Please notice that there is one single MX record for the Domain proxmox.com, pointing to mail.proxmox.com. The 'dig' command automatically puts out the corresponding address record if it exists. In our case it points to "220.127.116.11". The priority of our MX record is set to 10 (preferred default value).
> dig -t mx proxmox.com ;; ANSWER SECTION: proxmox.com. 22879 IN MX 10 mail.proxmox.com. ;; ADDITIONAL SECTION: mail.proxmox.com. 22879 IN A 18.104.22.168
Hot Standby with backup MX Records
Many people do not want to install two redundant mail proxies, instead they use the mail proxy of their ISP as fallback. This is simply done by adding an additional MX Record with a lower priority (higher number). With the example above this looks like that:
Sure, your provider must accept mails for your domain and forward received mails to you.
proxmox.com. 22879 IN MX 100 mail.provider.tld.
You will never lose mails with such a setup, because the sending Mail Transport Agent (MTA) will simply deliver the mail to the backup server (mail.provider.tld) if the primary server (mail.proxmox.com) is not available.
Load Balancing wit MX Records
Using your ISPs mail server is not always a good idea, because many ISPs do not use advanced spam prevention techniques like greylisting. It is often better to run a second server yourself to avoid lower spam detection rates.
Anyways, it's quite simple to set up a high performance load balanced mail cluster using MX records. You just need to define two MX records with the same priority. I will explain this using a complete example to make it clearer.
First, you need to have 2 working proxmox mail gateways (mail1.example.com and mail2.example.com), each having its own IP address (the rest of the setting should be more or less equal, i.e. you can use backup/restore to copy the rules). Let us assume the following addresses (DNS address records):
Btw, it is always a good idea to add reverse lookup entries (PTR records) for those hosts. Many email systems nowadays reject mails from hosts without valid PTR records. Then you need to define your MX records:
mail1.example.com. 22879 IN A 22.214.171.124 mail2.example.com. 22879 IN A 126.96.36.199
This is all you need. You will receive mails on both hosts, more or less load balanced. If one host fails the other is used.
example.com. 22879 IN MX 10 mail1.example.com. example.com. 22879 IN MX 10 mail2.example.com.
Multiple Address Records: Using several DNS MX record is sometime clumsy if you have many domains. It is also possible to use one MX record per domain, but multiple address records:
Using Firewall features: Many firewalls can do some kind of RR-Scheduling when using DNAT. See your firewall manual for more details.
example.com. 22879 IN MX 10 mail.example.com. mail.example.com. 22879 IN A 188.8.131.52 mail.example.com. 22879 IN A 184.108.40.206