Someone please explain mx records to me..

M76

[H]F Junkie
Joined
Jun 12, 2012
Messages
13,042
I'm at a loss here. I was googling all over the place but couldn't find a clear explanation of how mx records work and their purpose. And most importantly how do you set up an mx record, who is supposed to serve it and how?

Thanks
 

tedych

Limp Gawd
Joined
Jan 18, 2013
Messages
372
MX is just a pointer to an A record. The A record gives you the IP (or redirects you through CNAME to a record with IP).
When mail is sent to, say, info@mydomain.com, the mail agent (email program or web mail server software) consults DNS by requesting the MX for mydomain.com. It receives, say, as a result mail.mydomain.com.
Then the mail agent asks DNS for the IP address of "mail.mydomain.com" ("A" record). The IP is used to contact the receiving mail server at port 25 (for example) to send the mail message.
The MX is just like A records, or TXT records, for a domain (in this case "mydomain.com"). Whoever is serving for mydomain.com, contains the MX.

All this is just basically speaking.
 

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
you set up an MX record with whoever's doing your DNS, specifically, whoever your nameservers are with...

i would probably start with your registrar, a lot of times they'll provide nameservers for you with their registration services... for joe shmoe with his joeshmoe.com domain, this is usually fine
 

FNtastic

[H]ard|Gawd
Joined
Jul 6, 2013
Messages
1,419
MX record is not just a pointer to an A record in all cases. You set your MX however your hosting company or email provider tells you. They will give you the appropriate IP address to input into your nameservers. Nameservers are just servers that hold records between domain names and their corresponding IP addresses. Like a phone book for the internet.
Your A record and MX records could point to two different places. Which is why it's important to get the information from wherever you plan to have your emails go to/from. For example, you host at inmotion hosting for your website, but you choose to pay for Google apps email.
More information for you than I could ever possibly explain: https://www.inmotionhosting.com/support/edu/cpanel/cpanel-email/modfying-mx-records
 

tedych

Limp Gawd
Joined
Jan 18, 2013
Messages
372
MX is always a record that points to another record where you can get the IP. And to correct myself, not a CNAME.
Of course the MX doesn't have to point to a subdomain of the own domain name. Also it can point to some own subdomain but its A record IP could be anything beyond own domain IP servers.
For Google's custom domain mail service (which coyld handle any domain's mail services) for example one MX record will contain "aspmx2.googlemail.com" .
If I send mail to info @ mydomain.com, the email program will see this from the MX record for mydomain.com and get the IP of google's aspmx2.googlemail.com to contact to.
Of course there is the concept for MX preference where multiple MX records could exist with different preference numbers where the mail agent will first pick the one with lowest number to try to send email to.
 

mwarps

Supreme [H]ardness
Joined
Oct 6, 2002
Messages
7,065
An MX record is a "mail exchanger" record - you can have more than one of them, and many domains do.

In most cases, your registrar will be your DNS provider as well. You'll make your changes with them.

MX Record syntax consists of a priority and a target. The lower the priority, the more preferred the entry.

e.g.

example.com. IN MX 0 mail.example.com.

The record data is "0 mail.example.com."

Note that per RFC, the target cannot be an IP address, and it cannot be a CNAME record.
The target must be an A record.
 

M76

[H]F Junkie
Joined
Jun 12, 2012
Messages
13,042
Thanks for the answers. Well I can't say I'm closer to understanding it.

My problem is basically that I run my own email server for personal use, because I don't trust gmail and such. And any email provided by my ISP is only temporary.

This is all fine and dandy, but I don't have a fix IP address, because the ISP only offers that to business clients, not to regular peasant users. For this I have dyndns subscription and when my IP changes the address changes. I don't have my own domain registered, I use one of dyndns's subdomains. I don't even know if a registered domain would work with dynamic ip address.

My email works for about 99.9% of senders, but there are those .1% who refuse to send to or accept email from me, because they claim my address is incorrect.

And when entering my email address into an online email verify service they say my address is bad because there is no MX record.

That's all I know, and I have no idea how to get out of this conundrum without having to change my email address. I've been using it for over 10 years, therefore I have lots of services and site registrations tied to it. Changing it would be a pain. If there is no solution I'll just going to continue ignoring the issue.
 

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
Thanks for the answers. Well I can't say I'm closer to understanding it.

My problem is basically that I run my own email server for personal use, because I don't trust gmail and such. And any email provided by my ISP is only temporary.

This is all fine and dandy, but I don't have a fix IP address, because the ISP only offers that to business clients, not to regular peasant users. For this I have dyndns subscription and when my IP changes the address changes. I don't have my own domain registered, I use one of dyndns's subdomains. I don't even know if a registered domain would work with dynamic ip address.

My email works for about 99.9% of senders, but there are those .1% who refuse to send to or accept email from me, because they claim my address is incorrect.

And when entering my email address into an online email verify service they say my address is bad because there is no MX record.

That's all I know, and I have no idea how to get out of this conundrum without having to change my email address. I've been using it for over 10 years, therefore I have lots of services and site registrations tied to it. Changing it would be a pain. If there is no solution I'll just going to continue ignoring the issue.

Running a mail server is not for amateurs. It's a fun project, but you'll run into problems much larger than this. Why not use Protonmail, it's free.

I'm willing to bet a huge percentage of people you send mail to mark you as a spammer. You kind of sound like a crazy person if I'm being totally honest.
 

M76

[H]F Junkie
Joined
Jun 12, 2012
Messages
13,042
Running a mail server is not for amateurs. It's a fun project, but you'll run into problems much larger than this. Why not use Protonmail, it's free.

I'm willing to bet a huge percentage of people you send mail to mark you as a spammer. You kind of sound like a crazy person if I'm being totally honest.
As I've said I've been running it for over 10 years and counting. What is crazy is giving your life to a stranger who says they'll handle it for free. Because let's be honest your email is basically your life. Every receipt every order you ever placed, every confirmation every cancellation of subscriptions, all goes in there.
 
D

Deleted member 82943

Guest
Can I just say the lack of the “RTFM ASSHOLE” responses is awesome. Kudos to you guys. I learned something too. I didn’t know the MX A record relationship.
 

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
As I've said I've been running it for over 10 years and counting. What is crazy is giving your life to a stranger who says they'll handle it for free. Because let's be honest your email is basically your life. Every receipt every order you ever placed, every confirmation every cancellation of subscriptions, all goes in there.

I think this is probably a great topic for discussion. I can think of a lot of bad things that can happen to someone like yourself that is attempting to DIY this sort of thing.

For one thing, how are you handling SPAM filtering? Are you doing domain validation? How are you gauranteeing that the email that people are sending is really from them?

Have you looked into the security of your DYN updating methods? How easy would it be for someone to hijack your domain and intercept your emails. A private static IP is an absolute bare minimum for running your own mail service successfully.
 

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
Can I just say the lack of the “RTFM ASSHOLE” responses is awesome. Kudos to you guys. I learned something too. I didn’t know the MX A record relationship.
An amazing amount of restraint shown here, agree with you 100%
 

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
It's a matter of weighing the risks. You are at much higher risk right now on the path you're currently on. Higher risk than you likely realize.
 

M76

[H]F Junkie
Joined
Jun 12, 2012
Messages
13,042
I think this is probably a great topic for discussion. I can think of a lot of bad things that can happen to someone like yourself that is attempting to DIY this sort of thing.

For one thing, how are you handling SPAM filtering? Are you doing domain validation? How are you gauranteeing that the email that people are sending is really from them?

Have you looked into the security of your DYN updating methods? How easy would it be for someone to hijack your domain and intercept your emails. A private static IP is an absolute bare minimum for running your own mail service successfully.
You seem hell bent to ignore the fact which I already mentioned twice: I've been doing it for over 10 years. To hijack my emails they don't just need to get my login details and account information, they need to set up their own email server to receive my mail. And even then they only get access to messages that are sent in the period while they're in control of my account.

While if I use a regular mail provider and they get my login credentials for that they basically get access to all my messages, even those sent previously. And my contact list on top of that. Without any additional effort. So it seems to me, this is not less secure but more secure.

And no matter how hard you are trying to convince the word that I'm crazy I'm not completely stupid. Spoofed senders and numeric domains are automatically rejected, among other security measures. (Like open relay detection)

the ip updating is done over https, with a separate password that is not usable to hijack my dyn account.
 
Last edited:

NGX

Gawd
Joined
Oct 6, 2006
Messages
563
Soo... while there are some good point beings made here, and I agree that you will want to look into these if you're serious about your security, here's some info about your question:

You can use your own domain with dyndns, with proper configuration you can setup a subdomain for use as an MX record. The MX record will then be what is updated by dyndns.

Take a look at these posts for some information:
https://www.dyncommunity.com/questions/35192/can-i-use-my-personal-domain-with-ddns.html
https://www.dyncommunity.com/questions/39609/using-your-own-domain-name-with-dynamic-dns.html
 
Top