MX Records for Email Delivery In Exchange
When your Exchange 2010 organization needs to receive email from the internet via SMTP, then you must configure MX records (Mail eXchange) in DNS. If you are troubleshooting then remember that people need to find your email server.
Topics for Exchange 2010 MX Records
- MX (Mail Exchage) and DNS for Exchange
- Which DNS server will host the MX records?
- DNS for Outgoing Email
- Summary of Exchange MX Records
♠
MX (Mail Exchage) and DNS for Exchange
DNS is a complex topic in its own right; so let us begin with the basics. A records (Host) map the mail server to its IP address. The extra factor with Exchange is that the DNS record must link your mail server to the email domain name.
For email delivery into your domain you need:
[Host (A)] + [MX Record]
IP — mail server — email domain
Format: ServerName.domain.com
Fortunately, DNS has an MX record to maintain the above mapping. To check DNS records, launch your server’s DNS snap-in, expand the server icon, click Forward Lookup Zones and navigate to your domain folder. You should be able to see the MX records and examine their FQDN. (See diagram above.)
Best practice recommends at least two Exchange servers each with its own MX record. Traditionally MX priorities are set in multiples of 10, and Exchange will attempt to deliver the email to the server with the lowest priority first.
Which DNS Server Should Host the MX records?
The next consideration is whose DNS server should host these MX records? The answer depends on how your email domain is registered with InterNic. Remember that the email domain, could be different from your Active Directory domain.
Plan A would be to ask your ISP to create an MX record for your domain pointing to the ISP’s name servers. In this scenario you would need to periodically download the email from the ISP’s mail server to your Exchange 2010 server.
Plan B would be for you to have a permanent IP address which is alway connected to the internet. In this case, you could have the MX records on your own DNS pointing to your Exchange 2010 servers.
Plan C is a hybrid of the first two plans. Ask your ISP to create MX records for both your server and the ISP’s own servers. In this instance ask them to assign a lower priority to the MX record for your Exchange server. As a result the email comes to your Exchange servers if the connection is active, or else is delivered temporarily to the ISP, if the internet link is down.
Guy Recommends: A Free Trial of the Network Performance Monitor (NPM)
v11.5
SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
What I like best is the way NPM suggests solutions to network problems. Its also has the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.
Download a free trial of SolarWinds’ Network Performance Monitor
DNS for Outgoing Email
Naturally, your Outlook clients send all their email to your Exchange 2010 server. Internal delivery for recipients in your organization is no problem because your own DNS can handle all queries for Exchange servers.
However, any email addressed to external recipient, needs a DNS server with extra information called root hints. Root hints have the IP addresses of internet servers which specialize in top level domains such as .org, .com. For successful delivery, either your DNS server has these root hints configured, or you forward all external email to your ISP’s DNS server. Naturally the ISP’s DNS takes responsibility for resolving the domain names via its root hints.
To configure outgoing DNS, either navigate to the Virtual Server (See diagram), or to the SMTP Routing Connector.
What you are looking for is the Smart host dialog box. This setting would hold the IP address of your ISP’s DNS server. Alternatively, configure the IP address of one of your DNS Servers outside the firewall. When you enter the IP address, strangely, it must be enclosed in square brackets, for example [2xx.208.45.10]
MX Records When Using Mail Relay with Exchange Edge Server
In cases where you have a DMZ (Demilitarized Zone) with a Mail Relay host such as Linux or a Windows Exchange 2010 Edge Server, you must configure an MX record for the FQDN and IP address of your Mail Relay host. Also remember to configure the Firewall to only allow TCP Port 25 traffic to be sent to the IP address of the Mail Relay computer, and not the actual internal mail server.
Naturally, you configure the Mail Relay to forward the incoming emails to your users’ real mail server inside the DMZ.
Record FQDN Record Type Record Value MX Pref
cperf.com MX mail.cperf.com 10
mail.cperf.com A 192.20.1.30
Test Your MX Records with NSLookup
I use a reverse lookup for cases where they know the IP address but want to check the hostname. NSLookup is useful for a situation where you can ping an IP address of your Exchange Server, and want to check the fully qualified domain name.
Ping – 192.20.1.30.
NSLookup – 10.209.12.20 Reply mail.cperf.com.
Note: NSLookup is a built-in command line utility for most Windows operating systems.
More about troubleshooting DNS and MX Records.
SolarWinds Firewall Browser 
Here is an utility where you can review firewall settings such as access control lists (ACL), or troubleshoot problems with network address translation (NAT).
Other reasons to download this SolarWinds Firewall Browser include managing requests to change your firewall settings, and testing firewall rules before you go live.
Guy recommends that you download a copy of the SolarWinds free Firewall Browser.
Internal Email
It is possible for email to be delivered internally (within your Exchange Organization) without any need for MX records. The reason being that your own Exchange servers can resolve the delivery request with a plain A (Host) DNS record.
For example, suppose you have two Exchange 2010 servers, Worcester and Boston. Active Directory will already have DNS A (Host) records for these servers. So when mail is sent by a user with a Worcester mailbox to eddie @cperf.com, Exchange queries Active Directory for eddie’s mailbox – answer Boston, then it queries DNS for the IP address of Boston. Now it can deliver email to the Boston Exchange 2010 server. No MX records are required for this scenario.
Summary of Exchange MX Records
- There are three separate DNS challenges for your Exchange 2010 server.
- If you are receiving email from the internet, then it is essential to configure MX records for your Exchange 2010 server.
- Internal email delivery on needs A (Host) DNS records.
- See more about Exchange MX records
If you like this page then please share it with your friends
See more Microsoft Exchange Server 2010 topics:
• Exchange Home • Exchange 2010 Transition • Exchange 2010 Migration • Exchange 2010 SP1
• Exchange MX Records • Exchange 2010 Logs • Exchange 2010 Circular Logging • Exchange Stores
• Exchange 2010 GAL • Exchange 2010 SMTP Connector • Free Exchange Monitor • Home
