SBS 2003 - Exchange Settings

Posted on 2005-03-17
Medium Priority
Last Modified: 2010-04-18
I'm about to embark on upgrading our current network structure (Windows 2000 Server - DC, Windows 98 - running VPOP3 Mail Server & Comodo Trustix 4) with a new server running SBS 2003. One of the areas that I'm obviously looking to implement is Exchange. I'd like to receive the mail directly to my server (rather than POP3 thru my ISP) but I'm a bit confused as to who I should speak to about setting this up.

I believe that I need to contact my ISP (that is hosting my domain) to setup a MX record for my DNS domain (ie my MX record is domain.com so server would be addressed as servername.domain.com). I also need an A Level entry (A=servername.domain.com and this is to point to the external IP address of my firewall) - this was read from question 21112412. I then need to configure the Exchange Server on SBS 2003 accordingly. Is this correct?

Now the main problem I have is that our organisation is supplied their internet access from British Telecom using an Intelligent Gateway Router (a 1Mb line). We have a static IP address supplied by them for our connection. Our website (domain) is hosted by a company called Clearfuse and our current POP3 provider is called Onthespot. Now who should I contact to setup this MX record to point to our server? I would have thought it would be Clearfuse as they host the domain but they are not our ISP.

Also, would I use my server as the primary DNS Server after all of this or should it point to my ISP? At present we have no thoughts of bringing the external website hosted by Clearfuse into the internal server. We'll prehaps open Sharepoint for Internet use at some stage but no right away.

Any advice is welcome as always.
Question by:Steven O'Neill
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 16

Expert Comment

ID: 13563871
Setup your SBS server with your Domain Name.  

Whomever you have your Domain Name registered through is probably handling the DNS for it.  You will need to put in an A record for the server.  You will also make an MX record for the server.  Right now that may or may not point to your ISP's mail server.

For these IP addresses, you will put the public IP address of your organization.  You may have it on your Router or firewall.  Anyway, those names will point to your public IP address.  If your SBS has a public IP itself, then you would point it there.  Otherwise, it points to the router/firewall that is providing NAT for you.  You would then Open up TCP port 25 for SMTP and forward that to the internal IP address of your server.  If you want OWA to also work, do the same for port 80.

With and SBS server online, the proper setup for your internal DNS is to have the SBS server point to itself. All Clients will point to the SBS server.  The only place you need your ISP's DNS settings is in the router/firewall.  If a resolution request hits the DNS server and it cannot resolve it, then it will contact the Internet Root Servers for resolution, get the answer, put it in it's cache and return the answer to the workstation.

You pretty much have all the right information in you post.
LVL 33

Assisted Solution

NJComputerNetworks earned 400 total points
ID: 13566144
I would not setup your internal domain with the same exact name your are registered on the Internet with.  This is not recommended and will lead to Internal DNS problems.

So, if externally, you company is known on the Internet as company.com, make your internal domain name company.local.

To find out who controls your DNS Internet domain, go to this website:  http://www.internic.net/whois.html  You are looking for your DOMAIN REGISTRAR....it will return contact information.  You will need to contact these people to make changes such as MX records.

Otherwise, you everything you say looks right.

Note:  You will want to point all of your internal clients to your internal Windows 2003 DNs server ONLY.  Then configure your Windows 2003 DNS server to forward requests to the ISP DNS servers.  To configure fowarding, Right click your DNS server in the DNS console, and choose properties.  Then click the Forwarders tab.  Enter your ISP DNS servers here...


Author Comment

by:Steven O'Neill
ID: 13572657
Guys thanx for this, puts my mind at ease.

Our internal domain is already known as domain.local (were we have domain.com for our Internet site). I take it that I'm looking for something like Registrant's Agent when doing the lookup (our domain is actually a .org.uk but I'm simplifing it for usage here).

As for the public IP address, I take it that this is the one that I have on my Default Gateway of my Firewall? The IP address used by the Router is different but is on the same subnet but I take it that I'd use the IP address supplied by my ISP that is used at the Default Gateway, right? The Default Gateway is on ***.***.***.6 and the Router is using ***.***.***.3. Perhaps thinking about it it should be the Router? The network card at the Trustix firewall (not the Router) is on ***.***.***.3, so is this our public IP?

Checking over the Router settings I note that the internal firewall is set for maximum protection (no unsolicited inbound traffic). I take it that in order for me to receive the mail I want to I'd need to open this up slightly to allow traffic to access the network?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 16

Accepted Solution

samccarthy earned 1600 total points
ID: 13573707
Yes, on your firewall setting, you will have to open TCP port 25 and forward it to the IP address of your mail server for proper operation.

At your registrant, who probably holds your Internet DNS records, just have them point the A Record and MX record to your public IP address, the external interface on your router/firewall.  
For Example External Interface |Router/Firewall|Internal Interface Server

ok...  Lets say I'm sending you an email.  My server queries DNS and is told that Domain.com is at, is the public IP of your Router/firewall  ...........  Now the packet on port 25 is being allowed by the rules through the firewall and forwards it to the mail server,

Does that clear it up a little?

Author Comment

by:Steven O'Neill
ID: 13575218
Very clear now thanx. I've split the points somewhat as NJComputerNetworks gave some valuable advise as well.
LVL 16

Expert Comment

ID: 13582982
Thanks and Good Luck!

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question