Re: General DNS config questions

Michael, thanks again for your time. Replies are below.

You don't NEED it, although you really should have one. While you're working
on this issue you might want to remove it; it's better to have no SPF record
than one that's misconfigured.

That's what I thought. It's good to get confirmation, though. If
nothing else, I'm gaining some confidence in my DNS abilities from
this discussion. So far nothing you're said was completely new to
me. It all makes perfect sense.

The "@" record you refer to simply means "this domain." By having both "@"
and "www" resolvable in DNS you allow visitors to get to your website by
typing either "domain.com" or "www.domain.com" in their browser's address
bar.

That's exactly why I thought it should be OK to have one "@" as an A
Record pointing to our web server and another @ as a MX Record
pointing to our Exchange Server. When I set up my test domain that
way yesterday, I couldn't receive email at all... but it would appear
it was simply an internet propagation issue. It's still set up that
way and I'm now getting emails on the test domain address. Of course,
emails from Hotmail are still getting delayed, but GMail and Yahoo
Mail are getting through just fine.

In general, you shouldn't use CNAME records as they require two DNS lookups
for a full resolution (the first to resolve the CNAME to its A record, then
another to resolve the A record to its IP address). You can have as many A
records as you want resolve to the same IP address.

You now, common sense was leading me in that direction. I've wondered
why have CName records at all. I'm sure there must be some valid
scenarios when you'd want to use them, but I've always thought "Why
not just make more A Records?" :)

If you convert your CNAME record for your Web server to an A record, your
zone would look like this:

A records
@ www.xxx.yyy.36(Web server)
mail www.xxx.yyy.37(Exchange server)
www www.xxx.yyy.36(Web server)

MX records
Priority Host Goes To
0 @ mail

Yes, that's *exactly* how I have my test domain set up. There's
another boost in my confidence level. :D I believe you're right.
This has nothing to do with DNS.

A remote system attempting to send you mail will query DNS for all your MX
record values and attempt delivery to the one with the highest priority (the
*lowest* numerical value) first. A second DNS query will be made for A
record of the hostname returned by the MX lookup (in your case your MX
record indicates mail.domain.com) to obtain its IP address. Delivery will
then be attempted to that IP address over port 25 (SMTP).

In addition to the A and MX records, I also created a couple of SRV
records for my test domain for SMTP and HTTP. Those would seem to be
more of a "Just in case" thing to me, but I figured they probably
wouldn't hurt. What's your opinion?

Once you've got your DNS squared away (and like I said earlier I don't
believe this is your issue - you can receive mail, albeit mail from some
domains is delayed), and since it looks like you're using Exchange, you
might want to repost this to one of the Exchange newsgroups so we can get
some more Exchange expertise on this issue.

Well, that might be a good next move, but I'm 100% confident that this
is not an Exchange issue. I put a sniffer on our inbound wire between
the ISP's router (which does no firewalling) and our firewall. Then I
sent 10 emails from hotmail to my email address here. I could see
from the sniffer logs that the 3 emails that didn't arrive instantly
in my inbox also did not come in to our network. They just got lost
on the internet, from what I can tell.

If this were just Hotmail, I'd say "The heck with it" but it's
happening to about a dozen (or more) other domains trying to send us
email. I honestly don't see how this could possibly be our fault, but
it's also not the fault of our ISP, since I had the same problem when
I set up another ISP for testing. I'd like to blame it on the
internet in general, but no one else seems to be complaining.

Thanks again for your time. It's greatly appreciated.

Max.

.

Relevant Pages

  • unable forward imported mail
    ... I have just taken over a 2003 exchange and have found a problem I can ... not resolve. ... The issue during the implementation some emails were ... header but that just a guess. ...
    (microsoft.public.exchange.admin)
  • Re: General DNS config questions
    ... exchange WWW.XXX.YYY.37 ... test domain as above, I could not receive emails to that test domain. ... <Please note- regardless of the E-Mail domain, ...
    (microsoft.public.windows.server.dns)
  • Re: Routing mail problems
    ... Take a look at the article below it should help to resolve your issue. ... > Exchange is not set up with an MX record. ... > emails through POP3 for some users in mydomain.com. ...
    (microsoft.public.exchange2000.connectivity)
  • Re: Routing mail problems
    ... Take a look at the article below it should help to resolve your issue. ... > Exchange is not set up with an MX record. ... > emails through POP3 for some users in mydomain.com. ...
    (microsoft.public.exchange2000.admin)
  • Queue is growing!!!! strange
    ... I have exchange 2000 and exchange 2003. ... Users on Exchange 2003 can not send out emails. ... I checked the DNS and I was able to resolve the new exchange server name. ...
    (microsoft.public.exchange.admin)
Loading