DNS MX Record look incorrect

  • Thread starter Thread starter Tim Nichols
  • Start date Start date
T

Tim Nichols

I am having an issue with my Exchange 2000 server and I believe it is
related to our DNS configuration. We have a subsidiary in another city that
has a Windows 2000 domain, say companyA.com. This company uses email
addresses with the same domain name.

At our site, our internal DNS server has a secondary forward lookup zone for
companyA.com that is pulled from the primary zone stored on the internal DNS
server at our subsidiary's location. (These zones are transferred through a
VPN LAN-to-LAN tunnel.) When we send email to this location we get a SMTP
5.7.1 error saying we do not have permission to send to this recipient.
Since our Exchange server is resolving names using DNS and not a smart host,
I did an nslookup using type=MX for companyA.com and I got the following
back for the MX record:

Server: internalDNS.parentcompany.com
Address: 10.0.0.1

companyA.com
primary name server = DNSserver.companyA.com
responsible mail addr = admin
serial = 332
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = (1 hour)

Where parentcompany.com is our domain and companyA.com is the subsidiary's
domain. Usually when I look up an MX record it has mail exchanger
information and with an MX preference listed. This entry looks a bit
strange. Do I need to add an MX record to the internal DNS server? I would
think that it would forward this request to our external DNS server to
resolve an MX record that we don't have on our internal DNS server.

Any help would be greatly appreciated.

-Tim Nichols, MCP
 
Tim:

You missed a step in your nslookup process. By using nslookup internally,
your mx record will resolve to the internal IP address of your Exchange
server. This is because, internally, you need to find your Exchange server.

To properly look for an external record, use the following:

nslookup <enter>
server 206.190.71.1 <that's an external DNS server><enter>
set q=mx <enter>
domainname.com <enter>
Returns External Address

The second statement calls for an outside DNS server to be used, which
should return your external IP address. If it does not, you'll need to setup
an external address or contact your ISP had have them do so. Afterwards,
you'll need to repost so we can look at the issue further.

--
David M. Streb, MCSE
Microsoft Certified Partner
Specializing in Exchange
and FrontPage Hosting
http://www.exiis.net
Dave at exiis dot net
 
.....or www.dnsreport.com

Tim:

You missed a step in your nslookup process. By using nslookup
internally, your mx record will resolve to the internal IP address of
your Exchange server. This is because, internally, you need to find
your Exchange server.

To properly look for an external record, use the following:

nslookup <enter>
server 206.190.71.1 <that's an external DNS server><enter>
set q=mx <enter>
domainname.com <enter>
Returns External Address

The second statement calls for an outside DNS server to be used, which
should return your external IP address. If it does not, you'll need
to setup an external address or contact your ISP had have them do so.
Afterwards, you'll need to repost so we can look at the issue further.
Click to expand...
 
I did some more troubleshooting and found that if I removed the secondary
zone (for the subsidiary's domain) from our internal DNS server, that I was
able to get an MX record resolved. I copied this information down and added
MX records that matched these to the internal DNS server at the subsidiary
and set the secondary zone up on our internal DNS server. We tested it and
this has fixed the problem.

This is a temporary fix for us. Before this company became our subsidiary a
consulting company set up their network and named their 2000 domain with the
same name as their E-mail and public domain name. Obviously this is causing
some problems. Eventually we will rename their domain (making it a child
domain in our Forest) and then we will no longer have to host their MX
records.

-Tim Nichols, MCP
 
you should consider a 3rd Party DNS Hosting solution, such as
everydns.net or hn.org

That way you dont haver to expose the systems to the internet.

DR
 
Back
Top