Help with MX record SBS 2003

[dean29000]

Hi All,

I have a client that was using a broadband connection with a dynamic IP. They are running SBS 2003. I used a program called pop-beamer which would retrieve pop email every one minute. However, they are now set with a static ip via Time-Warner and I called tech support and had them put an PTR record to point to email.clientname.com.

Can anyone give me a link to step by step directions on how to make them their primary mx and how to setup a backup MX.

Any help is greatly appreciated!

Thanks,
Dean

 

[blakey2]

Hi Dean,

Get the DNS host (Time Warner in this case) to create an 'A Name' record. Typically I use 'mail' and point this record to your client's static IP address. (You can use 'email' -- email.clientname.com if you like)

Then get the DNS provider to create a 'mx' record and point this to the 'A name' record you just created.

The mx record has a priority which is just a number between 1 and 100. From memory the lower the number the higher the priority (could be the other way around though)

Thus you can create an mx record with a priority of 10 which points to email.clientname.com and a second mx record with a priority of 50 which points to externalemailhost.externalorg.com

hope this helps a bit.

Cheers.

 

[dean29000]

I guess I am confused.

I thought I only needed the PTR record pointing to the email.clienthost.com

Dean

 

[dean29000]

I called Time-Warner and I am in good shape. I have the A-Record (Also the PTR) set to email.clientdomain.com.

The web is still hosted on a third party site and will remain that way.

I can change cpanel to point the mx record to email.clientdomain.com.

The only part I am not clear on is the changes I need to make on the server for it retrieve and send the email through the newly created email.clientname.com record.

Thanks,
Dean

 

[blakey2]

Hi Dean2900,

First thing you need to do is open Exchange System Manager (ESM)
Click on the 'Recipients' folder.
Select the 'Default recipient policy' and update its properties with the email domain you are hosting ie. on the 'Email Address Policy' Tab add a SMTP address along the lines of '@mycompany.com.au' (but specifying your email domain). NB If you host multiple email domains add them now.

You also should have a firewall (or some device) which will be performing NAT or PortForwarding (Unless your mailserver has a public static IP). Ensure that you forward all inbound port 25 traffic to the internal IP address of the (mail) server.

At a very basic level you should now have configured exchange to accept email for your domain.

Many other settings which may need to be tweaked, dependant on your DNS/firewall settings which you may need to setup to send email however you should be able to receive email fine.

I should mention that this is how standard exchange works. There may be some specific wizards or web based frontends that are supplied with SBS which someone can point you in the direction of. If there are it is probably best that you use these. - I have little experience with SBS -

Cheers

 

[dean29000]

blaely,

Thank you for your replies. Yes there are SBS wizards but I spent 20 years in corporate IT for some of the largest companies in the US. I used to be the Banyan Guru, then the Netware/NDS Guru, then the Server 2000 Guru. I am know the Server 2003 except for it comes to the mx records as this is a part I always had a team member do for me as I was always the lead and on the consulting side although I managed to stay hands on.

I started my company five years ago to escape the corporate environment of being over 1200 servers in 100 + countries as the PM for every server and working 90 + hours a week on occasion while getting paid for 40 hours.

Anyways, sorry for the extra info but I do appreciate your help. I think I have it straight in my mind now.

Dean

 

[dean29000]

Sorry I meant to call you Blakely. Bare with me, I just got out of the hospital a week ago and am supposed to not be working for three weeks but I cant lose clients and I only have 10-99s for desktop support and occasional Citrix Guru as needed.

Dean

PS; I am glad I found this site. This is a great site!

 

[TechSoEasyMVP]

dean29000,

With Small Business Server you should ONLY use the wizards to configure the server. This is because there are many interdependent systems running on SBS and manual configuration will ultimately break the server.

Email is configured with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > To-Do List)

A visual how-to is here:

http://sbsurl.com/ceicw

and a full networking overview for SBS is at

http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.
Be sure to check those out as well.

The rest of the items on the To-Do list must also be run in order to have the server properly configured.

Take a look at

http://sbsurl.com/itpro

for an overview of why you should not treat an SBS like any stand-alone Windows Server 2003.


Jeffrey B. Kane
TechSoEasy

http://www.techsoeasy.com

Blog:

http://techsoeasy.spaces.live.com

 

[dean29000]

I am quite familiar with the wizards in SBS and I do not ways around many of the wizards.

However, wizard way or not, I am still uncertain on what I need to change in the SBS 2003 server in order for it to retrieve the email now that I have PTR records setup by the host.

Thanks,
Dean

 

[TechSoEasyMVP]

Okay... I think where you're still missing the boat here is that the PTR record does not direct the mail. The MX record does. That's the important one.

You say that you contacted Time-Warner to change this. If they are the Internet Access Provider then they would be responsible for the PTR record because that is tied to the IP address. HOWEVER, the MX record and it's associated HOST A record are tied to your DOMAIN NAME and that is usually handled by the Domain Registrar. ie, NetworkSolutions or GoDaddy, etc. This may not be Time-Warner unless you registered the domain through them.

An MX record cannot point directly to an IP address, so you would need to add both the MX record as well as a HOST A record that then points email.clientname.com to the SBS's external IP address.

Once that's done, you still need to rerun the CEICW so that Exchange is properly configured to accept direct email connections.



Jeffrey B. Kane
TechSoEasy

http://www.techsoeasy.com

Blog:

http://techsoeasy.spaces.live.com

 

[dean29000]

Techsoeasy,

Yes I point the mx record which is held by my webhosting. I use cpanel and point the mx record to the PTR which would be email.clientdomain.com in this case.

I understand that I have rerun the CEICW but my question is how to configure CEICW for exchange to pull and send email through the MX of email.clientdomain.com

Thanks,
Dean

 

[TechSoEasyMVP]

No, you need to also have an A record in the same DNS Zone file as your MX that points email.clientdomain.com to the IP Address.

The PTR record is unrelated to all of this.

Go to

http://www.mxtoolbox.com

and see what result you get for testing your domain name.



Jeffrey B. Kane
TechSoEasy

http://www.techsoeasy.com

Blog:

http://techsoeasy.spaces.live.com

 

[dean29000]

Time-Warner says they make both a PTR and A Record. The MX is controlled from my webhost.

 

[TechSoEasyMVP]

It doesn't matter what Time-Warner says... you still need the A record at your webhost if that's where your domain's DNS Zone file resides. Because if you point an MX record from there to email.clientname.com it won't resolve because Time-Warner's name servers are not authoritative for the domain of clientname.com and thus their A record is not recognized by global name servers.





Jeffrey B. Kane
TechSoEasy

http://www.techsoeasy.com

Blog:

http://techsoeasy.spaces.live.com

 

[dean29000]

SO you are saying I need to create an A record on the SBS server?

If so, can you point me to docs on how to create the A record on sbs 2003?

Thanks,
Dean

 

[TechSoEasyMVP]

No, I'm not saying that at all. Your DOMAIN DNS Zone file is located either at the domain registrar or the web hosting provider.

If you do a whois lookup for the domain it will show the authoritative Name Servers. These are the ones which indicate where this public domain DNS Zone file is.



Jeffrey B. Kane
TechSoEasy

http://www.techsoeasy.com

Blog:

http://techsoeasy.spaces.live.com

 

[SkreeM]

I think the point we are missing is that as long as you configue exchange to use SMTP for internt mail it will recieve mail once the mx record is set up as long as port 25 is forwarded to sbs server

 

[blakey2]

Hi Dean29000,

Hope you managed to get this all working, however if not i'll try and clarify what techsoeasy and Skreem have correctly instructed you to do.

Bit of background.
DNS record is hosted by a DNS host. This is often the domain registrar, else a specific DNS host, sometimes if you have a seperate webhosting provider they will host your DNS records for you.

DNS record in your case seems to be hosted with your registrar.

Two important records to get email flowing:
1. MX record
2. Corresponding 'A Name' record.

[] MX record points to an arbitrary 'A Name' record. ie mail/email/fred/tony/jeff (it really does not matter which name you pick)

[] Next you require a corresponding 'A Name' record. If you picked 'mail' then you would create an A name record called mail. likewise jeff or tony.

The A name record points to an explicit IP address. In this instance the IP address would be the static external IP address of your mailserver.


So you might have a DNS record looking something like this:

DNS record for domain: mycompany.com.au

A records:
----------
www   --> 203.12.150.47           (ie. [URL unfurl="true"]www.mycompany.com.au)[/URL]
mail  --> 220.231.56.12           (ie. mail.mycompany.com.au)
ftp   --> 220.231.56.12           (ie. ftp.mycompany.com.au)

MX record:
----------
(mx record) --> mail.mycompany.com.au

Next you need to configure and NAT or port forwarding you might have at the perimeter router/firewall level. This will be device dependant, however for a layer-2 f/w you would NAT through all traffic from the WAN interface incoming on port 25 (SMTP port) to the internal IP address of your mailserver (still port 25/SMTP).
If your firewall does not automatically do this you may also need to configure a WAN firewall rule permitting traffic across the WAN interface inbound from port 25 to your mailservers internal IP on port 25. (Hope this makes sense).

Ensure any software based f/w are not blocking traffic.


At this point you should have created the appropriate DNS records required and opened up access to your mailserver so email can arrive at it for processing.

Now you will need to run the SBS configuration wizard to ensure that the mailserver is aware that it should be accepting email for your email domain(s). (If you don't tell it that your email domain is mycompany.com.au it will reject email addressed to that domain)

Now that your email server is configured, double check your email address from active directory (Or the SBS user panel) and update if incorrect email address.

Now when bob.brown@greens.gov.au wishes to send you an email from his account, his email server looks up the mx record for mycompany.com.au negotiates with your mailserver and transfers the email direct to your mailserver.

You don't actually need to configure your email server to pulldown the email from a specific server **UNLESS** you have a 3rd party server in the mix such as a POP3 server OR a 'smarthost' which essentially 'washes' (spam/virus checking etc) before it hits your systems.

This seems a little long and windy explanation, more about the conceptual ideas rather than specific tech terminology so please don't hesistate to ask for clarification.

Cheers - blakey2