Solved

Exchange and Non-Authoritative Domains

Posted on 2010-11-07
5
1,110 Views
Last Modified: 2012-05-10
Hi

We currently have an exchange 2010 server that is configured for our existing domain name.
We are part of a national group and have 24 exchange servers across the country all hosting their own domain name and no network links between them.  We are setting up a new name to be used by all and have a web service that will be doing the redirection to the relevant exchange server on a per user basis.
My question is, will I get any issues with reverse dns lookups on the local exchange servers if they are sending out as the new domain name as the mx record is not pointing to each server?

Any help would be awesome, thanks

Mark
0
Comment
Question by:mwelf1
  • 2
  • 2
5 Comments
 
LVL 31

Expert Comment

by:MegaNuk3
Comment Utility
You could always add those mx records to DNS at a much higher cost/priority...

0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
No, it shouldn't cause any issues for you. Anti spam checks don't generally perform reverse lookups and compare with the MX records of the sender's domain

You mostly need to make sure the SMTP banner on your send connector is set to a valid DNS name, ensure that resolves back to the server's public IP and that the same record is found in the ISP ptr record for that IP.

I.e. If your server sits at 1.2.3.4 and has a name site.company.com, the DNS record should point to 1.2.3.4 and the PTR record set to site.company.com.

If you use SPF, there could be issues there - so make sure each sending server is listed on the SPF record for the domain.

Matt
0
 
LVL 31

Expert Comment

by:MegaNuk3
Comment Utility
Yep, Matt is right. MX records are for sending into your domain, not for checking what is coming out of it.

Not having an SPF or not having all servers listed in SPF may result in higher Spam scoring for your messages.

With SPF you can put in that all your MX records are valid for the domain (hence my mention of adding MX records
above)
0
 

Author Comment

by:mwelf1
Comment Utility
Can I just clarify the points above please.

So the MX record for the new domain name will point to the cloud based service that does the re-direction not the local servers.

If the smtp banner is set to mail.oldname.com.au but the mail sent out is from @newname.com.au, is that a problem?

What do I do with teh SPF records? Is that with my ISP?

thanks for your assistance guys

Mark
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
Comment Utility
"...the MX record for the new domain name will point to the cloud based service that does the redirection..."

Correct.

"...the smtp banner is set to mail.oldname.com.au but the mail sent out is from @newname.com.au, is that a problem?"

Not a problem. The SMTP banner does not have to match the MX record(s) defined for the domain.  There are hundreds of mail admins who use services like Postini for inbound email but send email directly... If matching the MX record was a requirement this wouldn't work.

What you need to ensure is:

* the FQDN in the SMTP banner is a valid DNS name which resolves to the IP the server will send from

* the IP the server is sending from has a PTR record whose value is the FQDN in the SMTP banner

The PTR record would usually need to be set with your ISP.

The SPF framework is a system implemented in recent years which defines the servers approved to send for a domain. It isn't a requirement but configuring it can help reduce backscatter attacks using your domain. It isn't 100% effective but it is better than nothing.

The SPF record is set by you on your public DNS, wherever that is hosted for the new email domain. It is set in a DNS TXT record so your DNS host needs to support that format (some don't).

Have a look at

http://en.m.wikipedia.org/wiki/Sender_Policy_Framework
and
http://www.openspf.org/

for more info.

Matt
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now