Solved

Email Outbound IP

Posted on 2010-09-20
11
527 Views
Last Modified: 2012-05-10
If outbound email is going out on a different ip address than the mx records, is there a way to fix this with dns or similar?
0
Comment
Question by:Jack_son_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 20

Expert Comment

by:n2fc
ID: 33718285
MX records control INCOMING email for your domain...

Your OUTBOUND email can either be sent to the RECIPIENT's server (by way of THEIR MX records) or relayed on your behalf via a valid SMTP connection.
0
 
LVL 2

Expert Comment

by:icfire
ID: 33718295
You can use a smarthost, or add the ip to an alternative MX record.  
0
 

Author Comment

by:Jack_son_
ID: 33718306
So this shouldnt matter?  So just add a second MX?  This ip wouldnt be usable for email delivery.
0
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 
LVL 2

Expert Comment

by:icfire
ID: 33718399
technically no it shouldn't matter.  You can add a second MX record with a high priority and as long as the first SMTP server is there it will not make it to the second one.  I assumed that you were having issues sending mail because someone was doing a MX lookup and complaining that the IP doesn't match the MX record.  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718415
I'm wondering if you're asking this due to a rdns issue...in any case on your fiirewall you could create a policy to NAT the outbound traffic from your mailserver to the public address you have setup for your mx record.
0
 

Author Comment

by:Jack_son_
ID: 33718844
So use the same address public ip address for outbound mail as inbound?  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718860
Yes, you can NAT the outbound to be the same as the mx inbound, all the rdns and mx lookups that recipient mail systems do would then recieve the expected results.
0
 

Author Comment

by:Jack_son_
ID: 33718975
Ok, the difficulty is the configuration in the firewall.    Since multiple inside devices share the same public ip as they all work towards email, it seems it has to exit on a separate ip.  I will try to work around this though.
0
 
LVL 2

Accepted Solution

by:
bfelske earned 250 total points
ID: 33719027
Depending on your firewall you'll likely need to setup a dynamic ip pool that would be used for outbound traffic...in this case you would create a pool of one address...then use that pool for your outbound NAT on a new outbound policy that specifies your internal mail server to all outbound hosts.   the policy should be placed just above your outbound policy for all to all.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33720080
The important part of MX records is that your Sending FQDN e.g., mail.yourdomain.com resolves correctly to the IP Address that you are sending from and that Reverse DNS is setup on that IP Address, and that Reverse DNS correctly resolves to the same IP.
If you have an MX record that points to one IP address, it is not important.  Just make sure that the IP you send from e.g. 123.123.123.123 has Reverse DNS configured for example, mail.yourdomain.com and that mail.yourdomain.com resolves to IP address 123.123.123.123 in DNS using mail.yourdomain.com.
0
 

Author Closing Comment

by:Jack_son_
ID: 33835311
Thanks, this answered my qustion
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses
Course of the Month2 days, 18 hours left to enroll

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question