Solved

Mail issues with multiple MX records

Posted on 2013-05-28
8
767 Views
Last Modified: 2013-05-28
I have a client who's in-house Exchange server went down this weekend and they did not have any type of service or appliance that would capture and queue the e-mail until it was brought back online (sans the sending servers auto-retry policies).  While I was working on the Exchange server, I setup a second MX record and pointed it to a one of my servers where I installed hMailServer and configured it to mirror the e-mail accounts on their Exchange server.  Here are what the MX records look like:

MX Record 1:  Priority-0  Destination-mail.domain.com

MX Record 2:  Priority-15 Destiantion-mail2.domain.com

Eventually I got the Exchange server online and all e-mail again began flowing properly to it; or so I thought.  I decided to leave my temporary backup e-mail solution in place until I could speak with my client more about the need for a queuing service / appliance or fail-over e-mail server.

This morning I was running a check to make certain my client's Exchange server was still running as expected, which it is.  I then decided to check the backup e-mail server and noticed some e-mail had come in even after I fixed the Exchange server.  I did quick a comparison of a few accounts and sure enough they are receiving e-mails on both the Exchange server and hMailServer.  To be clear, they are not duplicate e-mails being received on both servers.  Rather, several e-mails will go to the Exchange server and then several will go the hMailServer...and so on.  As a result, I have removed the second MX record to force all e-mail to go to the Exchange server.

My question:  Why would e-mail still route via the second MX record if the server pointed to from the first MX record is up and receiving e-mail?  I thought MX Priority 0 was much higher than MX Priority 15?  Can some please help explain why this is happening?

Thank you!
0
Comment
Question by:Yort
  • 4
  • 2
  • 2
8 Comments
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39201150
It might just be down to propagation delays. There is a nice DNS propagation tester here:

http://www.whatsmydns.net/
0
 
LVL 1

Author Comment

by:Yort
ID: 39201163
LeeDerbyshire - thank you for the quick reply.  I am a bit confused by your response.  After I added the second MX record it took about 30 minutes to propagate and for e-mail to start flowing into the backup hMailServer; I never made any changes to the first MX record.  Once the main Exchange server was online, all e-mail, theoretically, should have started flowing to it since its MX record has the highest priority.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 39201189
I'd be surprised if it was propagated worldwide in 30 minutes. These things tend to spread outwards around the world. I've had DNS changes that took over a day to completely propagate. I'm just suggesting that emails sent within a certain timeframe (again, I'd suggest a period of one day since the first change) could be misrouted as the sending servers might pick up the older MX record.

Of course, it could be something else completely. But if it's all working okay now, then I'd suggest this kind of delay as a possible cause for it previously going wrong.
0
 
LVL 1

Author Comment

by:Yort
ID: 39201209
LeeDerbyshire - Unfortunately, all is not working OK.  But I never changed the original MX record, thus, propagation shouldn't be an issue in this matter.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39201352
DNS propagation - that doesn't exist.
No such thing.

There is only one thing that has to propagate worldwide and that is name server changes. If you didn't make a change to the name servers then that shouldn't matter.

The only thing that has to propagate is between the DNS servers of the DNS host that you are using. I would be surprised if that has happened here.

Therefore it is perfectly possible for a DNS change to be fully effective in 30 minutes. It depends on whether the remote side has cached the information or not.
It is that cache that people are referring to when they talk about propagation - where the DNS information is cached either on your own DNS server or another server that you are using upstream. Depending on the cache configuraiton it can take 48 hours before the change is fully effective.
If you know that you are doing a change in advance, turning the TTL time down on the record can help, but not everyone follows that.

To answer the specific question, this is a common misnomer. MX records as far as I am concerned are equal, the cost means nothing. Servers will deliver to all hosts in the MX records. You need to ensure that any "backup" server is either able to cope with the traffic and know what to do with it, or isn't responding at all, therefore forcing the sending party to use the other host. Spammers will actively target higher cost MX record hosts, because they often have less protection because of the misunderstanding aobut MX record behaviour.

Simon.
0
 
LVL 1

Author Comment

by:Yort
ID: 39201449
Sembee2 - thank you for your reply.  What you say makes a lot of sense in that the e-mail being delivered to the backup server is all spam.  What, in your opinion, is the best way to make the server not respond?  The options I see are:  Leave the second MX record in place and stop the backup server mail service, or remove the second MX record and leave the server online.  Thoughts?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39201797
Take out the MX record.
Another option I have used in the past is to use a dynamic DNS service.
While you are live, the dynamic DNS points to the same IP address as the "real" MX record. However if the server or link goes down, then you can switch the MX record to point to the backup service. Due to the nature of dynamic DNS services, that change will be live within a few minutes, without having to wait for cache to update.

Simon.
0
 
LVL 1

Author Closing Comment

by:Yort
ID: 39202211
Simon - Thanks again.  I opted to take the second MX record our and leave the backup server live.  Should the main server fail again, I can quickly add the second MX record.

Appreciate your insight.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now