Languages

Archived - Apple Mail Server: DNS Configuration

This article explains the most common Domain Name Server (DNS) configurations used with a mail server.
This article has been archived and is no longer updated by Apple.
DNS Fundamentals
The following section will go over DNS fundamentals. A Domain Name Server's primary duty is to take IP addresses and return host names, and vice versa. For example, a computer's IP address of 15.1.1.10 will be converted to 'starfury.zone.com' by the DNS. There are several different types of records that are used with a DNS. The most important is the A-record, which returns an IP address for a host name. The A-record's inverse is the PTR record, which returns a host name for an IP address. The PTR record is a little strange because it is created by reversing the IP address and adding 'in-addr.arpa.' to the end. There is also a CNAME record which is a host name alias to another host, this allows multiple host names to resolve to one IP address. These three record types are illustrated below.

A-record   name -> IP address     host.domain.com -> 12.1.8.51

PTR        IP address -> name     51.8.1.12.in-addr.arpa.  -> host.domain.com

CNAME      host name alias        name.domain.com (A-record name) = othername.domain.com


The next type of DNS record is only used by SMTP Mail Servers. It is called an MX record, or mail exchanger. An MX-list is used with a host to specify how mail for that host should be delivered. The MX-list contains all the possible mail exchanger hosts along with preference values indicating which host should be the final recipient of mail. A host with a lower number value has higher preference (a host with a value of 10 would be preferred over a host valued at 15). If two hosts have the same preference value, they do load-balancing between them. MX records are best explained by example.

MX-list record for mail.company.com
10 mail.company.com
20 mail-backup.company.com
30 isp-backup.isp.net

In this example a mail server attempting to deliver mail to 'mail.company.com' will ask DNS for the MX-list shown here. The server will then try and deliver the mail to the host on the MX-list that has the lowest numerical preference value. In this case it would be 'mail.company.com'. The server will then look up the IP address for 'mail.company.com' and deliver the mail to that address. If that host is not available the mail server will attempt to connect to the next best host, 'mail-backup.company.com'. If 'mail-backup.company.com' is also not available the mail server will then try 'isp-backup.isp.net'. Supposing 'isp-backup.isp.net' was up it would accept the mail and then assume responsibility for forwarding it on to 'mail.company.com' because that host is the preferred final destination for mail addressed to 'mail.company.com'. If all three of these hosts are down the attempting mail server will wait for a while (usually around 5-20 minutes) and try all three again in preference order.

There is a lot more complexity to DNS than what has been described, but that is enough background information to get started. This next section will describe the ways in which the Apple Mail Server uses DNS to deliver mail.

How the Apple Mail Server uses DNS
The Apple Mail Server uses DNS to discover what host names should be considered "local" and to properly deliver mail to other mail servers. Without a DNS available the mail server will be essentially nonfunctional. Many mail delivery problems are the result of a misconfigured DNS server. The Apple Mail Server is designed to use the information returned by DNS to auto-configure itself so that it "knows" what names it can be called by.

Who am I?
One of the first things the mail server does when it starts up is determine what its own names are. It will use DNS to look up the PTR record for the server computer's IP address to discover the name or names that goes with it (Example server IP 15.0.0.21 = 'mail.zone.com'). This name will be marked as a "local" host in the host list. The server will also mark any hosts that end up being local when resolved through DNS. If a mail comes in that is addressed to 'alias.zone.com' and this name maps to 'mail.zone.com' using a CNAME record, then it will be marked local as well. MX-list hosts can also become "local" hosts if they point to the same computer, (zone.com MX-list; 5 mail.zone.com 10 nowhere.zone.com) 'zone.com' will be "local". All mail addressed to "local" hosts will be delivered to users in the mail servers Users & Groups list. Any hosts which are not local will need to be contacted for message delivery.

Server IP address 15.0.0.21
PTR for 21.0.0.15.in-addr.arpa. -> mail.zone.com
A-record for mail.zone.com -> 15.0.0.21
CNAME for mail.zone.com -> alias.zone.com

MX-list for zone.com
5 mail.zone.com
10 nowhere.zone.com

Local Host Names: mail.zone.com, alias.zone.com, zone.com

Using MX-lists
MX-lists are usually used in two ways. (1) Providing an alternative/backup mail server for a host, and (2) mapping a domain wide address to a specific mail server. It is important to have a backup mail server available to handle mail for your domain when your primary mail server goes down. You should configure an MX-list for your host which indicates mail for your mail server 'mail.wigit.com' should be delivered to 'mail.wigit.com' unless it is down, in which case it should be delivered to your backup server, 'mail-backup.wigit.com', or your Internet Service Provider's mail server, 'mail-backup.isp.net'.

MX-list for mail.wigit.com
10 mail.wigit.com
15 mail-backup.wigit.com
20 mail-backup.isp.net

The second use for the MX-list is to provide a "shortcut" email address for your mail users. An MX-list can be created for a host that doesn't have an A-record, this is called an MX-only record. It is used to simplify email addresses, instead of having an email address of 'user@mail.wigit.com' you can simply use 'user@wigit.com'. To do this, create an MX-only record which indicates mail for 'wigit.com' should go to 'mail.wigit.com'. You'll also want to include your mail server backups in this MX-list.

MX-only list for wigit.com
10 mail.wigit.com
15 mail-backup.wigit.com
20 isp-backup.isp.net

The mail server will also use the MX-list for all outgoing mail. It will look up the MX-list for each host and determine which computer should be contacted to deliver the mail. If the mail server comes across a host that does not have an MX-list it will attempt to connect to the A-record address for that host. The server will also try the A-record address if all hosts on the MX-list are unreachable.
Last Modified: Feb 20, 2012
Print this page
  • Last Modified: Feb 20, 2012
  • Article: TA21954
  • Views:

    8428
  • Rating:
    • 60.0

    (9 Responses)

Additional Product Support Information