MX records, local Mail Server and web being Moved

Posted on 2011-05-11
Last Modified: 2012-05-11
I have a mail server located in the physical building of the domain and want to move it off site.  By that I mean I have a mail server and a domain that also manages DNS (active directory). I do not have any MX records set up in my domain because when email is sent from any user it goes directly to the in house/ on site mail server.  

I am moving the mail server off site for various reasons. My question is, when we make the change to the off site server, how do I make the MX record point outside the domain?   Is it as simple as creating an MX record in DNS and pointing to the new IP?

I also want to make the http: web traffic for go to the new server as well. I am not sure how to do this since all PCs in the domain point to for DNS and Active Directory.

Thank you in advance for your help!!!
Question by:Tonygret
    LVL 37

    Accepted Solution

    You shouldn't need to configure any MX records for you mail, even if you take it off-site. When the server goes outside the internal LAN, clients will still be connecting to it directly to download and send mail, and therefore email communication will still go through the mail server. MX records are used only for Mail Server to Mail Server communication. They are not necessary for client to server communication. For the clients to connect to the Web sites, you need only modify the DNS records of to reflect the external IP address of the web server. So you can create an A record of and point it to the external IP address of where the server is being moved. You can't do anything about without a host name, because that is reserved as the DNS name of the domain itself (This is one of the reasons that Microsoft recommends using non public top level domains like .local for Active directory).
    LVL 29

    Expert Comment

    This is only a "side comment" about the TLD thing. There is controversy swirling around that that needs considered.  So this is only for informational purposes.......

    There is no consistency at MS for the TLD recommendation.  The SBS people push for "local",..while others do not.  Some are strongly opposed to it,...and others don't care either way.  "Local" is not actually an official reserved name,..many think it is, but it is not.   There is an official list, and it is very short.  


    Reserved Top Level DNS Names

    TLDs such as "local" have been known to cause problems as far up the food chain as the Root Servers due to the names being allowed to "leak" to the Internet.  Older MAC OS's also could not handle a TLD longer than 3 characters.

    The philosophy is actually shifting to using registered names in AD even if you don't actually have the name exposed anywhere publicly.  Then you never have to worry about any name conflicts in FQDNs between internal AD name choices and Public Name choices.

    Author Closing Comment


    That makes perfect sense.  The clients are indeed connecting directly to the server which i already named and I added the local and internet dns A records to point to for pop and smtp connections.  

    For http traffic, the new A record makes sense also.  I will simply redirect internal requests for to the using IIS redirect.  I think that should solve both probelms.

    Thank you!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now