Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Make World see external Domain 1

Status
Not open for further replies.
globalstrata

globalstrata

MIS
Sep 29, 2002
524
US
For SPAM control purposes, many servers to which we send email, are doing name resolution on my server name that go out with every message. The internal server name is mydomain.corp and my external is mydomain.com. How do I make the server send the external
mydomain.com or mail.mydomain.com
instead of
internalservername.mydomain.com?

In addition, in the message header shows the Message-ID: <710690D557C5AB4E9F771DDD700D752A@intserver.internalDNS.corp>

All the DNS records have been created, all the mailboxes have been configured to use both the internal and the external names with the external name as default domain name.


Gladys Rodriguez
GlobalStrata Solutions
 
Sort by date Sort by votes
Hi Gladys, i don't know if it's feasible for you, but one option would be to configure a smart host or front end server that sits in your DMZ (if you have one). If you chose to do this with an MS operating system, you could name the server with the proper domain extension and still join it to your existing forest as another forest root. Or, you could put a Linux box out there and use Sendmail to act as your smart host. Just an idea...
 
Upvote 0 Downvote
What do the properties for your SMTP server say for this:

Delivery -> advanced -> fully qualified domain name?


 
Upvote 0 Downvote
Has anyone figured this out? I am having the same problem. All parts of the message header show the correct external name, but the message ID still shows the internal name.
 
Upvote 0 Downvote
I figured out. The DNS server that the mail server is utilizing for resolution has to have an MX record for that domain pointing to the mail server. Else, the server won't give out the external address.




Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Globalstrata,

Sorry, I am a bit of a rookie at this. So you create another forward lookup zone on your internal DNS server? Do you do AD integrated or primary? And how do you complete the entry in the new zone? Thanks for all the help.
 
Upvote 0 Downvote
Say that you external domain is external.com

You could create external.com Forward lookup zone - primary. (It gives you the most flexibility). Make sure that you also have a reverse lookup (Do it primary too) for the subnet where the server is at. IE: if your Server IP is 192.1.1.1 you have to have a reverse of 192.168.1.x Subnet.

Once you have these, right click on external.com and select new host. In the name type mail and the IP address of your internal mail server. Make sure create associate PRT record is selected. Then right click again and select new mail exchanger. Leave blank the Host/domain field and in the mail server browse for mail under server\external.com

Before closing the DNS Console, right click on the server name and select Update Server Data Files.


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Silmarillion -

You request you ISP to point your MX record to mail.mydomain.com. This should be your external IP Address.
 
Upvote 0 Downvote
RMTanghal,

I think he has done that already. However, the Internal network gets DNS resolution first from the internal DNS. This means that the Internal DNS has to also be configured with the record.

I guess I am assuming that Silmarillion has the exact problem as me which was:

I had a domain controller with Exchange installed on it that did my internal DNS. The DNS was configured to forward any request that the internal DNS could not fullfill to an external DNS. Since I had a firewall, and my server only has a internal IP, the server did not even attempt to forward the request outside because it thought that the request was for the internal network so it did not get the proper resolution.


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Gladys - thanks for all the help. You are correct on RMTanghal's comment - the external DNS is already configured correctly (at the ISP).

I was on the right track, but had missed a couple of things. One more question (hopefully that's it) - when you create the new host record, do you use the internal or external IP address (i.e., the internal LAN private IP, or the external public IP on the firewall (which is port forwarded to the mail server))?
 
Upvote 0 Downvote
You use the Internal IP of the mail server

The firewall you have to configure to forward any requests in port 25 (SMTP) and 110 (POP3), both TCP ports, to the Server Internal IP address.


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
The firewall is already done (just port 25, not 110 - we don't use the POP3). I have done all the other stuff, but the internal name still shows up in the message ID. I haven't had any bounced messages lately on failed reverse DNS, so I am not even sure if that was the problem. When you send an e-mail, does the message ID in the header have the external host / domain name or the internal?
 
Upvote 0 Downvote
Did you configured Your Exchange Email Server SMTP Virtual Server Properties?

Under the Exchange Management console
Administrative Groups
First Administrative Group
Servers
ServerName
Protocols
SMTP
Right Click Default SMTP Virtual Server
Properties
Delivery
Advance
Mascarade Domain is your external.com
Server is mail.external.com


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Yes - I had picked that information up from this thread:

thread858-608757

I also saw that you had done that in your earlier postings. Everything in the routing fields of the message header shows up OK, but the message ID still has the internal server name. Does yours do this?

PS - I lied about the bounced messages - I am still getting them (see sample below).

Your mail system could not find a way to successfully communicate with the destination system. Please notify your administrator.
<mail.externaldomain.com #5.5.1 smtp;551 5.5.1 We do not permit relaying here. Please contact bizsupport@attcanada.ca.>

There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.
<mail.externaldomain.com #5.5.0 smtp;553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)>
 
Upvote 0 Downvote
OK, I have got one problem fixed. I did some more reading on another thread:

thread858-625899

I followed the link to and did a reverse DNS lookup on my domain:

No host name is associated with this IP address or no reverse lookup is configured.

So I did some more reading on the MS Support document, then went and checked my DNS settings at the ISP. I had an IN A record configured for MAIL, but none configured for just the domain. I have added it in and will give it a couple of days to propagate, then do some more testing.

Still curious about the message ID though...
 
Upvote 0 Downvote
Are you sure that your external DNS is configured correctly?
Open CMD
nslookup
server <NAME_OR_IP_ADDRESS_OF_EXT_DNS>
set type=MX
external.com

You should get something that looks like:
=========================================================
Server: ns1.externalDNSdomain.com
Address: x.x.x.x

external.com MX preference = 10, mail exchanger = mail.external.com

mail.external.com internet address = y.y.y.y
=========================================================
x.x.x.x -> is the external DNS IP
y.y.y.y -> is the external IP of your firewall


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Yeap. Your right. Is still shows the internal server name. Not too secure! I'll have one of my company's engineers look to see if there is a way to get away from that. But we are able to send and receive messages fine.


Gladys Rodriguez
GlobalStrata Solutions
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
967
DrB0b
DrB0b
Trevor Gryffyn
  • Locked
  • Question
Removed Accepted Domain, now can't email that (now external) domain
Replies
2
Views
160
AdrianGates
AdrianGates
phadobas
  • Locked
  • Question
Domain Controller unabailable (by MS Exchange 2003)
Replies
0
Views
68
phadobas
phadobas
lwhalo
  • Locked
  • Question
Domain Admins - Active Sync/OWA question
Replies
1
Views
96
ntinlin
ntinlin
alex1002
  • Locked
  • Question
See Conference Usage Lync
Replies
0
Views
54
alex1002
alex1002

Part and Inventory Search

Sponsor

Back
Top