Home / server / Questions / 1168684
Accepted
arkadiy
Asked: 2024-12-10 03:20:26 +0800 CST

Setting up DNS for routing mail to corresponding subdomains

  • 772

I'm trying to configure DNS for handling mail across multiple subdomains, where each subdomain has its own mail server. My goal is to route mail for user@%subdomain%.example.com to the server hosted under %subdomain%.example.com.

Example of desired configuration:

And so on for all possible subdomains. There are many subdomains, so manually adding an MX record for each one is not an option.

What might work

_smtp._tcp.*.example.com. IN SRV 0 0 25 %.example.com.

This configuration looks logical, but I'm not sure how well it's supported by mail servers. I don't know if something similar is possible for IMAP and POP3.

My questions

  1. What DNS records need to be created to implement such a routing?
  2. Is it possible to set up a wildcard MX record that will automatically route mail to the corresponding subdomain?
  3. If a wildcard MX record is not possible, how can the process of creating MX records for new subdomains be automated (preferably in a way that doesn't take much time, perhaps using dynamic DNS)?

What doesn't work

  • Wildcard routing of all subdomains to a single domain, like IN MX 10 central-mail.example.com.. Such a configuration is only acceptable if the email can then be routed to the correct server without needing to decrypt the packet content (like SNI in TLS/SSL).

I would appreciate a detailed explanation of the necessary DNS records and any additional recommendations.

domain-name-system

2 Answers

  1. Best Answer

    You don't need any configuration.

    If no MX records exists, it will be delivered to the hostname, e.g. [email protected] will be delivered to xyz.example.com. This is stated in RFC 5321, section 5.1:

    If an empty list of MXs is returned, the address is treated as if it was associated with an implicit MX RR, with a preference of 0, pointing to that host.

    • 2

  2. What DNS records need to be created to implement such a routing?

    None. If Vidarlo's answer (i.e. this already being the default behavior when no records exist) doesn't meet your needs due to overly strict spam filtering, then the other answer is "you cannot do this kind of wildcard with DNS alone".

    This configuration looks logical, but I'm not sure how well it's supported by mail servers.

    _smtp is not supported by any mail provider (and if I recall correctly, forbidden by specification) because MX records already exist and work the same way. Mail clients would be looking for the _submission[s] service.

    Aside from that, this is generally not a valid way to use wildcards – they can only be used as the leftmost component – and neither DNS in general nor SRV records specifically have any provision for % or other substitution.

    Certain DNS servers can have server-side logic to do fancier things (e.g. some have Lua scripts) but standard DNS configuration can't do this.

    If a wildcard MX record is not possible, how can the process of creating MX records for new subdomains be automated (preferably in a way that doesn't take much time, perhaps using dynamic DNS)?

    Depends entirely on your DNS hosting platform. Some have HTTP-based APIs, others don't. ("Dynamic DNS" is not a magic feature; it's just another API.) A standalone server may use text zonefiles that can be generated, or may support RFC2136 dynamic updates, or may let you insert records into SQL database. Active Directory supports three different APIs (RFC2136, MS-RPC, LDAP).

    • 0