Basic Mail Exchanger Setup
Mail exchanger records consist of a domain on the left hand side, a preference number and a fully qualiied host name on the right hand side. They look something like this:
zippo.net. IN MX 10 mercury.zippo.net. mercury.zippo.net. IN A 184.108.40.206
The domain should be the domain the mail exchanger serves and should be fully qualified if it appears. In the example above, the domain zippo.com. (note the trailing dot) is the domain. Note the trailing dot after the domain. This is important as the server will add the local domain the zone file was written for if the dot does not appear at the end.
MX PREFERENCE Value
The MX record preference values indicate which mail server to use and in which order to try them when they fail or don't respond. A larger preference number is less preferred. Thus, a mail exchanger with a preference of zero (0) is always preferred over all other mail exchangers. Setting preference values to equal numbers makes mail servers equally preferred.
A mail exchanger is a server configured to processing SMTP messages (E-MAIL!). The users of zippo.net would have 'firstname.lastname@example.org' as their e-mail address. The mail still has to be delivered to a specific machine, so you must tie the domain name (zippo.com) to a mail machine. In our example we used the name 'mercury' for the mail server, but we could have used ANY legal DNS host name. After we tie the domain name to the name of a specific machine (mail.zippo.com) we still have to get the IP address for 'mail'. The IP address information is provided by the IP address.
Mail will be delivered to the machine with the lowest preference value that is available and responding. If that machine's fully qualified domain name is not the same as the domain that lists it as a mail server, it will look up the domain and try to deliver the mail to the next 'closest' mail server, a server with a smaller preference number (smaller preference numbers indicate the server is more preferred).
Configuring a Backup Mail Exchanger
For example, if we configure the zone like so:
zippo.net. IN MX 10 mercury.zippo.net. zippo.net. IN MX 20 venus.zippo.net. mercury.zippo.net. IN A 220.127.116.11 venus.zippo.net. IN A 18.104.22.168
Mail will attempt delivery to mercury first, but if mercury can't be reached, then it tries venus.
Load Balancing on Mail Exchangers
Since DNS resolution works in a round robin fashion, you can uses maill servers with identical preferences to create a load balancing situation between mail servers. Take the following example:
zippo.net. IN MX 10 mercury.zippo.net. zippo.net. IN MX 10 venus.zippo.net. mercury.zippo.net. IN A 22.214.171.124 venus.zippo.net. IN A 126.96.36.199
Mail for the zippo.net domain will get delivered to mercury, then venus and then mercury again.
Using CNAMES with MX records can cause problems, including making your zone fail to load. Check out the section on CNAMEs for more info.
Using Your ISP as a Secondary Mail Server
If your ISP supports it, you can add an MX record for your domain that points to your ISP's mail servers. If your mail server is unavailable, mail will be queued at your provider's mail server until such time as your server returns to service. Most mail servers hold onto mail and retry delivery if they fail. Adding your ISP can increase this buffering time as the sender buffers the mail, then forwards to your ISP who buffers the mail for a time before the mail finally times out and dies. You set up your ISP as a secondary MX only after consulting with them and finding out whether they allow and support such services.
zippo.net. IN MX 10 mercury.zippo.net. zippo.net. IN MX 10 venus.zippo.net. zippo.net. IN MX 30 mail.isp.net. mercury.zippo.net. IN A 188.8.131.52 venus.zippo.net. IN A 184.108.40.206
Note that in the examle above, the ISP's IP address is NOT listed in the zone file for the zippo domain. That's because the ISP will take care of the DNS resolution for their mail server because it is in their DNS domain. Also note that the MX record pointing to the ISP's mail server has the largest preference number. This makes sure that the ISP's mail server will only be used if none of the other servers are available. If the ISP's mail server had the higher preference, you may end up with a mail loop.
ANTI-SPAM: REVERSE LOOKUP OF MAIL EXCHANGERS
The most used application on the planet for sending SMTP is sendmail. This application checks both the sender's and receiver's addresses in both the mail headers and the envelope. To block spammers, many companies use reverse resolution to verify that the host that is sending the mail is indeed who it says it is. This blocks some of the SPAM, but not all of it. If you don't want to find yourself unable to send mail to an ever growing number of sites, it's a good idea to make sure your mail exchanger is properly configured in the correct reverse zone file. Often, this will require your ISP to set up the DNS for this as the zone file for a range of IP addresses resides with the owner of the IP's themselves.