27 C
Dubai
Tuesday, December 10, 2024

Configuring Public DNS and MX records for exchange 2013

Lets see what are the Public DNS records we need to Configure for Exchange 2013/Exchange 2016  (Client Access / mail flow / Autodiscover)

Create A record – Mail.CareExchange.in

and point to the Exchange 2013 Server or Exchange 2016 Server .

If the server is load balanced – You will have to point to the VIP (Virtual IP of the load balancer)

Which will be the internet facing server  for your Webmail and all other URLs

Create a A Record – autodiscover.careexchange.in

and point to the Exchange 2013 Server or Exchange 2016 Server .

If the server is load balanced – You will have to point to the VIP (Virtual IP of the load balancer)

Which will be the internet facing server  for your Webmail and all other URLs

Which will serve your outlook and Active Sync phones to send configuration settings automatically.

Create a MX record – and point to the A record you created above for small businesses

Which will serve your mail flow

if you are going to use any Cloud based anti – spam or Anti-Spam Appliances . you will have to point it to their DNS Records or your Anti-spam Appliances.

Required Public IPs – 1

Required Public IPs with One Anti-Spam Server – 2

image

Ports need to be Opened on the firewall

Ports for HTTPS – 443

Port for Mail flow – 25

POP3 – port 110

IMAP – port 143

SMTP – port 25

HTTP – port 80

Secure IMAP (IMAP4-SSL) – port 585

IMAP4 over SSL (IMAPS) – port 993

Secure POP3 (SSL-POP) – port 995

Secure SMTP (SSMTP) – port 465 | Exchange specifically does not support SMTPS (implicit TLS)

Updated – Download as Excel Sheet

image

Note :

If you want to Split Mail flow and Outlook Web App URL. you can also do that .

You can have outlook web app and other URL’s has mail.careexchange.in

and for mail flow you can have mx.careexchange.in

by doing this – the advantage you can re route your mail flow anytime without disturbing anything .

For Reference :

Lets see a practical scenario on create DNS records with one of the public DNS providers

HOST A records – mail.testcareexchange.biz

HOST A records – autodiscover.careexchange.biz

image

MX Records – Testcareexchange.biz

Note : Mail is delivered to the mail exchange server with the lowest preference number (highest priority)

image

Thank you .

Hope the article was informative Smile

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles

75 COMMENTS

  1. hey,
    i have windows NLB for 2 exchange 2013 Cas servers with one virtual ip, inside. and one public ip from out side. will it work fine as i want to point port 443 and 25 to single Vip..i am using hardware firewall only.
    your quick response will be highly admire.
    regards
    movi

  2. Hi,

    We are setting Note 10,000 Note users to migrate to Exch2013 hosted using Quest. I am wondering that Quest cannot migrate data directly to exchange (hosted) because when objects created with Quest they are not supported by default.

    How we go about migrate from 3rd party to exchange hosted ?

    thank you in advance

    sanong

    • If you are planning for hosted exchange. Service providers will have integration with hosted exchange and migration tools.
      So its going to work with ease . As Services providers control panel can understand migration tools.

  3. Hello,

    Thanks for the post. We have multiple smtp domains, do i need to add autodiscover cname record for each smtp domain on external dns ?

    • You should check for SRV method or Autodiscoverredirect method.
      Autodiscover redirect method is recommended . but it requires an additional public IP.

      search Autodiscoverredirect in website. you can see the Multi-tenant article.

      Thank you.

  4. i am facing a problem of SMTP eror in our exchange server 2013,i am not receiving mails from other mails(gmail,hotmail……) what i do plz tell me the solution i am wating

    • Things to check
      Specific MX properly.
      Port 25 should be open.
      Accepted domain is added.
      Free space in the mailbox with proper email address

  5. Hi Manoharan,

    I’m trying to follow the configuration of an exchange server that I implemented at home.
    -I Do not have a public IP, I lean on a service Dynamc dns, for ex: home.ns0.net and it is updated with my dynamic ip.

    -I Have been a public DNS name exchangehome01.net on a service provider so I can link the Dynamic DNS service to the public records that I will create.

    When you say:
    Create A record – Mail.CareExchange.in
    and point to the Exchange 2013 Server

    in my case Exchange Server is over the dynamicdns service home.ns0.net so I cant’ create a Record A that point on Exchange Server because the record A support only Ip Address, I have to link the record A to the name home.ns0.net which is the DynDns service.

    Is there a solution for that, and after this first configuration how can I proceed?

  6. First of all very thankful to you for posting the above information.

    I have setup exchange server 2013((xyz.local) in my local internal server ip 192.168.1.10 and i want access exchange server externally with “xyz.com”.

    Can you please let me know the procedure for where can i add my external domain xyz.com in exchange server and which records i need to create in public DNS server and how to map to local internal exchange server..

    I am writing the step wise procedure to configure the external dns setup if u find any mistake please rectify it 
    my public DNS is http://www.xyz.com registred by godaddy.com and have static ip from ISP as 182.76.93.1

    1} I need to port forward the below ports from static ip 182.76.93.1 to my local exchange server local ip 192.168.1.10 

    Ports for HTTPS – 443

    Port for Mail flow – 25

    POP3 – port 110

    IMAP – port 143

    SMTP – port 25

    HTTP – port 80

    Secure SMTP (SSMTP) – port 465

    Secure IMAP (IMAP4-SSL) – port 585

    IMAP4 over SSL (IMAPS) – port 993

    Secure POP3 (SSL-POP) – port 995

    2) To access the godaddy.com controal pane and create a host A record http://www.xyz.com.com and associate the static ip 182.76.93.1 to it.

    3) then i create a MX record mail.xyz.com associate it with A record.

    4) For outlook anywhere i create a A host record owa.xyz.com 182.76.93.1.
     

    This step is ok for external dns setup or anything else is needed.or do i need create DNS records in my local DNS server xyz.local.

  7. Hi Satheshwaran,
    I wonder if you would help me. My internal domain is named Wynbergallen.org. (Not local :()
    I have installed exchange 2013 on a server called mailserver. Outgoing mail works fine.
    I want to direct mail To the exchange server using one of our external domain names, also called Wynbergallen.org. Mailserver has a static external ip.
    Can this setup work and if yes, what mx entries , A host records etc need to be configured??
    I’m lost and have no idea whatsoever now.

    • Create a A record called — Mail.Wynbergallen.org pointing to your public IP
      Now point your MX to Mail.Wynbergallen.org with Lesser priority(Lesser takes precedence.)

  8. Hi
    I implemented Exch Svr 2013, and everything was well configured, and I ve got a public IP of which I have added as an A record to our Corp Web Svr Cpanel DNS, the MX entry was correctly set and mails are dropping in.

    but my problem is that we can not connect to the server with a client (mobile or PC) outside our domain ie (office network) using outlook or any other mail client software. once outlook tries to connect, it keep showing username and password errror.

    Pls what can I do?

  9. any idea what software to install for best anti spam and antivirus on the exchange 2013 server. i don’t want a cloud solution. i just want a software i can install on the server to scan for spam and viruses locally to go very quick and to keep all the mail to my own server

  10. Hi,

    On my Exchange Server 2013 I can send and receive internally. However, when I send externally, it is sent from the mail (even under the sent folder) but the end user doesn’t receive it. I have also tried to send from my personal gmail account to the mailbox but I get a bounce back. So, internally everything is fine, whereas externally I am having problems. I NEED YOUR HELP PLEASE!

    THANKS IN ADVANCE

    • Check you have a valid send connector (Dropping to internet or a Smart host). Make sure your Port 25 works from External world. Make sure MX is configured properly.

  11. Hi Satheshwaran Manoharan,

    I have on-primise Exchange 2013 server with DAG configured with two copies. Inbound mails which flow through email security. I have firewall TP LInk and two ISPs one is comcast and other one is AT&T. Now the problem is I want to have Hight availability on ISP, like one ISP goes down other must take over and we must recieve and send mails.

    Naveen

    • Have 4 Mx . 2 on each ISP. same priority , Round robin,

      You have to use solutions like F5 GTM . and point Name servers to this to achieve the same. (disadvantage of this is Solutions like anti-spam may not work properly as all source emails will be from f5 ip.

  12. Hi Expert

    I have on-primise Exchange 2013 server with DAG configured with two copies. Inbound mails which flow through email security. I have firewall TP LInk and two ISPs one is comcast and other one is AT&T. Now the problem is I want to have Hight availability on ISP, like one ISP goes down other must take over and we must recieve and send mails.

    Naveen

  13. Hi

    I added accepted domain on my exchange control panel “ecp”
    I want to know how to configure the new accepted domain in public DNS server. what records I have to add.

    I have a problem that when someone send email to the newly added domain, he get error message says no such a user or user unknown

  14. Hi

    I added accepted domain on my exchange control panel “ecp”
    I want to know how to configure the new accepted domain in public DNS server. what records I have to add.

    I have a problem that when someone send email to the newly added domain, he get error message says no such a user or user unknown

  15. Hi Satheshwaran Manoharan,

    My queston is far from this topic, but it is related to exchange server 2010 or 2013. Since I am a be ginner, i would like to ask on how to purchase license of exchange server. Is it the license per device or per user of exchange server? What is the difference of both licenses?

  16. Hi Satheshwaran Manohram,

    I have configured new exchange server 2016 in my organization.
    My question is that which types of record will have to create on godady public DNS lets suppose my domain name is veltestdc.in and external Public IP address is 185.154.3.109.
    its need to be create record for the smtp,IMAP and POP separately?

    Your valuable reply on above will be greatly appreciated.

    • MX and A record will take care everything.
      for POP if you want to use as Pop.careexchange.in then you need to create a A record seperately.
      to simplify you can use mail.careexchange.in for everything . which simplify your life.has pop imap not used much nowadays.

      • Many Thanks or your valuable response.

        Can we use Self sign certificate for OWA,Outlook anywhere and auto discover/active sync?

        • Yes. But Makes life very hard.
          External SSL makes life a lot easier.
          Getting the cert assigning on each device not a easy task at all.

  17. Good evening, I would be grateful if you could me out. I just set up exchange server 2013 CU15. The configuration is below:

    Mailbox and Client Access on same server: 10.0.0.20
    Edge Server : 10.0.0.14

    Edge transfer already synchronized with the client access/mailbox server successfully.

    I still find it difficult to send mail outside. Do I still need a create a SEND Connector despite the fact that there is an Edge Synchronization (which has already create two send connectors on the client access/mailbox server.

    Also how do I setup Public and Internal DNS Records?

    Thanks

    • On a subscribed Edge Transport server, the default Receive connector is configured to listen for connections from internal Mailbox servers in the subscribed Active Directory site and anonymous connections from the Internet. After the message is categorized by the Transport service on the Edge Transport server, the message is queued locally for delivery to the Internet by using the dedicated Send connector that’s created during the Edge Subscription.

      https://technet.microsoft.com/en-us/library/aa998825(v=exchg.150).aspx

      Edge Subscriptions should be sufficient.

      • Hi,

        We have two cas server and two mailbox server. we have two ISP in our data center. The exchange service published through one ISP. (both the ISPs configured in our domain PTR records). we need to use another ISP as a backup link (two MX records) for mail send and receive. Is it possible? if yes plz share the details.

  18. Thank you for the insightful article. We are changing the domain name due to a rebrand. running exchange 2013 and AD 2008. Any tips to go with

    • Accepted Domain
      Email Address Policies.
      Mailboxes which are not applied with Email Address Policies.

      Autodiscover Record in the certificate.

      This is what i can think of.

  19. Hai,
    I am a beginner to exchange, I have a doubt regarding sending mails to external. In created a free domain and hosted that domain. Now advice me on where I should create the DNS files either on exchange server or in the place where I hosted my domain. And how to point it to my exchange server… Expecting your support. Thanks

    • Hai Everybody,
      My doubt is regarding DNS records, for example I configured a exchange server and bought a domain and published it. Now query is regarding on how to point my server to external domain. For this purpose did I need to configure edge transport.

  20. Definitely believe that which you stated. Your favorite reason appeared to be on the web the
    simplest thing to be aware of. I say to you, I certainly get
    irked while people consider worries that they
    just don’t know about. You managed to hit the nail upon the top and also defined out the
    whole thing without having side-effects , people could take a signal.
    Will likely be back to get more. Thanks

  21. Hi,

    I am hoping you can help me out with this scenario. I have Server 2012 R2 on my host PC. The Server is a Domain Controller with “domain name.local”. I recently installed Exchange 2013 and after installation “https://server_name.domain _name/ecp” will default to OWA, and all login fails with either error 500 or invalid username or password.

    “https://server_name/ecp have the same result.

    1. How can I gain access to ECP
    2. Can a .local domain work with Exchange Server ?

    Thanks.

  22. Our exchange server is hosted in different domain and we would like our internal clients to access it or get their outlook clients connected through the public DNS, the problem is we can only resolve to the internal exchange server not to the public IP so my question is how i can point my DNS server to resolve the external exchange sever to the public DNS, another point, if I put my primary forwarder on the DNS server to the public google DNS, i can resolve the external exchange server to the public DNS. But I can’t reolve it if I return it my forwarders to the internal DNS severs IPs. Please guide me on how to fix this issue.

  23. Our domain name is : a.b.c.com
    exchange server name: mail.g.c.com

    Our exchange is hosted in our parent domain, out of our internal network.

    in our child domain we have an internal DNS which is where i want to create a pointer or record for the Public IP of the exchange sever.

    In our DNS Sever we don’t have a forwarder to our exchange domain but it’s coming to us as an integrated AD forwarder from parent so when i want to create an a record , it will craete it attached to the inetranl domain name : mail.g.c.com.a.b.c.com but i want to create a record like this only mail.g.c.com

    How I can do that?

  24. dear bro,

    I’m using Microsoft Exchange 2013. When I sent to other Email address (eg;gmail,Hotmail). my email always going to spam box. how can I do? Thanks for you help 🙂

  25. I’m trying to create a lab with 4 dag members, i have godaddy. I have configured external URL’s and virtual directories on the exchange servers… what do I need to do at the registrar? When I do MX lookup on my domain it doesn’t see the IP address of the A Record

  26. Dear Sir,

    we have a problem in exchange server 2013 i have register domain name & configure DNS MX record mail come from outside
    but not send in outside like gmail

  27. Hi Satheshwaran,

    I see the above article is very much helpful in setting up exchange org.
    I have done complete setup as best practices given above. I have Public DNS hosted in Bigrock.in.
    In my lab setup.. incoming and outgoing mail flow is working within exchange org and also to and fro external mail domain like gmail, yahoo etc…
    I am using DDNS noip.org which is taking care of my dynamic public IP.
    The only problem I see is .. I am not able to access OWA link https://mail.xyz.com/owa from internet but works in intranet. I do have SSL third party certificate with mail.xyz.com and autodiscover.xyz.com SAN entries installed on exchange 2016 server for IIS,SMTP,POP,IMAP services.
    Appreciate you help on this with what configuration I am missing .

  28. Hi Satheshwaran,

    I see the above article is very much helpful in setting up exchange org.
    I have done complete setup as best practices given above. I have Public DNS hosted in Bigrock.in.
    In my lab setup.. incoming and outgoing mail flow is working within exchange org and also to and fro external mail domain like gmail, yahoo etc…
    I am using DDNS noip.org which is taking care of my dynamic public IP.
    The only problem I see is .. I am not able to access OWA link https://mail.xyz.com/owa from internet but works in intranet. I do have SSL third party certificate with mail.xyz.com and autodiscover.xyz.com SAN entries installed on exchange 2016 server for IIS,SMTP,POP,IMAP services.
    Appreciate you help on this with what configuration I am missing .

  29. Dear satheshwaran,

    I installed exchange 2013 and configured well. I can access OWA and mobile outlook, but desktop outlook client with 2013, 2016 always prompted enter user name and password ( credentials). Even I checked and clear credentials manager from the system.

    Will you advise what will be the most possibility to resolve this issue..

LEAVE A REPLY

Please enter your comment!
Please enter your name here

× How can I help you?