DNS Records in Office 365


When we create an Office 365 instance and we want to use our domain name for authentication and web services, we are asked to verify that we own the domain.


When we have proved that we own the domain and we are ready to use Office 365 we then need to create a set of DNS records using different DNS types.  These then allow different services to run smoothly.  But are they?

Here is a list of what you create and what they done.

Exchange Online


There are 2 main DNS records for Exchange Online but you only require 1 to run mail on your own domain.

The MX record is where email is sent to.  If you emailed @bfcnetworks.com a search is run for the MX record of bfcnetworks.com, mail is then sent to the IP address for the hostname (points to address).  In Office365 we are pointing the mx record to outlook.com

The CNAME record you see above helps in the configuration of Outlook Exchange and on mobiles with Active-Sync.


When we create a new Outlook Profile the first thing we are asked to do is provide is our name, password and email address.

When we click Next, Outlook tries to find all our settings for us.  This could be pop3, imap or an Exchange Server.  Autodiscover is a service built into Exchange which will send all the configuration settings to the client machine so we, as users don’t have to worry about setting it all up.  Settings are not downloaded unless you are authenticated, which is why we are asked to provide our password.

By creating the CNAME for autodiscover, users receive a better experience when configuring their Outlook.

Lync Online

There are 2 DNS records for Lync Online.


The first is _sip.  This is for users who are using Lync client.  When they open Lync and asked for their Sign-in Address.  When a domain name has been entered, Lync does a DNS search for the _sip address and then forwards the request to the Lync Server (the target address).


_sipfederationtls doesn’t have to be configured to Lync Online to work but is still recommended even if you are not going to use federation services.

If you want to allow users to use lync with other organisation that are outside of your Office 365 it will use this DNS for federation, authentication and configuration settings required.

4 thoughts on “DNS Records in Office 365

  1. Uzma

    Hi there,

    Did you ever get to the bottom of SharePoint online DNS settings? Can you use a vanity URL for your private site collection?


  2. Rod

    Is there any way to verify a domain in 365 without “fully” pointing it to my me@mydomain.onmicrosoft.com account? We have more than one domain involved and we’re not willing to give up control over these mail servers.

    This is possible with other deployments of Exchange. I have another Exchange box. All I had to do was to add a CNAME record:
    ms22###### in CNAME RED001.mail.microsoftonline.com
    As such, I am able to keep my email address (with full control of the mail server outside of onmicrosoft.com).

    Is there a similar trick possible with 365? I tried:
    ms60627000 in CNAME sn2*******.mail.outlook.com

    Thanks for any suggestions you can provide.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.