• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1881
  • Last Modified:

multiple MX records for a single 2010 exchange server

What is the best way to configure 2 MX records, DNS, on a single exchange 2010 server with two separate internet providers so that when one line out fails I am still able to receive mail on the other line.  Am I able to prioritize the MX records in DNS?
3 Solutions
You can create multiple MX records and set them to different priorities. However the routing part of the two ISPs is probably the trickier part. To do it at the network level you would need policy based routing. However, nite that I think about it, maybe you can create multiple send and receive connectors to use different ips?
Svet PaperovIT ManagerCommented:
Yes, you can set two MX to two different IP addresses. The MX record has a priority field that you need to specifies. The sening server will normaly se the MX with the lower piority value first.
birddogsdAuthor Commented:
So two MX records, one for each ISP and tied to one FQDN and I can set the main providers MX record priority value to the lower value and when that line goes down I can still receive mail from the other?
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

You will need two fqdns, one for each of the ips that you are using.
Create two FQDN's representing the Exchange server's two public IP addresses.
Set two MX records, each pointing to one of the FQDN's.  Priority doesn't matter, unless YOU want most of the traffic coming over 1 ISP vs the other.

Let's call it MAIL1.domain.com and MAIL2.domain.com

mx  10 mail1.domain.com
mx  10 mail2.domain.com

The inbound mail is easy - it's the outbound that will give you grey hair.

In your Exchange config, tell it that the mail server name is "mail1.domain.com" - it will send a "HELO mail1.domain.com"  (it's worth checking your SMTP headers to make sure!).  when all is happy with the primary ISP, it works.  (Don't forget about a PTR record for mail1.domain.com - talk to your ISP about that, otherwise AOL and COMCAST will deny you)

The trickier part is getting the HELO, the forward and reverse DNS right on *both* primary outbound and secondary outbound.  

Make sure your ISP's will set a REVERSE DNS to match your HELO statement.  Even so, some mail servers will complain when they see your outbound packet is coming from the secondary ISP.  If the primary fails, the mail server 'should' sent out the secondary ISP.  

A receiving mail server MIGHT say:  Hmm, I see this source IP address (mail2.domain.com), and a helo of mail1.domain.com.  If I do a reverse DNS lookup on mail1.domain.com, it's not pointing to mail2.domain.com - therefore, this must be spam.

The way I've gotten around that is another Send Connector in Exchange with a higher priority then the first Send Connector, routing to an on-premise SMTP relay (IIS will do fine) that says "HELO mail2.domain.com"

There might be a more elegant way around it... anyone care to comment?
Simon Butler (Sembee)ConsultantCommented:
If you are using two different ISPs but email can go out via either of them, then the only way to ensure that everything works is to use an independant smart host. That isn't an ISP smart host as that will not work if the email comes out from another host.
There are services around that can do that for you, or you can simply use a web server to bounce the email off. That way it doesn't matter how the email gets to the smart host, the smart host is doing the delivery.

birddogsdAuthor Commented:
All excellent and correct answers.  I now have two MX records with rev DNS for each.  Both pass smtp testing.
mx  10 mail.domain.com
mx  20 mail2.domain.com

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now