DNS query fails

Messages to a single domain fail with 451 4.4.0 dns query failed on my  exchange 2013 server.  If I do an nslookup on the domain from my internal DNS, I get a request timed out.   If I change the dns server to an external dns it resolves ok.  I don't have any issues with any other domains.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yo_beeDirector of Information TechnologyCommented:
What is the public DNS address that you pointed to?  
Have you checked your internal DNS Forwarder is setup to point to a public address?
NytroZAuthor Commented:
I used
The internal dns is pointing to an external dns server.  We are in the proccess of moving to a solution called Mimecast but until that is finalized I continue to come across these odd issues on occasion.
yo_beeDirector of Information TechnologyCommented:
We use mimecast for the last 4 years. It is a great product.
Webinar: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. Join us in our upcoming webinar as we discuss how to best defend against these attacks!

Zacharia KurianAdministrator- Data Center & NetworkCommented:
In your Domain's DNS, have you set up DNS forwarders? Usually it should point to your ISP's DNS. Also make sure that DNS port (only) are opened to your Domains  in your Firewall.

Check the rules in your Fire wall that DNS port  is opened for your exchange server too.

nashim khanExchange AdministratorCommented:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Md. MojahidCommented:
1.Please ensure that you can resolve these domains mx records.

2.Please try to use the external dns in network properties of send connector.
NytroZAuthor Commented:
If I use an external dns on the send connector it will send out.  does this mean my internal dns server is the issue?
NytroZAuthor Commented:
I have 2 internal DNS servers, DC1 and DC2.  Only DC1 is able to resolve names.  What can be the issue with DC2?
Jeff GloverSr. Systems AdministratorCommented:
Are they AD integrated DNS servers or Standard Primary and Secondary? Do you have Forwarders setup? Do they both have Root Hints?
Zacharia KurianAdministrator- Data Center & NetworkCommented:
Make sure your DNS are ad integrated. Also make sure you have added DNS forwarders in your DC2.

NytroZAuthor Commented:
DC2 has DC1 as its forwarder, DC1 has no forwarders set up and both are AD integrated.
Jeff GloverSr. Systems AdministratorCommented:
IF both are AD integrated, you probably do not need to have one forward to the other. But if you do, make sure the checkmark for "Use Root Hints if no Forwarders are available" is unchecked. Not sure if you are using 2008 but with 2008, the function of that checkmark is reversed.
 ALso, try setting an external server like or as the forwarder and see if it works.
  Lastly, make sure there is no root (.) listed in your DNS. Have not seen that for a while but it used to be an issue if you didn't setup DNS before doing a DCPromo.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.