DNS config flow for Exchange ?

dee30 used Ask the Experts™
I need to go confirm the config steps for DNS... for exchange.

exchange2010 part of one domain trust and forest, set to also accept mail from other domain.

1. Exchange server pub IP12.205.200.1
primarydomain.com hosting company cpanl DNS manager A record for mail.primarydomain.com.
svracceptdomaintoo.com same hosting company diff cpanl DNS manager A record

1a. Our internal DNS svr for primarydomain.com has A record for

2. MX records for both(via same hosting co but separate/their own cpanl access) set to point to External filtering company that has our public for mail.primarydomain.com and MX records to use. Priority 10 and 20.

3. SPF under cpanl of @primarydomain.com DNS mgr is setup like "v=spf1 +a +mx include:primarydomain.com ip4: ptr:primarydomain.com -all"

Exchange 2010 SMTP connector FQN matches A record - mail.primarydomain.com

Not sure if something is missing, all is right if reverse DNS entry(ptr record) needed somewhere?  

Thank you
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2014

Internally you don't need additional DNS records, just the one that matches your trusted SSL certificate, then configure Exchange to use the external host name internally via split DNS.


Externally you need a common name for the SSL certificate.
MX records for each domain can use that same common name.

You also need to cover Autodiscover. Two main methods to deal with that.
a. Autodiscover.example.com A records, which also need to be on the trusted SSL certificate.
b. SRV records. http://semb.ee/srv



Refresh memory... soa record for domain is set at hosting company correct?  Seeing domain with four ns records and two seem(IS) wrong. Domain name of two (ns1.company.com and ns2.companyCom) is close to company name but actually another unrelated org out in the world.  Trying to figure out how two wrong pointers got there.?
Most Valuable Expert 2014
The name servers are set by the domain name registrar, which may or may not be the hosting company (I have my domains separate from the hosting provider). Therefore you have to look there to see what they are. Certainly if they are wrong or unexpected that could mean that inconsistent results are being returned.



Thank you for you feedback.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial