Solved

Proper DNS and MX Record Setup for seperate Website and Email

Posted on 2006-10-19
7
951 Views
Last Modified: 2013-11-30
I have my domain name hosted with godaddy.com; I am trying to setup the DNS Control so that my website points to the website hosting company and mx record points to my exchange server (Small business server 2003).  

66.210.170.100 -> Web Hosting Company


A (Host)
Host                                        Points To             TTL
@                                     66.210.170.100 3600 Edit  Delete  
 intranet.mydomain.com     70.91.216.122 3600 Edit  Delete  
 smtp.mydomain.com         70.91.216.122 3600 Edit  Delete  
 mail.mydomain.com          70.91.216.122 3600 Edit  Delete  
 exchange.mydomain.com   70.91.216.122 3600 Edit  Delete  

CNAMES (Aliases)
Alias                     Points to       TTL
www                     @               3600 Edit  Delete  
 ftp                        @               3600 Edit  Delete

MX (Mail Exchangers)
Priority           Host                Goes to                         TTL
0                   @                    mail.mydomain.com       3600

TXT (Text)

I DID HAVE:    - v=spf1 a mx:mail.mydomain.com -all ; had it removed... see below

Did I have this setup correctly?

ISSUE #1: Emails are stuck in Small Business SMTP Connector for msamortgage.com, other domains go through with no problems... ran a dnsreport on that domain and it failed several categorgies, had another email that was sent back to sender that stated:

There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. <mydomain.com #5.5.0 smtp;554 This server requires you to send from an IP address specified by the SPF for mydomain.com.>

ISSUE #2: Warning after running check on dnsreport.com -
Mail server host name in greeting

"mail.mydomain.com claims to be host mydomain.com  [but that host is at 66.210.170.100 (may be cached), not 70.91.216.122].
-------------------------------------------------------------------------------------------------------

After I removed the SPF  record, the emails were no longer stuck in the smtp connector queue and email no longer bounced back.
0
Comment
Question by:nexsysit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17769999
your MX record should point to mail or exchange or intranet or smtp.mydomain.com
0
 
LVL 11

Expert Comment

by:Chris Gralike
ID: 17770000
it would help me allot if you supplied your "domain" so i can have a look at the setup using www.kloth.net and http://www.dnsreport.com/

regards.
0
 
LVL 1

Expert Comment

by:Sean64
ID: 17770083
You should have SPF records for your domain as well as each mail server.

@                              TXT "v=spf1 a mx -all"
mail.mydomain.com    TXT "v=spf1 a mx -all"
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 11

Expert Comment

by:Chris Gralike
ID: 17770128
an example:

{Server1} role: WWW IP:172.125.12.100
{Server2} role: Intranet IP:83.232.12.199
{Server3} role: exchange IP:83.232.12.198
{Server4} role: backup Mail relay provider IP 172.125.12.198

DNS example (public)

www.mycomp.com (A) 172.135.12.100
mail1.mycomp.com (MX) 50 83.232.12.198
mail2.mycomp.com (MX) 100 172.125.12.198
intra.mycorp.com (A) 83.232.12.199
owa.mycorp.com (CNAME) mail1.mycopr.com

Regards,
0
 

Author Comment

by:nexsysit
ID: 17770909
Hi,

I should have stated that I have 1 server; Small business server2003 for (intranet, exchange, and remote access); except public web server (website is hosted by another company).

which is why I want to point the @ to the webhosting company and mx to my ip address for email; but this generates a warning on dnsreport.com for my domain (humblehomemtg.com)

Mail server host name in greeting

"mail.humblehomemtg.com claims to be host humblehomemtg.com  [but that host is at 66.210.170.100 (may be cached), not 70.91.216.122].
 

Reply 1:
The MX record does point to mail.humblehomemtg.com;

Reply 2:
mydomain=humblehomemtg.com;
emails where stuck in the smtp connector when sending to msamortgage.com
emails where bounced back after sending email to user@gumption.biz with the error message

"There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. <mydomain.com #5.5.0 smtp;554 This server requires you to send from an IP address specified by the SPF for mydomain.com.>"

I did a  dnsreport on the two domains above and they had numerous failed sections.

Reply3:
I didn't have a SPF record for the domain; only the mailserver, will add one for the domain and try again...

v=spf1 a mx:mail.humblehomemtg.com -all
--------------------------------------------

I wasnt sure if why the emails were stuck in the smtp connector (for msamortgage.com and bounced back by gumption.biz); I figured it was because I did not set up the DNS properly or it was an issue with the SPF verification on the destination emails.

Also when I did a dnsreport on my domain (humblehomemtg.com); there was the warning

Mail server host name in greeting

"mail.humblehomemtg.com claims to be host humblehomemtg.com  [but that host is at 66.210.170.100 (may be cached), not 70.91.216.122].
 
which is what lead to me to believe that I did not properly set up the A record and CNames...

I removed the SPF record from DNS on godaddy.com for my domain and 15-20mins later the emails went through to msamortgage.com and no bounce back from user@gumption.biz.

which leads me to believe that the domains msamortgage.com and gumption.biz are not setup properly (a few failures and no spf record setup)

So i guess the quesiton is

Did I properly setup the DNS settings?

Should I add the SPF records back or leave them out?

Thanks for everyone's time and input...

0
 
LVL 10

Assisted Solution

by:srgilani
srgilani earned 250 total points
ID: 17771518
make sure the FQDN in exchange is the same as the mx record for the domain.
by default the FQDN is set to be the same as the hostname (or domain name).

Change it on the property page of the SMTP Virtual Server in Exchange System Manager. Select the
"Delivery" tab and then click the "Advanced" button. Put the correct
name into the "Fully-qualified domain name" edit box. (the same as the mx record)
0
 
LVL 8

Accepted Solution

by:
nitadmin earned 250 total points
ID: 17778817
Do exactly what srgilani has suggested in his message above. He is absolutely correct.

Also another thing you should do is to contact your ISP and ask them to change PTR record for the ip address of your exchange server. The public ip address of your Exchange Server should resolve to mail.humblehomemtg.com, when you do a Reverse DNS Lookup on the ip address. To do this, your ISP, which owns the public ip, addresses needs to change the PTR record in their DNS server reverse lookup zone.

Another this your should do is correctly configure spf using TXT record.

Here is a link to a web site that assist you in creating sfp TXT record.
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Cheers,
NITADMIN
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question