3

We're migrating e-mail hosting from SERVER-A (on HOSTING_CO-A) to SERVER-B (on HOSTING_CO-B).

SERVER-A will continue to be functional until the transition is complete and HOSTING_CO-A has their own DNS server since our records currently show something that looks like:

mx1.hosting_co-a.example

ns1.hosting_co-a.example

and HOSTING-CO-B presumably has their own DNS servers as well (it is Google/GSuite).

I've read [1] that DNS changes may take up to 72 hours.

What would be the worst case scenario for what happens to an e-mail sent during this period?

  1. Would they either go to SERVER-A or SERVER-B (that is, would e-mail providers using non-updated DNS records be able to get through to SERVER-A or would SERVER-A reject or forward it based on its updated MX-record)?

  2. Would they be 'dropped' (that is neither the sender nor recipient will be aware that the message didn't go through)?

  3. Would the sender be notified that the message was not delivered?

We are switching over various domains/accounts, for some domains we'd rather messages be dropped than returned, and for others, we'd rather returned than dropped - if this is even something that can be controlled.

[1] https://support.google.com/a/answer/45679?hl=en Also points out reducing TTL for records in advance (would this mean a maximum downtime of your TTL?)

Community
  • 1
user3645994
  • 151
  • 3
  • You could just configure Server-A to forward all mails to Server-B. – Gerald Schneider Aug 17 '18 at 08:56
  • @gerald - thanks for your quick response! We plan to rely as little as possible on Server-A/Hosting_Co-A however (that is, cancelling e-mail service, but maintain domain/DNS service for as long as necessary). – user3645994 Aug 17 '18 at 09:45
  • 2
    `would SERVER-A reject or forward it based on its updated MX-record)?` Server-A would accept the email. Server-A doesn't care about the MX record. It only cares about the email domains that it is authoritative for. The MX record merely designates which server receives email for a domain. It doesn't provide any authority to accept or reject email. – joeqwerty Aug 17 '18 at 14:42
  • 1
    Can you mark one of these answers as "correct" if it solved your problem? That helps the others as well browsing this forum :) – Simba Dec 23 '18 at 19:00

4 Answers4

3

If you change the TTL value of your MX records well in advance I don't think your stale records will live on for 72 hours after the switchover. Next if your old mail server is down, it won't accept any more emails and the sender will try again in X hours for Y number of times. I believe in total it can take a few days before it gives up on delivering the email. While reattempting it will surely query for the MX record again, finding your new mail server after which mail delivery will be succesful.

Tommiie
  • 5,547
  • 2
  • 11
  • 45
  • Thanks! If the old server (server-A) is still up - will it go there? – user3645994 Aug 17 '18 at 09:53
  • If I set the TTL (on Server-A) to 60 seconds in advance - does this mean a downtime of 60 seconds? or would their be intermediary servers that would lengthen that period? – user3645994 Aug 17 '18 at 10:04
  • Yeah, mails will get delivered if the sender uses the old MX record and the old server is still up and running & receiving emails. But I would think you'ld shut down that machine and let the sender fail its first attempt and then reattempt and hit the new server. – Tommiie Aug 17 '18 at 10:05
  • 1
    If you set the TTL for the MX record to 60 seconds it means that each and every DNS server which caches records can only cache it for 60 seconds and then it must query the authoritative DNS server again for a new MX record. There will be no downtime to setting a low TTL, it only means your DNS changes will get replicated throughout the DNS infrastructure more quickly. – Tommiie Aug 17 '18 at 10:06
  • Also worth reading is the following Q/A: https://serverfault.com/questions/125371/how-long-does-it-take-for-dns-records-to-propagate – Tommiie Aug 17 '18 at 10:27
  • @Tom only if the other DNS servers honor the TTL, from which there are/were at least a few who don't go below a certain threshold and ignore your request for even lower TTL. – Dennis Nolte Aug 17 '18 at 11:49
  • @DennisNolte: agreed but those DNS servers would be in violation of the RFCs. Eitherway I agree and it's better to take this into account. My suggestion would be to not go below 5 minutes (300 seconds) but maybe you have a different recommendation? Either way, this does not change that the emails won't get dropped or get lost. – Tommiie Aug 17 '18 at 11:56
  • @Tom just wanted to add that even if there are shiny RFCs quite a few vendors do not respect "corner" cases because of costs, other than that: for the question itself its fine. Rewriting the old server to move the messages might work as well (as was written) but would be way more costly, so its OPs decision if a few seconds (even minutes) of possible mail drop is OK or not. Another possible option would be greylisting on the old server, but i read the question as that the OP has no control over the mailserver. – Dennis Nolte Aug 17 '18 at 12:01
  • Note all caches will accept to honour a 60 seconds TTL. – Patrick Mevzek Aug 18 '18 at 15:44
2

Here is one way to do it, in general as the specifics will depend on far too many details you are not providing:

  1. you setup the new mail exchangers: you configure them for your domains, you verify manually that sending emails directly to them has the expected consequences, etc.
  2. you lower the TTLs on your current MX records for example to 5 minutes and you also lower the refresh value in the SOA. You then wait for a delay that should not exceed the maximum of (previous TTL, previous refresh) plus some margin for safety (in any way infrastructure changes like that should not be done in an hurry, you loose nothing by waiting extra time on the opposite you allow then yourself to get fewer problems). You can try on many public DNS servers if they catched the change (the new TTL should appear in the reply), like 1.1.1.1, 8.8.8.8, 9.9.9.9 or 80.80.80.80
  3. at that point, if you have the option to, you can reconfigure the current mail exchangers to just forward everything they receive to the new ones
  4. you change the MX records in the zone to point to your new email exchangers
  5. you monitor connections to the old one, they should vanish rapidly, but any other previous stuck email in some remote queue may be retried to them if the sender does not update its DNS resolution; in any case if you were able to configure them from previous step to send messages received there to the new hosts, there is no harm letting them run for days
  6. when you are satisfied nothing anymore hit the old servers you can then remember to change again the TTL in your zone and put back a more sane value for ongoing operations, like 24 hours.

If you are not able to do step 3, the above still works, it will just mean that you will have to manually handle the few emails that will keep coming to the old servers after you switched. It all depends on what they do with it, where and how the user mailboxes are stored, etc.

As for your specific questions:

Would they either go to SERVER-A or SERVER-B (that is, would e-mail providers using non-updated DNS records be able to get through to SERVER-A or would SERVER-A reject or forward it based on its updated MX-record)?

Yes, after the switch of MX records, and whatever TTL you put (if you are tempted to put like "1 second" which is technically possible but will not work in real life because many caches do not honor, even if it is kind of a violation of the standard, TTLs that they deem to be too low and just use their own default version - this is why anything lower than 5 minutes is not a goog idea), some emails may still arrive at the old hosts. This is why it is important not to shut them down too soon. And to be prepared to do "something" with these emails coming here (hence my step 3 in the above scenario)

MTAs do not consult the DNS to know if they are relevant for the emails they receive or not, they just do based on their configuration. If your old hosts are still configured to accept email for @example.com mailboxes, then they will still do it, even after the change. It is the exact same thing at step 1 of above scenario: you can configure your new hosts in advance of DNS changes and verify they receive emails correctly.

Would they be 'dropped' (that is neither the sender nor recipient will be aware that the message didn't go through)?

No, at least not because of the MX change. It all depends just on the old hosts email configuration.

Would the sender be notified that the message was not delivered?

Same as above. Normally this case will not happen. If old hosts bounce email then the sender will get notified yes, but this is generic email handling, and has nothing specifically to do with MX changes.

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
1

If the client is using non-updated DNS records, the E-Mails would continue to flow towards Server-A.

If the user gets notified when an E-Mail failed to deliver depends on the configuration of the SMTP server, but that server would definitely notice if the target server can't be resolved or can't be connected to.

Tim Schumacher
  • 556
  • 3
  • 12
  • Would Server-A still accept these e-mails, given that their MX records would point to Server-B ? – user3645994 Aug 17 '18 at 09:48
  • 1
    @user3645994 The MX records are there so that the sender finds the correct mail server for the domain. The receiving server shouldn't care about that record. – Tim Schumacher Aug 18 '18 at 10:10
1

Well configured name servers applies changes very fast. Talking about MX record changes, these days only bad configured servers needs hours for this update.

I moved a mailserver recently w/o loosing even one e-mail message. To be honest, only several registered users on it, but... MX records changes applied in a minute, mails started to be delivered in few minutes

Cheers,

Chavdar

Chavdar Georgiev
  • 11
  • 1
  • *Well configured name servers applies changes very fast* : changes inside the zone is one thing (and could still take time in case of large anycast cloud), but then changes in caches of all recursive nameservers that did query for things in the zone in the past is another completely different matter. – Patrick Mevzek Aug 18 '18 at 15:43