[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 290
  • Last Modified:

MX records, local Mail Server and web being Moved

I have a mail server located in the physical building of the domain and want to move it off site.  By that I mean I have a mail server abc.com and a domain abc.com that also manages DNS (active directory). I do not have any MX records set up in my domain because when email is sent from any user it goes directly to the in house/ on site mail server.  

I am moving the mail server off site for various reasons. My question is, when we make the change to the off site server, how do I make the MX record point outside the domain?   Is it as simple as creating an MX record in DNS and pointing to the new IP?

I also want to make the http: web traffic for abc.com go to the new server as well. I am not sure how to do this since all PCs in the domain point to abc.com for DNS and Active Directory.

Thank you in advance for your help!!!
1 Solution
Adam BrownSr Solutions ArchitectCommented:
You shouldn't need to configure any MX records for you mail, even if you take it off-site. When the server goes outside the internal LAN, clients will still be connecting to it directly to download and send mail, and therefore email communication will still go through the mail server. MX records are used only for Mail Server to Mail Server communication. They are not necessary for client to server communication. For the clients to connect to the Web sites, you need only modify the DNS records of abc.com to reflect the external IP address of the web server. So you can create an A record of www.abc.com and point it to the external IP address of where the server is being moved. You can't do anything about abc.com without a host name, because that is reserved as the DNS name of the domain itself (This is one of the reasons that Microsoft recommends using non public top level domains like .local for Active directory).
This is only a "side comment" about the TLD thing. There is controversy swirling around that that needs considered.  So this is only for informational purposes.......

There is no consistency at MS for the TLD recommendation.  The SBS people push for "local",..while others do not.  Some are strongly opposed to it,...and others don't care either way.  "Local" is not actually an official reserved name,..many think it is, but it is not.   There is an official list, and it is very short.  


Reserved Top Level DNS Names

TLDs such as "local" have been known to cause problems as far up the food chain as the Root Servers due to the names being allowed to "leak" to the Internet.  Older MAC OS's also could not handle a TLD longer than 3 characters.

The philosophy is actually shifting to using registered names in AD even if you don't actually have the name exposed anywhere publicly.  Then you never have to worry about any name conflicts in FQDNs between internal AD name choices and Public Name choices.
TonygretAuthor Commented:

That makes perfect sense.  The clients are indeed connecting directly to the server which i already named mail.abc.com and I added the local and internet dns A records to point to mail.abc.com for pop and smtp connections.  

For http traffic, the new A record www.abc.com makes sense also.  I will simply redirect internal requests for abc.com to the www.abc.com using IIS redirect.  I think that should solve both probelms.

Thank you!

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now