MX Record in DNS Explained with Example Configurations
Emails has become such an important part of our lives, that an employee(no matter what field of work he is into) normally spends about 30 percent of his time, solely for reading/sending emails. At times I have felt checking emails too frequently does affect productivity(probably because it does divert you from the current task at hand). Another interesting thing about this email is the fact that only half of them are important to the person receiving it.
A whopping estimate of 155 billion emails are sent on a daily basis. That’s an enormous amount of messages exchanged daily(i believe 70 percent or more are spam or unwanted advertising emails).
The reason am talking about these statistics about email is because of the topic that we will be discussing in this article.
We will be discussing about one of the important underlying technology (when I say underlying technology, do not have the impression that this underlying thing is only used for emails. I must say one major component of an important technology that enables email to work the way it is required to )that each one of us uses knowingly or unknowingly while sending and receiving emails. We will be discussing about MX Records in this tutorial.
Before getting inside the details of configuration, let’s get an understanding of what happens, when you send an Email to somebody.
The underlying technology (I must say one of the underlying technology), that enables email, or internet for that matter is DNS. DNS sits at the heart of the internet. My understanding is that, if you know DNS and its components in full detail, you will get an idea of how internet is working. How your computer reaches your required destination.
If you are new to DNS and its working, i would recommend reading the below posts, to get an idea to get started. The below articles does not contain the full details of DNS, but yeah it will surely shed some light around the concept, if you are new to DNS (or system administration in general)
Read: DNS and its working
Read: DNS Root Servers
If you are a system administrator, and looking for configuration details about DNS zone file in BIND. Or interested in understanding the zone file and its contents, then the below post can shed some light.
So let's get back to our topic, of what happens when you send an email to somebody...
SMTP(Simple Mail Transfer Protocol) is the protocol that governs all mail servers over the internet. So if you want to send an email to somebody, you need to talk to that person’s SMTP server(Basically your domain's SMTP server will talk with the receivers SMTP server while sending an email). Below mentioned are typically the steps that happen while sending an EMAIL.
Step1:You compose a message using an Email client of your interest. An email client can be an application installed on your computer like MS Outlook, Mozilla Thunderbird, or a web based email client like gmail.com, yahoomail etc(when i say web based mail clients, all those websites, which you open using your web browser, to receive and send emails). An email client is sometimes called as a MUA(Mail User Agent). You will often encounter this term, when discussing about e-mails.
If you are using an application like thunderbird or outlook, you might already know the fact that you need to provide the below things to configure it, so that you can send and receive emails.
- Your SMTP server and port (This is used for sending email)
- Your IMAP(Internet Mail Application Protocol)/POP(Post Office Protocol) server and port (with username and password. This is used for receiving emails)
Step2: After you have composed your email with the help of your preferred Email Client, the email client will connect to your SMTP server (the configuration that you have provided, while configuring your email client). Say for example, your SMTP server is mail.example.com. Once your email client has connected to mail.example.com SMTP server, it will forward the message you have just composed to the server.
All SMTP server's (No matter which), understands a certain set of commands, while sending an email. So when your mail client forwards the message to your SMTP server, it will give the entire message you composed, with the help of those well defined commands.
An SMTP server is also called as MTA - Mail Transfer Agent (because its the component, which does the job of taking your messages and transferring it to your required recipients SMTP server). An MTA or SMTP server runs on the default port of 25. So what your email client basically does is to connect to this 25 port on your SMTP server, and run the well defined set of commands to send an Email.
Step 3: Now your SMTP server (To which your email client is connected and forwarded your message), will try to lookup and find the receivers SMTP server. This lookup is done using a DNS query. Similar to what happens, when you type a url on to your web browser(the browser will send a DNS request to resolve the name you typed into an IP address ), the SMTP server will do a DNS query for getting the SMTP server of your receiver.
Say for example you are sending an email to firstname.lastname@example.org. In that case your SMTP server will try to find the SMTP server responsible for the domain, example.com and hand over the message for the user x.
This DNS lookup done by your SMTP server, to find the receivers SMTP server, and how the DNS server for the target domain replies (and how is it configured) to the query is our main topic of interest in this tutorial. The DNS record type that the SMTP server looks for is called as MX records.
Once your SMTP server finds the target receivers SMTP server, using an MX record lookup, it will forward the message to that server (through the internet ). Then the SMTP server will forward the message to POP or IMAP server responsible for the domain (so that the intended user can connect to the POP/IMAP server and fetch the message.)
As said earlier, we will not be discussing SMTP, POP, IMAP in detail, as this article is more targeted towards MX records.
What is MX record in DNS?
From the discussion we had above, you might have already got an idea of what MX record actually is. The Domain Name System(DNS) has several types of resource records that full fill the name to ip address translation(Directly or indirectly). The most commonly used resource record are mentioned below.
- A Record (Ip address)
- CNAME Record(Canonical Name for a name.). Refer: CNAME records in DNS and its use
- NS Record (Used to specify the DNS server responsible for the domain)
- PTR Record (Used for Reverse Lookup)
Similar to the above mentioned resource records in DNS, MX records are used to specify the mail server for a specific domain.
In simple language, an MX record should return the fully qualified domain name of an email server and its preference value (we will be discussing more about this preference value in some time.).
So before we go ahead and see this in detail, please keep the below two things in mind.
- MX records does not give the capability to change port numbers for your mail server (It will only give the name of your mail server, so that the sending MTA SMTP server can establish a connection to it, in the default port number 25)
- MX records does not provide the capability distribute traffic to a number of mail servers in a weighted fashion. It only provides priority of mail servers that should be tried while sending an email to the domain. Which means the order in which the sending MTA should try connecting.
During our configuration examples, we will be using BIND (One of the highly used DNS server out there) configuration file. Do not get confused with the configurations you have already seen somewhere else, because BIND zone file offers too many shortcuts (it provides multiple methods and shortcuts to achieve the same result).
MX record in DNS zone file is an optional resource record. Which means, if you do not provide email services for your domain, you can omit this record altogether. Its an optional resource record and not compulsory.
$TTL 1h $ORIGIN example.com. @ IN SOA ns1.example.com. admin.example.com. ( 2014062401 12h 15m 2w 2h ) IN NS ns1.example.com. 1w IN MX 10 mail.example.com. ns1 IN A 10.0.0.23 mail IN A 10.0.0.24 www IN A 10.0.0.27
As i mentioned earlier, if you are new to DNS the above zone file contents might be confusing. So before going ahead i would recommend reading the below tutorial for getting a basic idea about zone files.
Now the MX record in the above shown zone file for example.com domain looks something like the below.
1w IN MX 10 mail.example.com.
The format is ttl class rr preference name
1w: TTL for our MX record. Which means any SMTP server or any DNS client, who caches the output should only cache it till one week. After this cache expiry of 1 week, the DNS client should re-fetch it again from the DNS server of the domain. If you do not give this ttl value (which can be anything like 300, 1h, 2h, 1w, 2w etc etc ), our MX record will take the default ttl value of 1h (which is mentioned at the beginning of our example zone file. )
Any resource record, no matter what, which does not have its own TTL value in the beginning, will take the default TTL value of the zone file(Typically mentioned in the beginning of the zone file. ).
MX: The type of our resource record. As we are specifying the mail server for our domain (example.com) we will be using MX here (because its an MX record).
10: Preference value for this MX record. A lower number means high preference.
mail.example.com.: FQDN of our mail server. This FQDN should have an A record, in the zone file (if its part of the same zone). This is the reason we have an A record, for mail.example.com inside our example.com zone file shown above. If its not part of the same zone (for example, you have given your mail server as something like mail.example.net or mail.anything.com), then that name should be resolvable to an IP address (A record) externally.
Let's now see another example of zone file, with MX record.
$TTL 1h $ORIGIN example.com. @ IN SOA ns1.example.com. admin.example.com. ( 2014062401 12h 15m 2w 2h ) IN NS ns1.example.com. 1w IN MX 10 mail.example.com. IN MX 20 mail2.example.net. ns1 IN A 10.0.0.23 mail IN A 10.0.0.24 www IN A 10.0.0.27
Our MX records for the domain example.com in the above shown example are as below.
1w IN MX 10 mail.example.com. IN MX 20 mail2.example.net.
So we now have two mail servers that will be responsible for receiving mails for the domain example.com(mail.example.com & mail2.example.net). mail.example.com is part of our domain example.com. However mail2.example.net is not part of our zone (its part of example.net). Hence we do not have an A record for mail2 inside our zone file.
If our second MX record was something like mail2.example.com, then we need to have an A record for mail2 host (otherwise how will it resolve to an IP address)
In the above shown example, mail.example.com has the preference number of 10 and mail2.example.net has got the preference number of 20. This means all SMTP servers sending mail to our example.com domain, will first try connecting to mail.example.com (as it has lower preference number), and if it does not succeed in connecting to it, it will then try mail2.example.net(as it has a high preference number). keep in mind..Lower preference number means high priority, and higher preference number means lower priority.
Preference Number in MX record
The most important thing to remember about the MX record preference number is that...
Preference number can have any value between 0 to 65535
Pick any book about DNS, and you will see the values in multiples of 10. like 10 for higher priority, then 20 for lower, and 30 for further lower priority, and so on. Why is this convention followed?
The primary reason for having the higher priority mail server with a priority of 10 is because, at a later point, you can add another server inside your DNS zone file with a value lower than 10 (like 8, 9 or anything). This enables you to modify your high priority mail server yet again, if something happens to the earlier one. All this can be done without touching any other MX record. Means simply go and add another MX record with a new mail server with preference number of 9 (leave other records untouched).
This is the only reasonable argument, for the convention of having MX record priority numbers starting from 10.
Mail server load balancing using MX records
We did see that lower priority number means higher preference. Now what if two MX records have the same priority number of 10. In that case, both are given the same preference, but it will depend on the client SMTP server.
All major SMTP servers like Sendmail, Postfix will do a random selection between the MX records with same preference number. An example of such a zone file is shown below.
$TTL 1h $ORIGIN example.com. @ IN SOA ns1.example.com. admin.example.com. ( 2014062401 12h 15m 2w 2h ) IN NS ns1.example.com. 1w IN MX 10 mail.example.com. IN MX 10 mail2.example.net. ns1 IN A 10.0.0.23 mail IN A 10.0.0.24 mail2 IN A 10.0.0.29 www IN A 10.0.0.27
Another technique that you can do with DNS to load balance your mail server is to have multiple servers with different IP addresses, accepting mails for the domain. Say for example, you have two mail servers 10.0.0.33 and 10.0.0.34, which both can accept mails for example.com domain.
Now configure your DNS and MX record as shown below for load balancing between them.
$TTL 1h $ORIGIN example.com. @ IN SOA ns1.example.com. admin.example.com. ( 2014062401 12h 15m 2w 2h ) IN NS ns1.example.com. 1w IN MX 10 mail.example.com. ns1 IN A 10.0.0.23 mail IN A 10.0.0.33 mail IN A 10.0.0.34 www IN A 10.0.0.27
In the above shown example, we have only one MX record with the preference number of 10. But we have two physical servers, which both will resolve to mail.example.com.
This will work on simple DNS round robin load balancing.
We saw that the SMTP server will try the second priority mail server (reported by MX record for the receivers domain), if connection to the primary was not successful. However this entirely depends upon the SMTP server the sender is using. For example, some SMTP servers will try the lower priority MX record, only when the higher priority mail server is not reachable at all.
Some Important Things to keep in mind about MX records in DNS
- The preference number in DNS MX record will only come into picture if you have more than one MX record. Otherwise the single MX record, with any preference number will be preferred
- The preference number for MX record can have the minimum value of 0 to 65535
- If your mail host (the FQDN you have added as an MX record) is inside your zone(say for example, you zone is example.com and your mail MX record is mailserver.example.com). Then you must have an A record for your mail host.
- Your MX record should never point to a CNAME.