Configuring your DNS Host(A), MX & PTR records for Exchange 2007
Now building your Exchange 2007 Server is one thing, but once its built you need to setup your public DNS do that it is accessible from the internet.
In this article we will cover how to setup your DNS Host (A) records, Mail Exchanger (MX) Records, Reverse Lookup (PTR) Records & SPF (TXT) Records.
So lets have a look at what we require to do this:
1. Decided on the MX & Webmail Host Names, e.g. mx.sortedit.net & mail.sortedit.net
2. Decided which PUBLIC IP's to use on your Router / Firewall (they can be the same IP but this isnt recommended
3. Ensure that the MX, Host & Autodiscover Host Names are included in your Exchange 2007 SSL Certificate
The first step we need to complete is to register our Host (A) records with our public DNS Service Provider, this is either done by yourself through a DNS control panel or it is done by requesting the record registration from your ISP.
The Records you will require (Basic) are:
Purpose Type Host Public IP
Mail Exchanger Host (A) mx.sortedit.net 64.202.165.4
(Usually created as "mx" only since your DNS Domain is automatically appended)
Webmail Host (A) mail.sortedit.net 64.202.165.92
(Usually created as "mail" only since your DNS Domain is automatically appended)
AutoDiscover Host (A) autodiscover.sortedit.net 64.202.165.92
(Usually created as "autodiscover" only since your DNS Domain is automatically appended)
Once you have the above records created, you now need to make sure you register a PTR record for your MX record to ensure that your domain can send emails to the likes of AOL who require a successful reverse lookup to complete as an anti-spam tactic.
Your ISP is the authoritative entity for the Reverse Lookup Zone of the Public IP Address range which you have been allocated, so you would usually have to request them (either by Fax or Email) to register the following record
Type IP Address Host Name
PTR Record 64.202.165.4 mx.sortedit.net
Now that all the pre-requsite static records are created, you need to make sure that your Mail Exchanger (MX) record is pointing in the right direction. Now the MX record is very much just another CNAME or Alias record, therefore it must always point to a Host Record (either yours or that of some other mail server authoritative for your domain)
The MX Record also contains a Preference or Priority field, which, is used for assigning primary & backup email servers for your domain (in the event you have multiple mail servers or have backup mail exchangers).
The LOWER the preference integert the higher the Priority of the Server to which it points.
e.g. if I have 2 MX records: mx1.sortedit.net pref 5 & mx2.sortedit.net pref 10, then mail will ALWAYS try to flow to MX1 first & ONLY when MX1 does not respond / is not available will mail transfer to MX2.
In any event, here is how you should publish your MX:
Type Domain Host Name Preference
MX Record sortedit.net mx.sortedit.net 5 (or High)
(Domain is usually left blank as this is the DNS Domain which you are editing)
On a final note, more & more organizations out there are beginning to use Sender Policy Framework or SPF Records to classify or identify email as SPAM.
Most DNS Server Control Panels will have a tool to help you create the SPF record, however, if you do not have one then a simple Google Search will reveal many tools which will help you create the contents of the TXT file.
Type Name Data
TXT Record SPF v=spf1 a mx ip4:64.202.165.4 -all
One you have all of the above records registered, ensure to setup the required Nat Rules on your Firewall / Router, allowing traffic on port 25 for the MX record & 443 for the Webmail & Autodiscover Host Records.
It is equally IMPORTANT that you ensure that ALL outgoing SMTP traffic from your Exchange Server is Natted to your MX Public IP when it leaves the network to ensure you outgoing emails pass the SPF & PTR Record checks on the revieving mail server.
In this article we will cover how to setup your DNS Host (A) records, Mail Exchanger (MX) Records, Reverse Lookup (PTR) Records & SPF (TXT) Records.
So lets have a look at what we require to do this:
1. Decided on the MX & Webmail Host Names, e.g. mx.sortedit.net & mail.sortedit.net
2. Decided which PUBLIC IP's to use on your Router / Firewall (they can be the same IP but this isnt recommended
3. Ensure that the MX, Host & Autodiscover Host Names are included in your Exchange 2007 SSL Certificate
The first step we need to complete is to register our Host (A) records with our public DNS Service Provider, this is either done by yourself through a DNS control panel or it is done by requesting the record registration from your ISP.
The Records you will require (Basic) are:
Purpose Type Host Public IP
Mail Exchanger Host (A) mx.sortedit.net 64.202.165.4
(Usually created as "mx" only since your DNS Domain is automatically appended)
Webmail Host (A) mail.sortedit.net 64.202.165.92
(Usually created as "mail" only since your DNS Domain is automatically appended)
AutoDiscover Host (A) autodiscover.sortedit.net 64.202.165.92
(Usually created as "autodiscover" only since your DNS Domain is automatically appended)
Once you have the above records created, you now need to make sure you register a PTR record for your MX record to ensure that your domain can send emails to the likes of AOL who require a successful reverse lookup to complete as an anti-spam tactic.
Your ISP is the authoritative entity for the Reverse Lookup Zone of the Public IP Address range which you have been allocated, so you would usually have to request them (either by Fax or Email) to register the following record
Type IP Address Host Name
PTR Record 64.202.165.4 mx.sortedit.net
Now that all the pre-requsite static records are created, you need to make sure that your Mail Exchanger (MX) record is pointing in the right direction. Now the MX record is very much just another CNAME or Alias record, therefore it must always point to a Host Record (either yours or that of some other mail server authoritative for your domain)
The MX Record also contains a Preference or Priority field, which, is used for assigning primary & backup email servers for your domain (in the event you have multiple mail servers or have backup mail exchangers).
The LOWER the preference integert the higher the Priority of the Server to which it points.
e.g. if I have 2 MX records: mx1.sortedit.net pref 5 & mx2.sortedit.net pref 10, then mail will ALWAYS try to flow to MX1 first & ONLY when MX1 does not respond / is not available will mail transfer to MX2.
In any event, here is how you should publish your MX:
Type Domain Host Name Preference
MX Record sortedit.net mx.sortedit.net 5 (or High)
(Domain is usually left blank as this is the DNS Domain which you are editing)
On a final note, more & more organizations out there are beginning to use Sender Policy Framework or SPF Records to classify or identify email as SPAM.
Most DNS Server Control Panels will have a tool to help you create the SPF record, however, if you do not have one then a simple Google Search will reveal many tools which will help you create the contents of the TXT file.
Type Name Data
TXT Record SPF v=spf1 a mx ip4:64.202.165.4 -all
One you have all of the above records registered, ensure to setup the required Nat Rules on your Firewall / Router, allowing traffic on port 25 for the MX record & 443 for the Webmail & Autodiscover Host Records.
It is equally IMPORTANT that you ensure that ALL outgoing SMTP traffic from your Exchange Server is Natted to your MX Public IP when it leaves the network to ensure you outgoing emails pass the SPF & PTR Record checks on the revieving mail server.
Comments