Solved

urgent forward lookup zone

Posted on 2007-11-18
11
406 Views
Last Modified: 2010-04-07
i have set up a windows server with exchange on it.  all my dns is hosted by at&t.  my internal .local and my public is .org i only have one forward lookup zone in dns with forwarders to my isp.  so my question is do i need to add another primary forward lookup zone for my .org address since .local is not a valid domain on the internet

thanks
0
Comment
Question by:amoos
  • 6
  • 5
11 Comments
 
LVL 6

Expert Comment

by:zane_o
Comment Utility
This depends on a couple of factors.  If you are trying to connect to sites hosted locally and you need your .org addresses to resolve to your internal private IP addresses, then you should add the .org domain to your internal DNS.  For example, if your website www.yourorg.org is hosted on a server behind your firewall, and you need to access it using the internal IP address, the easiest way to do this is by having the zone in your DNS.
If you are not using the .org internally at all, with the exception of receiving e-mail to that domain, there is no need to add the second zone.
0
 

Author Comment

by:amoos
Comment Utility
ok i use exchange for email.  so since i have a .local do i have to have a separate zone for .org for email????  exchange is on the same server as 2003 R2??
0
 

Author Comment

by:amoos
Comment Utility
our website is hosted by someone else so i do not have to worry about that.  the only thing we use internally is the exchange.  so do i have to create another forward lookup zone for the email and addd the email record in that zone???  even though all the m records from my isp are forwarded to my internal ip from the firewall???  i am confused

please help
0
 
LVL 6

Expert Comment

by:zane_o
Comment Utility
You do not need to add a zone for to receive e-mail destined to the .org domain.  Make sure you have added the .org domain in the recipient policy inside Exchange and that there is a public MX record so that other mail servers on the Internet know how to send messages to your domain.
You should not have to do anything DNS related on your internal network to receive e-mail.  You do not need to created a zone internally or have an MX record internally.
0
 

Author Comment

by:amoos
Comment Utility
great so can you tell me what i have to do on the recipient policy in exchange to do this???all the mail and records provided to me by my isp are forwarded from my firewall to my server internally.  
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 6

Expert Comment

by:zane_o
Comment Utility
Exchange 2003 or 2007?
0
 

Author Comment

by:amoos
Comment Utility
exchange 2003
0
 
LVL 6

Expert Comment

by:zane_o
Comment Utility
From the Exchange System Manager, look under Recipients/Recipient Policies.  In the default Policy Properties, Click the E-mail Addresses tab.  Add your domain that you want to receive e-mail for and set it as the primary.
0
 

Author Comment

by:amoos
Comment Utility
i have already done that. but that is exactly what i did.  so is that all i had to do??  the policies are set right in exchange.  so is there anything else i have to do???  all the ip's are forwarded from the firewall to the internal exchange server ip.  do i need to make the smtp banner the same as the mx record.

for example at&t has 12.xxx.xxx.xxx
mail.mydomain.org

my smtp banner is myserver.mydomain.org

do they need to be the same???
0
 
LVL 6

Accepted Solution

by:
zane_o earned 500 total points
Comment Utility
The SMTP banner does not have to be the same as the MX record name.  I posted in the other question that I can't connect on port 25 (SMTP) to the IP 12.189.231.183.  Is this the IP address of your server?  If so, you need to get port 25 responding.
0
 

Author Comment

by:amoos
Comment Utility
no that is not the ip of my server that is the ip that was given to me from at&t.  the ip i have for my exchange is 192.68.10.3 which is behind a watchguard firewall???  if there is something wrong please tell me what to fix??
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now