Making Sense of DNS Mail Records

Email is evolving and there are new standards are making it harder to keep your inbox clean and email flowing.  Are you trying to make sense of all your records and what you need and what you don’t?  First, let’s look at basic DNS (Domain Name Services).  All domains must point to an IP address.  You have your main web address so users can get to your website.  Then you have different channels, like FTP or email, that may point to different IP’s, or just uses a different port/channel to connect to.

Different DNS records are used for different things, basically all for the purpose to use a domain name to access a server/computer in one way or another.  DNS is now also being used for validation of services, such as for Google Analytics or email sending.

Now, let’s focus on Mail records.

An “MX Record” is what is used to send email @yourdomain.  The lower the priority is set, tells other mail servers to use that record first to send mail to.  You must have an MX Record in order to receive email.  You can have multiple MX records with different priorities

Why would you have multiple MX Records with different priorities?

If you need a backup server or have multiple incoming servers to balance the amount of emails received, this allows you to tell the world the different places to send mail.

A Record (Address Record) can allow you to point a sub domain like mail.domain.com to an IP address.  This may be used so you can access your webmail or email through browser. 

CName (Canonical Name) is used to point to a subdomain like mail.domain.com to another domain name like mail.isoc.net so that you can easily access your webmail.

TXT Records (Text Records) can often be added to validate your domain for many reasons.  Whether you are setting up a new Microsoft Account, or Google Analytics account, this is an easy way to quickly validate your domain for third party services.    The following are Text Records used for mail.

SPF Record (Sender Policy Framework) is a text record that lists the servers, domains, and IP’s email is allowed to send from.  It is important to include your mail server, mailing lists, your website, and even your ERP or billing system that may send out emails from @yourdomain.com.  You can then tell servers to automatically fail if it is not coming from one of these places.  It is important to keep this record and keep it up to date and things change.

DKIM (DomainKeys Identified Mail) is a text record that is added to your domain.  It is a key that is included in each message, so that other mail servers can validate your messages are coming from your mail server.  The mail server sends this key with each message so the receiver can confirm they match.  It is similar to SPF, but uses DNS to lookups to match the keys.  

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a new email protocol that utilizes SPF and DKIM to ensure matching are in place and communicating what to do with messages that are not aligned. 

In order to keep email flowing it is important to properly set up your email records.  While DKIM and DMARC records are not as widely used, they can help to prevent malicious behavior. 

If you are looking for assistance, our friendly technical support staff is eager to help with any questions you may have, or we can take care all of your DNS for you!

Contact ISOCNET Today!