Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Proper DNS setup for Exchange 2003

Posted on 2007-11-28
12
Medium Priority
?
2,632 Views
Last Modified: 2010-04-21
Ok here is the setup. I have a Windows 2003 Server (Standard Edition Service Pack 2) that I'd like to set up for external company mail. Its hosted at a dedicated hosting company on a 100mbit connection with an external IP. We have our company domain name at godaddy.com.

I've gone through a little train signal course about installing exchange (including the DNS and Active directory prereqs) but the course wanted me to name everything like companyname.local instead of company name.com. This seemed to work.. sorta but certain email providers kick back our emails when they do whatever sort of verification they do. Kicks back a message like so:

did not reach the following recipient(s):

adam@someothercompany.com on Mon, 19 Nov 2007 03:58:57 -0000
   There was a SMTP communication problem with the recipient's email
server.  Please contact your system administrator.
   <wdc211.mycompany.local #5.5.0 smtp;550-Verification failed for
<jeff@mycompany.com>>

So I want to start from scratch and do this right. Before I even bother setting up Active directory how do I properly configure DNS for companyname.com rather than companyname.local. Step by step as if I just installed a fresh copy of win2k3 would be prefered. For now Im just asking for the steps up through the DNS portion, not the active directory install or the exchange install. I know 500 points isnt enough to cover all of that.

 For those wishing to rack up a lot of points helping a single person Im going to be posting questions each step of the way till this thing is fully set up with working pop3 support and maybe even RCP over HTTPS so if your my guy to walk me through the whole thing let me know :)

BTW we will be using Exchange 2003 Enterprise and installing Exchange's Service Pack 2
0
Comment
Question by:dimorphios
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 20

Expert Comment

by:brwwiggins
ID: 20369293
typically your hosting service owns the IP block and is responsible for NS records for that IP range. You may have to ask godaddy if they can either add records pointing the IP to your hostname so that reverse lookups do not fail (which is what you are seeing above)

This is true regardless of what e-mail system you use.
0
 
LVL 3

Author Comment

by:dimorphios
ID: 20369309
don't have to ask go daddy they allow everything from total DNS control panel. Im not talking about the domain DNS setup Im talking about the DNS role I install on exchange server. Guess I should have specified that. Active directory and exchange require you have the DNS role installed. I want to know how to set that up properly.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20369347
You don't need to do any of that.  All you need to do is change the name of your Exchange email domain.  The Active Directory domain name does NOT have to be the same as the Exchange email domain name.  The ".local" setup is used often for company's that are hosting a server behind a firewall with a private DNS setup.  That ensures that the local DNS server doesn't interfere in any way with the public one that is hosting the ".com" domain.  That said, all you need to do is go into your Exchange System Manager, open up to the Recipient Policy and edit your recipient policy.  Once you get there, you'll see that there is a policy for the SMTP address space, and it probably has "@yourdomain.local" as the defined namespace.  Just edit that entry and change it to "@yourdomain.com" (i.e., whatever your public domain name is that you want to use for everyone's email address).  You'll get a prompt asking if you want all of your existing email addresses to be updated and you want to answer "yes" to that.

Once that's done, all of your outgoing email will be sent with your registered public domain name and should not be rejected any more provided that you have a public MX record pointed to your host name and public IP address for that server.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20369394
Hmmm - re-reading your posts and responses, maybe I have it backwards for you.  Perhaps what is missing is the public MX record pointing to your Exchange host machine.  That public MX record has to resolve to your public domain name - i.e., yourdomain.com - not yourdomain.local.  You need to do two things:

1.  In the properties of the SMTP virtual server in the ESM, Delivery tab, Advanced button, set the FQDN to be whatever your public email host name should be - i.e., mymxserver.mydomain.com.  This will make your server advertise itself with the correct domain name.

2.  At your ISP, make sure they have a host record for that server name pointing to your public IP address, and make sure that they also have an MX record pointing to that host name.  It's also good, although not ABSOLUTELY required, for you to have a PTR record and an SPF record on that public DNS server.

NOW, IF the server your working on is going to be your public DNS server, then that's another story. But I don't think that's what you're talking about.
0
 
LVL 3

Author Comment

by:dimorphios
ID: 20369404
unfortunately we had already done that. If you look closer at the error message its saying that the email is coming from jeff@mycompany.com but is getting fowled up when thier server tries to verify where its coming from and my server identifies itself as mycompanyname.local. As I said Most of the places we send email dont seem to do this check. I imagine its some sort of security feature to make sure that the email is coming from where it says its coming from and isnt being spoofed. Either way... i'd like my active directory domain to be my actual .com domain name... anyone know the proper way to go about doing that?
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20369422
Look at my second post, which describes how you can do that without having to change AD.  In order to change your AD domain, you'd basically have to wipe and completely reinstall Windows and Exchange.
0
 
LVL 3

Author Comment

by:dimorphios
ID: 20369479
hypercat: looking at your ammended response I like that.. that looks sexy :). Unfortunately I really did set up the server to start from scratch so In addition to that how would you recommend the configure for DNS before I install active directory. Even if its .local since you seemed to have covered that problem.
0
 
LVL 3

Author Comment

by:dimorphios
ID: 20369497
and to clarify my server does not need to be my public DNS and I do have SPF record :)
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 20369552
You can't configure DNS before active directory; AD has to exist somewhere on the domain in order for DNS to function.  The order of events in the process of creating a domain is:

1.  Install Windows 2003 Server.
2.  Run dcpromo to create the domain, which creates AD and also configures DNS with the correct zone info and records for the domain.

When you run dcpromo, of course, you have to specify your domain name at that time. This domain name then gets used for the AD and DNS configuration.  Later, when you install Exchange, you can either use the same domain name (which is what happens by default when you install Exchange), or you can install Exchange and then change the recipient policy to use a different public domain name.

Is that what you're asking?  
0
 
LVL 3

Author Comment

by:dimorphios
ID: 20369571
ok so let AD handle the DNS role setup rather than doing it manually before hand correct? Btw looks like you are my guy if you want to follow around the rest of the string of questions going through this setup you stand to make quite a few points. Here's your first 500. Let me know if you are game to make points each step of the way :)
0
 
LVL 3

Author Closing Comment

by:dimorphios
ID: 31411538
YAY!
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20373936
Thanks for the points!  I'm always game for points if I have the time to answer the questions. Unfortunately I do have a regular job ;-)  I'll try to catch as many of your questions and help as much as I can.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question