diff --git a/basic_setup/cloudflareMigrationDns.sh b/basic_setup/cloudflareMigrationDns.sh
index 754e1a0..680a3b8 100755
--- a/basic_setup/cloudflareMigrationDns.sh
+++ b/basic_setup/cloudflareMigrationDns.sh
@@ -174,9 +174,20 @@ ensure_record "TXT" "$DOMAIN_NAME" "$FINAL_SPF" false
 # ------------------------------------------------------------------
 # SCHRITT 6: Root Domain MX
 # ------------------------------------------------------------------
+# WICHTIG: Der MX Record zeigt auf Amazon SES (inbound-smtp.*.amazonaws.com),
+# da eingehende Mails über SES → S3 → SQS → Worker → DMS laufen.
+# Der DMS ist NICHT direkt aus dem Internet erreichbar.
+# Dieser Record wird daher NICHT angefasst.
 echo ""
-echo "--- 6. Root Domain MX ---"
-ensure_record "MX" "$DOMAIN_NAME" "mail.$DOMAIN_NAME" false 10
+echo "--- 6. Root Domain MX (nur Info, wird nicht geändert) ---"
+EXISTING_MX=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?type=MX&name=$DOMAIN_NAME" \
+    -H "Authorization: Bearer $CF_API_TOKEN" -H "Content-Type: application/json" | jq -r '.result[0].content')
+if [ "$EXISTING_MX" == "null" ] || [ -z "$EXISTING_MX" ]; then
+    echo "   ⚠️  Kein MX Record gefunden! Bitte manuell in SES/Cloudflare setzen:"
+    echo "      inbound-smtp.$AWS_REGION.amazonaws.com (Prio 10)"
+else
+    echo "   ℹ️  MX vorhanden: $EXISTING_MX (wird nicht geändert)"
+fi
 
 # ------------------------------------------------------------------
 # SCHRITT 7: DMARC
@@ -215,15 +226,6 @@ echo "--- 9. Autodiscover / Autoconfig ---"
 ensure_record "CNAME" "autodiscover.$DOMAIN_NAME" "mail.$DOMAIN_NAME" false
 ensure_record "CNAME" "autoconfig.$DOMAIN_NAME"   "mail.$DOMAIN_NAME" false
 
-# ------------------------------------------------------------------
-# SCHRITT 10: SRV Records
-# ------------------------------------------------------------------
-echo ""
-echo "--- 10. SRV Records ---"
-ensure_record "SRV" "_imap._tcp.$DOMAIN_NAME"       "0 5 143 mail.$DOMAIN_NAME" false
-ensure_record "SRV" "_imaps._tcp.$DOMAIN_NAME"      "0 5 993 mail.$DOMAIN_NAME" false
-ensure_record "SRV" "_submission._tcp.$DOMAIN_NAME" "0 5 587 mail.$DOMAIN_NAME" false
-
 echo ""
 echo "============================================================"
 echo "✅ Fertig für Domain: $DOMAIN_NAME"