Thursday, September 15, 2011

Understanding MX records

What is an MX Record

MX stands for Mail Exchange Records. MX records are used in DNS records(or Zone files) to specify how email should be routed.
Lets take an example of say
This is how a typical DNS record(for looks like.

; Zone file for

@ 14400 IN SOA (
   600 ) 14400 IN NS 14400 IN NS 14400 IN NS

; A Record 14400 IN A 14400 IN A

; MX record 14400 IN MX 0 

mail 14400 IN CNAME
www 14400 IN CNAME
ftp 14400 IN CNAME

Notice the line with the “MX” in it. This is called the MX record. 14400 IN MX 0
The MX record shows that all emails @ should be routed to the mail server at The DNS record shows that is located at This means that email meant for will be routed to the email server at This finishes the task of the MX record. The email server on that server(say sendmail) then takes over, collects the email and then proceeds to distribute it to the user “liz”.
It is important that there be a dot(“.”) after the domain name in the MX record. If the dot is absent, it routes to “”. The number 0, indicates Preferance number. Mail is always routed to the server which has the lowest Preferance number. If there is only one mail server, it is safe to mark it 0.

Multiple mail servers

Multiple email servers are useful for the sake of redundancy. If the Highest Priority email server (one with the lowest Preference number) is down, then the email is routed to the Server with the second highest Preference number.
For example 14400 IN A 14400 IN A 14400 IN MX 0 14400 IN MX 30
You can have unlimited MX entries for Fallback.
If all the MX records are equal Preference numbers, the client simply attempts all equal Preference servers in random order, and then goes to MX record with the next highest Preference number.

Pointing MX records to an IP

Its not possible to have an MX record pointing directly to an IP. For example ‘ 14400 IN MX 0“ is wrong. Define an “A Record” first and then have the MX record pointing to it. 14400 IN A 14400 IN MX 30

MX records for Subdomains

A Subdomain is something like this “”. Assume you want to send an email to and to capture that on another server. 14400 IN A 14400 IN A 14400 IN MX 30 14400 IN MX 30
In this configuration, would go to and would go to

Testing the MX record

Once you setup your MX record, always test it to see if it is setup correctly. You can do with tools like nslookup.

[root@localhost sangeetha]# nslookup
> set q=mx
Server: Address:
Non-authoritative answer: mail exchanger = 1 mail exchanger = 1 mail exchanger = 1 mail exchanger = 5
Authoritative answers can be found from: nameserver = nameserver = nameserver = nameserver = nameserver = internet address = internet address = internet address = internet address = internet address = internet address = internet address = internet address = internet address =

How spammers read your MX

Spammers will typically target your lowest priority Email servers, in the hopes of encountering a poorly configured box. The Spam program reads the MX records, locates the Email server with the lowest Priority(highest Preference number) and attempts to spam with that server.
So it is important to equally update all your email servers with Antivirus and Antispam.