• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 437
  • Last Modified:

How do I enable a legitimate second domain?

At work we have one server running Windows Server 2003 SBS.  This server is used as a proxy for Internet access; it also runs AD and Exchange.  

We use a hosting company for our domain and they also collect our public email (POP 3) which is periodically collected by Exchange.  Outbound email is relayed to BT.  We do use OWA for external access to Exchange and this is achieved by a public IP address provided by BT.  The FQDN of the internal server is simply a private local name.

My company has recently been purchased by another company who want us to use their domain name immediately.  Thus I need a quick and safe solution.  We have set up their new domain to relay email to our POP 3 provider in terms of relaying appropriate incoming email under their domain.  This works fine.  

However, it gets more complicated when setting the new domain as the primary email address for my internal users, as many spam filters do not like receiving email from one domain which originated from another and this is bad practice.  

My question is how do I solve this in the interim?  We will be fully integraing with their domain over the next few months but I need my users to be able to email from the internal network under the new domain domain quickly.      
0
martynwolf32
Asked:
martynwolf32
  • 6
  • 4
1 Solution
 
JimboEfxCommented:
Hello martynwolf32,

Exchange can deal with multiple domains easiliy...

There is some reconfiguration for users if you want to run the domains side by side:
http://www.amset.info/exchange/twodomainsoneuser.asp

Or if you just want to immediately swtich over:
http://technet.microsoft.com/en-us/library/bb124859(EXCHG.65).aspx
adjust the priority and apply to existing users and they will have new email alias in the new smtp domain.

Sort your reverse dns out with your ISP (BT) and exchange smtp banner:
http://www.amset.info/exchange/dnsconfig.asp

I think i have covered your points but if i have missed something let me know.

Regards,

JimboEfx
0
 
martynwolf32Author Commented:
Thanks for that.

Do I need to do anything with DNS/PTR records?
0
 
martynwolf32Author Commented:
Let me expand on my last remark.  Is it the ISP or host of the domain who needs to sort out the DNS/PTR entries for the FQDN of the Exchange server?
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
JimboEfxCommented:
Forward name resolution is what is the ip address of mail.mydomain.com where mail.mydomain.com is the host name of your mx record. This record is held by your DNS hosting company.

For the reverse DNS entry of the public FQDN it is always the ISP who gives you internet access.

e.g. the reverse lookup domain name corresponding to the IPv4 address 10.12.13.140 is 140.13.12.10.in-addr.arpa

Your ISP hosts this zone (essentially ptr records). As such they can change 140.13.12.10.in-addr.arpa to say mail.mydomain.com where mail.mydomain.com is the host name of the mx record also used for forward name resolution.

So the name matches on forward and reverse name resolution. Some consider it strong weighting in terms of domain legitamacy if you have both matching and use it as an anti-spam feature.

0
 
martynwolf32Author Commented:
Thanks for that, I think I am starting to see the full picture.  

Can I just list what I need to do?

Change the FQDN on my Exchange server to mail.domain.com

Enable forward and reverse DNS lookup with an entry required by both the host of the domain and my ISP.  Presumably as incoming mail is relayed from the host already it is the reverse lookup (ISP PTR entry) which is now required?  

Get the host of the domain to update the SPF file for mail.domain.com.

0
 
JimboEfxCommented:
Change the FQDN on my Exchange server to mail.domain.com
>>Change the FQDN on my Exchange server SMTP banner to mail.domain.com. Although not too relavent since your parent company is routing mail to you...

Enable forward and reverse DNS lookup with an entry required by both the host of the domain and my ISP.  Presumably as incoming mail is relayed from the host already it is the reverse lookup (ISP PTR entry) which is now required?
>>>Yes change reverse entry to match the host name of your parent company  

Get the host of the domain to update the SPF file for mail.domain.com.

This way email is sent to your parent company to mail.domain.com, they get it to you somehow. when you reply by virtue of recipient policy your reply address is in the same smtp domina, and if they do a reverse lookup on your ip it matches mail.domain.com

I think that's it!
0
 
martynwolf32Author Commented:
Thanks very much.  

I will  test  tomorrow and see how I get on.  

0
 
martynwolf32Author Commented:
Just apoken with BT (an ordeal in itslef) and just to confirm they need me to set up the A record befor they will do the reverse DNS.

Presumably, in my case, the host of the new domain needs to set this up?  Just as they wold the MX records.  Getting confused by the difference beweent the two.  

0
 
JimboEfxCommented:
Yes your DNS host needs to set the mx and A records up for you.
0
 
martynwolf32Author Commented:
Thanks for that.  

DNS now updated propagted and sorted.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now