MX Records Problem?

I was told this:

"To avoid further email issues, etc., we need to discuss how they are currently being routed through quite a few different servers. This needs to be simplified".

the person is referring to the Exchange's MX Records. What does that really mean? I looked at the MX records and I don't see any problem. Sending/Receiving email works just fine.  I'm thinking he's trying to sell us hosted MX record services (like barracuda's).

how do I test my MX records for problems? I'm curious as to what this person is referring to.  I'm new to the company so don't have much information.  I'm just wondering if there is a tool out there that will show me the problems that this person is referring to.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You can do nslookup and telnet and verify that the MX is resolve to the correct host records. I'm with you, the person tryong to sell the MX. If everthing is working just ignore it.

You also verify your MX records at and
fstincAuthor Commented:
I can perform a nslookup and returns the name servers, but how do i look up the host records?
If you want to use nslookup....
server      <------this is to query Google's public DNS.  If your internal domain name is different from your external, then you don't need this.
set type=all

If you need to query specific records, change set type= to whatever (mx, a, ptr, etc.), and then enter the FQDN or IP that you want to query.

However, as suriyaehnop mentioned, MXtoolbox can tell you all this.

In your original question, you mentioned "To avoid further email issues..."  What were these issues?  Are you using a smarthost to send, to receive, both, or none?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Who said that and in what context?  Sounds like marketing.

Put your domain name into which provides several different types of tests.  The default test will resolve your MX records, then you can click on further testing links from there such as blacklists and open relay checks.
WORKS2011Managed IT, Cyber Security, BackupCommented:
another great tool is intodns, it gives you everything all at once.
fstincAuthor Commented:
please see results attached. any helpful information and direction on how to fix this would be greatly appreciated. is there a change i need to make on exchange?

i tried pinging the NS servers but they're not responding.
WORKS2011Managed IT, Cyber Security, BackupCommented:
there's no attachment
fstincAuthor Commented:
fstincAuthor Commented:
WORKS2011Managed IT, Cyber Security, BackupCommented:
FYI your MX record is fine, you're talking about fixing the "Missing nameservers reported by parent" errors, correct?

May happen if there is a mismatch or old IP between the DNS at the registrar and the ones in your DNS.

run dcdiag /test:dns on the server and post the results.
fstincAuthor Commented:
on the DC? i can't run that command from the EXCH server.
WORKS2011Managed IT, Cyber Security, BackupCommented:
yes on the DC, what server OS are you running for your DC
WORKS2011Managed IT, Cyber Security, BackupCommented:
do you have access to the DNS portal where your domain is registered you should check DNS entries here as well.
fstincAuthor Commented:
here are the results.

C:\Users\Administrator>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = ServerExchDC
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ServerExchDC
      Starting test: Connectivity
         ......................... ServerExchDC passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ServerExchDC

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... ServerExchDC passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : ServerExch

   Running enterprise tests on :
      Starting test: DNS
         ......................... passed test DNS

fstincAuthor Commented:
dns info attached.
WORKS2011Managed IT, Cyber Security, BackupCommented:
run this test:  dcdiag /test:dns /f:dnslogfile.txt do a search for logfile.txt and post it, I don't believe you got all the dcdiag test results posted.
fstincAuthor Commented:
identical results in txt file (not attached)
WORKS2011Managed IT, Cyber Security, BackupCommented:
you ran this on your exchange server, correct? What about your DC, don't you have DNS installed on that?
fstincAuthor Commented:
i ran this on the DC. this command will not run on the EXCH
fstincAuthor Commented:
Performing initial setup:

   Trying to find home server...

   ***Error: serverExc is not a Directory Server.  Must specify

   /s:<Directory Server> or  /n:<Naming Context> or nothing to use the local

   ERROR: Could not find home server.
WORKS2011Managed IT, Cyber Security, BackupCommented:
I didn't think so but usually there's allot more info, sorry had to ask. Give me a second to look something up.

wouldn't hurt to do a ipconfig /flushdns on the server and run the test again.

Do the ip addresses in the portal look correct to you?
fstincAuthor Commented:
yes. I don't know where it's getting from though.

the name servers at and for the website. the website is hosted at a third party via A record. just FYI.
WORKS2011Managed IT, Cyber Security, BackupCommented:
did you ever have pop mail, possibly before your exchange mail? Or maybe you popped mail into exchange? Does anything like this sound familiar?
fstincAuthor Commented:
The DCDIAG results are normal.  If you included the /v switch there would be a lot more info, but all the tests passed, so I don't think there's much point to it.  The results you're seeing from the test at are not related to your internal DNS.

It appears from the report that your nameservers have nameservers and they don't know about each other.  Frankly I don't know what that means, but it would be something that your hosting company has to work out, there's nothing you can do about it.
It looks like the NS records in your zone file at covad are incorrect, do you control those records?.  If you could provide the domain name in question I can do thorough testing and explain what needs to be done.
fstincAuthor Commented:
how do i email it to you in private?
fstincAuthor Commented:
yes, i have access to the DNS zone.  I can change the covad servers.  the domain is registered at godaddy, but the website has a hosting service at megapath (covad), but the website is pointing to another provider for hosting via A name record.
Checking your domain now...
Alright so first off in regards to your NS problem, both the covad and megapath nameservers resolve queries for your domain just fine and have the same serial so I'm assuming it's the same zone file.  The problem is that your glue records at the registrar are pointing to covad, but your NS records point to megapath.  An easy solution would be to change the glue records to point to the megapath servers, below are your NS records.  This assumes that when you edit your zone files that you are doing so on the megapath/ nameservers.

;; AUTHORITY SECTION:	86400	IN	NS	86400	IN	NS	86400	IN	NS

Open in new window

In regards to the original "simplified" mail routing question, I don't know what that person is talking about, sounds like he's trying to sell you something.  I did notice however that when telnet'ing to your mail server that the SMTP Banner / HELO is not a resolvable domain.  To clarify it is resolvable since it ends in .in but the domain as a whole does not exist, guessing that is your .in(ternal) name?  Anyways if that is what your sending server is announcing itself as to the Internet then that will definitely cause deliverability problems.  It needs to be internet-resolvable with matching A and PTR records.
fstincAuthor Commented:
yes, that is the internal name. email is being delivered fine so that's probably not the issue right?
fstincAuthor Commented:
i put all call to covad to edit the zone file. I only see ns1/ when I login, so I may not have access to edit NS servers.
Some mail servers will block you when your SMTP Banner isn't a valid FQDN and/or doesn't match with the FQDN that the PTR record for the IP you're sending from resolves to.  For example, if the IP you're sending from is 100.200.300.400, and the PTR record for that IP resolves to, then your SMTP Banner should be  And the A record for should resolve to 100.200.300.400.  If you're sending and receiving from different addresses, this doesn't have to match up with your MX record (your MX record could be for
Leon FesterSenior Solutions ArchitectCommented:
we need to discuss how they are currently being routed through quite a few different servers

I don't think that the records state is being questioned...they're talking about quite a few different servers.
In outlook, locate an email that was sent from outside your domain.
Right-click the message and select "Message Options"
Check the number of servers that your message was sent to before it was delivered to the mailbox.

How simplified do they want it without affecting your ability to protect you environment?
If you have 3x servers between you and the senders SMTP server then I'd be happy.

Server1: @ISP doing spam and virus checks and mail distribution, e.g. holding large mails for after hours
Server2: In your DMZ offering your mailbox servers protection from spam/flooding. That way you can block incoming/outgoing mail in the event of spam attack/virus while not affecting your ability to route email internally. Will be used as a smart host for your internal SMTP(Server3)
Server3: your Exchange server which handles internal routing/mail bridghead.

Anything simplier reduces your ability to be agile when things go wrong.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.