Why can't my server receive email after I created an MX record for my SMTP server in Route 53?

Short description

If the public hosted zone that you configured for the Route 53 DNS service isn't properly configured, clients can't connect to your SMTP server. Confirm that:

• The public hosted zone is populated with the appropriate resource record sets.
• Your non-AWS domain name registrar points to the name servers in your Route 53 public hosted zone.

Resolution

Note: If you receive errors when running AWS Command Line Interface (AWS CLI) commands, make sure that you’re using the most recent AWS CLI version.

Confirm that you're using the appropriate resource record sets

Confirm that you created the appropriate resource record sets for your SMTP server. For more information, see Values that you specify when you create or edit Amazon Route 53 resource records. At minimum, the public hosted zone must contain an MX record for your SMTP server. For more information, see Values specific for simple records.

Confirm that your non-AWS domain name registrar points to the name servers in your Route 53 public hosted zone

2.    If you're using Route 53 for DNS services and another domain name registrar for domain registration, then verify that your domain name registrar references the name servers in your Route 53 public hosted zone. To do this, query an Internet-based whois utility to do the following:

• Find the registrar for your domain name. Enter your domain name in the query field, select the Domain option, and then choose Submit. The query results include the domain name registrar and the authoritative name servers for the domain name.
  Note: If the query results return a list of name servers other than the name servers associated with your Route 53 public hosted zone, then DNS queries for your SMTP server won't be sent to Route 53. Contact your domain name registrar to update the list of name servers associated with your domain name.
• Find contact information for your domain registrar. Enter the name of the registrar in the query field, select the Registrar option, and then choose Submit. Use this information to contact your domain registrar. Ask your domain registrar to update the list of name servers for your domain name to reference the name servers in the Route 53 public hosted zone for your domain.
• Verify that the DNS service you're transferring from doesn't delete resource record sets for your domain before the time to live (TTL) on the registrar's name servers expires. Route 53 DNS services won't respond to DNS queries for a domain name until the TTL period for the domain name server records has elapsed. For more information, see I changed DNS settings, but they haven't taken effect.

Check for DNS MX record set issues

1.    Using the following commands, confirm that an MX record for the domain exists.

On Linux or macOS, use:

dig <domain name> MX

Example dig output:

$ dig amazon.com MX

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.2 <<>> amazon.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon.com.                    IN      MX

;; ANSWER SECTION:
amazon.com.             300     IN      MX      5 amazon-smtp.amazon.com.
;; Query time: 1 msec
;; SERVER: 10.10.0.2#53(10.10.0.2)
;; WHEN: Wed Apr 14 06:21:43 UTC 2021
;; MSG SIZE  rcvd: 67

On Windows, use:

nslookup -type=MX <domain name>

Example nslookup output:

$ nslookup -type=MX amazon.com
Server:         10.10.0.2
Address:        10.10.0.2#53

Non-authoritative answer:
amazon.com      mail exchanger = 5 amazon-smtp.amazon.com.

2.    Using the following commands, confirm that you can resolve the MX record hostname.

On Linux or macOS, use:

dig <MX record>

Example dig output:

$ dig amazon-smtp.amazon.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.2 <<>> amazon-smtp.amazon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64180
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;amazon-smtp.amazon.com.                IN      A

;; ANSWER SECTION:
amazon-smtp.amazon.com. 27      IN      A       52.94.124.7

;; Query time: 1 msec
;; SERVER: 10.10.0.2#53(10.10.0.2)
;; WHEN: Wed Apr 14 06:41:18 UTC 2021
;; MSG SIZE  rcvd: 67

On Windows, use:

nslookup <MX record>

Example nslookup output:

$ nslookup amazon-smtp.amazon.com
Server:         10.10.0.2
Address:        10.10.0.2#53

Non-authoritative answer:
Name:   amazon-smtp.amazon.com
Address: 52.119.213.154

Note: Some DNS providers require that you prepend an at symbol (@) to an MX record set name. Or, providers might require you to create an MX record set with the name "@" when creating an MX record set for a root domain. However, don't prepend Route 53 MX record set names with the "@" or any other symbol. To create an MX record set for a root domain in Route 53, leave the record set name blank. Then, provide appropriate values for the remaining fields of the Route 53 MX record set.

Test sending and receiving email

Connect to the mail server and test your ability to send and receive email using SMTP commands.

1.    Enter the following command, and then press Enter:

telnet <mail server name or IP> <mail server port number>

Note: If you make a typographical error while entering this command, be sure to press Enter. Pressing Backspace or Delete doesn't work in this case. After pressing Enter, retry the command. In some cases, it might be necessary to close the telnet session and reconnect.

2.    Enter the following command, and then press Enter:

EHLO <YOUR MAIL SERVER FULLY QUALIFIED DOMAIN NAME>

3.    Enter the following command, and then press Enter:

mail from: <your_name@yourdomainname>

The server responds with "250 OK".

4.    Enter the following command, and then press Enter:

rcpt to: <recipient@yourdomainname>

Note: The sender and recipient can have the same email address.

The server responds with "250 Accepted".

Important: If the server can verify information such as the sender and recipient, then the message is confirmed as accepted.

5.    Enter the following command, and then press Enter:

data

6.    Enter the following command, and then press Enter:

Subject: <specify subject here>

7.    Enter the following command, and then press Enter:

<specify your message here>

8.    Enter the following command, and then press Enter:

.

The message is accepted for delivery. The server responds with "250 OK", which indicates that the email was sent.

9.    If you confirm that the MX record is configured correctly but your SMTP server is still unable to receive email, then contact your email service provider.