Messaging
cancel
Showing results for 
Search instead for 
Did you mean: 

External DNS and email server

SOLVED
Go to solution
Kathleen
Regular Advisor

External DNS and email server

What setup would need to be done to be able to receive email from the outside
if we took the setup for being the external DNS off the current email server? The DNS and the email server
are on one server currenty (and through our firewall). We want to setup another
server be on the outside of our network as our external DNS. We want to bring
the email server on the inside of our network. I am assuming there would need
to be some special config or setup on either the email server or the DNS for
the new setup to work to get outside email either in our out.....
8 REPLIES
Paul Sperry
Honored Contributor

Re: External DNS and email server

On the email server the file
/etc/resolve.conf would need the following:

domain yourdomain
nameserver IP of new DNS server
Kathleen
Regular Advisor

Re: External DNS and email server

That's it???
Ok....would we need to keep the dns server name the same as what it currently is for this to work? How would external mail coming into us know how to be routed?
Bill Douglass
Esteemed Contributor
Solution

Re: External DNS and email server

Your name server should have an MX record for your domain that points to your e-mail server. This is what tells other mail servers how to find the e-mail server for your domain. As long as this does not change, you should be OK.

Keep in mind that upstream DNS servers need to be aware that the IP address of your DNS server is changing. Until they receive this info, DNS queries for your domain will fail.
Kevin Wright
Honored Contributor

Re: External DNS and email server

Your DNS zone needs to point your mail record (MX) to your email server's IP address. You will most likely be changing the email server's IP, so you must update you external DNS zone file to reflect the change.
Steven E. Protter
Exalted Contributor

Re: External DNS and email server

I'm posting a properly configured dns record for a domain I run that accepts mail.

To accept mail, the server merely needs to have a proper DNS record and the sendmail daemon running.

As far as sendmail goes you need to configure it to accept mail. I do it in the sendmail.mc record.

Here is the information....

DNS record for investmenttool.com

[root@jerusalem named]# more investmenttool.com.zone

$TTL 86400
@ IN SOA @ investmenttool.com (
4 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttl
)


@ IN NS dns1.investmenttool.com.
@ IN NS dns2.investmenttool.com.
@ IN MX 10 investmenttool.com. ; primary mail exchanger

@ A 66.92.143.194
www A 66.92.143.194
news A 66.92.143.194
shell A 66.92.143.194
smtp A 66.92.143.194
dns1 A 66.92.143.194
dns2 A 66.92.143.194
quote A 66.92.143.194

jerusalem CNAME investmenttool.com.
localhost CNAME investmenttool.com.
ftp CNAME investmenttool.com.
mail CNAME investmenttool.com.


Pay attention to the mx record that is the key thing you need on the external DNS server. The external dns server needs to be on the Internet though it can be behind a firewall so long as the firewall passses all data on port53 to the DNS server.

Now the sendmail.mc record.

You need the following line in the file.

DAEMON_OPTIONS(`Port=smtp,Addr=66.92.143.194, Name=MTA')


This enables the sendmail deamon to accept mail for the domain, again I'm using real IP addresses here so no cutting and pasting. If you don't have this built into your sendmail.cf file mail will be rejected.

Lastly a script to generate and correct sendmail.cf

That is attached.

This script stops and starts the sendmail deamon and needs to be run as root.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Steven E. Protter
Exalted Contributor

Re: External DNS and email server

I made a mistake. Several actually.

The buildmail file is from Linux, it will require adaptation to work in hpux. I have a modified version, its at work. It can also be found in this post.

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x3526b941255cd71190080090279cd0f9,00.html

I also didn't give accurate locations for the sendmail.cf file for HP-UX. I thought I was in a Linux forum.

Sorry.

Hopefully one of these answers will help and be worth a point or two.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Kathleen
Regular Advisor

Re: External DNS and email server

But if we change and only have an internal IP address for our email server....are the things you are staying still all we need to do to get this working?
Steven E. Protter
Exalted Contributor

Re: External DNS and email server

To sum things up, there are a few ideas to think about.

1) You want your email server to be able to resovle DNS on inbound mail via /etc/resolv.conf

Why? Because standard anti-spam configuration will reject mail from mail servers that can't be resolved. That can cut down a lot on spam.

2) If your server is exposed to the Internet, has an external IP address and your DNS server has an MX record that points to that same external IP address, and sendmail daemon is running, you'll accept inbound mail. Check my earlier posted config files for what you need to do to sendmail.mc to actually accept the mail.

3) If you are forwarding all mail from a firewall to your server, its even easier. When you change the IP address of the inbound mail server, change the forward on the firewall.

4) To use this server to SEND outbound mail, it has to have DNS resolution. When sending mail the sendmail daemon(smtp) looks up the mx record for the portion of the address after the @ sign. Then it knows what server to try and talk to.

SEP

Points anyone?
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com