• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 445
  • Last Modified:

MX Records Problem?

I was told this:

"To avoid further email issues, etc., we need to discuss how they are currently being routed through quite a few different servers. This needs to be simplified".

the person is referring to the Exchange's MX Records. What does that really mean? I looked at the MX records and I don't see any problem. Sending/Receiving email works just fine.  I'm thinking he's trying to sell us hosted MX record services (like barracuda's).

how do I test my MX records for problems? I'm curious as to what this person is referring to.  I'm new to the company so don't have much information.  I'm just wondering if there is a tool out there that will show me the problems that this person is referring to.
0
fstinc
Asked:
fstinc
  • 16
  • 9
  • 4
  • +3
3 Solutions
 
suriyaehnopCommented:
You can do nslookup and telnet and verify that the MX is resolve to the correct host records. I'm with you, the person tryong to sell the MX. If everthing is working just ignore it.

You also verify your MX records at www.centralops.net and http://www.mxtoolbox.com/
0
 
fstincAuthor Commented:
I can perform a nslookup and returns the name servers, but how do i look up the host records?
0
 
footechCommented:
If you want to use nslookup....
nslookup
server 8.8.8.8      <------this is to query Google's public DNS.  If your internal domain name is different from your external, then you don't need this.
set type=all
yourdomain.com

If you need to query specific records, change set type= to whatever (mx, a, ptr, etc.), and then enter the FQDN or IP that you want to query.

However, as suriyaehnop mentioned, MXtoolbox can tell you all this.

In your original question, you mentioned "To avoid further email issues..."  What were these issues?  Are you using a smarthost to send, to receive, both, or none?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
PapertripCommented:
Who said that and in what context?  Sounds like marketing.

Put your domain name into http://mxtoolbox.com which provides several different types of tests.  The default test will resolve your MX records, then you can click on further testing links from there such as blacklists and open relay checks.
0
 
WORKS2011Austin Tech CompanyCommented:
another great tool is intodns, it gives you everything all at once.
0
 
fstincAuthor Commented:
please see results attached. any helpful information and direction on how to fix this would be greatly appreciated. is there a change i need to make on exchange?

i tried pinging the meganameservers.com NS servers but they're not responding.
0
 
WORKS2011Austin Tech CompanyCommented:
there's no attachment
0
 
fstincAuthor Commented:
0
 
fstincAuthor Commented:
sorry.
0
 
WORKS2011Austin Tech CompanyCommented:
FYI your MX record is fine, you're talking about fixing the "Missing nameservers reported by parent" errors, correct?

May happen if there is a mismatch or old IP between the DNS at the registrar and the ones in your DNS.

run dcdiag /test:dns on the server and post the results.
0
 
fstincAuthor Commented:
on the DC? i can't run that command from the EXCH server.
0
 
WORKS2011Austin Tech CompanyCommented:
yes on the DC, what server OS are you running for your DC
0
 
WORKS2011Austin Tech CompanyCommented:
do you have access to the DNS portal where your domain is registered you should check DNS entries here as well.
0
 
fstincAuthor Commented:
here are the results.


C:\Users\Administrator>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = ServerExchDC
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\ServerExchDC
      Starting test: Connectivity
         ......................... ServerExchDC passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\ServerExchDC

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... ServerExchDC passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : ServerExch

   Running enterprise tests on : ServerExch.in
      Starting test: DNS
         ......................... ServerExch.in passed test DNS

C:\Users\Administrator>
0
 
fstincAuthor Commented:
dns info attached.
dns-mgr.pdf
0
 
WORKS2011Austin Tech CompanyCommented:
run this test:  dcdiag /test:dns /f:dnslogfile.txt do a search for logfile.txt and post it, I don't believe you got all the dcdiag test results posted.
0
 
fstincAuthor Commented:
identical results in txt file (not attached)
0
 
WORKS2011Austin Tech CompanyCommented:
you ran this on your exchange server, correct? What about your DC, don't you have DNS installed on that?
0
 
fstincAuthor Commented:
i ran this on the DC. this command will not run on the EXCH
0
 
fstincAuthor Commented:
Performing initial setup:

   Trying to find home server...

   ***Error: serverExc is not a Directory Server.  Must specify

   /s:<Directory Server> or  /n:<Naming Context> or nothing to use the local

   machine.
   ERROR: Could not find home server.
0
 
WORKS2011Austin Tech CompanyCommented:
I didn't think so but usually there's allot more info, sorry had to ask. Give me a second to look something up.

wouldn't hurt to do a ipconfig /flushdns on the server and run the test again.

Do the ip addresses in the portal look correct to you?
0
 
fstincAuthor Commented:
yes. I don't know where it's getting ns1.meganameservers.com from though.

the name servers at ns1.covad.net and nds2.covad.net for the website. the website is hosted at a third party via A record. just FYI.
0
 
WORKS2011Austin Tech CompanyCommented:
did you ever have pop mail, possibly before your exchange mail? Or maybe you popped mail into exchange? Does anything like this sound familiar?
0
 
fstincAuthor Commented:
no
0
 
footechCommented:
The DCDIAG results are normal.  If you included the /v switch there would be a lot more info, but all the tests passed, so I don't think there's much point to it.  The results you're seeing from the test at intodns.com are not related to your internal DNS.

It appears from the report that your nameservers have nameservers and they don't know about each other.  Frankly I don't know what that means, but it would be something that your hosting company has to work out, there's nothing you can do about it.
0
 
PapertripCommented:
It looks like the NS records in your zone file at covad are incorrect, do you control those records?.  If you could provide the domain name in question I can do thorough testing and explain what needs to be done.
0
 
fstincAuthor Commented:
how do i email it to you in private?
0
 
fstincAuthor Commented:
yes, i have access to the DNS zone.  I can change the covad servers.  the domain is registered at godaddy, but the website has a hosting service at megapath (covad), but the website is pointing to another provider for hosting via A name record.
0
 
PapertripCommented:
Checking your domain now...
0
 
PapertripCommented:
Alright so first off in regards to your NS problem, both the covad and megapath nameservers resolve queries for your domain just fine and have the same serial so I'm assuming it's the same zone file.  The problem is that your glue records at the registrar are pointing to covad, but your NS records point to megapath.  An easy solution would be to change the glue records to point to the megapath servers, below are your NS records.  This assumes that when you edit your zone files that you are doing so on the megapath/meganameservers.com nameservers.

;; AUTHORITY SECTION:
yourdomain.com.	86400	IN	NS	ns1.meganameservers.com.
yourdomain.com.	86400	IN	NS	ns2.meganameservers.com.
yourdomain.com.	86400	IN	NS	ns3.meganameservers.com.

Open in new window



In regards to the original "simplified" mail routing question, I don't know what that person is talking about, sounds like he's trying to sell you something.  I did notice however that when telnet'ing to your mail server that the SMTP Banner / HELO is not a resolvable domain.  To clarify it is resolvable since it ends in .in but the domain as a whole does not exist, guessing that is your .in(ternal) name?  Anyways if that is what your sending server is announcing itself as to the Internet then that will definitely cause deliverability problems.  It needs to be internet-resolvable with matching A and PTR records.
0
 
fstincAuthor Commented:
yes, that is the internal name. email is being delivered fine so that's probably not the issue right?
0
 
fstincAuthor Commented:
i put all call to covad to edit the zone file. I only see ns1/ns2.covad.net when I login, so I may not have access to edit meganameservers.com NS servers.
0
 
footechCommented:
Some mail servers will block you when your SMTP Banner isn't a valid FQDN and/or doesn't match with the FQDN that the PTR record for the IP you're sending from resolves to.  For example, if the IP you're sending from is 100.200.300.400, and the PTR record for that IP resolves to mail-out.example.com, then your SMTP Banner should be mail-out.example.com.  And the A record for mail-out.example.com should resolve to 100.200.300.400.  If you're sending and receiving from different addresses, this doesn't have to match up with your MX record (your MX record could be for mail-in.example.com).
0
 
Leon FesterCommented:
we need to discuss how they are currently being routed through quite a few different servers

I don't think that the records state is being questioned...they're talking about quite a few different servers.
In outlook, locate an email that was sent from outside your domain.
Right-click the message and select "Message Options"
Check the number of servers that your message was sent to before it was delivered to the mailbox.

How simplified do they want it without affecting your ability to protect you environment?
If you have 3x servers between you and the senders SMTP server then I'd be happy.

Server1: @ISP doing spam and virus checks and mail distribution, e.g. holding large mails for after hours
Server2: In your DMZ offering your mailbox servers protection from spam/flooding. That way you can block incoming/outgoing mail in the event of spam attack/virus while not affecting your ability to route email internally. Will be used as a smart host for your internal SMTP(Server3)
Server3: your Exchange server which handles internal routing/mail bridghead.

Anything simplier reduces your ability to be agile when things go wrong.
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 16
  • 9
  • 4
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now