emailsmtpemail-headersmx-record

How to find Outbound/outgoing mail server of a domain?


The received headers in the email are basically the addresses of the email servers that the email was passed to reach their destination. The last received header is originating address for the email coming from a domain.

So If I am receiving a mail from a domain "example.com", the originating received header should be an outgoing SMTP server address of the "example.com" domain. Is there any way I can verify the address in the email header with the expected address of the domain?

From what I understood by reading blogs, is that the MX record is only for receiving the emails and not for sending emails. Is there something similar to the MX record but only for outbound/outgoing mails?

Please correct me If I am wrong anywhere. Thanks.


Solution

  • You are correct that only a domain's inbound mail server are stored in MX (mail exchange) DNS records. A domain's outbound servers are stored in SPF (sender permitted from / sender policy framework) DNS records. These state what machines may send email for a given domain.

    (This is important for outsourcing your email sending, so that e.g., Gmail's servers are considered valid senders for example.com.)

    You can query the domain's txt records, e.g., with dig:

    $ dig -t txt stackoverflow.com | grep spf
    stackoverflow.com.  203 IN  TXT "v=spf1 ip4:198.252.206.0/24 include:_spf1.stackoverflow.com ~all"
    

    Here you see that the machines in the 198.252.206.0/24 CIDR range are allowed to send email for @stackoverflow.com addresses.

    Normally, your inbound mail server should do all these checks for you, plus DKIM and DMARC.