got port 25 forwarded thru the firewall to the exchange machine? what do you see if you do Code: telnet [external-ip-address] 25 from somewhere outside? possibly, you might have an isp that blocks port 25 to unknown mail servers (yours).
Dear Applegate and Myrrh, all ports are fine open on the firewall and i can telnet using port 25, what configuration do i need to do on the Domain controller side? 220 EX.TEST.lan Microsoft ESMTP MAIL Service ready at Wed, 7 Aug 2013 21: 40:32 +0200
Mail Servers or should I say DNS Hi, I am trying to help you and hope I can achieve that. I am confused................ MAIL SERVERS: DNS is King. Ports came afterwards. 1) You have a domain (where is it .....who cares). 2) Once your domain is yours you decide whether you have it in your house, organization or hosting or cloud, etc,etc. 3) The key is where is the mail server in the end? Then what is the PUBLIC IP address where the mail server is? Once you have sorted where the mail server is receiving and sending mail (unless they are split like big providers do) that is the one that must be entered in the PUBLIC DNS. For that you need an A or AAAA (if IPV6) record which will carry the PUBLIC IP of the Exchange server (or Kerio Connect - or Icewarp Mail ,etc,etc, whichever your mail server software is). Exchange is a mere mail server. It is DNS the one you need to tackle. EXAMPLE NUMBER ONE: You have Exchange running in a hosted/cloud environment with XXX company. You need to know the public IP of that site and create the A record and then the MX pointing to that address. EXAMPLE NUMBER TWO: (THIS IS MINE..............I run my mail server at home for the past 10 years with Kerio Connect) You have your Exchange box at home or bussiness.................then you need that home/biz PUBLIC IP in the public DNS provider as A and MX record. For the inside house/biz premises........... 1) If you run inside a Domain Controller for the same domain name ( I do not do but used to.....)you will have your internal DNS with the same domain ( split brain DNS can be implemented) name BUT the IP in your internal domain controller will be PRIVATE ADDRESS.................so if you have xxx.com, internally you may have 10.10.10.2 in the A record and MX for your Exchange. The outside people will never know and do not need to. This is because you split "the brain" of DNS. In this case you domain controller DOES NOT NEED TO DO RECURSION. You and it knows very well where is xxx.com running from................INSIDE. For the outside people you need to go to your PUBLIC DNS and put the address of your PUBLIC IP so outsiders can send. 2) You do not have a domain controller but run your mail server still inside from your home/biz premises. The story is similar but easier. Yo just get the PUBLIC DNS provider with the PUBLIC IP address pointing to your home/biz. For the internal machines your mail clients use the IP address (PRIVATE) since your machine is inside. No need for DNS resolution. This later case is exactly how I run my thing from home. I hope I am helping you and is not confusing, otherwise private message me. I am always open to give a hand.
You are putting INSIDE your own DC ( I assume the DC plus Exchange are inside your premises??????) DNS that 98.x.x.x. IP ? That is not on................. That address is your OUTSIDE PUBLIC. That address goes in your public DNS provider. Hopefully I did not missed what you say.
i understand all of thise, the issue now is where is the problem? my dns and mx record are fine, why i am not recieving emails? let say i will start from scratch, what steps do i need to do in order to have the email working ? from DNS till MX thank you
Mail server Well, there is one thing you can do.................query public DNS records to make sure your public MX and A records are pointing where they should. If that points to the public address that should go to (provided you are not using IPV6); then the next thing is the NAT (if your box is inside the firewall......that is private address scheme) and if nothing is blocking port 25 then the mail server should be checked to make sure that the SMPT service is up and running and listening on port 25. In particular, Exchange needs to be manually set up, creating a RECEIVE connector and a SEND one.
By the way, what do you mean but "MY DNS"????????? Is that your inside one? If that is the case is useless, sorry. Your public DNS is the one you want to make sure that points to the proper MX, with the correct priority, if you have more than one mail server (back up, etc) and the A record associated with it is pointing to the correct public IP address.