I have a server 2008 R2 that has an interesting response to nslookup.
The local domain name is xxx.ahi.com. There is only one server on the site so it is AD domain controller as well.
The email is hosted by a third party hosting company.
Nslookup for any name returns name.ahi.com e.g. nslookup Microsoft.com returns Microsoft.com.ahi.com with an IP of 220.127.116.11. The response is similar no matter what is entered as a lookup e.g. Sony replaces Microsoft with Sony.
ahi.com at 18.104.22.168 is a legitimate address, it just has no relationship with this server. The system has been running with the local domain name xxx.ahi.com for about 5 years without any issues.
I have cleared the cache in DNS, updated the cache in DNS on the server with the same results. Restarting the server will give the correct response for a couple of minutes after it is rebooted.
The goal is to have email that has moved to a different server be used on the network. The email was moved about 30 hours ago, and nslookup for the mail.xxx.com returns the correct response from a computer not connected to that server. The server has a static IP from it's ISP. All other functions seem fine