MX Record - Email Configuration
Direct your emails to the right servers with MX records.
The MX (Mail Exchanger) record is the pillar of your email infrastructure. It tells email servers worldwide which server to send emails destined for your domain to. Without a properly configured MX record, no email can reach you.
Unlike A records that handle web traffic, MX records exclusively handle email traffic. A domain can have its website on one server and its emails on another (Gmail, Office 365, dedicated email server). MX configuration enables this separation.
Monitoring MX records is critical for your professional communication continuity. An unauthorized change can redirect all your emails to a malicious server. MoniTao alerts you instantly if your MX records are modified.
What is an MX Record?
The MX record defines the servers responsible for receiving emails for a domain:
- Priority (Preference): Each MX record has a priority value. The lower the number, the higher the priority. The server with priority 10 will be contacted before one with 20.
- Target server: The MX record points to a domain name (not an IP). This domain must itself have an A or AAAA record.
- Redundancy: Multiple MX records with different priorities ensure redundancy. If the primary server is down, emails are sent to the secondary server.
- Retry time: If all MX servers are unavailable, the sending server retries for several days (usually 4-5 days) before giving up.
Why MX Records are Critical
Emails are often the lifeblood of businesses:
- Business communication: Emails are crucial for orders, customer support, contracts, and internal communication. An email interruption can paralyze a business.
- Security: Compromised emails can lead to theft of confidential information, targeted phishing, and identity theft. A hijacked MX is a catastrophe.
- Deliverability: Misconfigured MX records impact the deliverability of your own outgoing emails. Receiving servers often check that the sender has valid MX records.
- Compliance: Many regulations (GDPR, HIPAA) require email communication security. MX monitoring is part of due diligence.
How to Configure MX Records
Here's how to properly configure your MX records:
- Identify your email servers: Get the MX server addresses from your email provider (Gmail, Office 365, host, etc.). They usually provide a list with recommended priorities.
- Create the records: In your DNS manager, add an MX record for each server. Use @ or leave the hostname blank for the root domain.
- Set priorities: Assign priorities according to your provider's instructions. Typically: 10 for primary, 20 for secondary, etc.
- Verify propagation: Use dig MX example.com or online tools like MXToolbox to verify your MX records are properly configured and propagated.
MX Configuration Examples
Here are common MX configurations:
; Google Workspace configuration
example.com. IN MX 1 ASPMX.L.GOOGLE.COM.
example.com. IN MX 5 ALT1.ASPMX.L.GOOGLE.COM.
example.com. IN MX 5 ALT2.ASPMX.L.GOOGLE.COM.
example.com. IN MX 10 ALT3.ASPMX.L.GOOGLE.COM.
example.com. IN MX 10 ALT4.ASPMX.L.GOOGLE.COM.
; Microsoft 365 configuration
example.com. IN MX 0 example-com.mail.protection.outlook.com.
; Dedicated server with backup
example.com. IN MX 10 mail.example.com.
example.com. IN MX 20 backup-mail.example.com.
; Verification with dig
$ dig example.com MX +short
10 mail.example.com.
20 backup-mail.example.com.Note the trailing dot after domain names in the DNS zone. The lowest priority is tried first. Multiple servers with the same priority are used in round-robin.
MX Best Practices
Optimize your MX configuration:
- Always have a backup: Configure at least two MX records with different priorities. If your primary server goes down, the secondary takes over.
- Monitor with MoniTao: Configure a DNS monitor for your MX records. An unauthorized MX change is a security emergency.
- Configure SPF, DKIM, DMARC: MX alone isn't enough. Add SPF, DKIM, and DMARC to authenticate your emails and improve deliverability.
- Test regularly: Send test emails to your domain from external addresses. Verify emails arrive correctly.
Email Configuration Checklist
- MX records configured according to provider instructions
- At least one backup MX server configured
- Priorities correctly defined
- SPF configured to authorize your sending servers
- DKIM enabled for email signing
- MoniTao monitoring enabled for MX
Frequently Asked Questions - MX Records
Can I have an MX pointing to an IP address?
No, MX records must point to a domain name, not an IP. This domain name must then have an A (or AAAA) record that resolves to the email server's IP.
What does an MX priority of 0 mean?
Priority 0 is the highest possible priority. This server will always be contacted first. It's often used by Microsoft 365 which has only one MX record.
How long are emails retried if my MX servers are down?
Most email servers retry for 4-5 days (configurable). During this period, emails are queued. After this delay, they are returned to the sender with an error message.
Do subdomains inherit MX records from the parent domain?
No, MX records are not inherited. If you want to receive emails on subdomain.example.com, you must create specific MX records for that subdomain.
How does MX round-robin work?
If multiple MX servers have the same priority, sending servers randomly choose among them. This allows basic load balancing between equivalent servers.
My email stopped working after MX change, why?
Several possible causes: incomplete DNS propagation (wait 24-48h), MX record pointing to a domain without an A record, or misconfigured email server. Verify each step with dig and test send/receive.
Secure Your Email Infrastructure
MX records are the backbone of your email communications. Incorrect configuration or a malicious change can have disastrous consequences for your business: lost emails, intercepted communications, ruined email reputation.
Configure your MX records according to best practices, add redundancy, and monitor them continuously with MoniTao. Your email is too important to be left unmonitored.
Ready to Sleep Soundly?
Start free, no credit card required.