10

This is a question about MX procotol priority. If I have two server as MX with different priority:

  • MX 10 serverA
  • MX 20 serverB

Is this guarantee by the protocol that the MX 10 is the prefered? Can the submitter choose the secondary for any other reason but primary availability?

In other words: if my serverA MX is well working and with (theoretical) infinite connection capacity, can I be sure that nobody will try a connection to serverB?

Tobia
  • 1,210
  • 8
  • 37
  • 73

3 Answers3

14

Under normal circumstances the server will connect to the first one that is available, but there are many reasons the first one may be unavailable to one person but not the next. Some of these reasons include things you have no control over. However the general rule is try from lowest to highest until there is a response and then use that server.

Where there tends to be an exception is spam. Often the lower numbered MX records will point to hosted services, spam filtering etc. The highest numbered MX record will be a "failsafe" and often point directly to the IP of your server. The idea being if the hosted service fails mail will still be delivered. With this is mind Spammers will look up the highest number and send mail there.

Drifter104
  • 3,693
  • 2
  • 22
  • 39
  • I read your interesting answer and also this article: http://blog.zensoftware.co.uk/2012/07/02/why-we-tend-to-recommend-not-having-a-secondary-mx-these-days/ where they advice against secondary mx, but... I have a question: how to have a backup and also avoid spam fest? Is it possibile? – Tobia Dec 16 '15 at 18:51
  • @Tobia of course but it simply means not having it pointing at your own server, but this also means you have no redundancy if your hosted services fail. It just depends on how much you trust the service – Drifter104 Dec 16 '15 at 21:43
  • But also bear in mind that temporary failures will typically be queued and retried by the sending MTA; and even if they're not (or a permanent error condition arises) the NDR to the sender will likely lead to manual retries (or out of band communication) anyway. – eggyal Dec 16 '15 at 22:26
3

You cannot be sure because the client can also have some network errors and fail to connect to serverA, then repair network and try to connect to serverB.

emi
  • 279
  • 1
  • 8
  • Ok, let's consider a theoretical situation, can the client "choose" serverB a mx or always it tries before the primary MX? I want to understand if MX priority is something like load balancing or a failover. – Tobia Dec 16 '15 at 12:08
  • 1
    A client can always choose should it be programmed to do so. As stated in the first answer the general way clients are coded in production servers is to go low to high. Spam clients will often work high to low. SMTP testing clients sometimes even let the end user decided – netniV Dec 16 '15 at 15:06
0

It's entirely up to the person that wrote the SMTP engine that's attempting to do the contact. By design it's try MX in ascending numeric order, then try the A record. However, the programmer is free to do or not do that as they see fit and mail will normally still get delivered...

Brian Knoblauch
  • 2,188
  • 2
  • 32
  • 45
  • Do or not do, there is no try ? This has pretty much been covered above in the answers and the comments of said answers. – netniV Dec 17 '15 at 12:33
  • I found the above answers incomplete as none even mention the A record portion of the process. – Brian Knoblauch Dec 17 '15 at 12:44
  • Answers yes, check the comments. There is reference to the priority etc. A records themselves would only be used by working them out from MX records anyway. – netniV Dec 17 '15 at 12:45
  • 1
    Incorrect. Not just the A records pointed to by the MX records, but the specified domain A record is also used as a last resort case in determining the mail host. – Brian Knoblauch Dec 17 '15 at 12:49
  • That can be but most properly written mail software will NOT do that. Only people trying desperately to spam will do that. That is what the MX records are specifically for. – netniV Dec 17 '15 at 12:51
  • 1
    Properly written mail software **will** test the A record of the domain. That behavior is specified in the RFCs. – Law29 Dec 17 '15 at 23:56
  • They're not supposed to try the A record if there are any MX records. MX records indicate that mail should be sent to those servers **instead** of the A record. – Barmar Dec 23 '15 at 05:05