Email Fundamentals: What is an MX Record?
One of the less well understood components of a working email system is the MX record. I do find a lot of IT administrators looking after Exchange servers who don’t really understand what an MX record is and how they work.
DNS Fundamentals
MX stands for “mail exchanger”. An MX record is a type of DNS record, so any understanding of MX records has to begin with an understanding of the fundamentals of the Domain Name System (DNS).
The most important role of DNS for the majority of us is translating names into IP addresses so that network communications can occur.
For example, when you type www.microsoft.com into your web browser, DNS is used to look up that name to determine the IP address of the server to connect to. The domain name in this example is microsoft.com.
So if that is how a simple web browser connection is made, what about when somebody sends email to an @microsoft.com address?
Again DNS comes into play, but this time the look up is slightly different. The sending mail server will look up the MX record in DNS by following a sequence along these lines:
- Look up the authoritative name servers for microsoft.com
- Query the microsoft.com name servers for the MX records
- Look up the names of the MX records in DNS to get their IP addresses
If you were to run your own manual DNS lookup of the MX records for microsoft.com it would look something like this:
C:\>nslookup Default Server: UnKnown Address: 10.0.1.9 > set type=mx > microsoft.com Server: UnKnown Address: 10.0.1.9 Non-authoritative answer: microsoft.com MX preference = 10, mail exchanger = mail.messaging.microsoft.com mail.messaging.microsoft.com internet address = 94.245.120.86
So the IP address of the “mail exchanger” for microsoft.com is 94.245.120.86.
MX Preferences
You may notice the “MX preference” in the output above and wonder what that is referring to. To better explain it here is another DNS lookup for the google.com domain.
> google.com Server: UnKnown Address: 10.0.1.9 Non-authoritative answer: google.com MX preference = 30, mail exchanger = alt2.aspmx.l.google.com google.com MX preference = 50, mail exchanger = alt4.aspmx.l.google.com google.com MX preference = 40, mail exchanger = alt3.aspmx.l.google.com google.com MX preference = 20, mail exchanger = alt1.aspmx.l.google.com google.com MX preference = 10, mail exchanger = aspmx.l.google.com alt2.aspmx.l.google.com internet address = 74.125.115.27 alt1.aspmx.l.google.com internet address = 74.125.91.27 aspmx.l.google.com internet address = 74.125.157.27
Notice that there are multiple MX records each with a different preference value. The preference is basically a way of setting the priority of each MX record. The lowest preference is the MX with the highest priority, ie the one that a sending mail server should try first.
The purpose of multiple MX records is to either:
- Provide some load balancing by using multiple MX records with the same preference set
- Provide a backup MX that can be used if the primary one is unavailable
The backup MX may be another mail server in your organization at a secondary site that has less bandwidth available to it. Or it could be a server hosted by a third party that provides backup MX services. Either way the purpose is to give sending email systems somewhere to send messages rather than have to store them and retry later.
Where Should Your MX Records Point?
Once you understand what an MX record does you then need to consider where your MX record should actually be pointing. Here are a few real world examples of where to point your MX records.
If your organization receives email directly then your MX record would point to a public IP address for your firewall or internet-facing email server (eg Edge Transport server).
If your organization uses a hosted cloud service for email filtering, then your MX record would point to their IP address (or an array of IP addresses depending on which service you are using).
Those are just two examples. There are numerous different scenarios that exist such as hybrid cloud/direct combinations, ge0-distributed networks, and so on. However in my experience these are the two most common scenarios.
By now you should have a basic understanding of what an MX record is and how they work.