RE: MX Record (Full Version)

All Forums >> [Microsoft Exchange 2007] >> General



Message

ctvu -> RE: MX Record (18.Dec.2008 8:54:43 PM)

Sorry to bother you all again.

Since I am getting things ready to switch over Exchange. I've just noticed there are so many existing A records and NS (name server) records as below

domain.com         86400 IN NS    ns32b.ssggrp-wc.com.
domain.com          86400 IN NS    ns32a.ssggrp-wc.com.
www.domain.com     86400 IN MX    50 mail.domain.com.
domain.com           86400 IN MX    50 mail.domain.com
www.domain.com      86400 IN A     198.66.X.Y
domain.com           86400 IN A     198.66.X.Y
webmail.domain.com   86400 IN A     198.66.X.Y
smtp.domain.com.      86400 IN A     198.66.X.Y
mailhost.domain.com.  86400 IN A     150.101.Y.Z
mail.domain.com.      86400 IN A     198.66.X.Y
ftp.domain.com       86400 IN A     198.66.X.Y
cp.domain.com        86400 IN A     198.66.X.Y

As you can see there are only 2 MX records and one A record that I am interested and going to change

www.domain.com       86400 IN MX    50 mail.domain.com
domain.com                86400 IN MX    50 mail.domain.com
mail.domain.com         86400 IN A        198.66.X.Y

How about the rest? does it mattet if I leave them as is? Thanks a lot.

Regards,



Elan Shudnow -> RE: MX Record (20.Dec.2008 9:28:06 PM)

I would just take a step back and look at what you need for your implementation to work 100% for mail flow.  You can then go try your best and find what those other records are for.

What I personally see as essential are the following:
MX record for each Accepted Domain
A record in which the MX record points to
PTR record for your sending server's IP.  The PTR record can really be any valid A record but I typically try to have the Send Connector's SMTP Address match the PTR record in which there is a valid A record for which points to the Sending Server's IP.

There are other optimal things as well such as having an SPF record to prevent spoofers and having a custom Internet Receive Connector with an  SMTP Banner FQDN which matches your A address.  Etc...

So try to validate the above and then look at what your other records are for.  But having the above should get you fully functional.

I did create an article about Exchange and DNS if you care to read more about the above:
http://www.shudnow.net/2008/11/08/exchange-2007-mail-flow-dns-records-connectors-and-tls/



ctvu -> RE: MX Record (21.Dec.2008 6:12:55 PM)

Hi Elan
Thank you for your response and helful blog that I've read through.

Thought I'd let you know that we already tested sendng/ receiving internally fine.
Externally:
Sending out to the internet emails (gmail, hotmail...) was fine,
Using Telnet (thank you Simon) to send an email from the internet emails was OK as well meaing that we can receive emails from outside world. Does it mean that all the DNS settings are OK?

From the previous post, all A and MX records I took from the DNS setting in the Account Control Panel website where I need to change the MX record pointing to our public IP address, so that all inbound emails will come to our Exchange, I hope it makes sense to you.

Because there are so many A and MX records already there, it is confusing me. Please excuse me, if I asked too much.

Regards,





Sembee -> RE: MX Record (22.Dec.2008 5:03:39 PM)

It would seem that the host has setup www.domain.com as a subdomain, with MX records. So you could send an email to user @ www.domain.com and it would be delivered. Most odd and unnecessary.

The reset are A records and have little to do with Exchange email delivery.

Simon.



ctvu -> RE: MX Record (22.Dec.2008 11:12:13 PM)

Thank you Simon.

So it looks like I am ready. wish me luck :)

BTW, Wishing you all A Merry Christmas and Safe, Happy New Year.

Regards,



ctvu -> RE: MX Record (25.Dec.2008 7:47:27 AM)

Hi All

As I've never done before, now I start worrying, on 24-12-08 I switched over by changing IP address of A record (mail.domain.com) to our public IP address provided by ISP, and now both POP3 and Exchange cannot receive any emails from external, supposedly POP3 should be still working, but now POP3 clients cannot log on POP3 server anymore. Even worse I cannot open Account Control Panel website for this domain. Should I wait one more day because it has only been 24 hours?

Additional Info: When I first switched over, I did send an email, then I got a Undeliverable Email Notification, but now I no longer receive those emails. Is it a good sign? Thanks

Thank you and Merry Christmas

Regards



Sembee -> RE: MX Record (26.Dec.2008 9:42:57 AM)

In your POP3 client was it using mail.domain.com as the POP3 server?
If so that would stop you from collecting email. You would need to switch over to the IP address.

Control Panel access shouldn't have been affected either - but again try using the IP address instead. Most ISPs/domain hosts will have their control panel on a single IP address for all of their hosts, so if you have made an error on your own domain you could use another address to access it.

Simon.



ctvu -> RE: MX Record (26.Dec.2008 10:53:53 PM)

Thank you Simon. You're quite right. Now I have to use IP address to access to the Account Control Panel.
Everything seems in order, but I have not been able to receive emails from outside at all.
I double checked with our hosting domain support, they said the A record and MX record that I changed on 24-12-08 look perfect.
I did NSLOOKUP and set type=MX, yes it is pointing to our public IP address.
I can do TELNET to send emails from outside, and they were able to receive them.
The internal users can send outgoing/ or internally emails.
Because the internal Domain name is domain.com.local that is different from the internet one domain.com and we use john.smith@domain.com
Should I reconfigure the DNS for domain.com in the DNS server?

Additional info: I cannot Telnet from outside (connection failed), I even turned off Trend Micro Agent on my laptop. But when I am inside the network then I am able to. There is something missing here. I am running out of time and clues.

Any help would be much appreciated.

Regards



Sembee -> RE: MX Record (28.Dec.2008 3:49:43 PM)

If you cannot telnet in to your server from outside then something is wrong with the port.

It could be blocked, by your firewall or your ISP.
Check your default gateway is set correctly.
Ensure that anonymous is enabled on the SMTP virtual server.
Ensure that there are no connection restrictions on the SMTP virtual server.
Ensure that your firewall isn't scanning SMTP traffic as well.

Simon.



ctvu -> RE: MX Record (28.Dec.2008 4:14:41 PM)

quote:

ORIGINAL: Sembee

If you cannot telnet in to your server from outside then something is wrong with the port.

It could be blocked, by your firewall or your ISP.
Check your default gateway is set correctly.
Ensure that anonymous is enabled on the SMTP virtual server.
Ensure that there are no connection restrictions on the SMTP virtual server.
Ensure that your firewall isn't scanning SMTP traffic as well.

Simon.


Thank you very much Simon. You are indeed a super legend.
It turned out our Cisco ASA Firewall was blocking port 25 (SMTP) [:@], once I found out that unable to telnet from outside, I realised that must be the Cisco firewall.
Everything is OK now. Without your help and support, I would not be able to survive. Once again very much appreciated.

Happy Holiday and Kind Regards,




Page: <<   < prev  1 [2]