We’re announcing a support policy update to the Time To Live (TTL) value for MX records pointing to Exchange Online and Exchange Online Protection.
Starting May 2nd, the maximum supported TTL value for MX records will be 6 hours (21,600 seconds) or less for MX records corresponding to domains using Office 365 for email hosting.
- Exchange Online recommends setting the TTL values to 1 hour (3,600 seconds) but will support values up to 6 hours (21,600 seconds).
- Exchange Online
This will help your organization fully benefit from the high availability of Exchange Online by ensuring that email for your organization is sent to the optimal endpoint in the Exchange Online infrastructure, and it requires some actions on your part.
Note: TTLs are measured in seconds and are used to set the length of time a DNS record is cached by a DNS server or client. The greater the TTL value, the longer the record is cached. When a TTL is too long, it can lead to ‘stale’ records or stale information in the DNS server’s cache. This happens when a DNS record is changed, but the unchanged version of the record is still cached in another DNS server. If the unchanged version of the record is used, it can result in traffic being sent to the wrong destination.
How this will affect your organization
For all MX records corresponding to domains that use Office 365 for email hosting (e.g. vanity domains, accepted domains), you need to ensure that the MX record TTL value is configured for a maximum of 6 hours (21,600 seconds) or less. Performing this action before May 2nd will ensure that organizations, that send email to you, have significantly less issues with stale records and will connect to the best endpoint for reaching your organization.
What you need to do to prepare
If you host your own DNS records:
- Engage the team managing your DNS Records
- For each Record with Type ‘MX’ that is used for routing mail traffic to Exchange Online
- Ensure the record is pointing to your organization’s Fully Qualified Domain Name (FQDN) for Exchange Online in the mail.protection.outlook.com domain. For example, for the vanity domain contoso.com, the MX record should be: contoso-com.mail.protection.outlook.com.
- Check if the TTL value is 21,600 or less – if it isn’t, update the TTL to 21,600 or less. We recommend 3,600 for the best experience.
If you use a DNS record provider (ex. GoDaddy):
- Go to the registrar where you have purchased your domain. (You may need to contact the technical support of the registrar where you have purchased your domain for assistance in changing the MX Record.)
- For each Record with Type ‘MX’ that is used for routing mail traffic to Exchange Online:
- Ensure the record is pointing to your organization’s FQDN for Exchange Online in the mail.protection.outlook.com domain. For example, for the vanity domain contoso.com, the MX record should be: contoso-com.mail.protection.outlook.com.
- Check if the TTL value is 21,600 or less, if it isn’t, update the TTL to 21,600 or less. We recommend 3,600 for the best experience.
- Add DNS records to connect your domain
- Mail flow best practices for Exchange Online, Microsoft 365, and Office 365 (overview)
- ATTR35 response code when mail is sent to EOP/EXO
Message ID: MC346908
Published: 26 March 2022
Updated: 26 March 2022
Action required by: 02 May 2022
Plan for Change
Platform: Online, World tenant
Change type: Admin impact
Major change: True