Changing from Private to Public FQDN

I have one Windows 2003 SBS which is used as a:

Local Filer server
Local Application Server
Exchange Server  Public domain hosted off-site and email routed in via POP 3 connector.  
Local Active Directory

The servers fully qualified domain name is currently set locally.  External email routed through ISP.  I need to be able to change the FQDN to a public domain name and link with a public IP address we use on the public side of the server.  

What is involved in doing this?  

The end goal is to be able send internal Exchange email with a foreign domain.  Thus I believe I need to register the server in terms of Pointer Record and then register with the Sender Policy Framework file for the foreign domain.

Am I on the right track?  
martynwolf32Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

icky2000Commented:
You're sort of on the right track. Note that the internal name of your server does not have to match the external name of your server. For instance, the internal name might be server1.mycompany.local but your email domain is something.com and you can call your server mail.something.com externally and that is fine. So you don't want to change the name of the actual server in Windows - you want to set things up so it is externally accessible. Mostly this is all a function of DNS.

The server already has an internal IP address. Now you need an external IP address and to do that you'll need to configure your firewall to translate the internal IP to an external IP that you get from your ISP. Once that is done, you need to create an A record for the server in your external DNS with that IP and a host name (mail.something.com or whatever you wish to call it). That A record should have an accompanying PTR record in external DNS too. The SPF record part simply involves adding a TXT record to your external DNS server with the correct SPF information. More info on how to create the SPF record is here: http://old.openspf.org/wizard.html.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
martynwolf32Author Commented:
Thanks for that.   The server has already been configured with an external IP address, provided by BT, which external users use to access Outlook Web Access.  

Thus from what you suggest I simply have to register the servers FQDN (mail.domain.com), which does not have to be the same as the internal host name, thus internal applications which use the internal DNS mapping are not affected.

So if I complete the following I should be able to achieve my goal:

1)      From the SMTP virtual server, properties, delivery tab, advanced set the FQDN to mail.domain.com.
2)      Set up the A record.
3)      Set up the pointer record.
4)      Set up the SPF record.

questions:

In terms of setting up the A record  is this something my ISP or web-hosting company can help with?  

If not what do I have to do?  Currently our public domain is hosted off site.  While our parent company hosts the foreign domain in question.

We relay SMTP through BT.  Does this affect the solution in question?  For example, outbound email being sent under the foreign domain must be authenticated against the SPF record of the same domain.  I guess what I am asking here is that despite relaying through BT will the originating server, stamped to each email, always be the FQDN of my server.          

Sorry to appear cautious, I just want to be sure I have the solution clear in my head.
0
antioedCommented:
"Thus from what you suggest I simply have to register the servers FQDN (mail.domain.com), which does not have to be the same as the internal host name, thus internal applications which use the internal DNS mapping are not affected."

This is correct.

"1)      From the SMTP virtual server, properties, delivery tab, advanced set the FQDN to mail.domain.com.
2)      Set up the A record.
3)      Set up the pointer record.
4)      Set up the SPF record.

questions:

In terms of setting up the A record  is this something my ISP or web-hosting company can help with?  

If not what do I have to do?  Currently our public domain is hosted off site.  While our parent company hosts the foreign domain in question."

Q1:  If you want a DNS record for your server to be "mail.domain.com" then whoever maintains the DNS zone file for "domain.com" will be able to add that FQDN entry.

Q2:  If I understand you correctly, you have a public domain "domain.com" that is hosted off site by some DNS hosting firm.  This is who can make the entry for "mail.domain.com".  But it sounds like you really want your sending messages to report to be coming from a server in your "parent company" domain?  While this should be technically possible, assuming you have cooperation from the parent company's IT group, if I am understanding what you are saying here, you may not exactly be on the right track.  So let's say that you really want messages to appear to be coming from a server in the parent company's domain, "foreign.com", and you want a record for your server that resolves to an FQDN of "server.foreign.com"?  Is that what you are trying to do here?  Please clarify!
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

martynwolf32Author Commented:
Basically we originally only collected email for our domain (Domain 1) which was simply hosted off site.  Our Exchange server, via a POP3 connector, would pull in these emails at predefined intervals and deliver to local accounts.  Emails are relayed outbound via a relay to our ISP.  

My company has now been bought by a larger foreign company.  The mid-term plan will be to integrate Exchange and Active Directory.  In the short term they would like us to email under their Domain header (Domain 2) from our local network.  

At present they simply map emails delivered into their domain (Domain 2) for our local users to the POP 3 accounts mentioned, and these are then delivered locally.  They map user.domain2.com to user.domain1.com which is then delivered locally.

What I need to be able to do is allow emails to be sent outbound under the identity of Domain 2 from my local domain.  Presently I have set up each local user with a second email address of Domain 2.  However before I set this as the primary address I have to be sure that Spam filters like the SPF record do not treat these emails as spam and reject them.  

Hope this clears the confusion.    
0
martynwolf32Author Commented:
So my questions are now:

Does my parent company (Domain 2.com) need to make the A, PTR and SPF record update (as they host Domain 2.com) with my mail server which now has a FQDN of mail.domain2.com?  My DNS records on the local Exchange server only have local entries.  

Do I need to use my ISP (BT) for anything in this matter?  As previously mentioned they relay outgoing email from the Exchange server.
0
martynwolf32Author Commented:
Just to update where I am...

I believe that I have to change the FQDN on my server to mail.domain.com.
My ISP need to make the PTR update, linking my public IP of the server, to the new FQDN
My parent company who host the domain in question needs to create the forward DNS lookup and changes to the SPF record.  

Does this seem reasonable?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.