In these examples, I will use domain.com as the primary domain
| DNS Entry | Record Type | Set to |
|---|---|---|
| mail.domain.com | A | IPv4 address of mail server. This must be an A record not a CNAME record |
| mail.domain.com | AAAA | IPv6 address of mail server. This must be an AAAA record and not a CNAME record |
| domain.com | MX | host name of your mail server. eg mail.domain.com this should also be the reverse dns entry for the mail host. |
| autodiscover.domain.com | CNAME | mail.domain.com This is for your client email program to be able to autoconfigure itself |
| _autodiscover._tcp.domain.com | SRV | mail.domain.com port x (whatever your your server uses) |
| autoconfig.domain.com | CNAME | mail.domain.com |
| domain.com | TXT | your SPF record. Perform a web search for generate SPF record for more details |
| _dmarc.domain.com | TXT | your DMARC record. Perform a web search for generate DMARC record for more details |
| dkim._domainkey.domain.com | TXT | your DKIM record. Perform a web search for generate DKIM record for more details. Make SURE your email server’s DKIM Selector matches the “dkim” prefix portion as in the example. |
Many of these settings are essential if you want the big mail servers to be satisfied your server is legitimate. Add as many of them as your mail server supports.
Gotcha’s:
- Pay attention to the record types above. If it says A or AAAA make sure you use that record type or you can end up with servers not being able to resolve your name and they don’t seem to be too informative about this type of error.
- Make sure the dkim prefix matches what’s in your email server. If they dont match, you’ll end up with mail being rejected.
Leave a Reply