010 for the network. I need to add an additional email domain to our current system. How do I update the mx record to just add the additional domain? Thank you!
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Each domain has its own MX records. So if you have a new domain, you will need to create an MX record in that domain’s public DNS zone.
Dear Paul,
I have 2 MX records for my mail servers.
If the first priority server is busy,
and the second server is down.
and then?
The remote client will retry back to the first priority server?
Any help would be appreciated !!!
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Sending servers will keep retrying your MXes until they find one that work, or until they expire the message from their queue.
Dear Paul,
we are in the middle of a migration process from ES2010 to ES2013, we have setup a new ES2013 multi-role server and we are in a co-existance state.
We have configured the Send Connector, but the emails sent to external addresses are stuck in the Transport Queue (internal emails sent/delivered without problem)
– An message delay error appears with 400. 4.4.7 code.
– In the SMTP logs, we noticed that the local-endpoint is blank.
We think that there is a DNS problem related to IPv6.
– In ES2010 the IPv6 is disabled.
– What type of IPv6 records should be specified in the DNS? (MS Windows Server 2008 R2 version) ?
– In ES2013 we have three NICs (for default SMTP, ASMTP Relay, and AutodiscoveryRedirect) with IPv6 enabled…
Any help would be appreciated !!!
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
it’s recommended to leave IPv6 enabled, so I would start there. But if you absolutely must disable it for some reason you must ensure you’ve done it correctly.
https://blogs.technet.microsoft.com/rmilne/2014/10/29/disabling-ipv6-and-exchange-going-all-the-way/
I don’t understand from your description where the emails are actually getting stuck. It would also be helpful to know the full text of the error code.
The multiple NICs on the Exchange 2013 server is unusual and could well be a problem if they’ve been misconfigured as well. Removing the extra NICs and making sure any extra DNS registrations are cleaned up would be a useful troubleshooting step.
So, currently we have it set to use my server as nameserver… and if email is hosted at Godaddy, we point email DNS record back to godaddy…
For those domains, Is it possible to keep NAMESERVER at godaddy and just point web traffic to our server?
This way even if my server is down for whatever reason which has been happening lately, at least email would work?
Thank you.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Yes, you can use any DNS provider you like to host your DNS zone, such as GoDaddy, AWS Route 53, DNSimple, and many others.
You can host your email wherever you like and it doesn’t need to be the same provider. Your email will deliver wherever your MX records point.
Dear expert
I want to know that is it possible to publish my compny,s mx records on global dns servers for external world to comunicate with my mail server, without involving any third party hosting service rather using my company,s local dns
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Yes, you can host your own DNS server if you want. Not sure what advantages you see with that approach, as reliable DNS hosting is difficult and is quite cheap from external providers. Amazon Route 53 for example only costs a few dollars per year.
Its kinda stupid question but I am curious abt how will my dns server records will be published on global dns servers,and people across the world will know that abc.com exist
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
1. You register a domain name. Some domain registrars also provide free DNS hosting and you can just start creating DNS records with them, but you can choose to host your DNS zone anywhere you like.
2. If you’re going to host the DNS zone elsewhere, such as with Amazon Route 53, you sign up for that service and create the zone. They will provide you with the Name Server (NS) records to configure for your domain.
3. You update the NS records with your domain registrar, using the information provided by your DNS host.
4. You create any DNS records you need in the zone.
Hi Poul
I have problem to run O365 and Qmail booth in same domain
we do booth if MX in Qmail user in O365 can’t receive email from external and from Qmail user, and if MX on O365 user from Qmail can’t send to O365 user.
I’m a bit confused here on our set up. I’ve just discovered that when sending an email to an outside account the headers show the From as our internal exchange server and internal IP. For all of my receive connectors the FQDN is set as my exchange server. Our mx record is set as our external domain name. So what is controlling this and how can I resolve it? Thank you.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
That’s normal behavior, but you can remove them if you need to.
https://www.practical365.com/remove-internal-exchange-server-names-ip-addresses-message-headers/
Thanks. But if it’s normal why do some organizations reject email to servers that it can not reach? One organization in particular that won’t accept our messages says it’s because our server isn’t internet routable is why our messages get’s rejected from their servers. We had a problem with sending to aol.com accounts and I assume it was because of the same problem. Aol.com eventually released them after a few days and we never got any confirmation as to why. Just my assumption.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
When your server connects to another server, it announces itself by saying HELO or EHLO and provides a host name. For example…
HELO mail.exchangeserverpro.net
The receiving server does a bunch of stuff to tell whether you are likely to be a spammer or not. One of the things is to to a DNS lookup on that host name. If that host name isn’t resolvable (e.g. your server is saying “HELO server.domain.local”) then some servers will reject on that basis.
If your server announces itself as “HELO mail.exchangeserverpro.net” and that is resolvable, but it resolves to a completely different IP or IPs other than the one your server connects from, that is also a signal that you might be a spammer and some servers will reject on that basis.
There’s also reverse DNS/PTR that needs to be in place. The IP your server connects from (the public IP that it gets NATed to by your firewall) should resolve to *something*, not necessarily the same name as the HELO, but it must resolve to something. Typically your ISP puts that PTR record in place for you.
There’s also SPF to consider, explained here:
https://www.practical365.com/a-sender-policy-framework-spf-primer-for-exchange-administrators/
So all up there are many things that mail admins need to get right in order to be able to send email reliably on today’s internet. I cover the above points in a bit more detail in this ebook, if you’re interested:
https://www.practical365.com/ebooks/exchange-server-troubleshooting-companion/
Great info, thank you.
Hi
I have installed exchange server 2013 and every thing works fine. I want to sent mail with different domains as sender which I did it . Now, I want to set MX record for any accepted domain . could you give me a hint how to do it ?
Pingback: Change Inbound Mail Flow to Exchange Online Protection
Hi Paul,
This may be off topic, but I have made a big F..Up.
I am new to exchange & Office365.
I have 3 persons using a Office365 acount and have made all the DNS records at their Domainhost (UnoEuro.com) to point at office365.
It has however been giving me a lot of troubles, because there are oyher people using that domain, but is not using Office365, they just have an IMAP account to their mail. Therefore they only recive some of their mails.
Now I have added a new domain to the Office365 account and want to migrate the 3 -Office365 users mail & calendar content, to their new account in the new domain, can I do that in Admin Office365 ?
Ex. Move content from LKM@PETER.com to LKM@PAUL.com ?
Hope you understand my danish- english 🙂
Pingback: Preparing for Hybrid Deployment with Exchange and Office 365
Pingback: Godaddy Postini – +ADw-/title+AD4 HACKED BY +AD4 ant07alya +ADw TURKHACKTEAM// HACKED BY +AD4 ant07alya +ADw TURKHACKTEAM// HACKED BY +AD4 ant07alya +ADw TURKHACKTEAM//+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-
Pingback: MX Records for Exchange Hybrid Deployments
Pingback: Update Mx Records Google Apps Godaddy
Hi Paul
I finally solved the issue .I was making mistake while configuring the Zone file of Go daddy.
Your videos were the best tool for this Lab Practice. They gave me the necessary knowledge.
Thanks for your effort!!
Cheers mate!!
SANCS
Hi Paul,
I still need some help. Please correct me where I have gone wrong.
After going through your tutorial I did the following things on the above scenario.
I purchased a domain with go daddy. (say abc.com) and abc.com is the root domain name of my Active Directory Domain Service.
My Windows server 2012 and exchange 2010 server IP are the same: say 10.1.1.50
They are both connected to the internet via Netgear ADSL router. Public IP say 27.33.168.90
I port forwarded the SMTP (port 25) to 10.1.1.50 (server IP) on my ADSL router.
My exchange server name is say: dc01.abc.com
On my DNS I created MX record and put the Exchnage server FQDN say: dc01.abc.com
Host A record as dc01- FQDN dc01.abc.com and pointed to server IP 10.1.1.50
Now on DNS Zone file of go daddy………I added the following
For MX record:
Host :@ points to my exchange server :dc01.abc.com
For A record:
Host:@ points to the public IP of my ADSL modem: 27.33.168.90
Finally on the server configuration option of Exchange I have configured receive connectors.
I have created users and assigned mailbox to them.
Are those steps enough to send the email from gmail or hotmail to my exchange server user mail box user now? I am still not able. Please help me by correcting me.
With regards,
SANCS
Thanks for the response Paul.Cheers!
Hi Paul…..on the same issue which I mentioned above- the root domain(say abc.com) which I gave to my windows server 2012 domain controller and the exchange server forest is already a registered domain unfortunately. Do I have to build everything from scratch?
With regards
SANCS
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
No. You can have a different AD namespace than your Exchange namespaces. For example, AD can have a namespace of domain.local and Exchange can use a namespace of brandname.com instead.
As a general recommendation you shouldn’t use domain names that you don’t own, even just for internal namespaces or for test labs. But it will be fairly harmless if it’s just a test lab.
So if you wanted to rebuild it you could, but it’s not a hard requirement.
Much appreciate Paul……..You have made things much simpler…….Those videos are hugely helpful mate!!!
Hi Paul,
I am a beginner to Exchange Server. In my home lab I have installed windows server 2012 and installed exchange 2010 SP3 trial version on the same server. I also have the DNS on the same server. My environment is physical not virtual. My server is directly connected to Internet via netgear modem router. I successfully configured the exchange server so that I can send email from outlook 2010 to gmail or hotmail.
Please give me some advice on how should I configure exchange or DNS to receive email from gmail or hotmail to the outlook. I searched on google but I feel lost. Please provide me some advice or any concise link so that I can study and implement.
With regards,
SAN
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Look at Module 2, Lesson 4 of these videos
https://www.practical365.com/exchange-2010-free-training-videos/
Pingback: Change Mx Records Godaddy Gmail – Cyber Sun
Pingback: Godaddy Gmail Apps Mx Records
Pingback: Godaddy Secondary Dns Service
Pingback: Create An Mx Record Through Your Domain Registrar Godaddy – Cyber Sun
Pingback: Exchange Server 2016 Inbound Mail Flow Configuration
Pingback: Exchange Server 2016 Outbound Mail Flow
Pingback: What Is Godaddy Mx Records – Cyber Sun
Pingback: Change Godaddy Mx Records To Google Apps – Cyber Sun
Hi Paul,
Great article and very helpful comments as well.
I have a common scenario where we have an MX record that points to a SaaS provider for email filtering. Recently our SaaS provider went offline for 24 hours and we didn’t receive email or were able to send e-mail during that time. Luckily the provider was pooling the emails and delivered them once their network came back online.
What I want to do is put the power back in our hands and have a way to failover from the SaaS and go directly to us, bypassing the filter in the event this issue occurs again.
Changing the MX record in DNS takes too long to propagate so that is not the best solution. Is there a way to do this?
Thanks,
Kimble
I was doing some research. Would using round robin MX records with priorities solve this issue? For example:
10 example.com 192.168.1.1
10 example.com 192.168.1.2
20 example.com 192.168.1.3
The mail server sending the message would try either one of the 10 records first, then try the other, then try the 20 record if the first two failed.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Every MX record you publish can potentially be used by senders, so if you publish a “bypass” MX record permanently then you can expect senders (including spammers) to bypass your SaaS email security provider regularly.
If you want to be able to change your MX records faster set a very low TTL on those records in your DNS zone. 30 minutes would probably be reasonable in your case, but you can go even lower if you want to.
Good points and thank you for the feedback. I’ll give the TTL a try
Pingback: Troubleshooting SMTP Connectivity from External Senders
Pingback: Godaddy Email Domain Alias – Library Blog
Pingback: Godaddy Hosted Email Mx Records | Remix Video
Hello Paul,
Using SBS2011 and Exchange 2010 which works fine.
I am tripping over the disconnect between an MX record of mail.domain.com.au and the receive (and send) connectors FQDN of remote.domain.com.au. There is an A record for remote and mail pointing at same IP address.
I do not understand how this works.
Ultimately I would like to put another 2 domains onto this server.. but first thing is first.
Would you please point me in the right direction to understanding this difference.
Regards
Simon
Ok. Thank you.
Hello,
Thank you.
Can I differentiate Exchange Server and Other Server(gmail, yahoo etc.) on the base of MX Record?
Is there any common different which identify that this is Exchange Server on the base of MX Record?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
No, and no. An MX record is just a DNS record.
I have checked few General Domains and few Exchange Domain. Exchange server provide only 1 mxRecord and it start with either mx1 or smtp1 or webmail.
Does exchange always provide 1 mxRecord?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Exchange doesn’t provide MX records. You configure MX records in DNS yourself. You can configure as many as you need.
Pingback: Use PowerShell to Quickly Check Multiple MX Records
All Domain mail send and received ok. but hotmail and yahoo.com didn’t received my mail due 400.4.4.7 error. DNS working perfectly. What i can do? Please advice me.
Hi, Paul,
Thank you for this article. and was much helpful to get idea about MX Records.
Could you describe me where should i assign my mail server PUBLIC IP in exchange environment.
Eg; MX — mail.tiptop.com 212.85.76.25, do i need to configure this IP in any NIC to communicate with internet.
Would appreciate to clear my doubts.
Thanks & Regards,
FARIS
Hi Paul,
Very good post!
I’m really new into DNS settings and can’t get what I want to accomplish.
I have two domain names. The website of domain1.com is in a remote server and I want to receive emails from the domain1.com in the domain2.com without going thru the email server of domain1.com.
I went to the registrar and pointed the MX record of domain1.com to mail.domain2.com.
Then I logged into the cPanel of domain2.com but I don’t see anything about domain1.com on the MX records.
What I’m missing?
Thanks!
My server public MX records resolve just fine – but apparently the Microsoft connectivity analyzer only queries public MX records. When a third party spam filter is involved (like Postini or Greenviewdata) their tool fails to actually identify my problems (I get 100% success with the connectivity tool but mail still fails to deliver while throwing cryptic PRX errors). I don’t know if I am looking at routing issues, service failures, auth issues, protocols/port mismatch, phase of the moon, who is sleeping with who, current shade of chocolate, etc.. Exchange 2013 feels like bloated rush to market code hoping for the next daily critical update; just my .02 cents.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
As an externally hosted service all the ExRCA can do is look up your MX records in public DNS, and try to send mail to them. Any routing that occurs beyond that is invisible to the ExRCA.
Hi Paul,
I have 2 CAS Servers that will be receiving email. So, should I create 2 MX records on Public dns. And with same priority or different priority. If one CAS server will get down, then the sending server will use another MX record to deliver the email to second Server. Thanks.
Thankyou for this Post.
I found where i did a mistake.
Public DNS
Company Dns Zone File at GoDaddy
Record Type -Host A
Host: @ – Points To: Godaddy Default IP
Host: Admin – Points To: Godaddy Default IP
Host: Mail – Points To: CAS IP Address
Host: Mail1 – Points To: EDGE IP Address
Record Type-MX
Priority: 0 – Host: @ – Mail1.company.com
Now i have check MX from MX Toolbox and everything is working fine.
the below article were very helpful.
http://www.petri.com/configure_mx_records_for_incoming_smtp_email_traffic.htm
Now i am going to test mail routing.
Hi Paul,
I have bought a domain from godaddy.com and now i want to configure DNS for Exchange System.
I have Hosted MBx, CAS, HT on Box1 and ET on Box2.
When i bought this domain (company.com) its by default pointing to some IP Address i thinks its godaddy IP beacuse i have bought Domain, Email and Web hosting subscription services.
Now i have created a Host A with mail.company.com and mail1.company.com
Host: Company.Com – Points To: Godaddy Default IP
Host: Mail.Company.Com – Points To: CAS IP Nated with Public IP on Firewall (443,80 Allowed)
Host: Mail1.Company.com – Points To: EDGE IP Nated with Public IP (25 smtp allowed)
On MX
Host: EDGE IP – Points to: Mail.Company.Com
There is no Reverse Lookup Entry yet has been created.
Could you please advise if there is anything you think needs to be changed.
Because when i try to resolve the record using MX Toolsbox, it could not find MX mail.company.com.
Hi All,
I joined to new organization as a exchange admin, their the previous admin was left the company with out intimation, Can someone tell me how to check the complete mail routing process in exchange server 2010 and how to find the exact MX record in the domain and where the Mx records is configured
Thanks,
Narasimha Sumanth?
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Here you go:
https://www.practical365.com/exploring-a-new-exchange-server-environment/
Pingback: Messages Queuing with Error 451 4.4.0 DNS Query Failed
Hello Paul,
I’m dealing with an MX Preferences for Gmail Apps set up in Webstarts.com that looks just like your example above, only with 10 as ASPMX.L.GOOGLE.COM, 20 as ALT1.ASPMX.L.GOOGLE.COM etc etc, and beneath that as the CNAME Mail ghs.google.com.
Webstarts no longer has any access to that as it was set up by them years ago when it was free, and the company I’m dealing with has no access to anything but getting their emails (through Gmail).
My primary problem is that Webstarts doesn’t permit WordPress installations, so I set it up on Hostmonster and changed the IP for the A and the @ records – but not the MX records and the two companies (Hostmonster and Webstarts) are providing me with different sets of instructions. Hostmonster’s instruction won’t keep mail going to the Gmail account, and Webstarts advice can’t be implemented in Hostmonster because the proper record fields are lacking. The client *is* getting emails – but there’s a secondary problem tied closely to the primary problem.
The secondary problem is that I’m using Gravity Forms to send help requests to my client’s email addresses – and they don’t go through to their domain email addresses – even if I send them from another domain. They still don’t go through if I forward them to a free Gmail account (which does work with forwarding from the form) and THEN re-forward them to their company emails set up with the Google MX settings – I keep getting hard bounces. However, I have also set up a “webmaster” account, then forwarded the form to the free webmaster from the domain webmaster and *then* set up the free Google Webmaster to forward to my personal email accounts in Google, in Hotmail, and on one of my own hosted domain emails and all of them work just fine – to me – but not to the company using the Google account App emails.
What I get is a hard bounce if I sent the form results to any and all of the company emails saying that there is no such email account. So I go into the filters section of their Gmails and there are no filters, nothing in spam, no way to adjust or allow emails from the Gravity form.
I’m out of ideas or options and nowhere on the web am I seeing anything helpful that I can implement because the Hostmonster DNS MX records don’t have the same names for the fields I’m seeing for Google, and there aren’t enough of them.
Any advice would be appreciated. This is the third week I’m spending on getting this problem resolved.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Some web hosts have default configs on the server you’re being hosted on such that all email is delivered to the local server, regardless of the MX records you have in DNS. The assumption they are making is that customers will use the free email accounts hosted on the server. Which many do.
If they are providing you a CPanel interface for your account there is an MX setting in there where you can tell it to always deliver locally vs always use the MX record.
Saying you’re getting a hard bounce is part of the info someone would need. The info in the bounce message is important, it will say which server rejected the message (eg was it a Google server or a Hostmonster server…).
Really this is something you should be able to sort out using their support. If you contact them and say that you want to use Google Apps only, and that you’ve got the the MX records Google asks for in place, and that you’re still getting a bounce message, they should be able to help you.
If not, find a web host with better support.
Thanks Paul, I was able to sort it out with your help by recreating all of the MX record fields in Hostmonster, deleting all of the Hostmonster free mail account defaults, and then switching the whole Webstarts DNS over with a simple full NS change. What an ordeal to achieve (what should have been) a simple goal! I thank you for providing the clarity I needed to resolve this.
Hi paul
I am a affiliate marketer actually I will facing a ip black listing problem due to hit a trap ( trap mean a email id basically is used for tracking a email sender activities by some organization like spam house. Sorbs like this) because of trap I am loss my server.
I have concern with senior mailer they are suggest me if you want to remove trap(tracking email id or domain) from your mailings data so MX record is only way to found a trap in you mailing data
That’s why I request you please guide me how to found it and remove from my emailing data list. Please reply you suggestions its beneficial for me
Thanks in Advance
David
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If you’re hitting spam traps then your email acquisition method is bad. I can’t help you clean up your list, that is your job.
Hi Paul,
Need advice from you. We have web and mail server using one public ip. Our smtp, pop3 and imap configuration using abc.com
Now we like to have new public ip for webmail. What is the impact for changing the ip address. Especially our smtp pop3 and imap configuration for client using mail software i.e outlook.
Another question is since we want to use new public ip for webmail. We want to create new imap hostname e.g imap.abc.com pop3.abc.com and smtp.abc.com and we want to remain old imap configuration abc.com for existing client that been configured at their outlook.
What is your best solution for this migration?
Thanks in advance.
We currently have SBS2003 running EXCH2003 and our ISP (Time Warner) host our email and we see 2 MX records on our account for our domain at our web host (Network Solutions) . We use the POP3Connector to download emails from the ISP and the SMTP connector is configured to “Use DNS to route each address space on this connection.”
We are now moving to Exchange 2013 (on separate hardware) and would like to continue having our ISP host our email. We do have a static IP but not sure how to host our own mail or if we should–small office, 10 mailboxes max. We created our Send Connector to use the MX records option and have not done anything with the Receive connectors.
Right now these two Exchange servers our on same Internet connection, using the 1 Static IP (with two routers). The internal domain names are different.
How can we test Send/Receive of our email, both internally & externally, on the new Exchange 2013 server without interfering with mail flow on the 2003 box? We plan to create two “fake” user accounts with exchange 2013 mailboxes for our testing. Note, no mailboxes that are in use on the 2003 server will be added to the Exch 2013 server during testing.
Thanks!
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
For 10 mailboxes an on-premises Exchange 2013 server is overkill. Have you considered Office 365?
To answer your question, you just need to point an MX record for an email domain (any email domain, a test one is fine as long as you configure Exchange 2013 to accept it) to your public IP and NAT that IP to your Exchange 2013 server for port TCP 25.
hello Paul,
i have just installed exchange 2010 and i pointed my Mx records to the public ip address of my server, but still i cannot receive emails, currently my host is godaddy and i want to use my exchange server for both incoming and outgoing mails, i tried to added mx record in godaddy dns manager but still i cannot receive emails, is there anything my ISP needs to do on my public IP address?
kindly assist
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If you’ve just made the change it might just be a DNS caching/propogation delay.
Or it might be your ISP blocking inbound TCP 25, or your firewall blocking it.
Go to exrca.com and run the inbound SMTP test and see what it says about it.
Hi Paul,
Well Am using Microsoft ISA server 2004 and configured it with Edge Firewall, I have A Domain Controller of windows server 2012 (DNS + AD), I also install and configured Microsoft 2003 Exchange server for mail, I have a routable IP on the External side of the ISA Server, I have configured the Isa server as follow …… first i allow a DNS protocol from My Internal Domain controller to the local host, along with i point the Internal domain controller to forward queries to the internal interface of my ISA server, and inter configured my Isa server Stub DNS to forward queries to My ISP DNS server, and then I configured MX record in My internal Domain Controller DNS server to point to My Exchange server, and then I configured the Inbound and outbound SMTP mail server rule in the ISA server Firewall policy rule, Now after doing the above procedure … I can send email to any mail server available on the internet .. but i just can’t receive any, Please help what should I do … or just any idea on my case would help ..and thnx in advance.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
External servers find you by doing an MX record lookup in DNS. They need to be able to find your MX record in publicly accessible DNS servers. So wherever your public DNS servers are, that is where you need to add the MX record so that people can send you email.
Hello Paul,
I need your help, recently my organization has taken backup ISP (internet lease Line) now we need to configure this line as backup line,so how can i configure this line is backup line.can you provide me step by step configuration then we can follow the steps and configure.
Because if my first internet line goes down that time we can not access exchange server,this hamper on my business.
please send me step by step configuration for 2nd internet line.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Add an MX record in your DNS that points to the IP address of the backup internet connection.
Hi Paul,
My MX record point to godaddy so how to add my 2nd ISP address in to DNS.
And how it will work if my first line goes down. can you send the details so i can configure send connector and receive connector as well as MX and DNs.
Thank you for help and support.
Hello Paul,
Thanks for this great article.
i am however facing a challenge receiving emails from external domains on my email server (icewarp messaging server). i can however send emails from my internal domain to external domains. An MX lookup (MXtoolbox.com) also shows that MX records point to my public IP address.
An SMTP email server test however gives a result of reverse DNS failed. What could be the problem please?
kind regards.
Hi Paul
we have an issue with only one specific domain when ever the users from there end send email to us the emails are delivered to our another mail server which is hosted with godaddy.My question is if I have the least priority of my mx record why the emails are being sent to godaddy hosted server.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If one of your MX records points to GoDaddy then you should expect some mail to go to that server. Fiddling with the MX priorities won’t stop that from happening.
Could you explain a bit more about? I have Exchange Online and QMail Server, I do not know why it’s happen, but it does and so often.
The priority is set to delivery the mails to Exchange Online, and the connectors and DNS Records are properly configured.
Thank you.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
What more do you need to know? If you have multiple MX records, expect the sending servers to make use of all of those MX records. If your MX records point to two separate email systems, mail will deliver to both systems. It will be random and unpredictable, and you can’t stop it as long as you have MX records pointing at both systems.
Thank You Paul for your quick response so what shall I do if I want the incoming message deliver on both servers
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If you want mail replicated between multiple servers for HA purposes then you need to deploy your servers the right way.
If you’re running Exchange that means looking at high availability features, ie database availability groups:
https://www.practical365.com/exchange-server-2013-database-availability-groups/
If you’re running Zimbra I suggest you look at their documentation for how to do a HA deployment.
Hi Paul;
I have an exchange server running and I have mx record pointing to this mail server lets call it xmail.abc.com
we are planning to add another mail server but its Linux based and its zimbra mail server lets call it zmail.abc.com.
I want the incoming mail reached each server is this line dns configuration right?
xmail A xxx.xxx.xxx.12
zmail A xxx.xxx.xxx.13
abc.com MX preference = 10, mail exchanger = xmail.abc.com
abc.com MX preference = 10, mail exchanger = zmail.abc.com
My question if I make same mx preference 10 and 10 can my users receive mail at the 2 servers ? and if one server crash can my users find emails at the other server?
Regards
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
No, the sending server will pick one MX each time and send email to that server only. It will not send the same message to both servers at the same time.
Hi Paul,
Thanks for your article. Can I please ask a question – I am moving my website to a new host but the MX records are staying the same (= Microsoft Exchange). I will add the MX records to the new web host’s DNS interface before changing the DNS records to the new web host’s Nameserver details. I know that changing MX server can bring several hours of email downtime but here I am not changing the MX server – I am just copying the MX records from one host to another. So should I expect some period of email downtime ie delivery failures?
Thank you…
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
If the MX isn’t actually changing I would not expect any downtime.
I did this late last year and it went smooth as glass until two days ago when I had to unasigjn and reassign the domain (and the MX records went poof). Then I just went to the name registrar’s and swithched the DNS back to them and (for the Google mail accounts to work) and pointed the A record IP address toward the new hosting. Either works. That was quicker and easier though as long as the IP remains static.
Hi Paul,
I have uploaded new website on apache server. which supports only pop but no smtp service. so, not going to use their server but point my mX to (domain 0 aspmx.l.google.com) by default.
I have set MX Record through domain name panel..which too provide MX exchange server.
I do also permission to use another MX service (say awesome= pop/Imap/smtp all with webspace for my domain)
Please suggest how to configure MX record for both “awesome MX’ and “l.google.com”
Regards,
prompt reply will be appreciated.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
I don’t understand what you mean by “awesome MX”.
If you want to use Google for hosting your mail set up your MX records to point to them by following the instructions they provide.
Hello Paul,
Got some clear ideas on MX entries for mail routing.
I would like to know, can I have two mail services in one domain.
I am currently using qmail SMTP services on a linux server and I want to migrate only 50% of my users in MS Exchange. Is it recommended or I will face big issues while handling two admins.
And how can i integrate the both server into one domain.
Please guide me.
Regards,
Roushan
+918286535813
Hi,
We are installing exhange on server and house our email . We have web.com as our pop provider. So we changed the DX priority of the pop to lowest. The higher priority to the server. We figure if emails or server is down the emails will stay with web.com. However, the emails still go to the pop account and not the exchange setup one.
Pingback: Managing Changes to MX Records and Incoming Email Traffic
Hi Paul
Thanks for this article. I have created my external MX record and thats fine. I have an edge transport server in the DMZ and a Hub Transport server in the private network. Do I need to set up an internal Alias or MX records called mail.mydomain.com on my internal DNS server for my Hub transport or Edge server?
thanks, Sid
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
Edge and Hub servers find each other by setting up an Edge Subscription.
https://www.practical365.com/exchange-2010-edge-transport-server-configuring-edgesync
Thanks, i figured it out and got it working.
Great website, thanks.
Hi Paul,
I have installed new exchange 2010 envirnament. created a send and recieve connector for direct communication to the internet. Our network manager has changed the MX record. The internal email flow is working fine but external email is not working. That is, if i send email from internal user to yahoo, it doesn’t work. Also it doesn’t work if I send email from external email to internal.
when I check the queue viewer, the email send to yahoo.com says delivery type dnsconnectordelivery and they status is retry, please help???
Many thanks in advance.
Muhammad Kamran.
The Real Person!
Author Paul Cunningham acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.
My guess would your firewall is not allowing SMTP traffic in and out between the internet and your Exchange server.
SMTP is out, POP is in. Two different ports.
Pingback: Exchange 2010 FAQ: Concerns Installing the First Exchange 2010 Server
Pingback: Email Fundamentals: What is an MX Record? « MidThought's