Deleting secondary MX records for DNS domains hosted on Active24.cz

Deleting secondary MX records for DNS domains hosted on Active24.cz

Analysis of secondary MX record support and email redundancy among Czech domain registrars

Section 1: Strategic importance of mail server redundancy (MX)

This section provides basic technical context that confirms the validity of user concerns regarding Active24's policy change and emphasizes the critical importance of a multi-level MX record architecture for any serious email service deployment.

1.1 Email delivery architecture: Technical introduction to MX records

The basis for email delivery on the Internet is the domain name system (DNS), in which Mail Exchange (MX) records play a key role. Unlike A records, their purpose is not to point to a specific IP address, but to the fully qualified domain name (FQDN) of the mail server responsible for receiving email for a given domain.

Each MX record contains two key pieces of information: the domain name of the mail server and a numerical priority value (sometimes referred to as preference). This value acts as a weighting system, where mail transfer agents (MTAs) always give priority to the server with the lowest priority value. For example, in a configuration where one server has a priority of 10 and the other has a priority of 20, all mail will be routed primarily to the server with a priority of 10. This priority system is a fundamental mechanism that enables the creation of a robust and redundant email infrastructure. The standard syntax for a record is

domain.tld. IN MX [priority][hostname].

1.2 Failover mechanism: How primary and secondary MX servers ensure continuity of operation

Thanks to the prioritization of MX records, it is possible to create an effective failover (backup) system. When the sender's MTA needs to deliver a message, it performs a DNS query on the MX records of the recipient's domain. It receives a list of all available mail servers along with their priorities.

The delivery process is as follows:

  1. The MTA first attempts to establish an SMTP connection with the server that has the lowest priority number, i.e., the primary server.
  2. If this primary server is unavailable for any reason (e.g., due to maintenance, network outage, hardware failure), the MTA automatically switches to the server with the next lowest priority number in the list, i.e., the first secondary (backup) server.

The role of the secondary server is to accept the email, temporarily store it in a queue, and attempt to deliver it to the primary server at regular intervals once it becomes available again. This "store-and-forward" capability is the essence of MX redundancy, as it prevents email loss during outages and ensures that the sender does not receive a non-delivery error message.

1.3 Single point of failure risk: Quantifying the impact of the Active24 platform change

The situation described by the user is a direct consequence of the removal of this redundancy. Historically, Active24 provided a robust configuration that included servers such as mx1.active24.com (with priority 10) and mx2.active24.com (with priority 20), as evidenced by their own documentation and third-party documentation. This provided their customers with exactly the type of redundancy they are now losing.

Operating email with a single MX record poses a serious business risk:

  • Complete loss of email reception: If the single mail server fails, all incoming emails will be rejected. Senders' servers will attempt to resend for a certain period of time (usually 24-72 hours), but will eventually give up. The result is a permanent non-delivery of the message (known as a hard bounce) and an irreversible loss of communication.
  • Financial and reputational damage: Lost business leads, unanswered support requests, or broken communication chains can lead to direct financial losses and damage a company's reputation as a reliable partner.

The user's query is therefore not just a technical preference, but a critical business continuity issue. The change made by Active24 represents a significant reduction in the resilience and reliability of a key service for its customers.

1.4 Fundamental difference: Secondary MX versus secondary DNS

For a deeper understanding of the issue, it is necessary to distinguish between two different, albeit related, concepts: secondary MX and secondary DNS.

  • Secondary MX: As described above, this is a redundancy feature at the SMTP protocol level. It involves multiple mail servers listed in the DNS, each of which is capable of receiving mail for a given domain. This is email service redundancy.
  • Secondary DNS: This is a redundancy feature at the DNS level itself. It involves replicating the entire zone file (containing all records such as A, CNAME, MX, TXT, etc.) from the primary DNS server to one or more secondary DNS servers. This process is often implemented using an AXFR (Asynchronous Full Transfer Zone) transaction. This ensures that the domain's DNS records are available even if the primary DNS server fails.

The provider may offer one service without the other. For example, WEDOS explicitly supports the use of its DNS servers as secondary servers via AXFR, which is a separate service from their backup MX server provision. The user's problem concerns the secondary MX, but a quality provider should ideally offer a resilient architecture for both.

The quality and redundancy of a registrar's DNS infrastructure is therefore a critical, often overlooked prerequisite for effective email redundancy. If the domain's DNS servers are unavailable, the sending MTA cannot even look up the MX records to determine where to send the email. Having redundant MX servers is therefore useless if there is a single point of failure in DNS hosting. Providers such as WEDOS and CZECHIA.COM, who actively address topics such as secondary DNS, SOA records, and DNSSEC in their documentation, demonstrate a deeper understanding and commitment to overall service reliability. This shifts the evaluation from a simple question of "who will allow me to add two MX records" to "who provides a holistically resilient infrastructure."

Section 2: Comparative analysis of MX capabilities of Czech registrars

This section forms the core of the report and provides a detailed, evidence-based analysis of the main Czech registrars, directly answering the user's question and offering viable alternatives.

2.1 Active24: Catalyst for change

  • Current status: The user reports that Active24's "new platform" has eliminated the ability to use secondary MX records for hosted email. Although this is not explicitly confirmed in the analyzed materials, it is the premise of the query.
  • Historical context: Active24's own documentation shows that their standard email solution previously used the serversmx1.active24.com (priority 10) and mx2.active24.com (priority 20). This confirms that they previously offered a resilient, multi-server solution.
  • DNS interface: Their DNS management interface, as seen in the instructions for third-party services such as Eshop-rychle or SmartEmailing, is a standard web editor. This suggests that the limitation is not in the technical ability of the interface to display multiple records, but rather a strategic or architectural change in their backend mail service.
  • Consequence: For users of Active24's hosted email, this change represents a significant reduction in the quality and reliability of the service, forcing more technically savvy customers to look for alternatives.

2.2 CZECHIA.COM (Zoner): Fully managed solution with high redundancy

  • Direct response: Yes, Zoner (operating CZECHIA.COM) explicitly supports and provides multi-level settings for secondary MX records. This directly answers the user's main question.
  • Technical implementation: Their help provides the exact configuration for their email services:
    • relay.zoner.com (Priority: 1) - Primary server with the highest priority.
    • 10mx.zoner.com(Priority: 10) - First backup server.
    • 15mx.zoner.com(Priority: 15) - Second backup server.
  • Analysis: This three-level structure is highly robust and offers two layers of backup. The nomenclature (relay, 10mx, 15mx) clearly indicates a purpose-built redundant architecture.
  • Ease of use: For customers using their name servers, this setup is automatic. For those who have DNS elsewhere, the configuration is clearly documented. Their DNS manager is standard and allows full control over records.
  • Broader expertise: Their documentation also covers advanced topics such as SOA records and DNSSEC, which demonstrates the provider's high level of technical sophistication.
  • Conclusion: CZECHIA.COM is a first-class, out-of-the-box solution for users looking to replace the functionality lost with Active24.

2.3 WEDOS: A robust alternative with a strong technical stance

  • Direct answer: Yes, WEDOS provides clear configuration with primary and secondary MX servers.
  • Technical implementation: Their knowledge base specifies settings for Webhosting services:
    • wes1-mx1.wedos.net(Priority: 1)
    • wes1-mx2.wedos.net(Priority: 1) - Two primary servers with the same low priority for load balancing.
    • wes1-mx-backup.wedos.net(Priority: 10) - Explicitly named backup server.
  • DNS interface: Their DNS editor is described in detail in various tutorials and shows a capable interface for managing all necessary records.
  • The "don't mix providers" doctrine and its consequences: The WEDOS knowledge base explicitly states: "We generally do not recommend combining MX records from different providers." This is not a technical limitation, but a recommendation based on practical experience. The reasons for this recommendation are purely technical and operational. When mail travels from the sender through the backup MX server of one provider (B) to the primary MX server of another provider (A), complications can arise. Inconsistent spam filtering may occur, where server B accepts the message, but the stricter server A subsequently rejects it, causing the message to be lost. Furthermore, problems with SPF and DKIM verification may occur because server A sees the connection coming from the IP address of server B, not from the original sender. Last but not least, troubleshooting delivery issues that require cooperation between two different companies is extremely inefficient. WEDOS' recommendation is therefore a sign of a mature and experienced provider that prioritizes stability and supportability over flexibility at all costs, which is a strong positive signal for critical services.

2.4 Forpsi: Flexible platform (bring your own backup)

  • Direct response: The Forpsi platform allows the configuration of secondary MX records, but the available materials do not confirm that they provide their own backup mail server as part of the service.
  • Technical capability: Their documentation for the "Package" service states: "It is also possible to add and change records with a lower priority (higher number before the mail server name)." This confirms that the DNS interface supports the necessary configuration. The instructions show how to edit these records.
  • Ambiguity: Unlike Zoner and WEDOS, there is no mention of a server such as mx-backup.forpsi.com. Their default setting points to a single hostname, mxavas.forpsi.com. This ambiguity is also confirmed in the automatically generated response.
  • Conclusion: Forpsi represents a different type of solution. They provide tools for creating redundant settings, but the user would probably have to secure a backup MX service from a third party. This is a viable option for administrators who want to combine services, but it carries with it the very complexities that WEDOS warns against.

2.5 Gransy (Subreg.cz): Tools for experts

  • Direct response: Similar to Forpsi, the Gransy platform is designed to give administrators control over secondary MX record settings, but they do not appear to offer their own backup MX service in the package.
  • Technical capability: Their documentation clearly explains the priority feature in MX records for creating a backup system. Their interface is designed for technical users.
  • Market position: Gransy (operating Subreg.cz) positions itself as a registrar for professionals. Their model is less about packages and more about providing robust, granular control over DNS.
  • Conclusion: Gransy is an ideal choice for users who run their own mail server (e.g., on a VPS) or use a specialized email provider (such as Google Workspace or Microsoft 365) and need a reliable DNS host for proper MX record routing. They are not an "all-in-one" provider, but a powerful tool for tailor-made solutions.

2.6 Websupport: Standard competitor

  • Direct answer: Websupport's DNS management system allows you to create multiple MX records with different priorities.
  • Evidence: Their help articles demonstrate a standard DNS editor where users can add, edit, and delete multiple MX records. However, the available materials do not specify whether they offer their own backup MX servers as part of their email hosting packages.
  • Conclusion: Websupport falls into a similar category as Forpsi. They provide the necessary capabilities for DNS management, but users would need to check with their sales or technical department to verify whether a specific email plan includes a managed backup MX server or whether they would need to configure a third-party service.

Section 3: Implementation, migration, and security recommendations

This section provides an actionable framework for users to take them from selecting a provider through successful migration to ongoing security management.

3.1 Technical guide to DNS configuration for high availability

This practical guide summarizes the steps from various providers' help centers.

Key steps:

  1. Log in to the administration section of your chosen registrar.
  2. Go to the DNS management section for the relevant domain.
  3. Critical step before migration: Before changing MX records, reduce the TTL (Time To Live) value for existing records at Active24 to a short period, such as 300 or 600 seconds. This will ensure that after the change is made, DNS servers across the Internet will update their cache more quickly, minimizing the transition period during which mail may be delivered to both the old and new providers.
  4. Delete the old MX records from Active24.
  5. Add the new primary and secondary MX records provided by the new host (e.g., three records from Zoner or three from WEDOS). Make sure that the Name/Host field is set to@ (for the root domain) and that the priorities and server names are entered exactly as instructed.

3.2 Deliverability enhancement: SPF, DKIM, and DMARC are essential

Changing your email provider requires updating your email verification records. Failing to do so will result in deliverability issues and damage to your domain's reputation.

  • SPF (Sender Policy Framework): This TXT record defines which servers and IP addresses are allowed to send emails on behalf of a given domain. The user must replace the Active24 mechanism (e.g., include:spf.active24.com ) with the new provider's mechanism. It is crucial to follow the rule that there can only be one SPF record for a single domain.
  • DKIM (DomainKeys Identified Mail): This technology uses a cryptographic signature to verify the identity of the sender. The user will need to obtain a new DKIM key/selector from the new provider and publish it as a TXT or CNAME record in DNS. The old DKIM record from Active24 will become invalid.
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): This TXT record instructs receiving servers how to handle emails that fail SPF/DKIM checks and where to send reports. Although the DMARC policy itself may not need to change, it is important to have the record set up correctly to monitor the success of the migration and detect any configuration errors.

3.3 Migration checklist: Framework for a seamless email transition

The following strategic plan outlines the steps for a smooth transition:

  1. Phase 1: Preparation (Old provider - Active24)
    • Audit all existing email accounts and aliases.
    • Inform users about the upcoming migration.
    • Reduce the TTL for existing MX, SPF, and DKIM records to 5-10 minutes.
  2. Phase 2: Preparation (New provider)
    • Select and purchase a new email plan (e.g., from CZECHIA.COM or WEDOS).
    • Recreate all mailboxes and aliases on the new provider's platform.
    • Start the preliminary migration of historical emails using an IMAP synchronization tool. Forpsi's guide provides an excellent example of this process, which can be generalized. This is done before switching MX records.
  3. Phase 3: Switch
    • In the DNS domain settings, change the MX, SPF, and DKIM records from Active24 values to the new provider's values.
  4. Phase 4: After migration
    • Run the final IMAP synchronization to capture emails that arrived during the DNS propagation period.
    • Test sending and receiving from all accounts.
    • Monitor DMARC reports to detect any verification issues.
    • Once stability has been confirmed for 48-72 hours, delete the old mailboxes at Active24.
    • Restore the TTL values of the DNS records to the standard value (e.g., 3600 seconds).

Section 4: Synthesis and strategic recommendations

This final section summarizes all findings into a clear decision-making framework and provides recommendations tailored to different user profiles and priorities.

4.1 Provider capability matrix

The following table provides a clear and easy-to-digest summary of the research conducted, enabling quick but informed comparisons.

Feature CZECHIA.COM (Zoner) WEDOS Forpsi Gransy (Subreg.cz)

Native support for multiple MX

Yes, 3 levels

Yes, Primary/Backup

Yes (interface allows)

Yes (interface allows)

Provides its own backup servers Yes Yes

No (Unconfirmed)

No (Proprietary service)

Recommended use Integrated, highly reliable email hosting. Integrated, reliable email hosting. Flexible DNS for custom/hybrid solutions. Expert DNS for custom solutions.

DNSSEC support

Yes

Yes

Yes

Yes (Implied by focus on experts)

Security guidelines (SPF/DKIM)

Yes

Yes

Yes

Yes

Key difference Three-tier redundancy. Strong technical stance, load-balanced primary servers. Platform flexibility. Granular control for experts.

4.2 Recommendation #1: Integrated "set and forget" solution

  • Target profile: A user who wants to replicate and improve the simple, reliable, and complete service they previously had with Active24. Their priority is maximum availability and minimal administrative overhead.
  • Primary recommendation: CZECHIA.COM (Zoner). Their three-tier MX system offers the highest level of immediately available redundancy found in this research. Their clear documentation and focus on a complete service package make them the best choice for this profile.
  • Secondary recommendation: WEDOS. They also offer a robust, integrated primary and backup server solution, and their technical guidelines demonstrate a mature and reliable operating philosophy. The choice between Zoner and WEDOS may depend on price or user interface preference.

4.3 Recommendation #2: Customized solution with a high degree of control

  • Target profile: A user who is a system administrator managing their own mail server (on-premise or on a VPS) or using a third-party email service (such as Microsoft 365) and only needs a completely reliable DNS provider. They value granular control and flexibility above all else.
  • Primary recommendation: Gransy (Subreg.cz). Their platform is clearly aimed at technical experts who "bring their own" email services. They provide the precise tools needed to configure custom primary/secondary MX settings without imposing services that the user does not need.
  • Secondary recommendation: Forpsi. Their platform also offers flexibility for configuring custom MX settings, making them a viable alternative. This route requires the user to secure their own backup MX service and heed warnings about combining providers.

4.4 Final evaluation

The report concludes that the user's concerns about changing the Active24 platform are entirely justified from an operational continuity perspective. Fortunately, the Czech market offers excellent alternatives.

The decision depends on a key strategic choice: convenience versus control.

  • For a fully managed, highly redundant, and integrated email and DNS solution, CZECHIA.COM (Zoner) and WEDOS are the clear leaders.
  • For a flexible DNS platform with a high degree of control to support proprietary or external email architecture, Gransy (Subreg.cz) is the better choice.

Regardless of the path chosen, successful migration requires careful planning, especially with regard to updating SPF, DKIM, and DMARC records, as detailed in Section 3. By following the checklists and recommendations provided, users can migrate from the new, less resilient Active24 platform to a more robust solution without interrupting their critical email services.