ishamsi
asked on
Public DNS record for Exchange 2013 server
Hi,
I hope someone can help. With a bit of investigation, I'm sure I could source the answer to this but am in need of a quick fix hence posting this question.
I use an Exchange 2013 server purely for relaying mail from applications and services. Mails to one domain are failing with the error:
450 4.7.1 <server.domain.net>: Helo command rejected: Host not found
I have been told by the recipients that this is happening because the FQDN of our server does not resolve to a public IP address. So, my first question is, what type of record needs to be created for this? An A record I presume? We have public IP's available.
Secondly, when I have requested this record to be created I have been asked what inbound ports need to be allowed. Is there a simple list of these? I would presume: 25,443,80,465,993. Any others?
Thanks, and sorry for the slightly dumb questions.
I hope someone can help. With a bit of investigation, I'm sure I could source the answer to this but am in need of a quick fix hence posting this question.
I use an Exchange 2013 server purely for relaying mail from applications and services. Mails to one domain are failing with the error:
450 4.7.1 <server.domain.net>: Helo command rejected: Host not found
I have been told by the recipients that this is happening because the FQDN of our server does not resolve to a public IP address. So, my first question is, what type of record needs to be created for this? An A record I presume? We have public IP's available.
Secondly, when I have requested this record to be created I have been asked what inbound ports need to be allowed. Is there a simple list of these? I would presume: 25,443,80,465,993. Any others?
Thanks, and sorry for the slightly dumb questions.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the comments everyone. For me, it was fairly simple. I got the firewall guy to map the internal IP of the server to one of our public IPs. He opened inbound ports 25, 443, 80, 465. After this I could telnet to the server from outside our network, using it's IP address. One thing to note was that, the IP he address he mapped it to was different to that which was previously added as a PTR record with our ISP. So I contacted the ISP and got them to change that. I then put an A record in our public DNS that resolves the (new) public IP to the FQDN of the server.
I think one of the things that threw me is that domain suffix of our internal domain is different to our public facing domain and as such, I had never had to create public DNS records for it.
Thanks for the help everyone.
I think one of the things that threw me is that domain suffix of our internal domain is different to our public facing domain and as such, I had never had to create public DNS records for it.
Thanks for the help everyone.
Open in new window
I have also read that if you are in a single Exchange environment, you will want to disable 'Exchange Server Authentication' on the 'Default Frontend EX2K13ServerName' connector.
That too can be accomplished with the same commandlet, e.g. -
Open in new window
Changing FQDN on EHLO for External:
https://social.technet.microsoft.com/Forums/exchange/en-US/f2b928a0-873c-4ec9-b5ee-6cd544ff2828/fqdn-on-ehlo-for-external?forum=exchangesvrsecuremessaging
Setting up Authenticated SMTP relaying in Exchange 2013:
http://geekswithblogs.net/ksellenrode/archive/2014/05/03/156170.aspx
-saige-