DNS Records for an Exchange Server serving multiple domains

Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

Sorry for crossing-posting. I really don't know which NG should I be
posting this question.

We are currently running an Exchange server, which is serving the users in
the head office under domain-A. We have a few sales offices which also have
users who requires email access. They want to use their own email domain
(i.e. domain-B, domain-C and so forth) due to the nature of our business.
Therefore, we want the same Exchange server to send and receive email for
multiple domains.

On the Exchange side, I can add other domain names in the ESM and set up
proxy email address under each user's account property. But I do not know
what would be the best practice on the DNS side. I am thinking of
requesting the ISP to add the MX records for domain-A, domain-B and domain-C
accordingly. They should all be pointing to the same IP address as the one
we use for domain-A. However, the technician from my ISP disagreed with
that. He said that it would upset reverse-DNS lookup if an IP address is
used by different domains.

I am not sure his point is valid. Could any experts please shed some
lights? Thanks in advance.

Cheers,

Joe
9 answers Last reply
More about records exchange server serving multiple domains
  1. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    On Thu, 8 Jul 2004 17:16:37 -0400, "JP"
    <NO_SPAM_PLEASE_pangjo@netzero.com> wrote:

    >Sorry for crossing-posting. I really don't know which NG should I be
    >posting this question.
    >
    >We are currently running an Exchange server, which is serving the users in
    >the head office under domain-A. We have a few sales offices which also have
    >users who requires email access. They want to use their own email domain
    >(i.e. domain-B, domain-C and so forth) due to the nature of our business.
    >Therefore, we want the same Exchange server to send and receive email for
    >multiple domains.
    >
    >On the Exchange side, I can add other domain names in the ESM and set up
    >proxy email address under each user's account property. But I do not know
    >what would be the best practice on the DNS side. I am thinking of
    >requesting the ISP to add the MX records for domain-A, domain-B and domain-C
    >accordingly. They should all be pointing to the same IP address as the one
    >we use for domain-A.

    Yes, that is correct.

    > However, the technician from my ISP disagreed with
    >that. He said that it would upset reverse-DNS lookup if an IP address is
    >used by different domains.

    He is not correct. Reverse DNS does not matter.

    Hal

    >
    >I am not sure his point is valid. Could any experts please shed some
    >lights? Thanks in advance.
    >
    >Cheers,
    >
    >Joe
    >
  2. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    In news:5chre01pud2od6es3vq6r20sla1ltd0rqv@4ax.com,
    hal@nospam.com <hal@nospam.com> asked for help and I offered my suggestions
    below:
    > On Thu, 8 Jul 2004 17:16:37 -0400, "JP"
    > <NO_SPAM_PLEASE_pangjo@netzero.com> wrote:
    >
    >> Sorry for crossing-posting. I really don't know which NG should I be
    >> posting this question.
    >>
    >> We are currently running an Exchange server, which is serving the
    >> users in the head office under domain-A. We have a few sales
    >> offices which also have users who requires email access. They want
    >> to use their own email domain (i.e. domain-B, domain-C and so forth)
    >> due to the nature of our business. Therefore, we want the same
    >> Exchange server to send and receive email for multiple domains.
    >>
    >> On the Exchange side, I can add other domain names in the ESM and
    >> set up proxy email address under each user's account property. But I
    >> do not know what would be the best practice on the DNS side. I am
    >> thinking of requesting the ISP to add the MX records for domain-A,
    >> domain-B and domain-C accordingly. They should all be pointing to
    >> the same IP address as the one we use for domain-A.
    >
    > Yes, that is correct.
    >
    >> However, the technician from my ISP disagreed with
    >> that. He said that it would upset reverse-DNS lookup if an IP
    >> address is used by different domains.
    >
    > He is not correct. Reverse DNS does not matter.
    >
    > Hal


    Hi, just wanted to add that I host 25 customer domains and I do it this way.
    But my reverse points to the main machine's name and IP, not all the
    customer domains, so this way if any recipient domains are performing
    Reverse DNS lookups, it will come back as valid. So for the original poster,
    don't worry about what the tech says, just let the reverse point to your
    machine's actual FQDN.

    I think the tech thinks you wanted a reverse for each one so there will be
    multiple PTRs for the same IP, which won't work anyway, besides, I've tried
    that in the beginning and found that MS DNS winds up removing all but the
    one. There is no Round Robin for the reverse.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  3. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    Thanks for the clarification. I will probably add the MX records for the
    new domains as planned. However, I still have some worries on the revserse
    DNS lookup. If the recipient's email server requires a valid domain name
    returned from reverse DNS lookup, chances are email messages using domain-B
    as sender/reply address will not be accepted. Imagine the reverse DNS
    lookup shows domain-A but the sender claims to be from domain-B.

    We have had this problem for domain-A before. The ISP fixed it by putting
    in the proper PTR address for domain-A on the DNS server. I am wondering if
    the same problem will arise for the new domains in the future.

    Joe


    > Hi, just wanted to add that I host 25 customer domains and I do it this
    way.
    > But my reverse points to the main machine's name and IP, not all the
    > customer domains, so this way if any recipient domains are performing
    > Reverse DNS lookups, it will come back as valid. So for the original
    poster,
    > don't worry about what the tech says, just let the reverse point to your
    > machine's actual FQDN.
    >
    > I think the tech thinks you wanted a reverse for each one so there will be
    > multiple PTRs for the same IP, which won't work anyway, besides, I've
    tried
    > that in the beginning and found that MS DNS winds up removing all but the
    > one. There is no Round Robin for the reverse.
    >
    > --
    > Regards,
    > Ace
  4. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    OK its a little tricky then. Try this:

    MX record domain A = aaa.aaa.aaa.aaa
    MX record domain B = bbb.bbb.bbb.bbb
    MX record domain C = ccc.ccc.ccc.ccc
    etc

    Then at your firewall direct traffic on ports 25 110 etc from
    aaa.aaa.aaa.aaa to the real internal address of your mail server. Do the
    same for bbb, ccc, etc.

    You will use one real address for each domain. And be able to use a real
    reverse lookup for each address while forwarding the traffic to your
    internal mail server.


    "JP" <NO_SPAM_PLEASE_pangjo@netzero.com> wrote in message
    news:OqlqBHfZEHA.644@tk2msftngp13.phx.gbl...
    > Thanks for the clarification. I will probably add the MX records for the
    > new domains as planned. However, I still have some worries on the
    revserse
    > DNS lookup. If the recipient's email server requires a valid domain name
    > returned from reverse DNS lookup, chances are email messages using
    domain-B
    > as sender/reply address will not be accepted. Imagine the reverse DNS
    > lookup shows domain-A but the sender claims to be from domain-B.
    >
    > We have had this problem for domain-A before. The ISP fixed it by putting
    > in the proper PTR address for domain-A on the DNS server. I am wondering
    if
    > the same problem will arise for the new domains in the future.
    >
    > Joe
    >
    >
    >
    >
    >
    >
    >
    > > Hi, just wanted to add that I host 25 customer domains and I do it this
    > way.
    > > But my reverse points to the main machine's name and IP, not all the
    > > customer domains, so this way if any recipient domains are performing
    > > Reverse DNS lookups, it will come back as valid. So for the original
    > poster,
    > > don't worry about what the tech says, just let the reverse point to your
    > > machine's actual FQDN.
    > >
    > > I think the tech thinks you wanted a reverse for each one so there will
    be
    > > multiple PTRs for the same IP, which won't work anyway, besides, I've
    > tried
    > > that in the beginning and found that MS DNS winds up removing all but
    the
    > > one. There is no Round Robin for the reverse.
    > >
    > > --
    > > Regards,
    > > Ace
    >
    >
    >
  5. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    In news:e9PQl7fZEHA.2516@TK2MSFTNGP10.phx.gbl,
    GwD <GDavis@nospam.hme.com> asked for help and I offered my suggestions
    below:
    > OK its a little tricky then. Try this:
    >
    > MX record domain A = aaa.aaa.aaa.aaa
    > MX record domain B = bbb.bbb.bbb.bbb
    > MX record domain C = ccc.ccc.ccc.ccc
    > etc
    >
    > Then at your firewall direct traffic on ports 25 110 etc from
    > aaa.aaa.aaa.aaa to the real internal address of your mail server. Do
    > the same for bbb, ccc, etc.
    >
    > You will use one real address for each domain. And be able to use a
    > real reverse lookup for each address while forwarding the traffic to
    > your internal mail server.


    That is a bit tricky but don't see why it wouldn't work as long as the ISP
    enters all those IPs as a PTR, that is too, if the customer is allocated
    those IPs to be able to do that with.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  6. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    > > MX record domain A = aaa.aaa.aaa.aaa
    > > MX record domain B = bbb.bbb.bbb.bbb
    > > MX record domain C = ccc.ccc.ccc.ccc
    > > etc

    Maybe I have not made it clear. We are going to use just ONE external
    address for all the different domains. Therefore, the entries would look
    like:
    MX record domain A = aaa.aaa.aaa.aaa
    MX record domain B = aaa.aaa.aaa.aaa
    MX record domain C = aaa.aaa.aaa.aaa

    > That is a bit tricky but don't see why it wouldn't work as long as the ISP
    > enters all those IPs as a PTR, that is too, if the customer is allocated
    > those IPs to be able to do that with.

    Someone mentioned to me that there can only be 1 PTR address for an IP,
    while you can have many aliases pointing to one IP. If this is true, there
    will be a problem when reverse-DNS lookup for other domains take place.

    Joe
  7. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    In news:OyAKRyCaEHA.596@TK2MSFTNGP11.phx.gbl,
    JP <NO_SPAM_PLEASE_pangjo@netzero.com> asked for help and I offered my
    suggestions below:
    >>> MX record domain A = aaa.aaa.aaa.aaa
    >>> MX record domain B = bbb.bbb.bbb.bbb
    >>> MX record domain C = ccc.ccc.ccc.ccc
    >>> etc
    >
    > Maybe I have not made it clear. We are going to use just ONE external
    > address for all the different domains. Therefore, the entries would
    > look like:
    > MX record domain A = aaa.aaa.aaa.aaa
    > MX record domain B = aaa.aaa.aaa.aaa
    > MX record domain C = aaa.aaa.aaa.aaa
    >
    >> That is a bit tricky but don't see why it wouldn't work as long as
    >> the ISP enters all those IPs as a PTR, that is too, if the customer
    >> is allocated those IPs to be able to do that with.
    >
    > Someone mentioned to me that there can only be 1 PTR address for an
    > IP, while you can have many aliases pointing to one IP. If this is
    > true, there will be a problem when reverse-DNS lookup for other
    > domains take place.
    >
    > Joe

    I knew what you meant, but GWD provided a suggestion for a workaround.

    I was the one that mentioned that. If you tried to create multiple PTRs for
    the same IP, you'll find that DNS will remove them other than the default. I
    guess you can lock the records, but this will cause confusion since Round
    Robin doesn't work with reverse besides, if it did, you never know which
    record will reply. I was pulling out my hair way back because of this. I
    host mutliple domains for clients and have the PTR for my main server listed
    only by its default name and I haven't heard any complaints. Once set of
    users email to their AOL email addresses and they go thru fine.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  8. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    Thanks, Ace.

    I think I am going to do exactly as discussed. It should not be a big issue
    since a lot of ISP's acutally use one server to host many email domains for
    different clients. It turns out that they can resolve the reverse DNS
    lookup issue. Therefore, I am quite positive that we can do the same.

    Cheers,

    Joe


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
    message news:O0FotlDaEHA.1656@TK2MSFTNGP09.phx.gbl...
    > In news:OyAKRyCaEHA.596@TK2MSFTNGP11.phx.gbl,
    > JP <NO_SPAM_PLEASE_pangjo@netzero.com> asked for help and I offered my
    > suggestions below:
    > >>> MX record domain A = aaa.aaa.aaa.aaa
    > >>> MX record domain B = bbb.bbb.bbb.bbb
    > >>> MX record domain C = ccc.ccc.ccc.ccc
    > >>> etc
    > >
    > > Maybe I have not made it clear. We are going to use just ONE external
    > > address for all the different domains. Therefore, the entries would
    > > look like:
    > > MX record domain A = aaa.aaa.aaa.aaa
    > > MX record domain B = aaa.aaa.aaa.aaa
    > > MX record domain C = aaa.aaa.aaa.aaa
    > >
    > >> That is a bit tricky but don't see why it wouldn't work as long as
    > >> the ISP enters all those IPs as a PTR, that is too, if the customer
    > >> is allocated those IPs to be able to do that with.
    > >
    > > Someone mentioned to me that there can only be 1 PTR address for an
    > > IP, while you can have many aliases pointing to one IP. If this is
    > > true, there will be a problem when reverse-DNS lookup for other
    > > domains take place.
    > >
    > > Joe
    >
    > I knew what you meant, but GWD provided a suggestion for a workaround.
    >
    > I was the one that mentioned that. If you tried to create multiple PTRs
    for
    > the same IP, you'll find that DNS will remove them other than the default.
    I
    > guess you can lock the records, but this will cause confusion since Round
    > Robin doesn't work with reverse besides, if it did, you never know which
    > record will reply. I was pulling out my hair way back because of this. I
    > host mutliple domains for clients and have the PTR for my main server
    listed
    > only by its default name and I haven't heard any complaints. Once set of
    > users email to their AOL email addresses and they go thru fine.
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Active Directory
    >
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  9. Archived from groups: microsoft.public.exchange2000.admin,microsoft.public.exchange2000.general,microsoft.public.win2000.dns (More info?)

    In news:%23hK6H3FaEHA.3420@TK2MSFTNGP12.phx.gbl,
    JP <NO_SPAM_PLEASE_pangjo@netzero.com> asked for help and I offered my
    suggestions below:
    > Thanks, Ace.
    >
    > I think I am going to do exactly as discussed. It should not be a
    > big issue since a lot of ISP's acutally use one server to host many
    > email domains for different clients. It turns out that they can
    > resolve the reverse DNS lookup issue. Therefore, I am quite positive
    > that we can do the same.
    >
    > Cheers,
    >
    > Joe

    Very good Joe and my pleasure. Post back if you have any other concerns!

    Cheers!

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Active Directory

    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
Ask a new question

Read More

Domain Exchange Server Microsoft DNS Windows