How does DNS work with respect to mail servers?


How does one setup mail on their DNS? Which kind of record should it be? Does it matter which type of mail is chosen? Which is the better mail protocol?

How does the ssl work for this mail?

If e.g. a domain is, will the DNS be set to e.g. ?

how will the emails be handled? Anything with will be sent to the public IP I set in my DNS to

How does the SSL work for this, do I need a separate ssl for the I already have a ssl cert for, could you recommend which service to use to get a wild card ssl cert, possibly installed by the service too?


Posted 2012-02-17T18:47:59.567

Reputation: 185



Lets look at this from the perspective of a server sending mail to your domain.

First i need to find your mail servers, so i look up MX records for your domain. You may have these:        3600    IN  MX  10        3600    IN  MX  20

What does this mean? Domain has 2 MX records which point at different mail servers. The first number for each record is the TTL, which determines how long it can be stored before i have to look it up again. the second number is the MX priority which determines the order I should check in with the mail servers. The number is arbitrary, here i use 10 and 20. One is less than the other.

The first mail server I should try is so I then do a DNS lookup for        2457    IN  A

I see that has IP and i try to deliver mail there. If i can't reach it i try the second server which was, and then so on until i run out of servers. If i can't deliver the mail at that point i would send the message back to the sender.

So the MX records for tell me which domain names have the mail servers for Each mail server would have to have its own SSL certificate for its domain name. If was set as a mail server in an MX record then would have to have its own SSL certificate for that domain name.

You generally only have one server for retrieving mail. It is the server that keeps a canonical copy of your mailbox on it. It can have any domain name; you would put this domain name in your mail client.

I would advise against running a mail server on your home internet connection. If your connection or server goes down you will not get mail. Your connection will be filled with spam hitting your server at an incredible rate. Its a fun experiment but i would not rely on it. Instead i recommend either paying for a mail service like fast mail or using the free edition of google apps for your domain.


Posted 2012-02-17T18:47:59.567

Reputation: 178

That's a perfect explanation thanks. Yeah, I am trying to increase my server knowledge and doing some experiments. Could you recommend a good book on networking? – user773578 – 2012-02-17T19:44:38.780

Sorry I don't know any. – jackslash – 2012-02-18T09:23:41.630