Untangle Forums - View Single Post

napoleon41 · 08-11-2009, 07:15 PM

Say that your PUBLIC domain name is company.com, and your private is company.local

Some mail servers respond only to the fully qualified domain name (faqn) that the outside world uses (public).

i.e. it may or may not work to send or receive mail using the "mail.company.local" address or the inside IP address in outlook. Your mail server is setup to function as the public domain, not the private.

To fix this issue, best practice is to go to your INTERNAL DNS servers (MS Server 2003 and 2008 can do this as well as some gateway routers if you don't yet have internal servers) and setup the company.com domain.

Create the zone (AD integrated is what most people with a microsoft environment use) and add an A record, and also MX record for your mail server (presumably mail.company.com) using the INSIDE IP ADDRESS.

Now, from one of your work stations, ping your mail servers OUTSIDE FQDN (i.e. mail.company.com). It should resolve to the private address (192.168.x.x, 172.16-32.x.x, 10.x.x.x), not the public address.

Try to telnet [fqdn] 25 from a client using your public, and you should get a response from the mail server assuming that the DNS is setup.

If you have the mail server in the DMZ, make sure that there are appropriate rule for all necessary traffic to pass (port 25, 143_imap, etc. . . )

08-11-2009, 07:15 PM	#10 (permalink)
napoleon41 Untangler Join Date: Sep 2007 URLs submitted: 23 Posts: 70	Say that your PUBLIC domain name is company.com, and your private is company.local Some mail servers respond only to the fully qualified domain name (faqn) that the outside world uses (public). i.e. it may or may not work to send or receive mail using the "mail.company.local" address or the inside IP address in outlook. Your mail server is setup to function as the public domain, not the private. To fix this issue, best practice is to go to your INTERNAL DNS servers (MS Server 2003 and 2008 can do this as well as some gateway routers if you don't yet have internal servers) and setup the company.com domain. Create the zone (AD integrated is what most people with a microsoft environment use) and add an A record, and also MX record for your mail server (presumably mail.company.com) using the INSIDE IP ADDRESS. Now, from one of your work stations, ping your mail servers OUTSIDE FQDN (i.e. mail.company.com). It should resolve to the private address (192.168.x.x, 172.16-32.x.x, 10.x.x.x), not the public address. Try to telnet [fqdn] 25 from a client using your public, and you should get a response from the mail server assuming that the DNS is setup. If you have the mail server in the DMZ, make sure that there are appropriate rule for all necessary traffic to pass (port 25, 143_imap, etc. . . )