Introduction

MX (Mail Exchange) DNS records tell sending mail servers where to deliver email for a domain. When MX records are missing, misconfigured, or point to unresolvable hostnames, email delivery fails completely. Sending servers bounce messages with DNS Error: MX record not found or Host not found. This is one of the most critical DNS misconfigurations because it affects all inbound email.

Symptoms

  • Sending email to user@example.com bounces with MX record lookup failed
  • dig example.com MX returns NOERROR with no records or NXDOMAIN
  • Mail server logs show Host or domain name not found. Name service error
  • Email delivery delayed with retry timeout exceeded
  • Reverse DNS check fails for the mail server hostname

Common Causes

  • MX record not created or deleted accidentally
  • MX record points to a hostname that has no A/AAAA record
  • MX record priority misconfigured (all servers at same priority when failover intended)
  • Mail server hostname changed without updating MX record
  • DNS propagation delay after MX record change

Step-by-Step Fix

  1. 1.Check the MX record for the domain:
  2. 2.```bash
  3. 3.dig example.com MX +noall +answer
  4. 4.# Expected: example.com. 3600 IN MX 10 mail.example.com.
  5. 5.# If no output: MX record does not exist
  6. 6.`
  7. 7.Verify the mail server hostname resolves:
  8. 8.```bash
  9. 9.# Get the MX target
  10. 10.MX_TARGET=$(dig example.com MX +short | awk '{print $2}')
  11. 11.# Check A record
  12. 12.dig $MX_TARGET A +noall +answer
  13. 13.# If no A record, the MX target cannot be reached
  14. 14.`
  15. 15.Check for common MX configuration errors:
  16. 16.```bash
  17. 17.# MX should NOT point to a CNAME
  18. 18.dig $MX_TARGET CNAME +short
  19. 19.# If returns a value, the MX target is a CNAME (RFC violation)
  20. 20.# Fix: create an A record for the mail server hostname

# Verify reverse DNS (PTR) for the mail server IP dig -x <mail-server-ip> +short # Should return the mail server's hostname ```

  1. 1.Fix the MX record in your DNS management console:
  2. 2.`
  3. 3.# Add or correct the MX record:
  4. 4.example.com. 3600 IN MX 10 mail.example.com.
  5. 5.# Add the A record for the mail server:
  6. 6.mail.example.com. 3600 IN A 192.168.1.50
  7. 7.# Add SPF record for email authentication:
  8. 8.example.com. 3600 IN TXT "v=spf1 mx ~all"
  9. 9.`
  10. 10.Verify the complete mail DNS configuration:
  11. 11.```bash
  12. 12.# Check MX
  13. 13.dig example.com MX +short
  14. 14.# Check A record of MX target
  15. 15.dig mail.example.com A +short
  16. 16.# Check PTR (reverse DNS)
  17. 17.dig -x 192.168.1.50 +short
  18. 18.# Check SPF
  19. 19.dig example.com TXT +short | grep spf
  20. 20.`
  21. 21.Test mail delivery:
  22. 22.```bash
  23. 23.# Simulate SMTP delivery
  24. 24.telnet mail.example.com 25
  25. 25.# Or use swaks for a full test
  26. 26.swaks --to user@example.com --server mail.example.com
  27. 27.`

Prevention

  • Include MX record verification in DNS change checklists
  • Monitor MX record resolution from external locations
  • Set up email delivery monitoring with services that send test emails
  • Configure at least two MX records with different priorities for redundancy
  • Verify PTR (reverse DNS) records match the mail server hostname before deploying