okay to have multiple MX records pointing to single IP?

is there any reason NOT to point multiple domain MX records to a single IP?
for example, if i had:

  abc.com
  def.com
  xyz.com

each of these have MX records pointing to the same IP.

this outside IP NAT's to a proofpoint server configured with multiple domains.  two of these domains are on the same inside server (abc.com and def.com).  one of them is on a separate inside server (xyz.com).

would there be any issues with outbound delivery of email on the xyz.com server simply because of the multiple MX records pointing to a single IP?

a single PTR record does exist for the outside address (as it should).  but is there a problem associated with reverse lookups on abc.com, def.com and xyz.com and they all point to the same IP?

we are facing this issue in my company right now.  we already have (say) abc.com and def.com using a single IP, but the hosting company is telling us it's not good practice to do this.

it has been working all along, so we want to know why, but we're not getting a good answer.
Andy ConnockIT CoordinatorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AlanConsultantCommented:
Hi,

It is absolutely fine to have multiple domain MX records all pointing to one IP.

The MX answering on that IP will need to be configured to accept for each of those domains of course.  This is probably more common that having a single domain pointing to a single IP.  Imagine Google - they have thousands of domains (some of mine included) pointing to them.

You should also setup SPF DNS records for each domain, and preferably, DKIM and DMARC, but at least SPF initially.

Alan.
timgreen7077Exchange EngineerCommented:
There is no issue with pointing multiple MX records to a single proofpoint IP address. Neither will there  be any issues with outbound mail as a result of your MX records. The outbound mail looks at the MX record of the recipient not the sender. As long as Proofpoint has the domains as acceptable domains to receive mail for then you are fine.
James EndressTech LeadCommented:
Does it matter if an external mail systems has DNS lookup confirmation for delivery?

thanks!

J.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

AlanConsultantCommented:
Hi James,

DNS is the default way to determine where to deliver email, so no, that should not cause a problem ever.

Alan.
James EndressTech LeadCommented:
Once upon a time I seem to recall having trouble with reverse DNS lookup validation in scenarios like the above, but that has been a long time. I am probably mis-remembering.
nociSoftware EngineerCommented:
MX records hold the name of the MAIL server to send the mail to...
abc.com
  def.com
  xyz.com

and suppose your mail server  is mail.example.com then it is perfectly legal to use

abc.com MX 100 mail.example.com
def.com MX 100 mail.example.com
xyz.com MX 100 mail.example.com

Whete mail.example.com moud translate to the IP of the mail server.
For receiving mail this is sufficient...., for sending mail from the same server look into settingup
the PTR record to contain mail.example.com
Also considder setup SPF & DKIM (+ DMARC?)...
Andy ConnockIT CoordinatorAuthor Commented:
thanks for the comments folks.  here's a comment from a colleague of mine facing this issue.

"our provider (of the single IP) has told us there will be DNS lookup/reverse lookup problems if multiple mail domains are mapped to a single IP address. They said this configuration is not common, almost all mail domains and IP addresses are 1:1.  When a mail server does a reverse lookup for abc.com or xyz.com, it would be a 50% chance they would get a match. The other 50% of the time, the return result would be that the IP does not resolve to the domain name (reverse lookup).

we thought this would be a common thing for large companies but our provider says this is not so; apparently companies manage multiple mail domains with multiple IP addresses.

Even of the proofpoint can map multiple domain names to unique IP addresses, it will only be one step in the problem.  We still would have to figure out how to ensure outbound mail traffic from the proofpoint outwards."

are we over-thinking this?  i'm of the camp that multiple MX records can point to the single IP.  in our case, this single IP maps to an inside mail gateway (proofpoint) that has the capability of managing multiple domains.  our provider is a big player so we're trying to determine if what they say about DNS lookup/reverse for multiple domains and a single IP has any merit.
nociSoftware EngineerCommented:
There wil not be a problem IF:  (continuing from my mail.example.com)
1) mail.example.com    has matching forwardlookup to an ip and the reverse lookup comes back to mail.example.com
2) AND the mailserver presents itself as mail.example.com during HELO/EHLO.
3) For sending mail: the SPF/DKIM records have been setup for abc.com, def.com and xyz.com   where in SPF the ip4:(ip of mail.example.com) is  is mentioned, dkim signing per domain is setup correctly.
yes this is a common thing, look at Google Business ..., how about office365 to name another.... or Mailchimp, or ....
We run a few servers each handling several domains for cusotmers...   (I have 5 private domains @home, and only one mailserver and that also does some mail handling for 3 domains of sportsclubs).

Multiple MX recorods can point to ONE mailserver DNS name, MX doesn't provide IP address directly, it provides the NAME of the mailserver... a separate A / AAAA record lookup provides the IP address.
AlanConsultantCommented:
Hi,

There should be no problems at all - as I said above, this is very common, probably more common than not.

I have three domains pointing to the Exchange Server I am sitting in front of right now.

Just make sure you setup the PTR record, the mailserver, and SPF records correctly.

Very few of my clients have multiple IPs, and those that do, only use one for all incoming and outgoing emails across multiple domains (one has at least seven domains that I can think of off the top of my head).

Either your friend is not understanding what the ISP is telling them, or they are talking to an idiot at the ISP.

Alan.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
timgreen7077Exchange EngineerCommented:
@Alan has answered this question. That should be the accepted answer or this will go on forever.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
MX

From novice to tech pro — start learning today.