Creating Different MX Record for Subdomain

adam.walker · September 9, 2023, 2:58pm

We are a school district and have a domain example.domain with mx records pointing to Barracuda and using o365 for staff.

Student accounts are created as my.example.domain and we would like to point the mx record to google. 12 hours ago, I created mx records as my and pointed them to Google, but emails to my.example.domain are still going to o365. I called Google and they said I needed to contact Cloudflare to see if they even supported this setup.

Does Cloudflare support what I am trying to do?

Laudian · September 9, 2023, 3:12pm

Yes, Cloudflare supports what you’re trying to do and what you did looks good in principle.

However, this doesn’t check out:

Why did emails do my.example.com ever go to o365 in the first place?

Can you share the name of your domain? That would very likely help in finding the problem.

adam.walker · September 9, 2023, 3:27pm

My understanding is subdomains automatically use the MX record for the top level domain. That’s the only way I can see how it worked before. The domain is hamiltonfl . com.

sdayman · September 9, 2023, 3:36pm

That sounds like what happened. And it’ll just take a little while for DNS to propagate that MX record.

cscharff · September 9, 2023, 4:55pm

They do not.

dig my.hamiltonfl.com mx +short
1 aspmx.l.google.com.
10 alt3.aspmx.l.google.com.
10 alt4.aspmx.l.google.com.
5 alt1.aspmx.l.google.com.
5 alt2.aspmx.l.google.com.

I’m going to guess that you’re on Office 365 behind the barracuda inbound, in which case your Office 365 tenant likely believes it is authoritative for my.hamiltonfl.com and is delivering them locally as there’s no reason for it to look up an external MX record.

If that’s the case you’ll need to configure Office 365 to no longer be authoritative for that subdomain. You can confirm this by sending an email from somewhere other than Office 365 to an address on the my subdomain and it will be delivered to google based ont he Mx records published.

adam.walker · September 9, 2023, 9:05pm

You are 100% correct, it does work when sending from a Google account to my. hamiltonfl. com. “my.” is configured in a separate tenant from the root domain, so I assumed hamiltonfl. com would look for an mx record, but I guess not! I’ll see if I can find where to make the change in Microsoft and post back.

adam.walker · September 9, 2023, 10:15pm

The issue was only email sent from hamiltonfl. com to my.hamiltonfl. com. 2 possible reasons, maybe in conjunction with each other, fixed it.

There was an existing connector set up in the hamiltonfl. com tenant that said for email going to destination domain *, send to Barracuda.
I set up a rule for any email sent to my.hamiltonfl. com to use a connector configured to use partner domains MX record.

I think we’re good to go now.

system · September 12, 2023, 10:16pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.