Single domain, multiple email addresses not working 1

[JoeLan]

I have 3 sites with one Ex2003 server, Two sites logon to the same domain over the VPN. The parent domain company.com works great and always has. one of the sister sites company.biz recently was added to the Exchange server. The site has it's own OU and AD accounts. Mailboxes were created and set as primary for the correct emails. A recipient policy has been created and filter rule created for the correct addresses. I also unchecked the "update recipient policy" to prevent populating the parent domain email addresses.

My problem is I can send emails within the forest between sites, but I cannot recieve emails to company.biz from outside. I can email outside the forest for company.biz. The company who previously hosted the company.biz accounts has entered a DNS record pointing to our exchange server.

Am I missing something?

 

[blakey2]

Hi,

Do you have the DNS records of the 2 domains 'company.com' & 'company.biz' have corresponding mx records.

Do the mx records point to the same IP address?

If so then the mail is probably being sent to the company.com mailserver and not being sent to the company.biz mailserver.

If the company.biz mailserver has a seperate external IP address then you can update the MX record to that, and ensure any NAT rules you have in place will forward email to your company.biz mailserver.

Else if you only have a single external static IP you need an exchange front end server, or you can configure (from SMTP protocol settings in ESM - from memory) an address to forward all mail to that is incoming to 'unresolved hosts'.

BTW you would need to ensure that the company.com mailserver is configured to accept incoming mail for company.biz.

Hope this helps?

Cheers.

 

[JoeLan]

We only have one true Domain Company.com, the Company.biz domain is not set up and the users at the other site logon to company.com. The Company.biz is only used for email and was previously hosted by our website provider. They assure me they made the appropriate changes in thier DNS to forward the mail to our Exchange server (exchange.company.com) The external static IP has been configured for some time and all users fro Company.com can access the webmail through OWA. I can log into company.biz eemail accounts using the company.com domain\user.

Do I need to actually have a company.biz domain set up in AD or can I keep the OU and assign different email addresses based on the recipient policy in ESM.

Where do I configure the mailserver to accept incoming mail for company.biz?

Thanks,

J

 

[jwest1]

JoeLan

I think the main problem may be as Blakey has pointed out

"BTW you would need to ensure that the company.com mailserver is configured to accept incoming mail for company.biz."

You need to go to your recipient policy, select the @address and select edit. There is a tick box "This Exchange organization is responsible for all mail delivery to this address

 

[JoeLan]

jwest

Yes that was checked. I tested the connection at dnsstuff.com and it sees the MX record for company.biz but cannot connect to it, it times out.

I can send emails from site to site and send mail to anyone but cannot recieve mail from outside the domain.

???

J

 

[blakey2]

Hi JoeLan,

If it can see the MX record of company.biz but not connect to it then it suggests there is a DNS misconfiguration.

When you set up an mx record, it actually points to an 'A Name' record. The 'A name' record points to a static IP.

This static IP should be the external IP address of your organisation.

::::::::::::::::::::::::::::::::::::::::::::::
Example :: blakey.com.au ::

MX Record:

mail.blakey.com.au 10

A name records:

http://www.blakey.com.au

202.12.27.33
ftp.blakey.com.au 202.12.30.60
remote.blakey.com.au 202.12.27.33
mail.blakey.com.au 202.12.27.33
::::::::::::::::::::::::::::::::::::::::::::::

So in the example above for blakey.com.au (a fake domain) you can see that the 'www' record, the 'remote' record and the 'mail' record all point to a single IP address.
The 'ftp' record actually points to a different address.

The mx name record does not have to be 'mail' it could be 'acdge' and so long as there was a corresponding A name record pointing to the correct IP address mail would flow fine.

Using dnsstuff query the mx record for company.biz. Take note of the 'Answer'. It should be along the lines of mail.company.biz.

Assuming it is, put 'mail.company.biz' into dns stuff and do a DNS lookup based on 'A name' records. This will give you the IP address the A name record is set to.

Repeat this process for company.com. The results should have the same IP address. If they don't get them to update the cpompany.biz DNS record accordingly.

Cheers.

 

[JoeLan]

Thanks Blakey2, I figured out what was causing the problem. Unbeknownst to me we have been using Securance for screening our mail for viruses and they control port 25 on our firewall, so no other traffic except for the main domain would go through until I changed the MX records to point to Securance. Now it works great!

Thanks to all for your help.

Joelan