All posts tagged DNS

DNS records needed for Exchange

DNS records and Exchange, it’s not really hard but it’s very important to configure them correctly. Incorrect DNS records and especially pointer records can cause issues with mail delivery.

Which records are needed to send and receive mail with Exchange:

A-record, this record ensures that a namecan be translated to an ip-address, for example mail.domain.com
PTR-record, this record is used for reverse lookup. By performing a query for the IP-address and then check if this leads to the FQDN of the mailserver a cross check is done if the mailserver is really who he claims to be.
MX-record, you can have multiple records of this type. Each entry is a mailserver where mail can be delivered to. Each rule has a priority, depending on the priority the message will be delivered to a mailserver. For example: if you have 2 records one with a priority of 10 and another with a priority of 99. The sending mailserver will first try to deliver the mail to the server with the priority of 10 if that one doesn’t react it will deliver the mail to the mailserver with priority 99.
SPF-record, this type of record is optional. This record contains all FQDN’s/ip-addresses of servers who may send mail with your domain as sending domain. This can be used by the receiving mailserver to check if the mailserver who sends the e-mail if allowed to send mail from that specific domain.

Besides the DNS-records for sending and receiving DNS records are also used for autodiscover:

A-record, this record ensures just like the A-record for sending and receiving that the name will be translated to an ip-address, in the case of autodiscover this needs to be the following syntax: autodiscover.domain.com
SRV-record, this record can beused instead of the A-record to let Outlook 2007 users use the autodiscover service. This record contains external FQDN of the CAS-serve which the user usages to connect to Exchange. If you want to use this type of record ensure that any other A or CNAME record used for autodfiscover is removed.

For this kind of stuff there are enough tools, below a short overview of tools I use often:

EmailTalk, site with several tools: ptr, mx or spf record check  open
MXtoolbox, site with several tools: mx record check, RBL check and test your mailserver from outside open
Microsoft SPF Record Wizard, site which helps to create a SPF record open

Normally when using a smarthost you wouldn’t expect that the mailserver does a query for the MX record in DNS. Well it does in Exchange 2007 and Exchange 2010. A while ago I found a post on Technet from someone from Microsoft who mentioned this. I found it pretty weird so I thought let’s test it. And indeed when using a smarthost and making a networktrace you will find out that it does a query for the MX record in DNS.

Below a screenshot of the DNS part when using a smarthost:

Network trace when sending via a smarthost

Also the quote below from Elan Shudnow confirms that a DNS query for the MX record is performed even when using a smarthost:

There was a discussion about this on the Microsoft Distribution list I am a part of (for the Exchange 2010 TAP) and it was stated by two MS employees that a smart host which actually still try MX lookup first before it attempts the smart host.  Yes, a lot of us were surprised; including myself. The first guy sounded confident but the second guy said he believed but didn’t test it in months.  So take that as you will.  I haven’t done a network trace to see for sure so I’m not sure myself.

(source http://forums.msexchange.org/DNS_Forwarder_breaks_email/m_1800512027/tm.htm)

So this proves again how import correct DNS records are.


Today I found this website because I wanted to check some mx records. The thing that I really like about this site is that after you found an mx record you can immediately test it by performing a test connection to the mailserver.