MX (Mail Exchange) records direct email traffic to the correct mail servers, with priority values determining the order servers are tried.
How MX records work
- When sending email to user@example.com, the sender's server queries DNS for example.com's MX records.
- DNS returns a list of mail servers with priority values (lower = higher priority).
- The sender connects to the highest-priority server; if unavailable, tries the next.
- The receiving server accepts the email for local delivery.
MX record format
example.com. IN MX 10 mail1.example.com.
example.com. IN MX 20 mail2.example.com.
example.com. IN MX 30 backup.example.com.
Priority values
- Lower numbers = higher priority (tried first).
- Equal priorities = random distribution (load balancing).
- Higher numbers = backup servers used when primary fails.
- Typical values: 10, 20, 30 (allows room for additions).
Common configurations
- Cloud email: Points to provider (aspmx.l.google.com, mail.protection.outlook.com).
- Email gateway: Points to security vendor for filtering before delivery.
- Hybrid: Mix of cloud and on-premises servers.
- Backup: Secondary MX at higher priority for redundancy.
Security implications
- Changing MX records affects all email routing for the domain.
- Attackers may monitor MX records to identify email infrastructure.
- Misconfigured MX records can cause email delivery failures.
- SPF records must authorize MX servers to send email.
Related Tools
Related Articles
View all articlesEmail Services Compared: Cloudflare Email Routing & Area 1 vs AWS SES vs Azure vs Google Workspace
A technical comparison of email services across Cloudflare, AWS, Azure, and Google — covering email routing, transactional sending, email security, authentication (SPF/DKIM/DMARC), and how each provider approaches the email stack.
Read article →Check Point Harmony vs Proofpoint: Choosing Email Security for Google Workspace
Compare legacy Secure Email Gateways (SEG) like Proofpoint with modern API-based email security solutions like Check Point Harmony for Google Workspace environments. Learn why architecture matters for cloud email protection.
Read article →DNS Lookup & Email Security Check
Check DNS records, SPF, DKIM, DMARC, and email security configuration for your domain
Read article →Email Security: A Complete Guide to Protecting Your Organization from Phishing, BEC, and Modern Threats
Learn how modern email attacks work, from phishing and business email compromise to credential harvesting. Understand SPF, DKIM, DMARC, secure email gateways, and the best practices organizations need to defend their inboxes.
Read article →Explore More Networking
View all termsBGP (Border Gateway Protocol)
The routing protocol that exchanges network reachability information between autonomous systems, forming the backbone of Internet routing.
Read more →DNSSEC (DNS Security Extensions)
A suite of specifications that add cryptographic authentication to DNS responses, preventing DNS spoofing and cache poisoning attacks.
Read more →Domain Name System (DNS)
The hierarchical naming system that translates human-readable domain names into IP addresses.
Read more →IP Address Geolocation
The process of determining the geographic location of an internet-connected device using its IP address.
Read more →MAC Address
A unique hardware identifier assigned to network interfaces for local network communication.
Read more →Network Interface Card (NIC)
A hardware component that connects a computer or device to a network, enabling communication through its unique MAC address.
Read more →