The Benefits to Not Changing Your MX Records

One of the first things you have to do when deploying a Secure Email Gateway like Mimecast or Proofpoint is change your MX Records. Mail Exchange (MX) records are necessary for the delivery of all emails. 

When using an SEG, enterprises have to change their MX records to that of the Gateway. 

By doing this, a few negative things happen:

• Since MX records are public knowledge, any person--bad actor or not--can easily find out what security that company is using. It's an instant roadmap to launch attacks
• The providers have to institute obstructive mail-server configurations, limiting themselves as the only approved hop for incoming email, leading to potential headaches for IT staff that may not know every exception
• It takes Domain Name Server (DNS) records 48 hours to become fully effective

When installing a solution like Avanan, which doesn't switch, you'll see the following major benefits:

• Bad actors won't know what security service you use, meaning they cannot send malware that they know will bypass your security measures
• Installation and set-up takes just five minutes, not two days
• True layered security, as the change of MX records means that if an email bypasses the SEGs filters, it will go straight to the inbox

When you don't change your MX records to that of the gateway, you benefit from being far safer.