Why can't my server receive email after I created an MX record for my SMTP server in Route 53?

7 minute read
0

I created a mail exchanger (MX) record for my Simple Mail Transfer Protocol (SMTP) server in Amazon Route 53. Now my server can't receive email.

Short description

If you don't properly configure the public hosted zone that for the Route 53 DNS service, then clients can't connect to your SMTP server. To properly configure your public hosted zone, verify the following settings:

  • The public hosted zone is populated with the appropriate resource record sets.
  • Your non-AWS domain name registrar points to the name servers in your Route 53 public hosted zone.

Resolution

Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you're using the most recent AWS CLI version.

Confirm that you're using the appropriate resource record sets

Confirm that you created the appropriate resource record sets for your SMTP server. For more information, see Values that you specify when you create or edit Amazon Route 53 resource records. At minimum, the public hosted zone must contain an MX record for your SMTP server. For more information, see Values specific for simple records.

Confirm that your non-AWS domain name registrar points to the name servers in your Route 53 public hosted zone

You can use Route 53 for DNS services and another domain name registrar for domain registration. In this case, your domain name registrar must reference the name servers in your Route 53 public hosted zone. To do this, query an internet-based whois utility to take the following steps:

  • Find the registrar for your domain name. Enter your domain name in the query field, select the Domain option, and then choose Submit. The query results include the domain name registrar and the authoritative name servers for the domain name.
    Note: The query results might return a list of name servers other than the name servers that are associated with your Route 53 public hosted zone. In this case, the DNS queries for your SMTP server aren't sent to Route 53. To update the list of name servers that are associated with your domain name, contact your domain name registrar.
  • Find contact information for your domain registrar. Enter the name of the registrar in the query field, select the Registrar option, and then choose Submit. Use this information to contact your domain registrar. Ask your domain registrar to update the list of name servers, so your domain name can reference them in its public hosted zone.
  • Verify that the DNS service that you're transferring from doesn't delete resource record sets before the time to live (TTL) on the registrar's name servers expires. Route 53 DNS services don't respond to DNS queries for a domain name until the TTL period for the domain name server records elapses. For more information, see I changed DNS settings, but they haven't taken effect.

Check for DNS MX record set issues

1.    To confirm that an MX record for the domain exists, run the following commands:

Linux or macOS

dig DOMAIN_NAME MX

This returns an output similar to the following dig example:

$ dig amazon.com MX

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.2 <<>> amazon.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon.com.                    IN      MX

;; ANSWER SECTION:
amazon.com.             300     IN      MX      5 amazon-smtp.amazon.com.
;; Query time: 1 msec
;; SERVER: 10.10.0.2#53(10.10.0.2)
;; WHEN: Wed Apr 14 06:21:43 UTC 2021
;; MSG SIZE  rcvd: 67

Windows

nslookup -type=MX DOMAIN_NAME

This returns an output similar to the following nslookup example:

$ nslookup -type=MX amazon.com
Server:         10.10.0.2
Address:        10.10.0.2#53

Non-authoritative answer:
amazon.com      mail exchanger = 5 amazon-smtp.amazon.com.

2.    To confirm that you can resolve the MX record hostname, run the following commands:

Linux or macOS

dig MX_RECORD

This returns an output similar to the following dig example:

$ dig amazon-smtp.amazon.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.2 <<>> amazon-smtp.amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64180
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon-smtp.amazon.com.                IN      A

;; ANSWER SECTION:
amazon-smtp.amazon.com. 27      IN      A       52.94.124.7

;; Query time: 1 msec
;; SERVER: 10.10.0.2#53(10.10.0.2)
;; WHEN: Wed Apr 14 06:41:18 UTC 2021
;; MSG SIZE  rcvd: 67

Windows

nslookup MX_RECORD

This returns an output similar to the following nslookup example:

$ nslookup amazon-smtp.amazon.com
Server:         10.10.0.2
Address:        10.10.0.2#53

Non-authoritative answer:
Name:   amazon-smtp.amazon.com
Address: 52.119.213.154

Note: Some DNS providers require that you prepend an at symbol (@) to an MX record set name. Or, providers might require you to create an MX record set with the name "@" when creating an MX record set for a root domain. However, don't prepend Route 53 MX record set names with the "@" or any other symbol. To create an MX record set for a root domain in Route 53, leave the record set name blank. Then, provide appropriate values for the remaining fields of the Route 53 MX record set.

Test sending and receiving email

Connect to the mail server and test your ability to send and receive email using SMTP commands.

1.    Enter the following command, and then press Enter. Be sure to replace the placeholder values with your mail server name or IP address and the port number:

telnet MAIL_SERVER_NAME_OR_IP MAIL_SERVER_PORT_NUMBER

Note: If you make a typographical error in this command, press Enter. Pressing Backspace or Delete doesn't work in this case. After you press Enter, retry the command. In some cases, you might need to close the telnet session and reconnect.

2.    Enter the following command, and then press Enter. Be sure to replace the placeholder value with your mail server domain name:

EHLO YOUR_MAIL_SERVER_FULLY_QUALIFIED_DOMAIN_NAME

3.    Enter the following command, and then press Enter. Be sure to replace the placeholder value with your email address:

mail from: your_name@yourdomainname

The server responds with 250 OK.

4.    Enter the following command, and then press Enter. Be sure to replace the placeholder value with the recipient's email address:

rcpt to: recipient@yourdomainname

Note: The sender and recipient can have the same email address.

The server responds with 250 Accepted.

Important: If the server can verify information such as the sender and recipient, then the message is confirmed as accepted.

5.    Enter the following command, and then press Enter:

data

6.    Enter the following command, and then press Enter:

Subject: SPECIFY_SUBJECT_HERE

7.    Enter the following command, and then press Enter:

SPECIFY_MESSAGE_HERE

8.    Enter the following command, and then press Enter:

.

The server accepts the message for delivery and responds with 250 OK to indicate that it sent the email.

9.    If you confirm that the MX record is configured correctly but your SMTP server still can't receive email, contact your email service provider.

AWS OFFICIAL
AWS OFFICIALUpdated a year ago