locked
DNS problem after online BPOS to Office 365 transition RRS feed

  • Question

  • OK, we own multiple domain names.  The two I am concerned with we'll call 'company.com' and the other one 'project.com'.

    Before I started working for company.com, the company.com Exchange email was moved to the BPOS cloud.  The project.com email remained local.  And company.com is the main domain name in AD, whereas project.com is defined as an OU with Groups and Users.  These users don't show up in the company.com users.

    At the ISP, the project.com domain has a CNAME record called 'mail' that points to 'mail.company.com'. In BPOS, user@project.com could receive emails.  All other CNAME records point to 'mail.project.com'.  There is also an MX record that points to 'mail.project.com'.

    Since the transition to Office 365 online, the user@project.com can no longer receive emails.  Somewhere in the transition, user@project.com's primary email address was changed to user@company.microsoftonline.com and showed up in the GAL in the Outlook Web App like that!  After submitting a Service Request and going around in circles and finally being given some arcane PowerShell commands, we were finally able to get user@project.com back to the primary email.  But... user@project.com still can't receive emails.  (And user@project.com's SMTP: entry in the local AD remained as user@project.com through this whole ordeal.)  And that is as far as I got with the Service request.  The problem was not solved.  It was decided that it was a local AD issue and nothing could be done about it by Microsoft via that Service Request.  I was given a phone number for a Microsoft Exchange Server specialist which I will call Monday.

    So, now it looks like I need to come up with some new DNS record or records to fix this, but I have no idea which records or where they go, CNAME, MX, A, etc.

    Nothing changed in the DNS records from the BPOS to Office 365 transition, except the autodiscover record in the company.com domain.

    Given this info, can anybody point me in the right direction to modify the DNS records so that user@project.com can receive emails again?

    Thanks . . .


    I thought I was wrong once, but, of course, I was wrong.


    • Edited by bs_kwaj Friday, June 29, 2012 9:19 PM typo
    Friday, June 29, 2012 9:13 PM

All replies

  • I will say up front I am not sure how to fix your issue. However I want to point out that when you transition from BPOS to Office 365 your MX records absolutely do change. I know there are several threads in here that claim they don't but I just went through the transion and they do. I would go into your portal and check your new MX records for your domain and double check things. Go into management -> domains-> click radio button on domains and then click view DNS. You will find MX records that are new. This could be at the root of the issue possibly. At minimum it is worth checking to ensure your MX records are correct. Good luck.
    Tuesday, July 3, 2012 4:46 PM
  • Gator,

    The MX record CAN change, and we recommend it, but the change is not required for mail flow to continue through or post transition.  Eventually, it will need to be changed, but not at this point.  The new MX record you have indicated points to your specific tenant, but the mail.global.frontbridge.com record from BPOS still hits FOPE which is the Edge service used by both BPOS and O365 (same as the customized one).

    BS: Can you please provide an NDR that is received when sending to your users?  This will help us track down where the break in mail flow is.  You can PM me the info if you do not want to have it posted to the forum (please also remove any PII information if posting to the forum).

    Have a great day,

    Dan


    www.insecurityinc.info

    Tuesday, July 3, 2012 5:22 PM
  • Hmmm...  I don't see where to PM you.  I can see your profile, but I don't see a PM link or button.

    I prefer not to put the header info from the actual system out here publicly. 

    The NDR, from postmaster@company.com, says:

    This is an automatically generated Delivery Status Notification.
    
    Delivery to the following recipients failed.
    

              user@project.com

    Maybe you could tell me more about that mail.global.frontbridge.com MX record.

    For this discussion, www.company.com has an MX record : Priority 0, Host @, Points to  mail.global.frontbridge.com

    The www.project.com MX record is 0, @, mail.project.com

    Does the project.com domain need an MX record that points to mail.global.frontbridge.com?

    Sorry, this DNS record stuff is relatively new to me.

    Thanks...

    (Note:  Oh, while clicking around in here I clicked on the 0 under that little green triangle and it turned to a 1.  I have no idea what I voted on.)


    I thought I was wrong once, but, of course, I was wrong.


    • Edited by bs_kwaj Tuesday, July 3, 2012 6:45 PM
    Tuesday, July 3, 2012 6:43 PM
  • I just came across a website called intodns.  I put my 'project.com' domain in and it gave me some MX record notices:

    (of course, I've changed the actual names as above.)

    Warning MX CNAME Check WARNING: CNAME was returned for the following MX records:
    mail.project.com
    The CNAME(s) that were returned are listed above. This is not ok per the RFCs and can cause problems including mail being lost!
    Error MX A request returns CNAME WARNING: MX records points to a CNAME. CNAMEs are not allowed in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3. The problem MX record(s) are:
    mail.project.com points to ['mail.company.com']
    This can cause problems

    So, I guess I can see that that's a problem, but I don't see how to resolve it so the user@project.com can once again receive emails.


    I thought I was wrong once, but, of course, I was wrong.

    Tuesday, July 3, 2012 7:23 PM
  • So, the question is, how was the email being sent out initially?  Btw, you can send to me directly.  Check the website in my signature.

    Very basically, if you don't have an on-premises server, your MX record needs to point to mail.global.frontbridge.com OR the MX record specifically indicated in the domain section of the O365 portal.  That is how mail routes through the internet to both BPOS and O365.  Both the mail.global.frontbridge.com and the domain.eo.outlook.com host names are simply smart-hosts for FOPE, which is what both services utilize for spam/virus filtering.  I would actually remove the CNAME if you have an option, as that will confuse some servers.  CNAME's are only required if you want to rename the connection to a server/endpoint.

    Have a great day,

    Dan


    www.insecurityinc.info

    Tuesday, July 3, 2012 7:41 PM
  • So, I've been really busy and I have also gone around and around with Office 365 Online support group about this.

    We do have an on premise Exchange server. While we were using BPOS for www.company.com email, the on premise Exchange server was being used for www.project.com mailboxes.

    I guess it boils down to not being able to host a local Exchange server for www.project.com (which again is listed as an OU in our Active Directory) while having our main domain's email hosted in the Office 365 cloud.


    I thought I was wrong once, but, of course, I was wrong.

    Monday, July 23, 2012 3:33 PM