Email routing for your domain is determined by a single DNS record that tells the internet where to deliver mail for your domain name.
Let’s see this in action. Imagine you’re sending an email from sender@example.com to recipient@yourdomain.com. Your mail server, when it sees the @yourdomain.com part, doesn’t know where to send it. So, it queries DNS for yourdomain.com’s Mail eXchanger (MX) records.
Here’s what a typical MX lookup might return:
$ dig yourdomain.com MX
;; ANSWER SECTION:
yourdomain.com. 3600 IN MX 10 mail.yourdomain.com.
yourdomain.com. 3600 IN MX 20 backupmail.yourdomain.com.
This output tells us a few critical things:
yourdomain.com.: This is the domain we’re querying.3600: This is the Time To Live (TTL) for the record, meaning DNS servers will cache this information for 3600 seconds (1 hour) before re-querying.IN: This signifies the Internet class of the record.MX: This explicitly states it’s a Mail eXchanger record.10and20: These are the preference values. Lower numbers mean higher preference. So,mail.yourdomain.comis the primary mail server, andbackupmail.yourdomain.comis a secondary, to be used if the primary is unavailable.mail.yourdomain.com.andbackupmail.yourdomain.com.: These are the actual hostnames of the mail servers responsible for receiving mail foryourdomain.com.
When your sending server queries for MX records, it gets a list, sorted by preference. It will first try to connect to the server with the lowest preference value (10). If that server doesn’t respond after a certain timeout, it will then try the next one in the list (20). This provides redundancy and ensures mail delivery even if your primary mail server is temporarily down.
The Core Problem MX Records Solve
Without MX records, there’s no standardized way for a mail server to know which server is responsible for receiving mail for a given domain. It’s like trying to send a letter without knowing the recipient’s street address – you know the city (the domain name), but not the specific building (the mail server).
Internal Mechanics: How it Really Works
When a mail server (let’s call it sender.com’s mail server) needs to deliver an email to recipient@yourdomain.com, it performs a DNS query for yourdomain.com’s MX records. The DNS system (a distributed database) responds with the list of MX records. The sending mail server then iterates through this list, attempting to establish an SMTP (Simple Mail Transfer Protocol) connection to the listed mail servers, starting with the lowest preference number. If a connection is successful, it proceeds with the mail transfer. If it fails after several retries and exhausting all preference levels, the email is typically queued for later retry or returned as undeliverable.
Configuration Levers: What You Control
- Hostnames of Mail Servers: You define the fully qualified domain names (FQDNs) of the servers that will accept mail for your domain. These must be resolvable A (or AAAA for IPv6) records themselves. For example, if your MX record points to
mail.yourdomain.com, there must be an A record formail.yourdomain.comthat resolves to an IP address. - Preference Values: You assign numerical priorities to your mail servers. Lower numbers are higher priorities. This dictates the order in which mail servers will attempt delivery.
- TTL (Time To Live): This determines how long DNS resolvers cache your MX records. A lower TTL means changes propagate faster but can increase DNS query load. A higher TTL reduces load but means changes take longer to become effective across the internet.
The "Gotcha" Nobody Tells You
Many people configure their MX records to point directly to their mail server’s hostname (e.g., mail.yourdomain.com). However, the standard specifies that the MX record should point to a hostname, and that hostname must have an A record pointing to an IP address. Some older or less compliant mail servers might try to connect directly to the domain name itself if it’s also an A record, but this is not robust. Always ensure your MX record points to a hostname that has a corresponding A (or AAAA) record.
The next step after ensuring mail delivery is understanding how to secure that delivery using DNS records like SPF, DKIM, and DMARC.