Solved

Email Outbound IP

Posted on 2010-09-20
11
524 Views
Last Modified: 2012-05-10
If outbound email is going out on a different ip address than the mx records, is there a way to fix this with dns or similar?
0
Comment
Question by:Jack_son_
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 20

Expert Comment

by:n2fc
ID: 33718285
MX records control INCOMING email for your domain...

Your OUTBOUND email can either be sent to the RECIPIENT's server (by way of THEIR MX records) or relayed on your behalf via a valid SMTP connection.
0
 
LVL 2

Expert Comment

by:icfire
ID: 33718295
You can use a smarthost, or add the ip to an alternative MX record.  
0
 

Author Comment

by:Jack_son_
ID: 33718306
So this shouldnt matter?  So just add a second MX?  This ip wouldnt be usable for email delivery.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 2

Expert Comment

by:icfire
ID: 33718399
technically no it shouldn't matter.  You can add a second MX record with a high priority and as long as the first SMTP server is there it will not make it to the second one.  I assumed that you were having issues sending mail because someone was doing a MX lookup and complaining that the IP doesn't match the MX record.  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718415
I'm wondering if you're asking this due to a rdns issue...in any case on your fiirewall you could create a policy to NAT the outbound traffic from your mailserver to the public address you have setup for your mx record.
0
 

Author Comment

by:Jack_son_
ID: 33718844
So use the same address public ip address for outbound mail as inbound?  
0
 
LVL 2

Expert Comment

by:bfelske
ID: 33718860
Yes, you can NAT the outbound to be the same as the mx inbound, all the rdns and mx lookups that recipient mail systems do would then recieve the expected results.
0
 

Author Comment

by:Jack_son_
ID: 33718975
Ok, the difficulty is the configuration in the firewall.    Since multiple inside devices share the same public ip as they all work towards email, it seems it has to exit on a separate ip.  I will try to work around this though.
0
 
LVL 2

Accepted Solution

by:
bfelske earned 250 total points
ID: 33719027
Depending on your firewall you'll likely need to setup a dynamic ip pool that would be used for outbound traffic...in this case you would create a pool of one address...then use that pool for your outbound NAT on a new outbound policy that specifies your internal mail server to all outbound hosts.   the policy should be placed just above your outbound policy for all to all.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 250 total points
ID: 33720080
The important part of MX records is that your Sending FQDN e.g., mail.yourdomain.com resolves correctly to the IP Address that you are sending from and that Reverse DNS is setup on that IP Address, and that Reverse DNS correctly resolves to the same IP.
If you have an MX record that points to one IP address, it is not important.  Just make sure that the IP you send from e.g. 123.123.123.123 has Reverse DNS configured for example, mail.yourdomain.com and that mail.yourdomain.com resolves to IP address 123.123.123.123 in DNS using mail.yourdomain.com.
0
 

Author Closing Comment

by:Jack_son_
ID: 33835311
Thanks, this answered my qustion
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In-place Upgrading Dirsync to Azure AD Connect
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question