Beruflich Dokumente
Kultur Dokumente
As someone who reads through hundreds of support cases each month, nothing pains me more
than seeing customers struggling with seemingly complex issues, only to discover that the
root cause is quite simple. Never is this truer than it is with DNS. Some of the most
complicated security and lost mail issues boil down to a few simple records. In fact, we get
well over a thousand tickets per month that could be easily avoided by addressing DNS
issues. This blog post could save you time, frustration, even money! Please note that I’m
focusing on Office 365 email DNS records here, especially those involved in routing &
security decisions – but this advice may be applicable more broadly.
Then, you can use nslookup to validate what the world sees. As an example:
C:\>nslookup
> server 4.2.2.2
Default Server: b.resolvers.Level3.net
Address: 4.2.2.2
> set q=mx
> contoso.com
Server: b.resolvers.Level3.net
Address: 4.2.2.2
contoso.com MX preference = 10, mail exchanger = mail.global.frontbridge.com
> set q=txt
> contoso.com
Server: b.resolvers.Level3.net
Address: 4.2.2.2
contoso.com text =
"MS=ms47806392"
As you can see from this example, contoso.com does NOT have the proper MX record, and
they have no SPF record. Alternately, you can use any number of 3rd party DNS checking
tools available on the web.
While you’re at it, check all your Office 365 DNS records as well. And odds are, if you’re
still using those old records, you might not have setup DKIM and DMARC. Take this
opportunity and stop procrastinating – your brand, your users’ safety, even the financial future
of your company could depend on it. For more information, see the Office 365 Domains
FAQ.
I hope you find these best practices helpful, and if you’re stuck, our support is able to assist
you with any of this.