Two MX records for one domain?
April 25, 2006 6:51 AM Subscribe
It is possible to have two distinct email servers (for two sets of non-overlapping addresses) for the same domain?
I think this is impossible, but I could be wrong.
I have a domain, example.com. I would like to be able to give my users the option of using one of two services for their email.
On the one hand, we have the default setup where the DNS MX record for the example.com and mail.example.com resolve to the ISPs mail server, which provides POP/IMAP and web mail.
On the other hand, if I rewrite that MX record I can use a service such as Windows Live or the new Gmail on your own domain service and allow my users a slightly nicer experience, and a lot more storage space than I can afford to supply.
The problem is that some accounts already forwarded to regular gmail accounts, and I don't want to disable that.
So what I would like to do is have a few accounts run through the 'other' service (say, Windows Live) and the rest (including catch-alls and non-existent) stay on the ISPs server.
I have access to the DNS and can make pretty much any reasonable request of my ISP in terms of changing server settings, but is this even possible?
The web based admin package my ISP supplies allows me to create mail forwards for accounts, but they forward to other email account, I guess what I need to be able to do is forward specific accounts to a different server. Is that possible?
It's easy enough to trick the servers for outgoing mail, as you can send email from anywhere as anyone, the problem would be ensuring the incoming mail for user1@example.com would go to the ISP, and at the same time send user2@example.com to hotmail.com/gmail.com
I think this is impossible, but I could be wrong.
I have a domain, example.com. I would like to be able to give my users the option of using one of two services for their email.
On the one hand, we have the default setup where the DNS MX record for the example.com and mail.example.com resolve to the ISPs mail server, which provides POP/IMAP and web mail.
On the other hand, if I rewrite that MX record I can use a service such as Windows Live or the new Gmail on your own domain service and allow my users a slightly nicer experience, and a lot more storage space than I can afford to supply.
The problem is that some accounts already forwarded to regular gmail accounts, and I don't want to disable that.
So what I would like to do is have a few accounts run through the 'other' service (say, Windows Live) and the rest (including catch-alls and non-existent) stay on the ISPs server.
I have access to the DNS and can make pretty much any reasonable request of my ISP in terms of changing server settings, but is this even possible?
The web based admin package my ISP supplies allows me to create mail forwards for accounts, but they forward to other email account, I guess what I need to be able to do is forward specific accounts to a different server. Is that possible?
It's easy enough to trick the servers for outgoing mail, as you can send email from anywhere as anyone, the problem would be ensuring the incoming mail for user1@example.com would go to the ISP, and at the same time send user2@example.com to hotmail.com/gmail.com
Best answer: On preview: No. In SMTP, you can have either a "temporary" failure or a "permanent" failure. If the primary MX reports a temporary failure (out of disk space, etc.) or is entirely unreachable, the secondary will be tried. If the primary is up and reports a permanent failure - including "the address does not exist" - the secondary will not be tried.)
This will be a very difficult thing to accomplish with the setup you've laid out here. Your main problem will be that, in order for selected accounts to reach the 'other' service, it would need to be your MX; the 'other' service would need to support forwarding of the mail to your original MX for accounts it didn't have. I don't expect that Gmail or Windows Live will offer that.
If you really want to go this route, you'll need to deploy a new server as a front-end MX for your domain. Suppose your current server is named tiamat.example.com, and the 'other' service is mx.gmail.com. You'd add a new server, say marduk.example.com, which would be your MX.
Now, all incoming mail would be delivered to marduk.example.com, which would accept any mail for example.com. It would then re-send the mail, based on a list of addresses you'd have to maintain, to either mx.gmail.com or tiamat.example.com. This part isn't difficult to do with something like Postfix.
I hope this makes sense - feel free to e-mail me with any followup questions.
posted by pocams at 7:09 AM on April 25, 2006
This will be a very difficult thing to accomplish with the setup you've laid out here. Your main problem will be that, in order for selected accounts to reach the 'other' service, it would need to be your MX; the 'other' service would need to support forwarding of the mail to your original MX for accounts it didn't have. I don't expect that Gmail or Windows Live will offer that.
If you really want to go this route, you'll need to deploy a new server as a front-end MX for your domain. Suppose your current server is named tiamat.example.com, and the 'other' service is mx.gmail.com. You'd add a new server, say marduk.example.com, which would be your MX.
Now, all incoming mail would be delivered to marduk.example.com, which would accept any mail for example.com. It would then re-send the mail, based on a list of addresses you'd have to maintain, to either mx.gmail.com or tiamat.example.com. This part isn't difficult to do with something like Postfix.
I hope this makes sense - feel free to e-mail me with any followup questions.
posted by pocams at 7:09 AM on April 25, 2006
I can only speak from the UN*X and sendmail perspective, but I believe that what you propose is possible if you were to put in place a "redirection" machine. This would be the device that your MX records pointed to.
Let's say that your new redirection machine is called redirect.domain.com, your Windows Live machine is live.domain.com, and your ISPs mail server is mail.domain.com. Create appropriate A records for each of these names to correspond to the IP addresses.
In your sendmail config, you'd want to configure your aliases file to have an entry for each user. If they were to be directed to the Windows Live machine, you'd have the entry:
user:user@live.domain.com
Or to your ISP:
user:user@mail.domain.com
I'm not certain if you'd need a user on your redirect machine to correspond for each user you are redirecting, you'd want to experiment with that.
You may also be able to get away with front-ending this with a Barracuda anti-spam box or something similar, and do all of these entries with their web interface instead. All you really need is to have your MX record point to a box that receives all of your mail, looks at an alias table of some kind, then forwards the mail according to the username.
posted by ensign_ricky at 7:15 AM on April 25, 2006
Let's say that your new redirection machine is called redirect.domain.com, your Windows Live machine is live.domain.com, and your ISPs mail server is mail.domain.com. Create appropriate A records for each of these names to correspond to the IP addresses.
In your sendmail config, you'd want to configure your aliases file to have an entry for each user. If they were to be directed to the Windows Live machine, you'd have the entry:
user:user@live.domain.com
Or to your ISP:
user:user@mail.domain.com
I'm not certain if you'd need a user on your redirect machine to correspond for each user you are redirecting, you'd want to experiment with that.
You may also be able to get away with front-ending this with a Barracuda anti-spam box or something similar, and do all of these entries with their web interface instead. All you really need is to have your MX record point to a box that receives all of your mail, looks at an alias table of some kind, then forwards the mail according to the username.
posted by ensign_ricky at 7:15 AM on April 25, 2006
Response by poster: pcoams, I love AskMe for the quick replies from people who know their stuff (and not only their stuff, but early akkadian mythology as well)!
Followup question: If my ISPs mail sever is already running Postfix (which I've heard of, but never played with) does it really require a front end MX server to split the two classes of mail or can that just be done right at mail.example.com? That is, with most mail being delivered locally but the occasional account being pushed to hotmail.com/gmail.com?
I guess what I'm trying to say is this, is there any way to easily configue postfix (I'd be asking my ISP to do this for me, after all) to forward individual accounts to a different mail server? Or does this implementaion *require* a front end server doing only the division?
posted by tiamat at 7:26 AM on April 25, 2006
Followup question: If my ISPs mail sever is already running Postfix (which I've heard of, but never played with) does it really require a front end MX server to split the two classes of mail or can that just be done right at mail.example.com? That is, with most mail being delivered locally but the occasional account being pushed to hotmail.com/gmail.com?
I guess what I'm trying to say is this, is there any way to easily configue postfix (I'd be asking my ISP to do this for me, after all) to forward individual accounts to a different mail server? Or does this implementaion *require* a front end server doing only the division?
posted by tiamat at 7:26 AM on April 25, 2006
Unless I'm misunderstanding the problem, all you'd have to do is have your ISP redirect some people to Gmail. This is trivial with Postfix... it just takes new entries in the 'virtual' file.
That way, all mail comes to your ISP. Mail for people with Gmail accounts is then forwarded on. Mail that's for local users is kept locally.
Your ISP can easily do this.... you can too, if you have access to the virtual file. They'll call it something else... it's whatever mechanism you use to redirect mail from one place to another. Instead of forwarding from one user account to another, you're forwarding 'joe@example.com' to 'joe@gmail.com'. Pretty trivial.
Note that with heavy mail forwarding, there are more points of failure, and troubleshooting problems can be substantially more complex.
posted by Malor at 7:39 AM on April 25, 2006
That way, all mail comes to your ISP. Mail for people with Gmail accounts is then forwarded on. Mail that's for local users is kept locally.
Your ISP can easily do this.... you can too, if you have access to the virtual file. They'll call it something else... it's whatever mechanism you use to redirect mail from one place to another. Instead of forwarding from one user account to another, you're forwarding 'joe@example.com' to 'joe@gmail.com'. Pretty trivial.
Note that with heavy mail forwarding, there are more points of failure, and troubleshooting problems can be substantially more complex.
posted by Malor at 7:39 AM on April 25, 2006
Response by poster: Malor, the only thing with forwarding is it's not joe@example.com to joe@gmail.com,
it's joe@example.com (hosted at example.com) to joe@example.com (hosted at gmail.com).
The goal is to not abandon example.com in favour of gmail.com/hotmail.com, but just to use the interface at gmail.com/hotmail.com through the Windows Live Custom Domains or Gmail for Domains services.
posted by tiamat at 7:52 AM on April 25, 2006
it's joe@example.com (hosted at example.com) to joe@example.com (hosted at gmail.com).
The goal is to not abandon example.com in favour of gmail.com/hotmail.com, but just to use the interface at gmail.com/hotmail.com through the Windows Live Custom Domains or Gmail for Domains services.
posted by tiamat at 7:52 AM on April 25, 2006
To clarify an issue here: The e-mail server which receives e-mail for a domain or hostname does not necessarily have to be the same server that your users download their e-mail from.
Any server specified in your MX records for a hostname must accept any e-mail for that hostname. But that doesn't mean that this has to be the place where the user downloads the e-mail from. There are any number of ways you can have them get their mail from a different location (and different locations for different users).
But if using Gmail or Windows Live is what you want to do, I suspect that you're limited to using the forwarding feature that you mention. With gmail, at least (I don't know about WL), you can still set this up seamlessly, though. You can set up bob@example.com to forward to bob@gmail.com and then in gmail, you can set up bob@example.com as the e-mail address to use on the "From:" line of outgoing messages. This does introduce an extra potential point of failure (both your server and gmail have to be working properly in order for the mail to go through) but will probably be essentially as reliable as your current e-mail server is.
You could also set up different MX servers for different hostnames under your domain name (e.g. one MX for e-mail addresses at bob.example.com and another for addresses at sue.example.com)
posted by winston at 8:00 AM on April 25, 2006
Any server specified in your MX records for a hostname must accept any e-mail for that hostname. But that doesn't mean that this has to be the place where the user downloads the e-mail from. There are any number of ways you can have them get their mail from a different location (and different locations for different users).
But if using Gmail or Windows Live is what you want to do, I suspect that you're limited to using the forwarding feature that you mention. With gmail, at least (I don't know about WL), you can still set this up seamlessly, though. You can set up bob@example.com to forward to bob@gmail.com and then in gmail, you can set up bob@example.com as the e-mail address to use on the "From:" line of outgoing messages. This does introduce an extra potential point of failure (both your server and gmail have to be working properly in order for the mail to go through) but will probably be essentially as reliable as your current e-mail server is.
You could also set up different MX servers for different hostnames under your domain name (e.g. one MX for e-mail addresses at bob.example.com and another for addresses at sue.example.com)
posted by winston at 8:00 AM on April 25, 2006
Response by poster: Winston, that's basically what I've got now. The only (minor) problem is that gmail has a nasty habit of saying
"bob@gmail.com on behalf of bob@example.com"
in the "From" line, which confuses the heck out of a lot of less tech savy people.
If they didn't do that, I'd probably not be bothering with all of this. Then again, I like fscking with things for fun, so I might be. :)
posted by tiamat at 8:09 AM on April 25, 2006
"bob@gmail.com on behalf of bob@example.com"
in the "From" line, which confuses the heck out of a lot of less tech savy people.
If they didn't do that, I'd probably not be bothering with all of this. Then again, I like fscking with things for fun, so I might be. :)
posted by tiamat at 8:09 AM on April 25, 2006
Best answer: Yes, your ISP can do this with Postfix (or whatever mail server they have). With Postfix, they could modify the transport table. The transport table allows you to specify a transport ("way to deliver the mail") per e-mail address. Normally, the transport for your domain would be "Deliver the e-mail to the local disk where the POP server can get at it". For the 'other service' addresses, the transport would be "Deliver the e-mail using SMTP, to the host mx.gmail.com". This doesn't cause any change in the e-mail addresses in the message or envelope.
In the transport file, it would look something like:
The first entry just says "For anything @example.com, don't change the delivery method." The second says "For gmailguy@example.com, use SMTP to deliver to the host mx.gmail.com." The square brackets prevent it from doing an MX lookup on that host. Same deal for live.com.
Note that the MX hostnames there are probably bogus, but Gmail/Windows Live would be able to give you the right ones.
posted by pocams at 8:09 AM on April 25, 2006
In the transport file, it would look something like:
example.com :
gmailguy@example.com smtp:[mx.gmail.com]
liveguy@example.com smtp:[mx.live.com]
The first entry just says "For anything @example.com, don't change the delivery method." The second says "For gmailguy@example.com, use SMTP to deliver to the host mx.gmail.com." The square brackets prevent it from doing an MX lookup on that host. Same deal for live.com.
Note that the MX hostnames there are probably bogus, but Gmail/Windows Live would be able to give you the right ones.
posted by pocams at 8:09 AM on April 25, 2006
Response by poster: pocams, Thanks!
As for the MX hostnames, yes, I've been playing with Windows Live and for that service at least they give you a MX record to update that looks like
[random 10 digit number].pamx1.hotmail.com.
I haven't been able to get into the Gmail domains beta yet, but from the screen shots I've seen they do basically the same thing, not sure about the individual random part on the front though.
posted by tiamat at 8:13 AM on April 25, 2006
As for the MX hostnames, yes, I've been playing with Windows Live and for that service at least they give you a MX record to update that looks like
[random 10 digit number].pamx1.hotmail.com.
I haven't been able to get into the Gmail domains beta yet, but from the screen shots I've seen they do basically the same thing, not sure about the individual random part on the front though.
posted by tiamat at 8:13 AM on April 25, 2006
Yeah, the transport table will help there... sorry I couldn't get back sooner, I've been busy.
I *think* the bracket notation is only used when you're specifying IP addresses... as in [10.0.0.1]. It may work okay with names, but if you have trouble with pocams' solution, try removing the [] marks. Use his solution first. Don't use this unless you have trouble:
posted by Malor at 10:12 AM on April 25, 2006
I *think* the bracket notation is only used when you're specifying IP addresses... as in [10.0.0.1]. It may work okay with names, but if you have trouble with pocams' solution, try removing the [] marks. Use his solution first. Don't use this unless you have trouble:
liveguy@example.com smtp:mx.live.composted by Malor at 10:12 AM on April 25, 2006
While pocams' solution appears to achieve what you want, there's one wrinkle. Google makes sure your MX records contain only Google's own MX servers in the correct priority order. If you deviate, the service will not function*.
FYI, this is the list of MX records I had to have in order to use GMail with my domain (priorities don't matter, only the relative order):
*Actually, you will be able to read, but not send, email. Counterintuitive, but true.
posted by Mike C. at 7:28 PM on April 26, 2006
FYI, this is the list of MX records I had to have in order to use GMail with my domain (priorities don't matter, only the relative order):
10 ASPMX.L.GOOGLE.COM.
15 ALT1.ASPMX.L.GOOGLE.COM.
15 ALT2.ASPMX.L.GOOGLE.COM.*Actually, you will be able to read, but not send, email. Counterintuitive, but true.
posted by Mike C. at 7:28 PM on April 26, 2006
Response by poster: Ooh. Interesting to know that if I want to go with Google I have to convert everyone. Thanks for the info.
posted by tiamat at 7:51 PM on April 26, 2006
posted by tiamat at 7:51 PM on April 26, 2006
Response by poster: Followup for anyone looking at this for their own reasons. Windows Live mail ALSO requies that theirs be the only MX records for the domain.
So in conclusion, if you want to use Gmail for domains or Windows Live for domains you have to go all or nothing.
posted by tiamat at 12:26 AM on May 9, 2006
So in conclusion, if you want to use Gmail for domains or Windows Live for domains you have to go all or nothing.
posted by tiamat at 12:26 AM on May 9, 2006
« Older Tips on flightchecking files for printers please. | nicked at the hairdresser, harmless or medical... Newer »
This thread is closed to new comments.
MX 10 example.com
MX 100 hotmail.com
Will the mail getting to the second MX entry depend on what the default policy is for unknown addresses at the first?
posted by tiamat at 7:04 AM on April 25, 2006