In this post I will be going over several things to do before taking an Exchange 2007 server and making it live. The main items I will be covering are DNS, Ports and testing email flow. I will also make a check list for you to go over before going live with exchange 2007 server.
Items that will be covered:
- Checking DNS
- Checking Listening ports
- Testing email flow
You should have MX, A, and PTR records set on the Public DNS server. I will now cover the roles of each of those records.
This are also called “Host Records”. These records are the bread and butter of DNS. For example. When you type Google.com your DNS request would be sent out on the internet most likely to your ISP. Your ISP would look up the domain “Google.com” and reply back to you an IP4 address. This address is what your machine will now use to find the actual address of Google.com! A Records will only / Always point to an IP Address. A lot of online providers use “@” symbol for “all requests for ”
These bad boys are the “Mail eXchange” records. They allows you to specify an alternative IP address for your mail server. MX records can point to IP Addresses or they can point to A Records. Most people have MX records that point them to A records.
These are reverse lookup records. If you don’t have this setup for your domain good luck successfully sending emails. The reason for this is many spam filter require you to have a reverse lookup to verify that the email’s origins match the domain that is sending the email. By using nslookup <IP Address> you will get the A Host record.
** For a great ”how to use nslookup” article go here **
Checking Listening Ports
You will most likely have a firewall in front of the mail server as well as on the mail server itself. There are several things you will need to do with the ports:
- The NAT firewall should have port 25 open. That Port should be passed through to the Exchange server by using the IP of the server. (inbound and outbound)
- Firewall on Exchange server should be open and listening for communication on port 25. (inbound and outbound).
- Make sure that your ISP has given you the ability to run port 25. To prevent spam, it is becoming common for ISP’s to block port 25 unless you ask them.
You can check to see if you have access to port 25 by using telnet and trying to log onto a mail server.
** For a great “how to troubleshoot email using telnet” article go here **
Authorizated domains need to be configured
Email address policy needs to be configured.