Direct answer
MX records show which mail exchangers are publicly listed to receive email for a domain. They can help identify visible mail routing and provider patterns.
Plain-language explanation
When someone sends email to an address at a domain, DNS helps identify where that email should be delivered. MX records are the public records that provide that mail routing instruction.
In practice, MX records often point to a mail provider, gateway, filtering service or managed email platform. Observing them can help show whether a domain appears to use a particular email provider family or whether mail routing has changed over time.
MX records do not describe the whole email environment. They do not show every sending system, internal mailbox setup, message flow rule, security setting or delivery outcome.
Why it matters
Email is one of the most visible uses of a domain. It carries public communications, customer contact, service notifications and organisational identity.
When MX records move, the change can reflect a mail migration, filtering update, supplier change, domain cleanup or routine provider work. It is a governance-relevant signal because mail routing is visible, important and often shared across technology, communications and external suppliers.
What .auDO observes
- visible MX records for observed domains
- inferred email provider context from MX patterns
- changes in MX records between repeated observations
- related DMARC, SPF and TXT records where visible
- provider concentration across the observed panel
- mail posture summaries across State and cohort views
What it can tell us
- where mail for a domain appeared to be directed at collection time
- whether visible mail routing changed between observations
- whether a domain appears to use a recognised mail provider family
- whether mail routing should be reviewed alongside DMARC and SPF posture
- whether provider patterns are concentrated across an observed cohort or panel
What it cannot prove
- whether email delivery is working well
- whether all authorised senders are known
- whether mailboxes, routing rules or filters are configured as intended
- whether a provider relationship is current beyond the visible DNS signal
- whether DMARC, SPF or DKIM are fully effective
- whether internal email governance is mature
Practical governance questions
- Do important domains have expected MX providers documented?
- Are mail routing changes reviewed alongside DMARC, SPF and TXT records?
- Who owns public mail posture: technology, security, communications or supplier?
- Are parked, campaign or legacy domains expected to receive mail?
- Can teams explain why a domain's mail routing changed?