• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 434
  • Last Modified:

DNS and MX Records

I have an email server the hosts the domain x.com
My spam filter is at server1.spamfilter.com

What should my DNS/MX records look like for mail to go to my spam filter?
MX records, Cnames, A Records etc.
0
ie0
Asked:
ie0
2 Solutions
 
hw9664Commented:
Your MX record should have the IP Address of your spam filtering service.
Your spam filtering service should then forward all emails that pass its spam filters to your email server.
Don't forget to allow SMTP port 25 thru your firewall to your mail server from the spam filtering service.
0
 
HFVgallyCommented:
Your only MX record(s) should be server1.spamfilter.com, server2.spamfilter.com, etc. The spam filter service needs to be configured to know what the public IP address is of your mail server. You don't want any MX records pointing directly to your mail server address any more, or messages may bypass the spam filter.
You could set a lower priority MX record and point it to your mail server address, but that won't work once you get to the step where you set your firewall to ONLY accept incoming SMTP messages from your spamfilter service's servers. You will want to restrict your incoming SMTP eventually to prevent spammers from handshaking to your mail server directly and again bypass your spamfilter service.
 
0
 
ie0Author Commented:
HFV,
So my MX record will be pointing to server1.spamfilter.com
Any Arecords or CNames etc?
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
AeridenCommented:
I recommend not having any A records on your root domain (e.g. x.com -- because some older mail servers use this to resolve first rather than the MX).  But in theory, you just need to worry about the MX record.
0
 
HFVgallyCommented:
Because you are using the domain name provided by the spam filtering service (their domain name) as your MX record, matters of A records and CNames are up to them to administer. The spam filtering services I am familiar with want to know your mail server's destination IP address so no other records are required for your domain.
If you are using remote access services such as with a Small Business Server, you might have a host record or alias that resolves a subdomain such as remote.x.com to your mail server IP address (the mail server and the remote access server being one in the same in that case), but this should not be referenced by your MX records nor will the spam filtering service need it.
The only DNS record you need are the MX records pointing to their servers.
0
 
HFVgallyCommented:
Clarification Edit: the only DNS records you need for the purpose of routing mail are the MX records pointing to the spam filtering service servers.
0
 
ie0Author Commented:
Fixed.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now