Mail Flow issues During Migration
Published:
Browse All Articles > Mail Flow issues During Migration
I came across this issue when setting up a two way forest level trust. so here's the scenario:
A company wildcards acquired another company, bizworks ( both Fictitious).
Wild cards: windows 2003 Domain & forest functional levels - Ad domain name:Wildcards.com
Exchange server 2007 - Mail domain: wildcards.com
Bizworks: windows 2000 domain & forest functional levels AD domain:bizworks.local
Linux based Mail server - Mail domain: Bizworks.com
Both have Mx records on service providers DNS. both domains connected over VPN/ MPLS/ PTP or any other form.
Since one of the domains was a windows 2000 we decided to create a two way forest trust and for DNS resolution we created secondary zones, altough with 2003 we could have used conditional forwarders. when this happened. All the emails from Bizworks to wildcards started getting queued up.
The reason we found was:since Bizworks has the same AD and Mail domains. and since we had enabled secondary zones and enabled zone transfers the secondary zone for wildcards.com on the Bizworks DNS was acting as an authoritative zone and none of the queries were going to the external Mx. Now Exchange does not need an Mx on the internal DNS for its own domain, it relies on Host records and Active directory.
since we cannot create records on the secondary zones, we created an Mx records on the Primary. now this gets interesting, we pointed this Mx to the public IP. If we create Mx pointing to internal IP of the exchange server, it would definitely worked.
Reasons for not doing the above are, if the connectivity between these two domains is broken the mail will be delivered using the internet. Does Exchange use the Public MX records on internal DNS. We found it did not, else there was a possibility that the internal mails would be routed through the internet.
A company wildcards acquired another company, bizworks ( both Fictitious).
Wild cards: windows 2003 Domain & forest functional levels - Ad domain name:Wildcards.com
Exchange server 2007 - Mail domain: wildcards.com
Bizworks: windows 2000 domain & forest functional levels AD domain:bizworks.local
Linux based Mail server - Mail domain: Bizworks.com
Both have Mx records on service providers DNS. both domains connected over VPN/ MPLS/ PTP or any other form.
Since one of the domains was a windows 2000 we decided to create a two way forest trust and for DNS resolution we created secondary zones, altough with 2003 we could have used conditional forwarders. when this happened. All the emails from Bizworks to wildcards started getting queued up.
The reason we found was:since Bizworks has the same AD and Mail domains. and since we had enabled secondary zones and enabled zone transfers the secondary zone for wildcards.com on the Bizworks DNS was acting as an authoritative zone and none of the queries were going to the external Mx. Now Exchange does not need an Mx on the internal DNS for its own domain, it relies on Host records and Active directory.
since we cannot create records on the secondary zones, we created an Mx records on the Primary. now this gets interesting, we pointed this Mx to the public IP. If we create Mx pointing to internal IP of the exchange server, it would definitely worked.
Reasons for not doing the above are, if the connectivity between these two domains is broken the mail will be delivered using the internet. Does Exchange use the Public MX records on internal DNS. We found it did not, else there was a possibility that the internal mails would be routed through the internet.
cloudstart
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (3)
Author
Commented:understand that only wildcards has this issue as its AD and mail domain names are same, where as the bizworks domain does not have this issue as its mail/ AD domain names are different.
further more if we setup and smtp connector in the Linux messaging server to an internal Ip of Exchange server, it would start using the VPN / point to point connectivity which means that if the tunnel gets busted the mail from bizworks.com to wildcards.com would be affected.
let me know your thoughts on this.
Commented:
In such case i guess you have to set 2 mx records with different priorities. i.e. direct connectivity IP you can set high priorities and for internet link IP you can set very low priorities.
I hoping this will help.
Author
Commented: