Solved

Email Outbound IP

Posted on 2010-09-20
11
522 Views
Last Modified: 2012-05-10
If outbound email is going out on a different ip address than the mx records, is there a way to fix this with dns or similar?
0
Comment
Question by:Jack_son_
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 20

Expert Comment

by:n2fc
ID: 33718285
MX records control INCOMING email for your domain...

Your OUTBOUND email can either be sent to the RECIPIENT's server (by way of THEIR MX records) or relayed on your behalf via a valid SMTP connection.
0
 
LVL 2

Expert Comment

by:icfire
ID: 33718295
You can use a smarthost, or add the ip to an alternative MX record.  
0
 

Author Comment

by:Jack_son_
ID: 33718306
So this shouldnt matter?  So just add a second MX?  This ip wouldnt be usable for email delivery.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 2

Expert Comment

by:icfire
ID: 33718399
technically no it shouldn't matter.  You can add a second MX record with a high priority and as long as the first SMTP server is there it will not make it to the second one.  I assumed that you were having issues sending mail because someone was doing a MX lookup and complaining that the IP doesn't match the MX record.  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718415
I'm wondering if you're asking this due to a rdns issue...in any case on your fiirewall you could create a policy to NAT the outbound traffic from your mailserver to the public address you have setup for your mx record.
0
 

Author Comment

by:Jack_son_
ID: 33718844
So use the same address public ip address for outbound mail as inbound?  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718860
Yes, you can NAT the outbound to be the same as the mx inbound, all the rdns and mx lookups that recipient mail systems do would then recieve the expected results.
0
 

Author Comment

by:Jack_son_
ID: 33718975
Ok, the difficulty is the configuration in the firewall.    Since multiple inside devices share the same public ip as they all work towards email, it seems it has to exit on a separate ip.  I will try to work around this though.
0
 
LVL 2

Accepted Solution

by:
bfelske earned 250 total points
ID: 33719027
Depending on your firewall you'll likely need to setup a dynamic ip pool that would be used for outbound traffic...in this case you would create a pool of one address...then use that pool for your outbound NAT on a new outbound policy that specifies your internal mail server to all outbound hosts.   the policy should be placed just above your outbound policy for all to all.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33720080
The important part of MX records is that your Sending FQDN e.g., mail.yourdomain.com resolves correctly to the IP Address that you are sending from and that Reverse DNS is setup on that IP Address, and that Reverse DNS correctly resolves to the same IP.
If you have an MX record that points to one IP address, it is not important.  Just make sure that the IP you send from e.g. 123.123.123.123 has Reverse DNS configured for example, mail.yourdomain.com and that mail.yourdomain.com resolves to IP address 123.123.123.123 in DNS using mail.yourdomain.com.
0
 

Author Closing Comment

by:Jack_son_
ID: 33835311
Thanks, this answered my qustion
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question