DNS MX Records Explained: How to Configure, Check, and Troubleshoot Them
by
Last Updated: Reading Time: 8 min
Key Takeaways
- A DNS MX record directs email to the appropriate mail server for a domain. Without MX records, email delivery fails or defaults to the domain’s main IP address, which is unreliable.
- MX records use priority values to determine the order in which mail servers are contacted. The lower the priority value, the higher its preference for email delivery.
- Multiple MX records can be configured for a domain to provide redundancy and load balancing, ensuring email still reaches its intended recipients if a primary server goes down.
- MX records must point directly to a server’s A record or AAAA record, not to a CNAME record. Misconfigured records can cause delivery failures, bounce-backs, and security vulnerabilities.
- Regularly reviewing your domain’s MX records helps maintain an efficient and reliable email system, and security filters verify records alongside SPF, DKIM, and DMARC to prevent spam and spoofing.
Every email you send or receive depends on a DNS record most people never think about.
DNS MX records are the invisible routing system behind email delivery, telling the internet exactly which mail servers are responsible for accepting messages on behalf of your domain.
Get them right, and email flows seamlessly. Get them wrong, and messages bounce, disappear, or never arrive at all. Despite being one of the most critical components of your email infrastructure, MX records are often misconfigured, outdated, or overlooked entirely.
This guide explains what DNS MX records are, how they work, how to configure and troubleshoot them, and why keeping them properly maintained is essential for reliable email delivery and domain security.
What is a DNS MX Record?
A DNS MX record, or mail exchanger record, is a type of DNS record that directs email to the appropriate mail server for a domain.
When someone sends an email to your domain, the MX record tells the sending server where to deliver that message. Without MX records, the sending server has no way to identify which mail server handles your email, and the message either fails to deliver or is treated as spam.
The structure of an MX record
Every MX record contains several key components that the DNS server uses to process email routing requests:
- Type identifies the record as an MX record
- Host name specifies the domain the record applies to (e.g., example.com)
- Mail server address (also called the “points to” value) identifies the mail server responsible for receiving email for that domain
- Priority value is a number that determines the preferred order in which mail servers should be contacted
- TTL (time to live) defines how long the record is cached by DNS servers before a fresh lookup is required
For example, a basic MX record might look like this:
| Type | Host | Mail Server | Priority | TTL |
|---|---|---|---|---|
| MX | example.com | mail.example.com | 10 | 3600 |
This record tells any server sending email to example.com that it should deliver the message to mail.example.com, with a priority of 10 and a cache duration of one hour.
How MX Records Work
Understanding the technical process of how MX records route email helps IT administrators troubleshoot delivery issues and optimize email infrastructure. Here’s the step-by-step process:
- Email Initiation: When a user sends an email to [email protected], their mail server needs to find where to deliver it.
- DNS Query: The sending mail server queries DNS for MX records associated with example.com.
- Priority Selection: DNS returns all MX records with their priority values. The server selects the record with the lowest priority number (highest priority).
- Connection Attempt: The mail server attempts to connect to the primary mail server specified in the MX record.
- Failover Handling: If the primary server is unavailable, the system automatically tries the next highest priority MX record, ensuring email delivery continuity.
This automated failover mechanism is crucial for business continuity, especially for organizations that cannot afford email downtime.
Don’t let MX misconfigurations break your email
MX Records vs. Other DNS Records
MX records work alongside other DNS records to ensure email services function correctly, but each record type serves a distinct purpose within the domain name system. The table below breaks down how they compare and how they relate to MX records.
| Record Type | Purpose | Example | Relationship to MX Records |
|---|---|---|---|
| MX | Directs incoming email traffic to the correct mail server for a domain | example.com > mail.example.com (priority 10) | Core record for email routing. Without it, email delivery fails. |
| A | Maps a hostname to an IPv4 address | mail.example.com > 192.0.2.1 | MX records must resolve to an A record so the sending server can locate the mail server's IP address. |
| AAAA | Maps a hostname to an IPv6 address | mail.example.com > 2001:db8::1 | Functions the same as an A record but for IPv6. MX records can resolve through either A or AAAA records. |
| CNAME | Creates an alias pointing one domain to another | webmail.example.com > mail.example.com | MX records must never point to a CNAME. Doing so can break email delivery because some mail servers refuse to follow the additional redirect. |
| TXT | Stores text-based information such as SPF, DKIM, and DMARC policies | v=spf1 include:_spf.google.com ~all | Works alongside MX records to authenticate email and prevent spoofing. Misalignment between TXT and MX records can trigger spam filters. |
| PTR | Maps an IP address back to a hostname (reverse DNS) | 192.0.2.1 > mail.example.com | Receiving servers often check that the mail server's IP has a PTR record matching the hostname in the MX record. A mismatch can cause delivery issues. |
How to Configure DNS MX Records
Setting up MX records correctly is essential for reliable email delivery. The process is straightforward, but even small mistakes can cause delivery failures. Here’s how to configure MX records for your domain.
Step 1: Get your mail server details from your email provider
Before touching your DNS settings, you need the MX record information provided by your email host. Every email provider supplies specific hostnames and priority values that must be entered exactly as given. For example:
Microsoft 365 MX record:
| Priority | Mail Server |
|---|---|
| 0 | yourdomain-com.mail.protection.outlook.com |
Google Workspace MX records:
| Priority | Mail Server |
|---|---|
| 1 | ASPMX.L.GOOGLE.COM |
| 5 | ALT1.ASPMX.L.GOOGLE.COM |
| 5 | ALT2.ASPMX.L.GOOGLE.COM |
| 10 | ALT3.ASPMX.L.GOOGLE.COM |
| 10 | ALT4.ASPMX.L.GOOGLE.COM |
Your provider’s documentation will include the exact values you need. Use them as provided without modification.
Step 2: Access your domain registrar’s DNS settings
Log in to the account where your domain is registered, whether that’s your domain registrar directly or a DNS hosting provider. Navigate to the DNS management section and locate the area where you can add or edit DNS records for your domain.
Step 3: Create or update your MX records
To create an MX record, you need to specify the type as MX, set a TTL, and provide the mail server’s address along with its priority. For each MX record entry:
- Set the record type to MX
- Enter the host name (typically “@” or your domain name for the root domain)
- Enter the mail server address exactly as provided by your email host
- Set the priority value according to your provider’s instructions
- Set the TTL (3600 seconds, or one hour, is a common default)
If your domain already has existing MX records from a previous email provider, remove them before adding the new ones. Having conflicting MX records can cause unpredictable delivery behavior.
Step 4: Wait for propagation
Changes to MX records can take up to 48 hours to propagate globally, though most updates take effect within a few hours.
During this propagation period, some emails may be routed to the old mail servers while others go to the new ones. Avoid making additional DNS changes during this window to prevent confusion.
Step 5: Verify your configuration
After propagation, run an MX lookup to confirm your records are correctly published and resolving as expected.
PowerDMARC’s free DNS record checker lets you verify your MX records instantly, ensuring they point to the correct mail servers with the right priority values. You should also send test emails from external addresses to confirm that messages are arriving at the intended mail servers.
How to Check and Troubleshoot MX Records
Even after initial setup, MX records need regular attention. Email providers change their server configurations, migration projects leave behind outdated records, and small errors can quietly disrupt delivery for days before anyone notices.
How to perform an MX lookup
You can check your domain’s MX records using several methods:
- Online MX lookup tools such as PowerDMARC’s MX record checker provide a quick, visual way to see your current MX records, their priority values, and whether they resolve correctly
- Command-line tools like nslookup or dig allow you to query MX records directly from your terminal. For example, running “nslookup -type=mx example.com” or “dig mx example.com” will return the current MX records for the domain
- Your DNS provider’s dashboard will show all published DNS records, including MX entries, in the zone file management section
Regularly checking your MX records helps catch issues before they affect email delivery at scale.
Common MX record issues and how to fix them
When configuring MX records, it is important to regularly check and update them to maintain email delivery efficiency. These are the most common issues that cause problems:
MX record pointing to a CNAME
MX records must point directly to a mail server’s A record or AAAA record, not to a CNAME record. If your MX record points to a CNAME, some receiving mail servers will fail to deliver email. Fix this by replacing the CNAME reference with the actual hostname that has a direct A or AAAA record.
Missing MX records
If there are no MX records for a domain, email delivery may fail or be treated as spam. Verify that your MX records are published and resolving correctly. If they were accidentally deleted, re-add them using the values from your email provider.
Duplicate or conflicting MX records
Having MX records pointing to both an old and new email provider causes unpredictable routing. Remove any records that no longer correspond to active mail servers.
Incorrect priority values
If your backup mail server has a lower priority value (higher preference) than your primary server, email will be routed to the backup first. Double-check that priority values match your intended routing order, with the primary server assigned the lowest number.
Stale TTL values
If your TTL is set very high, DNS servers will cache your old MX records for extended periods, delaying the effect of any changes. Before making updates, consider temporarily lowering the TTL to speed up propagation, then raising it again once the changes are confirmed.
Best Practices for Managing MX Records
Properly configured MX records are essential for reliable email delivery, but configuration is only the first step. Ongoing management ensures your email infrastructure stays efficient, secure, and resilient as your organization grows and changes.
Set up redundancy with multiple MX records
MX records can have multiple entries with different priority values to ensure email delivery redundancy.
If your primary mail server goes down, the sending server automatically moves to the next server in priority order. Always configure at least one backup MX record pointing to a secondary mail server so that email delivery continues even during outages.
For organizations with high email volumes, consider setting two servers with equal priority values for load distribution across multiple mail exchange servers, while keeping a third with a higher priority value as a dedicated backup.
Use clear and logical priority values
Keep your priority values simple and well-spaced to allow room for future adjustments. Using values like 10, 20, and 30 instead of 1, 2, and 3 gives you space to insert additional servers later without restructuring the entire priority order.
Always ensure that your primary server has the lowest priority value and that backup servers are ordered in the sequence you want them contacted.
Review and update MX records regularly
Regular monitoring and management of MX records are essential to maintain consistent email performance. Set a recurring schedule to review your MX records, especially after:
- Migrating to a new email provider
- Adding or removing third-party email services
- Changing hosting environments or DNS providers
- Conducting security audits of your email infrastructure
Remove any records that no longer correspond to active mail servers, and verify that all remaining records resolve correctly.
Align MX records with your authentication records
Ensure that the mail servers listed in your MX records are also properly covered by your SPF, DKIM, and DMARC records.
Misalignment between your MX records and authentication records can trigger spam filters and reduce deliverability. PowerDMARC’s platform makes this easy by giving you a centralized view of all your domain’s DNS and authentication records, so you can spot misconfigurations before they affect email delivery.
Keep Your Email Routing Secure and Reliable With PowerDMARC
DNS MX records are the foundation of your email delivery system, but they don’t work in isolation. Misconfigured MX records, outdated entries, and misalignment with your authentication records can quietly disrupt delivery, open security gaps, and damage your domain’s reputation.
At PowerDMARC, we understand that managing MX records at scale requires more than basic DNS tools. Our platform provides automated monitoring, compliance reporting, and expert support to help organizations maintain secure, reliable email infrastructure while meeting regulatory requirements.
“With PowerDMARC, we resolved MX misconfigurations in minutes instead of days.” – IT Director, Global Enterprise
Start your free 15-day trial today.
Frequently Asked Questions (FAQs)
1. What happens if there are no MX records?
Without MX records, email delivery may fail or default to the domain’s main IP address, which is unreliable.
2. Do MX records affect outgoing emails?
No, MX records only control incoming email. Outgoing email is handled by your SMTP server.
3. What are MX records for?
MX records tell email servers where to deliver messages for your domain. They act as routing instructions that direct incoming email to the correct mail server, ensuring reliable email delivery.
4. What should my MX records be?
Your MX records depend on your email provider. For Google Workspace, use records like “1 aspmx.l.google.com”. For Office 365, use records provided by Microsoft. Always include backup records with higher priority numbers for redundancy.
5. What are common MX record mistakes?
Common mistakes include using identical priority values, pointing to CNAME records instead of A records, missing trailing dots in FQDNs, and maintaining outdated records. These errors can cause email delivery failures and security vulnerabilities.
6. How does PowerDMARC help with MX record management?
PowerDMARC provides automated MX record monitoring, real-time alerts for configuration changes, compliance reporting, and expert support. Our platform helps organizations prevent email disruptions and maintain secure email infrastructure at scale.
Domain & Email Security Expert at PowerDMARC
Ahona is the Marketing Manager at PowerDMARC, with 5+ years of experience in writing about cybersecurity topics, specializing in domain and email security. Ahona holds a post-graduation degree in Journalism and Communications, solidifying her career in the security sector since 2019.
Latest posts by Ahona Rudra (see all)
