Two MX records for one domain?
April 25, 2006 6:51 AM   Subscribe

It is possible to have two distinct email servers (for two sets of non-overlapping addresses) for the same domain?

I think this is impossible, but I could be wrong.

I have a domain, I would like to be able to give my users the option of using one of two services for their email.

On the one hand, we have the default setup where the DNS MX record for the and resolve to the ISPs mail server, which provides POP/IMAP and web mail.

On the other hand, if I rewrite that MX record I can use a service such as Windows Live or the new Gmail on your own domain service and allow my users a slightly nicer experience, and a lot more storage space than I can afford to supply.

The problem is that some accounts already forwarded to regular gmail accounts, and I don't want to disable that.

So what I would like to do is have a few accounts run through the 'other' service (say, Windows Live) and the rest (including catch-alls and non-existent) stay on the ISPs server.

I have access to the DNS and can make pretty much any reasonable request of my ISP in terms of changing server settings, but is this even possible?

The web based admin package my ISP supplies allows me to create mail forwards for accounts, but they forward to other email account, I guess what I need to be able to do is forward specific accounts to a different server. Is that possible?

It's easy enough to trick the servers for outgoing mail, as you can send email from anywhere as anyone, the problem would be ensuring the incoming mail for would go to the ISP, and at the same time send to
posted by tiamat to Computers & Internet (14 answers total) 2 users marked this as a favorite
Response by poster: More googling found me this: How to setup MX Record
You can also set up multiple MX records, as in the following:

MX 10 mailhost
MX 100
MX 200

The reason for setting up multiple MX records is for a reliable mail delivery. If the primary mail server is down, the mail message will be temporaily sent to another mail server designated by the MX record. In the above example, if the primary mail server does not respond, a delivery will be attempted to the host If that host is also down, then another attemp to the host will be made. The number associated with each MX record specifies the priority of the mail servers.
So, if I setup 2 MX records as such

MX 10
MX 100

Will the mail getting to the second MX entry depend on what the default policy is for unknown addresses at the first?
posted by tiamat at 7:04 AM on April 25, 2006

Best answer: On preview: No. In SMTP, you can have either a "temporary" failure or a "permanent" failure. If the primary MX reports a temporary failure (out of disk space, etc.) or is entirely unreachable, the secondary will be tried. If the primary is up and reports a permanent failure - including "the address does not exist" - the secondary will not be tried.)

This will be a very difficult thing to accomplish with the setup you've laid out here. Your main problem will be that, in order for selected accounts to reach the 'other' service, it would need to be your MX; the 'other' service would need to support forwarding of the mail to your original MX for accounts it didn't have. I don't expect that Gmail or Windows Live will offer that.

If you really want to go this route, you'll need to deploy a new server as a front-end MX for your domain. Suppose your current server is named, and the 'other' service is You'd add a new server, say, which would be your MX.

Now, all incoming mail would be delivered to, which would accept any mail for It would then re-send the mail, based on a list of addresses you'd have to maintain, to either or This part isn't difficult to do with something like Postfix.

I hope this makes sense - feel free to e-mail me with any followup questions.
posted by pocams at 7:09 AM on April 25, 2006

I can only speak from the UN*X and sendmail perspective, but I believe that what you propose is possible if you were to put in place a "redirection" machine. This would be the device that your MX records pointed to.

Let's say that your new redirection machine is called, your Windows Live machine is, and your ISPs mail server is Create appropriate A records for each of these names to correspond to the IP addresses.

In your sendmail config, you'd want to configure your aliases file to have an entry for each user. If they were to be directed to the Windows Live machine, you'd have the entry:

Or to your ISP:

I'm not certain if you'd need a user on your redirect machine to correspond for each user you are redirecting, you'd want to experiment with that.

You may also be able to get away with front-ending this with a Barracuda anti-spam box or something similar, and do all of these entries with their web interface instead. All you really need is to have your MX record point to a box that receives all of your mail, looks at an alias table of some kind, then forwards the mail according to the username.
posted by ensign_ricky at 7:15 AM on April 25, 2006

Response by poster: pcoams, I love AskMe for the quick replies from people who know their stuff (and not only their stuff, but early akkadian mythology as well)!

Followup question: If my ISPs mail sever is already running Postfix (which I've heard of, but never played with) does it really require a front end MX server to split the two classes of mail or can that just be done right at That is, with most mail being delivered locally but the occasional account being pushed to

I guess what I'm trying to say is this, is there any way to easily configue postfix (I'd be asking my ISP to do this for me, after all) to forward individual accounts to a different mail server? Or does this implementaion *require* a front end server doing only the division?
posted by tiamat at 7:26 AM on April 25, 2006

Unless I'm misunderstanding the problem, all you'd have to do is have your ISP redirect some people to Gmail. This is trivial with Postfix... it just takes new entries in the 'virtual' file.

That way, all mail comes to your ISP. Mail for people with Gmail accounts is then forwarded on. Mail that's for local users is kept locally.

Your ISP can easily do this.... you can too, if you have access to the virtual file. They'll call it something else... it's whatever mechanism you use to redirect mail from one place to another. Instead of forwarding from one user account to another, you're forwarding '' to ''. Pretty trivial.

Note that with heavy mail forwarding, there are more points of failure, and troubleshooting problems can be substantially more complex.
posted by Malor at 7:39 AM on April 25, 2006

Response by poster: Malor, the only thing with forwarding is it's not to,
it's (hosted at to (hosted at

The goal is to not abandon in favour of, but just to use the interface at through the Windows Live Custom Domains or Gmail for Domains services.
posted by tiamat at 7:52 AM on April 25, 2006

To clarify an issue here: The e-mail server which receives e-mail for a domain or hostname does not necessarily have to be the same server that your users download their e-mail from.

Any server specified in your MX records for a hostname must accept any e-mail for that hostname. But that doesn't mean that this has to be the place where the user downloads the e-mail from. There are any number of ways you can have them get their mail from a different location (and different locations for different users).

But if using Gmail or Windows Live is what you want to do, I suspect that you're limited to using the forwarding feature that you mention. With gmail, at least (I don't know about WL), you can still set this up seamlessly, though. You can set up to forward to and then in gmail, you can set up as the e-mail address to use on the "From:" line of outgoing messages. This does introduce an extra potential point of failure (both your server and gmail have to be working properly in order for the mail to go through) but will probably be essentially as reliable as your current e-mail server is.

You could also set up different MX servers for different hostnames under your domain name (e.g. one MX for e-mail addresses at and another for addresses at
posted by winston at 8:00 AM on April 25, 2006

Response by poster: Winston, that's basically what I've got now. The only (minor) problem is that gmail has a nasty habit of saying
" on behalf of"
in the "From" line, which confuses the heck out of a lot of less tech savy people.

If they didn't do that, I'd probably not be bothering with all of this. Then again, I like fscking with things for fun, so I might be. :)
posted by tiamat at 8:09 AM on April 25, 2006

Best answer: Yes, your ISP can do this with Postfix (or whatever mail server they have). With Postfix, they could modify the transport table. The transport table allows you to specify a transport ("way to deliver the mail") per e-mail address. Normally, the transport for your domain would be "Deliver the e-mail to the local disk where the POP server can get at it". For the 'other service' addresses, the transport would be "Deliver the e-mail using SMTP, to the host". This doesn't cause any change in the e-mail addresses in the message or envelope.

In the transport file, it would look something like: : smtp:[] smtp:[]

The first entry just says "For anything, don't change the delivery method." The second says "For, use SMTP to deliver to the host" The square brackets prevent it from doing an MX lookup on that host. Same deal for

Note that the MX hostnames there are probably bogus, but Gmail/Windows Live would be able to give you the right ones.
posted by pocams at 8:09 AM on April 25, 2006

Response by poster: pocams, Thanks!

As for the MX hostnames, yes, I've been playing with Windows Live and for that service at least they give you a MX record to update that looks like
[random 10 digit number]

I haven't been able to get into the Gmail domains beta yet, but from the screen shots I've seen they do basically the same thing, not sure about the individual random part on the front though.
posted by tiamat at 8:13 AM on April 25, 2006

Yeah, the transport table will help there... sorry I couldn't get back sooner, I've been busy.

I *think* the bracket notation is only used when you're specifying IP addresses... as in []. It may work okay with names, but if you have trouble with pocams' solution, try removing the [] marks. Use his solution first. Don't use this unless you have trouble:
posted by Malor at 10:12 AM on April 25, 2006

While pocams' solution appears to achieve what you want, there's one wrinkle. Google makes sure your MX records contain only Google's own MX servers in the correct priority order. If you deviate, the service will not function*.

FYI, this is the list of MX records I had to have in order to use GMail with my domain (priorities don't matter, only the relative order):


*Actually, you will be able to read, but not send, email. Counterintuitive, but true.
posted by Mike C. at 7:28 PM on April 26, 2006

Response by poster: Ooh. Interesting to know that if I want to go with Google I have to convert everyone. Thanks for the info.
posted by tiamat at 7:51 PM on April 26, 2006

Response by poster: Followup for anyone looking at this for their own reasons. Windows Live mail ALSO requies that theirs be the only MX records for the domain.

So in conclusion, if you want to use Gmail for domains or Windows Live for domains you have to go all or nothing.
posted by tiamat at 12:26 AM on May 9, 2006

« Older Tips on flightchecking files for printers please.   |   nicked at the hairdresser, harmless or medical... Newer »
This thread is closed to new comments.