Windows Server - MX Record SBS 2008

Asked By lyj_e1

19-Mar-10 09:59 AM

Hi,

Setup a new SBS 2008 with remote.mydomain.com. Installed a 3rd party SSL
cert. Previously the client was using POP3 emails. Problem is we cannot
receive emails.

We've changed the DNS A record for 'remote' to the external server IP
address as normal. We've deleted the old MX record for Mail and replaced it
with Remote.

A Records
Mail > Server IP address
Remote > Server IP address

MX Record
Remote > Server IP address > Priority 0

I have made sure port forwarding is setup on the router, I can telnet port
25 to the server and I can send emails out. When I run a check on a MX
checker website for the domain it is showing no MX records whereas before the
changes it was pointing correctly to mail.mydomain.com?

Thanks in advance,

Lyj

19-Mar-10 10:28 AM

SSL=20

replaced it=20
port=20

before the=20


Where is the MX record created? On your SBS DNS server, or at your =
public nameserver that is authorative for your public domain name?=20

Keep in mind, the MX records tells the world who the mail server is for =
a domain name. Creating it internally is useless to the outside world, =
unless you are hosting your public zone on your SBS, which first I =
highly doubt, and second, I highly suggest not to.=20

If you can post the actual domain name, we can test it for you to see if =
it is setup correctly.

--=20
Ace

This posting is provided "AS-IS" with no warranties or guarantees and =
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit =
among responding engineers, and to help others benefit from your =
resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & =
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, =
please contact Microsoft PSS directly. Please check =
http://support.microsoft.com for regional support phone numbers.

19-Mar-10 10:33 AM

If you can tell us your domain name then we can test that your MX/DNS
records are set up correctly.

Things I would check:

1. On a PC external to your network, open a command prompt window and type:
nslookup -type=mx cryer.co.uk
changing "cryer.co.uk" to your domain (without any www bit). That will tell
you the ip address(s) that others will be using when they try to send you
emails.

If the IP address is wrong then go back and correct it. Be aware that any
changes you make can take several hours to filter out and take effect.

2. Still on that external pc:
telnet ip-address 25
where for "ip-address" you should substitute the ip address of your server
(as returned by the previous step). You should then get one or more lines
starting with the number 220.

If you get that far then it shows that Exchange is listening on the correct
port for email. There are a few steps that can be tried beyond this, but I
suspect that this is probably far enough to reveal the problem.

If you cannot telnet then its a firewall issue.

HTH.
--
Brian Cryer
www.cryer.co.uk/brian

19-Mar-10 11:50 AM

Hi All,

Thanks for the replies. If I type in: nslookup -type=mx mydomain.com, it
does not bring up a mx record? The DNS is controlled by the web design agency
people. They have deleted mail.mydomain.com and replaced it with
remote.mydomain.com. Should they have removed the mx record for
remote.mydomain.com, recreate the mx record for mail.mydomain.com, repointed
the IP address to the server and create a new A record for 'remote' to the
same IP address?

Thanks,

Lyj

19-Mar-10 12:01 PM

it can take up to 24 hours before a dns change has propagated.

Op 19/03/2010 14:59, lyj_e1 schreef:

19-Mar-10 12:09 PM

Lyje

Since you will not tell us your domain name to help you
Put your domain in
http://www.intodns.com
and see the results
if you do not understand the results
Please post back with your domain name so we can look

Thanks
Russ

--
Russell Grover - SBITS.Biz [SBS-MVP]
MCP, MCPS, MCNPS, SBSC
Microsoft Certified Small Business Specialist
Small Business Server/Computer Support - www.SBITS.Biz
Question or Second Opinion - www.PersonalITConsultant.com
BPOS - Microsoft Online Services - www.Microsoft-Online-Services.com

19-Mar-10 03:52 PM

@ says...

It can take up to 72 hours to see the changes.



--
You cannot trust your best friends, your five senses, only the little
voice inside you that most civilians do not even hear -- Listen to that.
Trust yourself.
spam999free@rrohio.com (remove 999 for proper email address)

19-Mar-10 10:15 PM

mydomain.com, it=20
agency=20
repointed=20
the=20

As Russ said, it is difficult to help without knowing the actual domain =
name.=20

And why would the web design agency people change your mail record if =
they are only working on and developing a website for you? Does that =
mean they changed nameservers for your domain?

Ace




--=20
Ace

This posting is provided "AS-IS" with no warranties or guarantees and =
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit =
among responding engineers, and to help others benefit from your =
resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & =
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, =
please contact Microsoft PSS directly. Please check =
http://support.microsoft.com for regional support phone numbers.

20-Mar-10 01:05 AM

my guess
as most web people do
is move the hosting to WHERE they want it  hosted
so they can charge more :)
But yes, we need to know the domain
Russ

--
Russell Grover - SBITS.Biz [SBS-MVP]
MCP, MCPS, MCNPS, SBSC
Microsoft Certified Small Business Specialist
Small Business Server/Computer Support - www.SBITS.Biz
Question or Second Opinion - www.PersonalITConsultant.com
BPOS - Microsoft Online Services - www.Microsoft-Online-Services.com

21-Mar-10 10:15 PM

That's your mistake right there. NEVER let the web design people
control your MX. They are almost invariably clueless and an unnecessary
obstacle. Get control of the DNS and point an A record for www.whatever.com
back to the web site and let the web design people stick to web development.
I have had innumerable problems with web design people allowing domain names
to expire, losing passwords, changing the MX back to their web mail,
disappearing when needed the most, and so on and so forth. They will gripe
and complain about the change in control, but generally, e-mail is more
important than the web site, and if the web site is down for a few days, the
client will be less concerned than if the e-mail is down a few days. I cannot
have something so important in the control of clueless, unavailable parties
who do not know anything about networking or any other way than "point the
DNS to us."

21-Mar-10 10:20 PM

As an aside, I can usually verify a change in less than an hour--
sometimes within minutes-- by checking against the authoritative name
server, which is all I really care about. The "propagation" thing is true,
but the web people will just prolong the agony after they have messed it up by
hiding behind "propagation" as an excuse. If it looks wrong, I would not
wait three days to make sure it is fixed while a client has no e-mail. If a
change is purported to have been made and does not show up on the
authoritative name servers within an hour, I would assume that an error has
been made and insist that it be fixed immediately.

21-Mar-10 11:24 PM

Andrew
I am glad someone said it
I did not want to be the one who did LOL
Russ

--
Russell Grover - SBITS.Biz [SBS-MVP]
MCP, MCPS, MCNPS, SBSC
Small Business Server/Computer Support - www.SBITS.Biz
Question or Second Opinion - www.PersonalITConsultant.com
BPOS - Microsoft Online Services - www.Microsoft-Online-Services.com
Twitter http://www.twitter.com/SBITSdotBiz

21-Mar-10 11:25 PM

Godaddy 2hrs max my experience in the USA
Russ

--
Russell Grover - SBITS.Biz [SBS-MVP]
MCP, MCPS, MCNPS, SBSC
Small Business Server/Computer Support - www.SBITS.Biz
Question or Second Opinion - www.PersonalITConsultant.com
BPOS - Microsoft Online Services - www.Microsoft-Online-Services.com
Twitter http://www.twitter.com/SBITSdotBiz

22-Mar-10 12:33 AM

similar story here. I query the responsible servers, if the change is
evident there then 'caching name servers' is somone else's problem.

22-Mar-10 05:26 AM

There is your problem. As others have already said: (i.) your web design
agency has broken it and (ii.) do not let them near your DNS settings.

Whether you have mail.mydomain.com or remote.mydomain.com, in itself does not
matter. What is important is that the lookup for your MX records returns a
valid IP address - the public IP address of your server.

Yes, they (or you if you can get control of DNS back from them) need to add
an MX record for your domain. Since mail.mydomain.com and
remote.mydomain.com are sub-domains they do not need to come into the
equation at all - although I can see the convenience in pointing (say)
mail.mydomain.com to your public IP address and then defining the MX record
for your domain by using mail.mydomain.com. Personally I would not bother,
but I can see why others do it. As for "remote.mydomain.com" I'd guess that
is to support outlook web access, but that is only a guess. Its your MX
records which are missing and which need to be created.
--
Brian Cryer
www.cryer.co.uk/brian