MX records (Mail Exchange records) are a type of DNS (Domain Name System) record that identifies which mail server is responsible for accepting incoming email messages on behalf of a domain. In other words, MX records provide the information needed for email to be delivered to the correct email server.
Without an MX record, email servers would have no way of knowing where to route email messages and email messages will not be able to reach the intended recipients. Therefore, it is important to have a properly configured MX record in place.
Example of an MX record:
domain: | TTL | class: | type: | priority: | host: |
---|---|---|---|---|---|
example.com | 3600 | IN | MX | 10 | onemailhost.example.com |
example.com | 3600 | IN | MX | 20 | twomailhost.example.com |
The 'priority' for these MX records indicates preference; the lower the 'priority' number value, the higher its preference in comparison to the other listed MX records. In this case, the server will always try 'onemailhost.example.com' first because 10 is lower than 20. In the result of a message send failure, the server will default to 'twomailhost.example.com'. An organization could also configure their MX records so that both servers have equal priority and receive an equal amount of mail by setting both MX records with a priority of '10'.
When an email is sent from one email server to another, the sending email server will query the DNS system to determine the MX records for the recipient's domain. The MX record will then provide the IP address of the mail server that is responsible for receiving the email. The sending email server will then attempt to connect to the IP address provided by the MX record and deliver the email message.
To find your MX record, you can use a DNS lookup tool or command-line tool such as dig or 'nslookup'. Simply enter your domain name and query for the MX record. The result will display the hostname of the mail server(s) responsible for receiving email for your domain, along with their priority values.
The process of setting up and configuring your MX records depends on your email and web domain hosts. Typically, the process would include the following steps:
Determine the mail server you want to use: You will need to decide which mail server you want to use to handle your email. This could be a third-party service such as Google Workspace or Microsoft 365, or a mail server that you have set up yourself.
Log in to your domain registrar or DNS hosting provider: You will need to log in to the control panel for your domain registrar or DNS hosting provider in order to configure your MX record. (If you are not sure how to do this, contact your provider for assistance.)
Locate the DNS settings for your domain: Once you have logged in to your control panel, you will need to locate the DNS settings for your domain. This may be labeled as "DNS settings", "DNS management", "Zone file", or something similar.
Add the MX record: In the DNS settings for your domain, you will need to add an MX record. This record should specify the hostname of the mail server you want to use, along with a priority value.
Save the changes: Once you have added the MX record, be sure to save the changes to your DNS settings.
Verify the MX record: After saving the changes, it is a good idea to verify that the MX record has been set up correctly. You can use a DNS lookup tool or command-line tool such as dig or 'nslookup' to query for your MX record and verify that it is correct.
Wait for propagation: It may take some time for the changes to your MX record to propagate throughout the DNS system. This can take anywhere from a few minutes to several hours, depending on the TTL (time-to-live) value specified for the record.
Setting up and configuring an MX record involves adding a DNS record that specifies the hostname and priority of the mail server responsible for handling email for your domain. This can typically be done through your domain registrar or DNS hosting provider's control panel. It is important to ensure that the MX record is set up correctly in order to avoid issues with email delivery.
Email security solutions can interact with MX records in several ways in an effort to protect against spam, viruses, and other email-borne threats. Here are a few examples:
MX record validation: Some email security solutions will validate the MX record for incoming email messages to ensure that they are being sent from a legitimate mail server. If the MX record is not valid, the email may be flagged as suspicious or rejected outright.
MX record filtering: Email security solutions can use the MX record to filter incoming email messages based on the reputation of the sending mail server. For example, if the MX record specifies a mail server with a poor reputation for spamming, incoming email messages from that server may be flagged as spam or rejected.
MX record fallback: If an email security solution is unable to deliver an email message to the primary mail server specified in the MX record, it may try one or more fallback mail servers specified in the record. This can help ensure that email messages are delivered even if the primary mail server is unavailable.
MX record customization: Some email security solutions allow you to customize your MX record settings to specify which mail servers should be used for incoming email messages. This can help you to configure your email security solution to work seamlessly with your existing email infrastructure.
In order for secure email gateways (SEG) to perform any of these actions, an organization must reconfigure its MX records and redirect its incoming mail traffic to first through the SEG before routing it to the mail server. Making these record changes can be disruptive and risky to mail delivery. Most importantly and concerning, it makes the SEG a single point of failure for an organization's email flow.
As an Integrated Cloud Email Security Solution (ICES), IRONSCALES provides advanced mailbox-level protection via an API designed to integrate with an organization's cloud email provider, such as Microsoft 365 or Google Workspace. Much like a SEG, an ICES can still perform useful security actions related to MX records to protect organizations, but in a critically different way. One of the key advantages of ICES is that it interacts with MX records for security purposes this without requiring any adjustments to the MX record itself.
Instead, ICES operates independently of the MX record, sitting between the incoming email messages and the organization's cloud email provider. This allows IRONSCALES to detect and remediate threats instantly upon delivery, before an end user ever sees it. This includes detecting and blocking spam, phishing, malware, social engineering, and other types of email-based threats.
Additionally, because of its direct connection to the mail service versus sitting "upstream" in the flow of mail delivery via the MX record like a SEG, an ICES can provide continuous inbox-level protection. This can be critical in the case of time-delayed attacks that take previously safe links and weaponize them against end users. This means that even if an email message is delivered successfully and later determined to be malicious, ICES can take action to quarantine or delete the message to prevent future breaches.
In summary, ICES provides advanced mailbox-level protection to an organization's cloud email provider service without requiring any adjustments to the existing MX record and disrupting the delivery of email.
Learn more about IRONSCALES advanced email protection here or get a demo today.