Skip to main content

Using e-mails with a custom domain

mailbox.org customers (except those on the LIGHT price plan) may use our servers to send e-mails from addresses that have another domain name (e.g., me@example.com). Similarly, it is possible to use e-mail addresses from an external domain as aliases for your mailbox.org account (the maximum number of aliases permitted will depend on your chosen price plan). Once your custom domain name has been set up properly with mailbox.org, you will also receive e-mails in your inbox with us that are addressed to the e-mail addresses of that domain. Of course, you can also use the external e-mail addresses as a sender identity and define one of them as your main address. The instructions below outline how this works, possible issues you should bear in mind, and how to set everything up.

Business Customers:

Business customers have access to additional functionality and follow a different procedure, which is described in this article.

Requirements

To set up your mailbox.org e-mails to use a custom domain name, you need the following:

  • A mailbox.org account on a “Standard” price plan or better. If you do not have an account yet, you can register one here: Register a mailbox.org account.

  • A domain name that is registered with a provider of your choice. The example we use in this article is example.com.

  • Access to the administration interface for your domain. This is normally provided by your domain or Web hosting provider. Example providers are Hetzner, Netcup, or Inwx.

  • Proof that the domain really belongs to you. This requires you to log in to your provider’s administration interface, access the Domain Name System (DNS) settings for your domain, and deposit a mailbox.org security key. The key is required for us to verify your ownership of the domain and will also ensure that no one other than you can redirect your e-mails.

  • Lastly, the DNS entries for mail routing ("MX records") must be adjusted to correctly point to mailbox.org so that any e-mails sent to your domain actually arrive at our servers for processing.

Data processing and storage:

Any e-mails that are redirected to mailbox.org from other domains in the way described here will be processed by us and stored on our servers.

Step 1: Retrieve the mailbox.org security key

  • Open the settings in the mailbox.org user interface (1).

  • Click on the menu item "mailbox.org" (2).

  • Click on the submenu "E-mail aliases" (3).

  • In the section "Add external address" (4), enter an e-mail address of the external domain that you want to add (e.g., "admin@example.com").

  • Click on "Add" (5).

Figure 1: Add external Alias

mailbox.org will now perform a background query of the DNS to obtain information about your domain and check if the mailbox.org security key is present. When you try adding an alias that uses your custom domain name for the very first time and this key does not exist (yet), an error message will appear: "Error: Validation of external domain failed". However, this is a good thing right now as you will also receive specific instructions for how to address the issue. The fields (6) and (7) have the data that you need to enter in your domain’s DNS settings in the following steps.

Figure 2: Validating an external Alias

Provider differences:

Every provider may use somewhat different web applications for the management of their domains and also have different requirements in terms of input formats. mailbox.org can therefore provide only general advice about the information that needs to be entered. When in doubt, please seek assistance from your provider and contact their support (refer to this article if you do). At the time when you registered your domain(s), you will normally have received the log-in credentials required to configure some basic settings, including those mentioned in the instructions below.

Step 2: Enter the mailbox.org key in the DNS settings of your provider

Log on to the administration interface at the provider that is responsible for managing your domain. Then go to the settings for the Domain Name System (DNS) and create a "TXT" record. The layout of the configuration form depends on who the provider is (See a few examples at the end of this article). You need to perform the following three steps:

  • Add a "Hostname" value - the first part of the key (6).

  • Add a "Target" value - the second part of the key (7).

  • Save and wait for the changes to be updated on the Internet (in the DNS).

The figure above (the one with the error message) indicates the data that must be used. (6) contains the first part of the key to be added as hostname (here: "66938fc13635c45f39fb6cfdbbd55c0c58e24be9.example.com."), and (7) the second part for the target field (here: "8660ad28a2bd6f68eea2411217a74b8b531f60ed").

Take care when using the clipboard:

If you copy cryptographic keys or their components via a clipboard, you must take special care. When copying the strings from the mailbox.org office, make sure that you really include all characters and that your clipboard ("clipboard") has not made any changes to the keys.

Add a "TXT" record to the DNS information for your domain. Enter the first part of the key in the field labelled "Host" or "Hostname" (6). After inserting the key string, double-check that it is correct.

Take special care when you copy cryptographic keys using your computer’s clipboard. When selecting the key string to copy from the mailbox.org office, make sure you include all characters in their entirety. Further, confirm that no characters have been altered after you pasted the clipboard contents into the destination field.

Define the "Target" (Some providers may label this field "Points to...", "Destination", or similar) by entering the second part of the key (7). Once again, double-check the string carefully after insertion.

Labelling variants in Domain Name System input forms:

You may find that your provider uses slightly different labels for the fields in their DNS input forms or have different notation requirements for the values that need to be entered. You can find out details from your provider’s administration manuals or by contacting their support team. See below a few common notations:

  • p30oe995fc9105322345b6277ac3b1i2eb45106j5j7.example.com. (Using a final dot)

  • p30oe995fc9105322345b6277ac3b1i2eb45106j5j7.example.com (Not using a final dot)

  • p30oe995fc9105322345b6277ac3b1i2eb45106j5j7 (Omitting the domain name entirely)

Now save the entry and wait for a little while. Once everything has been confirmed, you will be able to create e-mail aliases that use your custom domain name.

Waiting time - DNS will need a few hours to update records:

It may take up to 24 hours for your updated DNS information to get distributed through the network, even though it often works a lot quicker. Only when mailbox.org can retrieve the entry through the DNS will it be possible to create new aliases with your custom domain name. How long you need to wait depends on the systems that store the information, and the process cannot be sped up by us. Check out the section "Troubleshooting" at the bottom of this article to find tools you can use to check progress.

In the meantime, go back to the mailbox.org settings and create aliases for all the e-mail addresses required for your custom domain. Do this before you proceed with step 3.

Step 3: Set MX records in the DNS

Another entry in the Domain Name System must be made to ensure that any e-mails sent to addresses under your external domain are getting routed to mailbox.org servers. This entry is called the "MX record" and can be accessed through the DNS settings of your domain provider. You can find the information required for the MX record in the mailbox.org office. Initially, there are three steps to follow, and these are the same as in the instructions above:

  • Open the settings pages in the mailbox.org user interface (1).

  • Click on the menu item "mailbox.org" (2).

  • Click on the submenu “E-mail aliases" (3).

If you correctly followed the previous steps, then you will now see the following message:

Figure 3: MX-Records in the Domain Name System

Those three lines of text contain all the information you require for the changes that need to be made next: the name of your domain (8), the mail server forwarding priority (9) and the forwarding destination (10), i.e., the allocated mailbox.org servers. There will be three different mailbox.org mail servers shown. Should either of them fail for any reason, the others will take over automatically to ensure that our mail service remains available without disruption.

Mail server priorities in the DNS:

For everything to work properly, the server mxext3.mailbox.org must be assigned a lower priority than the other two. This is also why this server has a forwarding priority of 20 (9), while the value set for the other two is 10.

Now log on to the administration interface of your domain provider, access your domain settings, and specifically those for the Domain Name System (DNS). You will need to repeat the following steps three times because each of the mail servers listed above needs their own record.

  • Add an "MX record" for your domain. Enter the name of your domain in the field "Host" or "Hostname" (8) (e.g., "example.com). Please note the comments on different field labels and input requirements in the info box "Provider differences" above.

  • Enter the value for the forwarding priority in the field "Priority" or "IN MX" (9).

  • In the field labelled "Target", "Destination" or "Points to...", enter the server string above. Once again, consider any possible spelling requirements for this provider.

  • Save the record.

Repeat the above until you have created three MX records - one for each server. Also make sure that

  • Your domain name (8) is spelled correctly and the same across all three records.

  • The entry "mxext3.mailbox.org" (10) is given a priority value of 20 (9).

  • Any MX records that do not point to our servers were removed.

  • The entries conform with the input requirements of your domain provider.

The right order of steps:

It is important to carry out the required steps in the correct order, so that any aliases at mailbox.org are created before any MX records are changed. As soon as your domain’s MX records point to our servers, we will receive all e-mails that others send to your domain. If the target addresses have not been created as aliases yet, then any e-mails sent to these addresses will be automatically rejected because they are undeliverable ("User unknown"). If the e-mail addresses already existed before you created aliases for them at mailbox.org, then please check the old inboxes for new messages, as e-mails may still arrive there while the DNS update is underway. It may take a few hours and up to a day (in worst case) for all DNS servers worldwide to receive the update that mailbox.org is now responsible for the processing of e-mails that belong to your external domain.

Special cases

  • Each mailbox.org account has its own mailbox.org security key but an external domain can be linked to multiple mailbox.org accounts. To do this, simply create several entries that store the related mailbox.org security keys in the DNS of your external domain.

  • Of course, it is also possible to link multiple external domains with a single mailbox.org account.

  • You may also use your own domain in both, a business and a private e-mail account at the same time.

  • The use of our secure sender address ("@secure.mailbox.org") is not possible in combination with custom domain names.

  • At mailbox.org, the aliases postmaster@, abuse@, hostmaster@, and webmaster@ do not count towards the aliases allowance, but it is important to create them first and before reaching the maximum number of aliases allowed under your price plan.

Troubleshooting 1 – Provider DNS settings

At the provider Hetzner, the first part of the key, the domain name, and a closing dot need to be entered into the "Hostname*" field (6). The second part goes into the field "Target*" (7).

Figure 4: DNS settings at Hetzner

The form for creating the MX records (step 3) at Hetzner looks like this:

Figure 5: MX entries at Hetzner

This is the form for step 1 at the provider INWX. Here, the relevant fields are labelled "Name" and "Value":

Figure 6: DNS entries at INWX

Note that INWX does not require a final dot to be entered after the domain name (6). Layout and input requirements can vary between different providers: For example, Netcup does not require the domain name ("example.com") to be entered into the "Host" field but only the first part of the key:

Figure 7: DNS entries at Netcup

Troubleshooting 2 - Query DNS information through a command line interface

Users of Linux or MacOS can use the terminal application and issue the dig command to query the DNS. The relevant information can be found in the ANSWER SECTION part:

MX query using the terminal application

Linux and MacOS users can use the dig command via the terminal. In the "ANSWER SECTION" of the command output, you will find the necessary information.

dig example.com mx

; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> example.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22604
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN MX

;; ANSWER SECTION:
example.com. 3600 IN MX 10 mxext1.mailbox.org.
example.com. 3600 IN MX 10 mxext2.mailbox.org.
example.com. 3600 IN MX 20 mxext3.mailbox.org.

;; Query time: 67 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Aug 28 11:51:15 CEST 2020
;; MSG SIZE rcvd: 118

For Windows you can use cmd.exe to execute this command:

nslookup -querytypeMX example.com

Server:  Unknown
Address: 192.168.179.1
Nicht autorisierende Antwort:
example.com MX preference 10, mail exchanger mxext1.mailbox.org
example.com MX preference 10, mail exchanger mxext2.mailbox.org
example.com MX preference 20, mail exchanger mxext3.mailbox.org