Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Email Outbound IP

Posted on 2010-09-20
11
Medium Priority
?
530 Views
Last Modified: 2012-05-10
If outbound email is going out on a different ip address than the mx records, is there a way to fix this with dns or similar?
0
Comment
Question by:Jack_son_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 20

Expert Comment

by:n2fc
ID: 33718285
MX records control INCOMING email for your domain...

Your OUTBOUND email can either be sent to the RECIPIENT's server (by way of THEIR MX records) or relayed on your behalf via a valid SMTP connection.
0
 
LVL 2

Expert Comment

by:icfire
ID: 33718295
You can use a smarthost, or add the ip to an alternative MX record.  
0
 

Author Comment

by:Jack_son_
ID: 33718306
So this shouldnt matter?  So just add a second MX?  This ip wouldnt be usable for email delivery.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Expert Comment

by:icfire
ID: 33718399
technically no it shouldn't matter.  You can add a second MX record with a high priority and as long as the first SMTP server is there it will not make it to the second one.  I assumed that you were having issues sending mail because someone was doing a MX lookup and complaining that the IP doesn't match the MX record.  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718415
I'm wondering if you're asking this due to a rdns issue...in any case on your fiirewall you could create a policy to NAT the outbound traffic from your mailserver to the public address you have setup for your mx record.
0
 

Author Comment

by:Jack_son_
ID: 33718844
So use the same address public ip address for outbound mail as inbound?  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718860
Yes, you can NAT the outbound to be the same as the mx inbound, all the rdns and mx lookups that recipient mail systems do would then recieve the expected results.
0
 

Author Comment

by:Jack_son_
ID: 33718975
Ok, the difficulty is the configuration in the firewall.    Since multiple inside devices share the same public ip as they all work towards email, it seems it has to exit on a separate ip.  I will try to work around this though.
0
 
LVL 2

Accepted Solution

by:
bfelske earned 1000 total points
ID: 33719027
Depending on your firewall you'll likely need to setup a dynamic ip pool that would be used for outbound traffic...in this case you would create a pool of one address...then use that pool for your outbound NAT on a new outbound policy that specifies your internal mail server to all outbound hosts.   the policy should be placed just above your outbound policy for all to all.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 1000 total points
ID: 33720080
The important part of MX records is that your Sending FQDN e.g., mail.yourdomain.com resolves correctly to the IP Address that you are sending from and that Reverse DNS is setup on that IP Address, and that Reverse DNS correctly resolves to the same IP.
If you have an MX record that points to one IP address, it is not important.  Just make sure that the IP you send from e.g. 123.123.123.123 has Reverse DNS configured for example, mail.yourdomain.com and that mail.yourdomain.com resolves to IP address 123.123.123.123 in DNS using mail.yourdomain.com.
0
 

Author Closing Comment

by:Jack_son_
ID: 33835311
Thanks, this answered my qustion
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question