none
Exchange 2010 from home - public DNS Issue

    Question

  • I'm in the process of building an Exchange infrastructure at home to test, but I'm having some trouble getting email to send/receive.  I've configured both connectors, along with configuring the receive connector options (ie enable anonymous).

    It looks like I have a DNS issue, but I'm not sure. I've ran the reverse DNS from DNSstuff and I'm getting some info that leads me to believe its a DNS issue

    Asking c.root-servers.net for 1.2.3.4.in-addr.arpa PTR record:  
           c.root-servers.net says to go to w.arin.net. (zone: 1.in-addr.arpa.)
    Asking w.arin.net. for 1.2.3.4.in-addr.arpa PTR record:  
           w.arin.net [72.52.71.2] says to go to NS1.SWBELL.NET. (zone: 2.1.in-addr.arpa.)
    Asking NS1.SWBELL.NET. for 1.2.3.4.in-addr.arpa PTR record:  Reports 1.2.3.4.uvs.irvnca.sbcglobal.net. [from 151.164.1.1]
    
    Answer:
    1.2.3.4 PTR record: 1-2-3-4.uvs.irvnca.sbcglobal.net. [TTL 7200s] [A=1.2.3.4]

    *1.2.3.4 is my external IP address changed for security reasons. 

    Shouldn't the IP PTR record point to my mail.company.com?  For my production environment, that's what shows up. I'm thinking I've missed a configuration somewhere.

    Sunday, March 11, 2012 7:43 AM

Answers

All replies

  • Hi

    PTR records are not generated automatically they have to be registered specifically, but I don't think that would cause inbound mail flow issues.  PTRs are normally only checked as part of anti-spam protection.  Where does your MX record point to?

    Cheers, Steve

    Sunday, March 11, 2012 9:18 AM
  • Heya steve,

    My MX record points to mail.company.com. 

    Sunday, March 11, 2012 9:22 AM
  • And for your test lab mail.company.com points to 1.2.3.4 (from your example above)?
    Sunday, March 11, 2012 9:26 AM
  • I have this test Exchange infrastructure the exact same way I have it at the office, but the only difference is I had my ISP add my two nameservers from ZoneEdit.  Is this something I will have to do at home too?  Because I don't think my ISP will do that for me, as my work was a business connection, so they had no problem configuring the name server.

    Everything else is the exact same, yet I don't have mail flow.

    Sunday, March 11, 2012 9:26 AM
  • And for your test lab mail.company.com points to 1.2.3.4 (from your example above)?

    That is correct.
    Sunday, March 11, 2012 9:27 AM
  • OK then I suspect your DNS should be OK, at least inbound mail should work.  Have you tried http://www.mxtoolbox.com/diagnostic.aspx
    Sunday, March 11, 2012 9:30 AM
  • OK then I suspect your DNS should be OK, at least inbound mail should work.  Have you tried http://www.mxtoolbox.com/diagnostic.aspx

    Interesting, I get a Timeout occurred due to inactivity.
    Sunday, March 11, 2012 9:34 AM
  • Can you telnet to your server on port 25, locally and from somewhere external?
    Sunday, March 11, 2012 9:36 AM
  • Can you telnet to your server on port 25, locally and from somewhere external?

    Yup! I just tested that and I was successful.  Odd huh?

    *Edit* Actually I can't do it externally from my office, only internally. But I have port 25 opened on the firewall.  Can it possibly be blocked by my ISP, being that this is a home connection?

    • Edited by sheld0r Sunday, March 11, 2012 9:39 AM
    Sunday, March 11, 2012 9:37 AM
  • That is quite possible.  It should be stated in your Ts & Cs.
    Sunday, March 11, 2012 9:42 AM
  • The funny thing is, I can't telnet into my work or test work environments, and those are both working.  This is so frustrating, because this really should work.
    Sunday, March 11, 2012 9:44 AM
  • Is it possible that port 25 is blocked in both directions by your ISP.  Testing with the link above would be an easy way to confirm this.
    Sunday, March 11, 2012 10:02 AM
  • OK then I suspect your DNS should be OK, at least inbound mail should work.  Have you tried http://www.mxtoolbox.com/diagnostic.aspx

    PTR   1.2.3.4 1.2.3.4.uvs.irvnca.sbcglobal.net 2 hrs

    I got a response finally after I ran it again.

    Sunday, March 11, 2012 10:02 AM
  • I also wanted to add, in Exchange under the Queue Viewer I see the following error for all mail I've tried to send out:

    451 4.4.0 Primary target IP address responded with: *421 4.2.1 Unable to connect. Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or deliver failed to all alternate hosts.
    Sunday, March 11, 2012 10:06 AM
  • If you are on a home connection then outbound email will have to go out through a smart host - usually your ISPs SMTP server. As you cannot get a PTR set then you will find a lot of sites will reject your email - that is if the ISP is allowing outbound port 25 traffic at all.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    Sunday, March 11, 2012 12:12 PM
  • If you are on a home connection then outbound email will have to go out through a smart host - usually your ISPs SMTP server. As you cannot get a PTR set then you will find a lot of sites will reject your email - that is if the ISP is allowing outbound port 25 traffic at all.

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    So I would have to get a business connection at home, if and when I decide to use this email for side work.  And that gets expensive for a business line.  Let me look into a smart host and see how far I can get.  At the same time Sembee you bring up a good point about many sites rejecting my email.  Do you think I would have this problem even with a smarthost?  That worries me a little.

    All in all, I know I could get an Exchange hosted, but I wanted to administer it and learn as I use it.  Nothing beats hands on experience and I was excited about hosting my own Exchange server from home.

    Sunday, March 11, 2012 12:17 PM
  • I ran Exchange on a dynamic IP address with a smart host for oubound email for about 18 months without any issues. I did have inbound port 25 open though.
    If you use a smart host then you will not have problems with sites rejecting your email, because that is what they WANT you to use.

    Another option rather than using a business connection would be to use a server in a data centre. Deploy SBS or something and just collect your email from there. Depending on the cost of a business connection in your part of the world, it might be cheaper. Here in the UK my business class broadband is £20/month, my mother's residential connection is £15 (we could get it for less, but she does like to watch video online - a lot).

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    Sunday, March 11, 2012 12:23 PM
  • I ran Exchange on a dynamic IP address with a smart host for oubound email for about 18 months without any issues. I did have inbound port 25 open though.
    If you use a smart host then you will not have problems with sites rejecting your email, because that is what they WANT you to use.

    Another option rather than using a business connection would be to use a server in a data centre. Deploy SBS or something and just collect your email from there. Depending on the cost of a business connection in your part of the world, it might be cheaper. Here in the UK my business class broadband is £20/month, my mother's residential connection is £15 (we could get it for less, but she does like to watch video online - a lot).

    Simon.


    Simon Butler, Exchange MVP
    Blog | Exchange Resources | In the UK? Hire Me.

    You read my mind mate! I've been wanting to get a server at a colo for quite some time, I guess this is a good reason! :) It varies here in the US, but I'm going to poke around and get some quotes.

    Got to love watching video online, especially without the buffering pauses.  I don't blame her for getting a better connection.

    Thanks for the insight and help Sembee!

    Sunday, March 11, 2012 12:28 PM
  • And thanks for the help too steve siyavaya!!  Very much appreciated!

    Cheers!

    Sunday, March 11, 2012 12:29 PM
  • No worries.  Hope you get a solution that works for you.

    Cheers, Steve

    Sunday, March 11, 2012 6:21 PM