Solved

Setting up DNS to send and receive Exchange 2007 mail

Posted on 2008-10-01
10
344 Views
Last Modified: 2013-11-30
Please could some one tell me exactlly all the steps i need to take in order to set up  DNS that will allow me to set  up internet mail on my test exchange 2007 server (default installation)

0
Comment
Question by:titn003
  • 5
  • 4
10 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22612602

Certainly.

1. A Record

You need a Host record for your mail server. A simple name would be perfectly suitable, e.g. mail.yourdomain.com.

That should be added to your public DNS service and pointed to the public IP of your mail server.

2. MX Record

This is used to direct Inbound mail for your domain. It points a domain to a Host. e.g.

yourdomain.com.  MX 10  mail.yourdomain.com.

That means mail bound for yourdomain.com will be delivered (preferentially) via mail.yourdomain.com.

You can have multiple MX records to allow a backup route or a simple level of load balancing for inbound mail. e.g.

yourdomain.com.  MX 10  mail.yourdomain.com.
yourdomain.com.  MX 20  backupmail.yourdomain.com.

Or

yourdomain.com.  MX 10  mail.yourdomain.com.
yourdomain.com.  MX 10  loadbalancedmail.yourdomain.com.

3. PTR Record

If you're sending out mail this one is important. Without it a large number of mail hosts will reject mail from your server. The PTR Record, or Reverse Lookup Record maps the IP Address for the server back to the Name.

It's quite rare for you to have control over your own reverse lookup zone. Unless you do you will have to request that your ISP makes the PTR record for you.

If the public IP for the server were 1.2.3.4 the PTR record would look like this:

4.3.2.1.in-addr.arpa.  PTR  mail.yourdomain.com.

4. Other bits

4.1 SMTP Service FQDN:

That covers DNS, but it's also important to note that your server should send out using the FQDN mentioned above. If it doesn't match it will cause issues matching up the reverse lookup record.

4.2 SPF

This technically falls back into DNS, but it is not a requirement for normal mail server operation. It's worth mentioning as a technology as it can reduce abuse of the domain and therefore reduce the number of NDRs you have to process as a result of that abuse.

Further details here:

http://www.openspf.org

The above has a wizard to create the record on the main page. Microsoft have their own version here:

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Basically, it allows you to state exactly which servers are permitted to send as your domain name. It will only effect outbound mail.

HTH

Chris
0
 
LVL 19

Expert Comment

by:bevhost
ID: 22612622
On the receiving side, for each server/domains

You must create a A record for the hostname of the computer eg

mail.example.com.  1D   IN   A    1.2.3.4

And you must create a MX record for any other domains which the server receives mail for. eg:

example.com.  1D  IN  MX  50 mail.example.com.


0
 

Author Comment

by:titn003
ID: 22613791
How do i do the following

"That should be added to your public DNS service and pointed to the public IP of your mail server"

ie i do not have a public dns service or a public ip address
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 70

Expert Comment

by:Chris Dent
ID: 22613805

If your system is to accept inbound mail from the rest of the world you will need both.

If you're only bothered about it as an internal system then you don't need those or "3" above.

Chris
0
 

Author Comment

by:titn003
ID: 22622426
Sorry - i am still confused around what i need to do will the mx records with in my dns.

Please can you tell me exactly what i need to do to get my exchange server sending and receiving email.

I have created a account with DynDNS called
xxx.com (as an example) which is resolvable
and my domain is 123.com (as an example) and the exchange server name is EXH-102 with ip address of 192.168.0102
my adsl provider details are

Non-authoritative answer:
Name:    tiscali.com
Address:  213.205.32.10

> set type=mx
> tiscali.com
Server:  uk-dc007.groupinfra.com
Address:  158.234.38.242

Non-authoritative answer:
tiscali.com     MX preference = 20, mail exchanger = mail-mx-int-1.tiscali.com
tiscali.com     MX preference = 20, mail exchanger = mail-mx-int-2.tiscali.com

tiscali.com     nameserver = ns.tiscalinet.it
tiscali.com     nameserver = sns.tiscali.it
ns.tiscalinet.it        internet address = 195.130.224.18
sns.tiscali.it  internet address = 195.130.225.129
>
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22622515

> Please can you tell me exactly what i need to do to get my exchange server sending and receiving email.

I can't tell you exactly, no. That's simply because I've no idea what interface you use to add records, or how your network is configured, or even what your domain name actually is.

Do you have a Public IP Address for use with the Exchange Server?

The public IP address will need to use either PAT (Port Address Translation) or NAT (Network Address Translation) to get traffic arriving at TCP Port 25 to the Mail Server running on 192.168.0.102.

Do you have access to add records to the xxx.com zone / domain?

You will need to add a record into your public zone for the mail server.

For example, if your public IP is 213.212.211.210 you could add:

mail.xxx.com.  IN A  213.212.211.210

That allows you to configure an MX Record:

xxx.com.  IN MX  10  mail.xxx.com.

Which states that mail for xxx.com should be delivered to mail.xxx.com.

That gets you inbound mail transport.

For outbound, I strongly recommend you Relay outbound mail via a service that can meet the requirements for 3 and 4.1 above. If you use a Dynamic IP Address you cannot meet those requirements and you will find a lot of mail from your server is rejected and that you risk being blacklisted.

Chris
0
 

Author Comment

by:titn003
ID: 22622657
Do you have access to add records to the xxx.com zone / domain?

Yes - my domain controller is running DNS

Where do you recommend I get a public ip address from and who should i use for Relay outbound mail
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22622724

> Yes - my domain controller is running DNS

Yes, but is that the public version of the zone?

DNS is required for your internal domain, that's no good for people outside of your network, they won't have access to that and won't be able to resolve or query any records you add there.

> Where do you recommend I get a public ip address from and who should i use for Relay outbound mail

Your ISP is the only one that can provide the public IP Address.

And your ISP would be a good target for relaying mail out if they can't provide a static IP address for you. That assumes they offer that kind of service.

Chris
0
 

Author Comment

by:titn003
ID: 22623054
which isp would you recommend for this
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22623101

It depends on the connection method you choose, on location and on your requirements.

Working in London I always quite liked Zen Internet for small business or home, reliable with good customer service / sales. The downside is you might have to pay a bit more for that. I've no idea if they extend into Ireland.

I'm pretty sure that Tiscali have a business service, but I hold them in low regard so I wouldn't actively recommend them (personally).

It's not really an area I deal with so I'm not sure my advice there is going to be too helpful.

Chris
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question