DNS/MX record assistance

Forums › IT Pro and developers › DNS/MX record assistance

xpd

Geek of Coastguard
14198 posts

Uber Geek
+1 received by user: 4666

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#311930 28-Feb-2024 09:53

I'm a bit light on DNS record knowledge (especially mail beyond standard SPF/MX setup), so would appreciate some direction here.... :)

Currently, MX records point to O365. But now a 3rd party (who knows our current setup) we use has asked we add some records inc 2 MX records that point to their servers with the same priority as our existing setup. (Along with matching SPF and DKIM records)

To my mind, this would then cause a conflict/confusion over who our primary mail goes out via as they will all have same priority ? And therefore trigger anti-spam measures at the receiving end ?

Will be poking our usual support team but they can take time to respond ;)

TIA

XPD / Gavin

LinkTree

evilonenz

/dev/urandom
294 posts

Ultimate Geek
+1 received by user: 154

ID Verified

Trusted

Lifetime subscriber

#3200728 28-Feb-2024 10:02

MX records dictate where the domains inbound email will be sent to. Adding MX records with the same priority can and will cause issues.

Smokeping

Referral Links:

Quic - Use code R536299EPGOCN at checkout for free setup
Contact Energy - Use code FRTQDXB for $100 credit

richms

29251 posts

Uber Geek
+1 received by user: 10361

Trusted

Lifetime subscriber

#3200738 28-Feb-2024 10:12

It will just mean that they get half of your emails sent to them. What is their reasoning for having MX? It used to be relevant to get around spam filtering a long time ago, but things have moved on to use the more appropriate records that you are also making.

Richard rich.ms

bagheera

545 posts

Ultimate Geek
+1 received by user: 190

#3200740 28-Feb-2024 10:16

the only time you would add mx record that is not o365 (if that is where your mail at) is if you have a 3rd party spam filter like smx, you would remove o365, add 3rd party, and the 3rd party forwards the email to O365 for users to read. Adding to SPF is different, if you say have any other mail server sending mail from their servers with your domain, then you would need to add them and O365 to your spf record and setup DKIM selector for that mail server (and your O365 now day due to GMAIL changes and if you want mail to get to gmail without going to spam)

CYaBro

4733 posts

Uber Geek
+1 received by user: 1195

ID Verified

Trusted

#3200743 28-Feb-2024 10:20

Yea don’t do that.
It will end up being random as to where incoming emails get sent.
Unless their MX records are for a subdomain, then it would be fine.

Opinions are my own and not the views of my employer.

networkn

Networkn
33024 posts

Uber Geek
+1 received by user: 15610

ID Verified

Trusted

Lifetime subscriber

#3200761 28-Feb-2024 11:18

Currently, MX records point to O365. But now a 3rd party (who knows our current setup) we use has asked we add some records inc 2 MX records that point to their servers with the same priority as our existing setup. (Along with matching SPF and DKIM records)

Absolutely not. The fact they would ask for that means they don't understand the technical side of the request.

A subdomain would be the way to approach this, or very reluctantly, forwarding email to specific addresses to another address

BlakJak

1341 posts

Uber Geek
+1 received by user: 750

Trusted

#3200762 28-Feb-2024 11:26

What are they wanting to do ?

If they want to send email 'as you' then you would declare them in your SPF, etc.

MX records tell the world where to send your email; you presumably don't want your email being sent to them.

So back to the question - what're they wanting to do?

If you're subscribing to a cloud service that needs to send you email, my usual approach would be to define a subdomain just for them, put in the DNS records they require (but just on that subdomain) and then you can create inbound 'trust' rules linked to that subdomain to give them allowlist entries (so they don't get blocked as spam etc).

No signature to see here, move along...