?
Solved

how exchange email traveks to/from internet

Posted on 2008-06-23
4
Medium Priority
?
179 Views
Last Modified: 2010-03-06
I would like to understand how exchange email travels to and from internet in the environment where they have front end/back end exchange servers and  environment where they have just one exchange server.
like what 's the step by step  route of an email from inside LAN to external user? ex:
1-user send email to a destination user  such as externaluser@externaldomain.com
2-internal DNS will use iterative request to com dns then to dot (.) DNS, all the waw down until iit finds externaldomain.com on the internet and will map its  name to the registered public IP address (65.33.22.11)
3-the email is transmitted to externaldomain.com public IP address 65.33.22.11
4-at this point I don't know if the 65.33.22.11 is the external interface of the firewall of the other company or what type of device it is..
5- if so how does the device with 65.33.22.11 finds the A record and MX record of the DNS of the other company since the A record and MX record in the DNS uses private IP addresses?
6-what's the step by step route of an email from outside to the inside exchange server?

If you can describe both scenarios where front/back end is used and when it is not used that will help.

These steps are  just examples so that yopu will know what I am trying to understand.

Thanks a lot.



0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 1920 total points
ID: 21850369
It's pretty complicated to detail each step in the process, since there are about 8 or 10 steps within Exchange before the email ever leaves your domain.  However, it seems that DNS is one of your main concerns, so  here are a few points that might help:

At STEPS 2-3, the DNS query that is sent will be for the MX server, not just for the domain.  So, it will search for the domain and then for the MX server in that domain's public DNS zone.

At STEP 4, the email is transmitted to the IP address of the MX server, and because it is SMTP communication, it will be sent on TCP port 25.  The actual device at the receiving end is usually either (1) a router/firewall that is forwarding incoming SMTP communication on port 25 to an internal Exchange server; or (2) a router/firewall that is forwarding incoming SMTP communication on port 25 to a perimeter server in the DMZ (i.e., an Exchange front-end server); or (d) a router/firewall that is forwarding incoming communication on port 25 to an anti-spam gateway of some kind.  After that, you get into lots of possible routes internally, but essentially the email gets eventually received by Exchange through whatever SMTP gateway is being used (router or front-end server or anti-spam device).

At STEP 5, the receiving device doesn't know anything about any private addresses at your end (the sending end).  All it sees is your public MX host IP address.  If you look at the head of any email, you'll see near the top a couple of lines that show you what your server knows about the sending email server(s).  It looks something like this:

Microsoft Mail Internet Headers Version 2.0
Received: from cron.experts-exchange.com ([64.156.132.246]) by myserver.mydomain.com with Microsoft SMTPSVC(6.0.3790.1830);
       Mon, 23 Jun 2008 16:50:46 -0400

You will not see any private IP addresses anywhere in the header of the email.
0
 
LVL 31

Assisted Solution

by:moorhouselondon
moorhouselondon earned 80 total points
ID: 21850401
4-at this point I don't know if the 65.33.22.11 is the external interface of the firewall of the other company or what type of device it is..

There is a routing table inside devices that act on IP packets that decide where the packet should go:-

http://en.wikipedia.org/wiki/Routing_table
0
 

Author Comment

by:jskfan
ID: 21853472
<<<At STEPS 2-3, the DNS query that is sent will be for the MX server, not just for the domain.  So, it will search for the domain and then for the MX server in that domain's public DNS zone.>>>>

So companies that use Exchange email server and have their domain registered on the internet, must have  Domain name, Public IP , and MX record registered?
I was not sure that you must have MX record registered on the internet unless if you get your emails from an  ISP.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 1920 total points
ID: 21856174
The public MX record is essential for receiving external email. The actual DNS zone records required for email processing are: at least one NS record to indicate where your public DNS zone is housed; at least one A record to identify the domain's main public IP address - advisable but not absolutely necessary; at least one A record to identify your mail server's public host name; and an MX record to identify the host record that resolves to your mail server.  If you don't have a public MX record, the rest of the world with think that you don't have an email server and all mail will be returned as non-deliverable.  BTW, just as further clarification, the MX record is essential for ANY email server, not just Exchange. The abbreviation "MX" means "mail exchange server" in the general sense, not in the Microsoft Exchange sense.

Other DNS records that are extremely important in today's spam-laden environment are a PTR (reverse DNS) record pointing back to your mail server's host name and a SPF record to identify the approved email servers for your domain.  You will be able to receive email without these two, but some large ISP's (AT&T, Yahoo, etc., etc.) will reject your email as spam if you don't have a PTR record; and an SPF record helps tremendously with spam control both on your own domain and for the domains you send email to.  BTW, these are all PUBLIC DNS records; they reside on your domain's public DNS zone, not on your internal DNS server.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question