SMTP Relay internal DNS fail, external DNS success

pdesjardins1
pdesjardins1 used Ask the Experts™
on
Windows 2016 SMTP relay server. When DNS setting on the server are external, 8.8.8.8, mail will sent. When I change them to my internal DNS server 10.0.1.11. Mail does not sent.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
AntzsInfrastructure Services

Commented:
You need to check your DNS forwarders for your internal DNS (10.0.1.11)

Where is it pointing to?  It should be configured to point to your ISP's DNS Servers.

Author

Commented:
Hello.
the forward pointers are:
8.8.8.8
1.1.1.1
8.8.4.4

When I change my SMTP server From 10.0.1.11 To 8.8.8.8 mail will flow.
AntzsInfrastructure Services

Commented:
If it is configured correctly, then can you verify if your internal DNS server can resolve to the internet.  Just make sure nothing is blocking DNS lookup from your internal DNS server.
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

Author

Commented:
ok.
With DNS at 8.8.8.8 I do an nslookup, set type=mx, put in my domain name and it resolves.
With DNS at 10.0.1.11 I do an nslookup, set type=ms, put in my domain name and it has something different.
It replies
Primary name server='the internal dns server's name'
Responsible mail address=hostmaster.domain.local.'
AntzsInfrastructure Services

Commented:
So you get a publicly published domain name when you use 8.8.8.8.

But if you use 10.0.1.11 you will get your internal domain name.   Correct?

Author

Commented:
correct, it looks that way

Author

Commented:
nslookup info
AntzsInfrastructure Services

Commented:
So that is the issue.  You will need to configure a new record in your internal DNS so that it will resolve to the same domain name as the external.
qUntitled.jpg
Before doing that, you need to make sure there are no internal application which are using the internal domain name for any other services.

Author

Commented:
ok. Crazy thing is that this is a replacement SMTP server for one that died. I would have thought the needed DNS settings were already in place.

Author

Commented:
To be clear.
I would go to my internal DNS > Forward Lookup Zone > Mydomain.com
New MX record.
Under Fully Qualified Domain Name of Mail server enter: mydomain.mail.protection.outlook.com

Correct?
MaheshArchitect
Distinguished Expert 2018

Commented:
You must be having O365 custom domain zone on your internal ad server and hence mx lookup is failing though you have forwarders set on dns, dns look at zone and if mx did not find won't work
This is normal
Either create mx record with internal dns zone and point it to O365 mx host or point your smtp server to Google dns to lookup mx on public dns zone
The 1st option is better as adding Google dns as preferred / alternate dns will may break smtp server communication with AD
David FavorFractional CTO
Distinguished Expert 2018

Commented:
You said, "When I change them to my internal DNS server 10.0.1.11" which simply suggests your internal DNS requires some slight fixing.

You'll know you've fixed your DNS correctly when this command succeeds correctly...

nslookup google.com

Open in new window


Tip: Your local DNS looks like it should be caching only, so you'll setup forwarders...

1.1.1.1
8.8.8.8
8.8.4.4

Open in new window

Author

Commented:
I've searched my DNS for any sign of an MX record and cannot find one.
If I were to create one, where would I put the MX record?
AntzsInfrastructure Services

Commented:
I dont think you need a MX in your internal DNS Servers.  You can probably just create a CNAME and point your internal mail server name to the cloud mail server name.
We have it working now.
The solution for us was to add the xxxxxx.mail.protection.outlook.com to the Smart Host entry in the *.com entry under Domains.

Saying it a different way
Under SMTP VM is Domains. In domains, if you have not already, create extensions of address you want to email. ie *.com, *.biz, etc.
In our *.com extension, there is a Smart Host field. populate that field with your MX information.

Thank you everyone for assistance.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial