Solved

MX Records / DNS Settings for new Exchange Server on SBS 2011

Posted on 2012-03-31
13
2,634 Views
Last Modified: 2012-03-31
We have recently installed a new Windows SBS 2011 Server and have configured all the Exchange Mail Boxes in conjunction with the users setup. The mail is collected from my POP3/SMTP mail hosting company using the POP3 Connector.

I no longer want to use the POP3 connector, and need to know what settings I need to change in the DNS control panel 9to deliver mail directly to my Exchange Server (SBS 2011).

Currently the following records are set:-
A Record
mail.{domainname} --> IP Address of ISP POP3 server 

MX Records
@{domainname}     --> mail.{domainname}   --> Priority = 10
@*.{domainname}   --> mail.{domainname}   --> Priority = 10

Open in new window

I have a static WAN IP address assigned to my SBS 2011 Server.

Questions...

1.

Do I need to change the A record for mail.{domainname} to point to my static WAN IP address?

3.

Do I need to change the priorities for the MX records (or add new MX records)?

3.

What do I need to add in order to setup Reverse DNS records for the exchange mail server?

4.

Are there any other suggestions for 'best practice' in this typical SBS 2011 / Exchange setup?Looking forward to some positive responses :)
0
Comment
Question by:Team1_Coder
13 Comments
 
LVL 8

Expert Comment

by:Elmar-H
ID: 37790236
Hello,
You must change the A Record to your IP of Exchange Server. The reverse DNS (PTR) also. thats all.
0
 
LVL 10

Accepted Solution

by:
CSIPComputing earned 500 total points
ID: 37790564
Don't change the current records.

You should have an "A" record for "remote.domainname.com" pointing to your static IP Address.  This lets your users use the Remote Web Workplace, Outlook Web Access etc.  If you've not got one set it up now.

ADD an new MX record, with a priority lower than the existing ones, but in the same format.  I suggest priority 5.

A Record
mail.{domainname} --> IP Address of ISP POP3 server
remote.{domainname}--> Static WAN Address

MX Records
@{domainname}     --> remote.{domainname}   --> Priority = 5
@*.{domainname}   --> remote.{domainname}   --> Priority = 5
@{domainname}     --> mail.{domainname}   --> Priority = 10
@*.{domainname}   --> mail.{domainname}   --> Priority = 10

Ask your ISP to add a reverse DNS entry (PTR) for "remote.{domainname}" for your Static WAN Address. (You can't do this, you don't OWN the IP address, your ISP does!)

You can continue to collect your POP3 mail whilst these changes propagate around the world, then mail will start flowing using SMTP directly to your server (assuming you've allowed the SBS wizards to open port 25, or you've manually opened port 25 on your router)

If you maintain the POP3 accounts, in the event of your server being off line, the priority 10 MX records will be used to accept mail again (because the priority 5 server is offline) until your server is back with the living, then you can retrieve the POP3 mail that was accepted on your behalf whilst you were down, and guarantee not losing anything.  Naturally when your server is back on line, the priority 5 MX records will again take precedence.

Hope that helps!
0
 

Author Comment

by:Team1_Coder
ID: 37790574
The reverse DNS (PTR) also]
I don't see this in my DNS control panel, unless it is a text record?

The following text record is set:-
v=spf1 a mx a:mailforwards.extendcp.co.uk ~all

Open in new window

This TXT record gives .{domainname} the value v=spf1 a mx a:mailforwards.extendcp.co.uk ~all

Do I change this when moving to Exchange?
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 10

Expert Comment

by:CSIPComputing
ID: 37790592
You can't change your reverse DNS pointer, you don't have control over it.  It's from a pool of IPs from your ISP.  You have to ask them to change it.

Regarding SPF, this relates to sending email FROM your domain, and shouldn't change just because you're changing how you RECIEVE email.

However, if in doubt, check the Microsoft SPF Records Wizard, which will guide you as to what *it* thinks is the correct entries for your domain

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
0
 

Author Comment

by:Team1_Coder
ID: 37790598
CSIPComputing

Thanks for your detailed response to my questions.  I already have A records set for remote.{domainname} and the local firewall has ports open for 25, 587 and 110 which are NAT to the SBS 2011.

With regards the Reverse DNS, does this mean that in fact the mail that is being delivered currently will not actually have matching RDNS?  I sent an email from one of the exchange accounts, and checked the header information on receipt - it showed it received from remote.{domainname}

With regards the MX records - your suggestion is excellent (adding records rather than changing A records)  This being the case, am I safe to leave the POP3 Connector in place - to collect any mail that lands in the POP3 mail boxes?  Or is there a chance that mail could be delivered twice - to the exchange server and to the POP account?

Thanks again, and look forward to your response.
0
 
LVL 10

Expert Comment

by:CSIPComputing
ID: 37790611
Good.  I'm glad you already have a "remote" A record.  It's just it was missing from your original post!

Have you done a reverse DNS lookup on your Static WAN Address?  Does it already have one?

Your email headers will show that the email was recieved from "remote.{domainname}", however this is not the same as a reverse DNS lookup.

How are you delivering mail?  Are you using a smart-host?  If so, you don't need to worry about Reverse DNS, as all mail will go to the smart host from your system, and from there will be delivered to the recipient.  The Smarthost IP Address is therefore the one that needs the Reverse DNS entry (it will have, ISPs have this sorted) and therefore you don't need to worry.   If you are NOT delivering via smart host (you're delivering directly), then you need to check your reverse DNS PTR, and ensure there's SOMETHING there (Mail servers tend to hate finding NO reverse DNS at all).  If possible get it updated for your Static WAN address.

Yes you can continue to collect your POP3 mail.  Mail will only get there if your own mail server is not able to accept messages, therefore you should not get any duplicates :-)

Enjoy
0
 
LVL 7

Expert Comment

by:abdulalikhan
ID: 37790627
You can leave your POP3 settings as it is for backup purpose.
0
 

Author Comment

by:Team1_Coder
ID: 37790645
Hello CSIPComputing,

Thanks again for your response.

I am not using SmartHosts - do you advise implementing this?  I have established the MX Records as per your suggestion, and have also run through the MS SPF utility (thanks for sending the link).

Have also checked the RDNS records - it would appear that there are records set for this IP - but I will request that they are updated to the remote.{domainname} shortly.

I don't really understand the existing SPF record - but guess that doesn't matter for the moment!  I have added a new SPF record based on the results of the MS SPF utility - should I remove the existing record?  This is the new SPF record:-
v=spf1 a mx a:mailforwards.extendcp.co.uk ip4:79.170.xxx.138 ip4:92.27.xxx.47 a:remote.{domainname} mx:remote.{domainname} ~all

Open in new window


Thanks again for your help - is there any way to send a private message in EE?
0
 
LVL 10

Expert Comment

by:CSIPComputing
ID: 37790649
Great.  Don't have 2 spf records.  But make a note of the one you're going to delete, because if you start getting rejections based on your current spf, you can revert to the original one (which works!)

If you are happy to deliver email directly to recipients, then keep it as it is.  I don't use smart hosts, and don't have a single client that does!

Not sure about private messages, I've never looked!
0
 

Author Closing Comment

by:Team1_Coder
ID: 37790652
Excellent response - detailed and accurate information that was presented intelligently and worked in real life!
0
 
LVL 10

Expert Comment

by:CSIPComputing
ID: 37790653
Happy to help.

Thanks for the kind words :-)
0
 

Author Comment

by:Team1_Coder
ID: 37790690
CSIPComputing,

Do you offer support for SBS systems on a commercial basis?  Would be glad to hear from you if so... (does this number identify you 036225?)

Many thanks for your help on this topic once again.
0
 
LVL 10

Expert Comment

by:CSIPComputing
ID: 37791069
Yes and yes, SBS is my core business. Good detective work :-) Drop me an email.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question