SMTP Relay internal DNS fail, external DNS success

Windows 2016 SMTP relay server. When DNS setting on the server are external, 8.8.8.8, mail will sent. When I change them to my internal DNS server 10.0.1.11. Mail does not sent.
pdesjardins1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AntzsInfrastructure ServicesCommented:
You need to check your DNS forwarders for your internal DNS (10.0.1.11)

Where is it pointing to?  It should be configured to point to your ISP's DNS Servers.
pdesjardins1Author Commented:
Hello.
the forward pointers are:
8.8.8.8
1.1.1.1
8.8.4.4

When I change my SMTP server From 10.0.1.11 To 8.8.8.8 mail will flow.
AntzsInfrastructure ServicesCommented:
If it is configured correctly, then can you verify if your internal DNS server can resolve to the internet.  Just make sure nothing is blocking DNS lookup from your internal DNS server.
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

pdesjardins1Author Commented:
ok.
With DNS at 8.8.8.8 I do an nslookup, set type=mx, put in my domain name and it resolves.
With DNS at 10.0.1.11 I do an nslookup, set type=ms, put in my domain name and it has something different.
It replies
Primary name server='the internal dns server's name'
Responsible mail address=hostmaster.domain.local.'
AntzsInfrastructure ServicesCommented:
So you get a publicly published domain name when you use 8.8.8.8.

But if you use 10.0.1.11 you will get your internal domain name.   Correct?
pdesjardins1Author Commented:
correct, it looks that way
pdesjardins1Author Commented:
nslookup info
AntzsInfrastructure ServicesCommented:
So that is the issue.  You will need to configure a new record in your internal DNS so that it will resolve to the same domain name as the external.
qUntitled.jpg
Before doing that, you need to make sure there are no internal application which are using the internal domain name for any other services.
pdesjardins1Author Commented:
ok. Crazy thing is that this is a replacement SMTP server for one that died. I would have thought the needed DNS settings were already in place.
pdesjardins1Author Commented:
To be clear.
I would go to my internal DNS > Forward Lookup Zone > Mydomain.com
New MX record.
Under Fully Qualified Domain Name of Mail server enter: mydomain.mail.protection.outlook.com

Correct?
MaheshArchitectCommented:
You must be having O365 custom domain zone on your internal ad server and hence mx lookup is failing though you have forwarders set on dns, dns look at zone and if mx did not find won't work
This is normal
Either create mx record with internal dns zone and point it to O365 mx host or point your smtp server to Google dns to lookup mx on public dns zone
The 1st option is better as adding Google dns as preferred / alternate dns will may break smtp server communication with AD
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
You said, "When I change them to my internal DNS server 10.0.1.11" which simply suggests your internal DNS requires some slight fixing.

You'll know you've fixed your DNS correctly when this command succeeds correctly...

nslookup google.com

Open in new window


Tip: Your local DNS looks like it should be caching only, so you'll setup forwarders...

1.1.1.1
8.8.8.8
8.8.4.4

Open in new window

pdesjardins1Author Commented:
I've searched my DNS for any sign of an MX record and cannot find one.
If I were to create one, where would I put the MX record?
AntzsInfrastructure ServicesCommented:
I dont think you need a MX in your internal DNS Servers.  You can probably just create a CNAME and point your internal mail server name to the cloud mail server name.
pdesjardins1Author Commented:
We have it working now.
The solution for us was to add the xxxxxx.mail.protection.outlook.com to the Smart Host entry in the *.com entry under Domains.

Saying it a different way
Under SMTP VM is Domains. In domains, if you have not already, create extensions of address you want to email. ie *.com, *.biz, etc.
In our *.com extension, there is a Smart Host field. populate that field with your MX information.

Thank you everyone for assistance.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.