The article describes the possible scenarios during the change of your MX record.

Email security cloud

You must use the MX records specified in your New Customer confirmation email to ensure Email Services can scan all of the email destined for your domains. The presence of non-Email Services entries in your MX records, e.g. mailhost.your-domain.com or isp-relay.your-domain.com is a security risk. Spammers and malicious code distributors often target back-up MX record entries in an attempt to bypass the Email Services infrastructure. In this way, spam or other malicious content can be directly delivered to your organization. Your MX records should never include an entry for your mail server or any type of mail relay.

It can take at least 24 hours for MX record changes to result in full propagation. You are advised to allow 72 hours for changes to fully propagate. Full propagation means that the cloud Email Services can scan all email that your domain receives from external sources.

It is possible that the Email Services infrastructure could process some of your email before you have changed your MX records. This can happen if another cloud Email Services customer is provisioned on the same cluster as your organization. An email that is sent to one of your domains by another customer passes through the scanners on its way out from the sending customer. Email Services can identify that your domains are provisioned on our system and route those emails through your inbound policies and onto your mail gateways. So, an email that is sent from another of our clients to you on your cluster means that your service configurations are applied.

Your organization may experience the following scenarios:

1. Email disclaimers are applied: See Services > Email Services > Email disclaimers.

2. Your Anti-Spam detection settings filter spam

3. The inbound Data Protection policies that you have defined are applied

4. Your inbound Image Control settings are applied

5. Address Registration is operational: Your up-to-date address list must be applied. Otherwise, an email that is sent from another client on your cluster is blocked because it is not found in your address list.

6. Inbound email size restrictions are applied. See Services > Email Services > Platform.

7. Your dashboard and reports may show that email has been received

8. An email that is sent to you from another Email Services client who is on the same cluster as you is delivered to your mail host.