Compartilhar via


One MX to Rule Them All

Before I start I would like to call out that I think this is the best blog title that I have come up with to date. Surprisingly, or maybe not, I thought of this title and article while I was playing Ultimate Frisbee. My mind was obviously not in the game, and we did lose... anyways, let’s move on and figure out what I’m talking about with the title.

When your domains are added to Office 365 you will be presented with the MX record that will need to be set for them in DNS. Each domain will be given a slightly different and unique MX record. For example, if we added contoso.com to our tenant, Office 365 would probably (but not necessarily) give us the following MX record to add to the DNS for this domain.

contoso-com.mail.protection.outlook.com

Now let’s consider the situation where a lot of domains have been added to Office 365. Again, each of these domains will have been given a unique MX record by Office 365. You can get these unique records either one at a time through the Office 365 Portal, or you can pull them all at once using PowerShell. Once you have obtained all the unique MX records, you then will need to set each in DNS and hope you don’t make a typo.

To make things easier, you can use a single MX record for every single one of the domains that you have added to your Office 365 tenant! Great!!

Now, what is this one MX to rule them all? It can actually be the MX that is provided for any one of your domains. Continuing on with my above example, I have my Office 365 tenant and I have added both contoso.com and tailspintoys.com. Office 365 has indicated that the MX for contoso.com should be set to the following.

contoso-com.mail.protection.outlook.com

I can use this MX record for tailspintoys.com, even though Office 365 will have provided this domain its own unique MX record. Any additional domains I add to my tenant can also be configured with this same MX record.

The important part is that you are using a single Office 365 tenant. The MX record that you obtain needs to be from a domain that in in the same Office 365 tenant as all the other domains that will use this same MX.

Warning

In the above example, if you ever remove contoso.com from your tenant, the contoso-com.mail.protection.outlook.com MX record will stop working. So, if you want to use one MX for all your domains, use the MX from a domain that you will never delete from your tenant. Or better yet, use the MX from your default <InsertName>.onmicrosoft.com domain.

With the example above, the default domain was contoso.onmicrosoft.com. Perform an MX lookup on this and it currently returns the following.

contoso.mail.protection.outlook.com

This FQDN, contoso.mail.protection.outlook.com, can be used as the MX record for every domain that is added to this Office 365 tenant. If this tenant also has an on-premises mail environment that is smart hosting outbound mail to EOP, this same FQDN can be used as the smart host.

Comments

  • Anonymous
    January 01, 2003
    That's correct. Going with the recommendation above, perform an MX lookup on your .onmicrosoft.com domain. For example, for contoso.onmicrosoft.com this returns contoso.mail.protection.outlook.com. Now, for all of the domains that are added to this example tenant, contoso.mail.protection.outlook.com can be set for each of their MX records.
  • Anonymous
    August 07, 2014
    Thanks
    how do you technically do this?
    you just change the mx for each domain to be that one that you want ?
  • Anonymous
    August 11, 2014
    Thanks
  • Anonymous
    August 14, 2014
    How du you pull all the MX records at once with powershell?
  • Anonymous
    March 29, 2016
    But won't this method cause a failed RDNS lookup by a sending system for the other, not-the-same-name domains?
  • Anonymous
    May 12, 2016
    It appears that Outlook offer no additional MX hosts beyond the primary (i.e., no secondary, etc). Why not?
    • Anonymous
      May 18, 2016
      Hi Rodney, I'm not sure I understand your question. The Outlook client itself does not look up the MX records, that is done by the mail server.
  • Anonymous
    July 11, 2016
    does the method of using the .onmicrosoft.com for the mx domain still work? attempted that but received bounce back# #SMTP#
    • Anonymous
      August 02, 2016
      Hi Wayne, as far as I know that should still work. If you have a user that has been provisioned with the .onmicrosoft.com domain, they would not be able to get mail if this did not work.