Correct TTL value for domain MX record

What is the correct Time to Live (TTL) value that an email domain's MX record should be set to?
IT GuyNetwork EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dan Dhillon2nd/3rd line Support EngineerCommented:
Hi knowledgeable,

Should be 60 mins.
0
IT GuyNetwork EngineerAuthor Commented:
Is 60 minutes the recommended setting for an Office 365 domain?

What happens if it is set higher?

The organization I am currently working for has it set to 24 hours. Will that present a problem or a security risk?
0
Dan Dhillon2nd/3rd line Support EngineerCommented:
In you office 365 admin centre you can run the domain verification tool which will tell you what ttl to use for mx records.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

IT GuyNetwork EngineerAuthor Commented:
The organization I am currently working for has their email domain MX record set to 24 hours. Will that present a problem or a security risk?
0
Dan Dhillon2nd/3rd line Support EngineerCommented:
Hi,

Hope this helps answers your question.

https://blog.varonis.com/definitive-guide-to-dns-ttl-settings
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DP230Network AdministratorCommented:
We often set it as 3600 seconds ~ 1 hour
0
footechCommented:
Frankly, there isn't any "correct" setting.  Whatever setting doesn't impact security at all.  A shorter TTL will result in more DNS queries, but has the advantage that if any change to the record is made, clients will generally be aware of the change sooner.  A longer TTL has the advantage that if the authoritative DNS server for the record is unavailable for a while, fewer clients will generally be impacted.

I say "generally" above, because whether it's a short TTL or long TTL, for a specific client, how long the record has left in the cache before a new query is sent depends on when the last query was the resulted in the record being cached.  In other words, even though a record may have a TTL of 24 hours, at a given time it may have only a few seconds before that time is up and it will have to query the DNS servers again.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.