Reseller & User DNS zones using a custom domain

Hello ;
I am new to MXroute and I am setting up a reseller plan.
I have spend some hours to read and configure everything.

It’s working great (I reached 10/10 with mail-tester.com) but I just want to be sure to have everything right this time and for the new ones if I buy another reseller plan in the future.

Firstly I wanted to use laugau.com (my main domain) but as long as I use Gsuite for my @laugau.com adresses I just bought a new domain name (laugaumail.com) because I feared some conflicts between Gsuite MX records and MXroute MX records… But I am not sure if it was necessary…
1. If we want to use a specific domain with MXroute should all the MX of that domain be dedicated to MXroute ? (in other words : can we use a domain for Gsuite and MXroute as reseller custom domain at the same time ?)

My settings :

2. I created a CNAME “mail-relay” on laugaumail.com to be able to add it on the MX of the client, is it useful or one MX mail.laugaumail.com is enough ?

3. Is there a way to customize the SPF to “hide” MXlogin ? In put something related to laugaumail.com instead ?

4. Do you see anything wrong or that can be improved ?

Thanks a lot

Happy to answer as best I can

1. I suppose so, but you may want to drop down to user level and make sure that domain isn’t set for local delivery, else email outbound from that server to that domain will only attempt local delivery and not remote. Ex. https://help.directadmin.com/item.php?id=8

2. The “mail-relay” is there so that relays can be added later without cooperation being required from customers, your choice if you want to carry that forward. Note that using a CNAME as an MX record is technically an RFC violation and while it should work fine, if you find some strange scenario where it doesn’t there is no fix but to not do it.

3. You could add our SPF to your domain and then have customer domains include your domain, which in turn includes ours, but please keep in mind SPF has a recursion limit. An SPF record requiring more than 10 DNS lookups will fail to function fully, per https://tools.ietf.org/html/rfc7208.

In our minds you’re never going to 100% hide anyone from ever finding out that MXroute is handling your email delivery, and that’s not the ultimate goal of our reseller service. We want you to white label but if we fully scrub every connection to our service then you won’t benefit from our service, which is the incredible outbound infrastructure we’ve built. We’d love for you to be proud resellers of the service, benefitting from our brand name competing on price, support, UX, etc. It’s okay to be “You, powered by MXroute” and I think it’s fairly in line with the way a lot of services actually work. For years people saw us as “MXroute, powered by MailChannels” for example because they handled our outbound delivery for quite a while.

Thanks to @Jarland here is my final configuration, I share it here if it can help someone:

Thank you again for your help

Sorry I cannot reply before, I was ban for spamming because, I use “too many links” (I have the massage “sorry new users can only share 2 links”) but actually I just wanted to give my settings…
Anyway here is the answer I wanted to share :

WoW thank you for your superquick response !

So if I understand well:

1. I will stick to the dedicated domain for MXroute then.
   2.a I better have to erase the CNAME “mail-relay” on my reseller DNS zone.
   2.b I will directly put safari.mxrouting.net and safari-relay.mxrouting.net directly as MX in my client DNS.
2. It will be easier to put directly the include:mxlogin.com in my client DNS.

In the email client configuration I have put mail.laugaumail.com for IMAP and SMTP… should I better put safari.mxrouting.net for both instead?

Thank you again

Thanks @LauGau
Your example is very helpful indeed.
Sounds like few french people are here

Sorry about that, I’ll review the settings for Discourse.

You should be totally okay with using mail.laugaumail.com, but you’re welcome to use safari.mxrouting.net.