Email Outbound IP

Posted on 2010-09-20
Last Modified: 2012-05-10
If outbound email is going out on a different ip address than the mx records, is there a way to fix this with dns or similar?
Question by:Jack_son_
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
LVL 20

Expert Comment

ID: 33718285
MX records control INCOMING email for your domain...

Your OUTBOUND email can either be sent to the RECIPIENT's server (by way of THEIR MX records) or relayed on your behalf via a valid SMTP connection.

Expert Comment

ID: 33718295
You can use a smarthost, or add the ip to an alternative MX record.  

Author Comment

ID: 33718306
So this shouldnt matter?  So just add a second MX?  This ip wouldnt be usable for email delivery.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Expert Comment

ID: 33718399
technically no it shouldn't matter.  You can add a second MX record with a high priority and as long as the first SMTP server is there it will not make it to the second one.  I assumed that you were having issues sending mail because someone was doing a MX lookup and complaining that the IP doesn't match the MX record.  

Expert Comment

ID: 33718415
I'm wondering if you're asking this due to a rdns any case on your fiirewall you could create a policy to NAT the outbound traffic from your mailserver to the public address you have setup for your mx record.

Author Comment

ID: 33718844
So use the same address public ip address for outbound mail as inbound?  

Expert Comment

ID: 33718860
Yes, you can NAT the outbound to be the same as the mx inbound, all the rdns and mx lookups that recipient mail systems do would then recieve the expected results.

Author Comment

ID: 33718975
Ok, the difficulty is the configuration in the firewall.    Since multiple inside devices share the same public ip as they all work towards email, it seems it has to exit on a separate ip.  I will try to work around this though.

Accepted Solution

bfelske earned 250 total points
ID: 33719027
Depending on your firewall you'll likely need to setup a dynamic ip pool that would be used for outbound this case you would create a pool of one address...then use that pool for your outbound NAT on a new outbound policy that specifies your internal mail server to all outbound hosts.   the policy should be placed just above your outbound policy for all to all.
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33720080
The important part of MX records is that your Sending FQDN e.g., resolves correctly to the IP Address that you are sending from and that Reverse DNS is setup on that IP Address, and that Reverse DNS correctly resolves to the same IP.
If you have an MX record that points to one IP address, it is not important.  Just make sure that the IP you send from e.g. has Reverse DNS configured for example, and that resolves to IP address in DNS using

Author Closing Comment

ID: 33835311
Thanks, this answered my qustion

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange Server not available 42 68
SPF settings for 3rd party IPs 8 79
Exchange server Error 3 42
Exchange Online Archive 2 24
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In-place Upgrading Dirsync to Azure AD Connect
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question