M

MX (Mail Exchanger) Record

MX records direct email to your domain’s servers. Learn how MX records work, their role in email routing, and how they complement DMARCeye’s protections.

Jack Zagorski
Oct 6, 2025

What is an MX (Mail Exchanger) Record?

An MX (Mail Exchanger) record is a type of DNS (Domain Name System) record that specifies which mail servers are authorized to receive email on behalf of a domain.

When someone sends an email to user@example.com, their mail server looks up the MX records for example.com to determine where to deliver the message. Each MX record points to a mail server hostname (like mail.example.com) and includes a priority value to determine delivery order.

Example:

example.com. 3600 IN MX 10 mail1.example.com.
example.com. 3600 IN MX 20 mail2.example.com.
 

In this setup, mail1.example.com is the primary mail server, while mail2.example.com serves as a backup if the first one is unavailable.

How MX Records Work

When an email is sent:

  1. The sender’s mail server performs a DNS lookup for the recipient’s domain (e.g., example.com).
  2. It retrieves all MX records, sorted by priority.
  3. The server attempts delivery to the host with the lowest priority number (highest priority).
  4. If that server can’t be reached, it tries the next one, and so on.

Each MX record must point to a valid A or AAAA record (not a CNAME), ensuring the mail server’s IP can be resolved.

MX records work hand in hand with SPF, DKIM, and DMARC to authenticate and secure email delivery, though they themselves don’t provide authentication; they simply define where mail should go.

The Role of MX Records in Email Infrastructure

MX records are the cornerstone of how email routing functions across the internet. They enable redundancy and flexibility in email delivery while ensuring messages are routed through the right servers.

Common use cases include:

  • Primary/backup routing: Ensuring mail continues flowing even if one mail server fails.
  • Third-party mail hosting: Directing inbound mail to services like Google Workspace or Microsoft 365.
  • Security gateways: Routing mail through filtering or scanning systems before it reaches inboxes.

Misconfigured MX records can cause delivery failures, looping, or inbound spoofing vulnerabilities. For instance, if an MX record points to an external host that isn’t properly secured, attackers could potentially intercept or relay mail traffic.

MX Records and DMARCeye

While DMARCeye focuses primarily on outbound authentication (SPF, DKIM, and DMARC), proper MX configuration is just as important for maintaining domain trust and message reliability.

DMARCeye helps ensure that your sending sources align with your DNS setup, so the same domain that receives mail through its MX records is protected from spoofing on the sending side.

By combining visibility into DNS and authentication, DMARCeye helps domain owners maintain a secure, consistent mail flow, both inbound and outbound.

Sign up for a free trial of DMARCeye today and secure your email domain.

To learn more about DMARC and DMARC-related terms, explore the DMARCeye Glossary.
M

Similar posts

Get notified on new marketing insights

Be the first to know about new insights to build or refine your DMARC policy strategy.