Running Windwos Server 2003 with active directory and inegrated DNS.

Recently I had some problems with email returning because I had no reverse
DNS entry.

I found out that I had to ask my hoster to create a records on their DNS.
(the server is in a datacentre)
The created the reverse DNS entry

When checking on on dnstuff.com I still get an error:

There is no A record for server.xxx.info.

My guess is that my DNS only replies for the internal server.xxx.local
domain.

So the question is how do I create this A record and where. (for my external
domain name)

Thanks in advance.

Bastiaan Houtkooper NSC

Bastiaan Houtkooper wrote:
> Running Windwos Server 2003 with active directory and inegrated DNS.
>
> Recently I had some problems with email returning because I had no
> reverse DNS entry.
>
> I found out that I had to ask my hoster to create a records on their
> DNS. (the server is in a datacentre)
> The created the reverse DNS entry
>
> When checking on on dnstuff.com I still get an error:
>
> There is no A record for server.xxx.info.
>
> My guess is that my DNS only replies for the internal server.xxx.local
> domain.
>
> So the question is how do I create this A record and where. (for my
> external domain name)

It goes in the zone for your public domain name that is held at the
authoritative Public DNS servers for your domain.

This may have nothing to do with your local DNS if it isn't the public
authoritative DNS for your public domain.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Hi Kevin,

Thanks for your reply. I bit cryptic but yes I think I understand :-)

What I have now is my domain registered on someone else DNS servers pointing
to my windows Server¹s IP. On that server (freeBSD) are A, Cname, MX etc
records all pointing to my server IP.
As mentioned that server is in a DataCentre where I use the COLO ISP DNS
servers as forwarders.
I also run my DNS on the Windows machine but it does not update outside the
security zone. (default settings)

When I run http://www.dnsstuff.com/tools/ptr.ch?ip=85.12.17.104 it still
gives an error.

I am a bit puzzled where to add the right records and if there is a better
way to configure the whole thing.
Everything is working fine, but I want to get it as good as possible.

Thanks for your time and quick replies.

Bastiaan


On 07-09-2006 22:37, in article efA4x1r0GHA.4392@TK2MSFTNGP04.phx.gbl,
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>> > Running Windwos Server 2003 with active directory and inegrated DNS.
>> >
>> > Recently I had some problems with email returning because I had no
>> > reverse DNS entry.
>> >
>> > I found out that I had to ask my hoster to create a records on their
>> > DNS. (the server is in a datacentre)
>> > The created the reverse DNS entry
>> >
>> > When checking on on dnstuff.com I still get an error:
>> >
>> > There is no A record for server.xxx.info.
>> >
>> > My guess is that my DNS only replies for the internal server.xxx.local
>> > domain.
>> >
>> > So the question is how do I create this A record and where. (for my
>> > external domain name)
>
> It goes in the zone for your public domain name that is held at the
> authoritative Public DNS servers for your domain.
>
> This may have nothing to do with your local DNS if it isn't the public
> authoritative DNS for your public domain.

Bastiaan Houtkooper wrote:
> Hi Kevin,
>
> Thanks for your reply. I bit cryptic but yes I think I understand :-)
>
> What I have now is my domain registered on someone else DNS servers
> pointing to my windows Server¹s IP. On that server (freeBSD) are A,
> Cname, MX etc records all pointing to my server IP.
> As mentioned that server is in a DataCentre where I use the COLO ISP
> DNS servers as forwarders.
> I also run my DNS on the Windows machine but it does not update
> outside the security zone. (default settings)
>
> When I run http://www.dnsstuff.com/tools/ptr.ch?ip=85.12.17.104 it
> still gives an error.
>
> I am a bit puzzled where to add the right records and if there is a
> better way to configure the whole thing.
> Everything is working fine, but I want to get it as good as possible.
>
> Thanks for your time and quick replies.

You have several problems that need to be corrected.

The PTR is in place for the IP and says server.zebrafilm.info, which is OK,
BUT, server.zebrafilm.info is a CNAME.
QUESTION SECTION:
server.zebrafilm.info. IN ANY

ANSWER SECTION:
server.zebrafilm.info. 14280 IN CNAME
zebrafilm.info.zebrafilm.info.

Which also does not have an A record, but, it does have an MX record which
makes no sense whatsoever.
QUESTION SECTION:
zebrafilm.info.zebrafilm.info. IN ANY

ANSWER SECTION:
zebrafilm.info.zebrafilm.info. 12814 IN MX 10
85.12.17.104.zebrafilm.info.

Another problem is your mail server HELO name.
zebrafilm.info claims to be non-existent host server.ZebraFilm.local:
220 server.ZebraFilm.local Microsoft ESMTP MAIL Service, Version:
6.0.3790.1830 ready


What you need to do is not so hard to fix.

1) Delete the CNAME server.zebrafilm.info
2) Create an A record for server.zebrafilm.info with IP 85.12.17.104, do
this because the PTR already exists for that name.
3) Assuming this is Exchange, using System manager expand down to the SMTP
virtual server. Right click on the SMTP virtual server, choose properties,
select the Delivery tab, click the Advanced button, In the Fully-qualified
domain name field change server.zebrafilm.local to server.zebrafilm.info.

This must be done on these two servers, not on you local DNS, unless these
two are your local DNS.
ns3.phpbb3.nl. [213.189.9.32]
ns2.phpbb3.nl. [213.189.9.27]



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Dear Kevin, thank you for your advice:

Just to make it more clear:

Domain registered at Enom, pointing to name servers:

ns3.phpbb3.nl. [213.189.9.32]
ns2.phpbb3.nl. [213.189.9.27]

Both on a FreeBSD Unix box. No exchange there.

Everything there points to my Win2k3 server running exchange @ 85.12.17.104
This machine has AD + DNS enabled. I use the NS of the Data Centre to
forward DNS requests and there they created the PTR for 85.12.17.104/
zebrafilm.info domain.

Your points:


1.Delete the CNAME server.zebrafilm.info

Done on the ns3 and ns2.(freebsd systems


2) Create an A record for server.zebrafilm.info with IP 85.12.17.104,

Done again on the FreeBSD name servers.


3) Assuming this is Exchange, using System manager expand down to the SMTP
virtual server. Right click on the SMTP virtual server, choose properties,
select the Delivery tab, click the Advanced button, In the Fully-qualified
domain name field change server.zebrafilm.local to server.zebrafilm.info.
This must be done on these two servers, not on you local DNS, unless these
> two are your local DNS.
> ns3.phpbb3.nl. [213.189.9.32]
ns2.phpbb3.nl. [213.189.9.27]

Here I run into trouble because the first two NS are FreeBSD and you state
not to do it on the local Exchange machine.
Before I make errors there, could you confirm I should not change it on my
main Exchange machine.

The first two changes give a missing A record now in the DNS lookup.

So far the the first part.

MX error:

On the FreeBSD NS machines there are two entries for MX
One is pointing to the IP
One is pointing to the domain name.
I guess the last one should be removed?




On 08-09-2006 16:48, in article ura6LX10GHA.324@TK2MSFTNGP05.phx.gbl, "Kevin
D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>> > Hi Kevin,
>> >
>> > Thanks for your reply. I bit cryptic but yes I think I understand :-)
>> >
>> > What I have now is my domain registered on someone else DNS servers
>> > pointing to my windows Server¹s IP. On that server (freeBSD) are A,
>> > Cname, MX etc records all pointing to my server IP.
>> > As mentioned that server is in a DataCentre where I use the COLO ISP
>> > DNS servers as forwarders.
>> > I also run my DNS on the Windows machine but it does not update
>> > outside the security zone. (default settings)
>> >
>> > When I run http://www.dnsstuff.com/tools/ptr.ch?ip=85.12.17.104 it
>> > still gives an error.
>> >
>> > I am a bit puzzled where to add the right records and if there is a
>> > better way to configure the whole thing.
>> > Everything is working fine, but I want to get it as good as possible.
>> >
>> > Thanks for your time and quick replies.
>
> You have several problems that need to be corrected.
>
> The PTR is in place for the IP and says server.zebrafilm.info, which is OK,
> BUT, server.zebrafilm.info is a CNAME.
> QUESTION SECTION:
> server.zebrafilm.info. IN ANY
>
> ANSWER SECTION:
> server.zebrafilm.info. 14280 IN CNAME
> zebrafilm.info.zebrafilm.info.
>
> Which also does not have an A record, but, it does have an MX record which
> makes no sense whatsoever.
> QUESTION SECTION:
> zebrafilm.info.zebrafilm.info. IN ANY
>
> ANSWER SECTION:
> zebrafilm.info.zebrafilm.info. 12814 IN MX 10
> 85.12.17.104.zebrafilm.info.
>
> Another problem is your mail server HELO name.
> zebrafilm.info claims to be non-existent host server.ZebraFilm.local:
> 220 server.ZebraFilm.local Microsoft ESMTP MAIL Service, Version:
> 6.0.3790.1830 ready
>
>
> What you need to do is not so hard to fix.
>
> 1) Delete the CNAME server.zebrafilm.info
> 2) Create an A record for server.zebrafilm.info with IP 85.12.17.104, do
> this because the PTR already exists for that name.
> 3) Assuming this is Exchange, using System manager expand down to the SMTP
> virtual server. Right click on the SMTP virtual server, choose properties,
> select the Delivery tab, click the Advanced button, In the Fully-qualified
> domain name field change server.zebrafilm.local to server.zebrafilm.info.
>
> This must be done on these two servers, not on you local DNS, unless these
> two are your local DNS.
> ns3.phpbb3.nl. [213.189.9.32]
> ns2.phpbb3.nl. [213.189.9.27]
>
>

Bastiaan Houtkooper wrote:

> On the FreeBSD NS machines there are two entries for MX
> One is pointing to the IP
> One is pointing to the domain name.
> I guess the last one should be removed?

This is the only MX record that counts:
(It is the one that is published to the internet)
QUESTION SECTION:
zebrafilm.info. IN MX

ANSWER SECTION:
zebrafilm.info. 14400 IN MX 0 zebrafilm.info.

ADDITIONAL SECTION:
zebrafilm.info. 14400 IN A 85.12.17.104


But, it has a problem, it says the SMTP server's name is "zebrafilm.info"
Look very closely at this because this is what the MX record should say:
zebrafilm.info. 14400 IN MX 0 server.zebrafilm.info.

All other MX records can/should be deleted except the above.


Also, fix the mail server's host name on the SMTP virtual server as I noted
before, it still says its name is "server.ZebraFilm.local"
It must say its name is "server.zebrafilm.info"

Look at this DNS report, fix the things you can, obviously some of these
things are out of your control. You can add an SPF record, but I doubt if
you can do anything about the open name servers, glue at the parent servers,
or the name servers being on the same network.
http://www.dnsreport.com/tools/dnsre...zebrafilm.info

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Dear Kevin,

The reason I did not change the delivery settings was because you mentioned
not to do it on the local server in an earlier post.

But I did as you said. MX record fixed
Changed the delivery tab in Exchange

Made an A record on the FreeBSD name server and found out that if I created
a new forward zone (zebrafilm.info) on my Windows server I could add an A
record for server.zebrafilm.info
Good news is that dnsreports.com is more or less reporting OK and so does
reverseDNS checking after I added the new forward zone with A record.
The bad news is that I cant receive emails anymore so there must be a
missing link....

Yes it ed and I am getting some understanding of the Windows DNS setup
but it would be great to be able to receive emails too with all the new
shiny settings :-) ......

Reg. Bastiaan



On 10-09-2006 19:09, in article uRO8lvP1GHA.4796@TK2MSFTNGP03.phx.gbl,
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>
>> > On the FreeBSD NS machines there are two entries for MX
>> > One is pointing to the IP
>> > One is pointing to the domain name.
>> > I guess the last one should be removed?
>
> This is the only MX record that counts:
> (It is the one that is published to the internet)
> QUESTION SECTION:
> zebrafilm.info. IN MX
>
> ANSWER SECTION:
> zebrafilm.info. 14400 IN MX 0 zebrafilm.info.
>
> ADDITIONAL SECTION:
> zebrafilm.info. 14400 IN A 85.12.17.104
>
>
> But, it has a problem, it says the SMTP server's name is "zebrafilm.info"
> Look very closely at this because this is what the MX record should say:
> zebrafilm.info. 14400 IN MX 0 server.zebrafilm.info.
>
> All other MX records can/should be deleted except the above.
>
>
> Also, fix the mail server's host name on the SMTP virtual server as I noted
> before, it still says its name is "server.ZebraFilm.local"
> It must say its name is "server.zebrafilm.info"
>
> Look at this DNS report, fix the things you can, obviously some of these
> things are out of your control. You can add an SPF record, but I doubt if
> you can do anything about the open name servers, glue at the parent servers,
> or the name servers being on the same network.
> http://www.dnsreport.com/tools/dnsre...zebrafilm.info

Short update searching for a possible cause:

I can see the messages arriving on the server but the NDR says unrouteable
mail domain "zebafilm.info"
They pass my GFI mail monitor but never arrive @ SMTP server in the cue.
I see also no message after the time of changing in the IMF logs.

All domain names are in the reciepients settings and have always worked.

Bastiaan


On 10-09-2006 23:40, in article C12A52DF.2BF2%bastiaan@zebrafilm.com,
"Bastiaan Houtkooper" <bastiaan@zebrafilm.com> wrote:

>
> Dear Kevin,
>
> The reason I did not change the delivery settings was because you mentioned
> not to do it on the local server in an earlier post.
>
> But I did as you said. MX record fixed
> Changed the delivery tab in Exchange
>
> Made an A record on the FreeBSD name server and found out that if I created a
> new forward zone (zebrafilm.info) on my Windows server I could add an A record
> for server.zebrafilm.info
> Good news is that dnsreports.com is more or less reporting OK and so does
> reverseDNS checking after I added the new forward zone with A record.
> The bad news is that I cant receive emails anymore so there must be a missing
> link....
>
> Yes it ed and I am getting some understanding of the Windows DNS setup but
> it would be great to be able to receive emails too with all the new shiny
> settings :-) ......
>
> Reg. Bastiaan
>
>
>
> On 10-09-2006 19:09, in article uRO8lvP1GHA.4796@TK2MSFTNGP03.phx.gbl, "Kevin
> D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:
>
>> Bastiaan Houtkooper wrote:
>>
>>> > On the FreeBSD NS machines there are two entries for MX
>>> > One is pointing to the IP
>>> > One is pointing to the domain name.
>>> > I guess the last one should be removed?
>>
>> This is the only MX record that counts:
>> (It is the one that is published to the internet)
>> QUESTION SECTION:
>> zebrafilm.info. IN MX
>>
>> ANSWER SECTION:
>> zebrafilm.info. 14400 IN MX 0 zebrafilm.info.
>>
>> ADDITIONAL SECTION:
>> zebrafilm.info. 14400 IN A 85.12.17.104
>>
>>
>> But, it has a problem, it says the SMTP server's name is "zebrafilm.info"
>> Look very closely at this because this is what the MX record should say:
>> zebrafilm.info. 14400 IN MX 0 server.zebrafilm.info.
>>
>> All other MX records can/should be deleted except the above.
>>
>>
>> Also, fix the mail server's host name on the SMTP virtual server as I noted
>> before, it still says its name is "server.ZebraFilm.local"
>> It must say its name is "server.zebrafilm.info"
>>
>> Look at this DNS report, fix the things you can, obviously some of these
>> things are out of your control. You can add an SPF record, but I doubt if
>> you can do anything about the open name servers, glue at the parent servers,
>> or the name servers being on the same network.
>> http://www.dnsreport.com/tools/dnsre...zebrafilm.info
>
>

Bastiaan Houtkooper wrote:
> Dear Kevin,
>
> The reason I did not change the delivery settings was because you
> mentioned not to do it on the local server in an earlier post.
>
> But I did as you said. MX record fixed
> Changed the delivery tab in Exchange
>
> Made an A record on the FreeBSD name server and found out that if I
> created
> a new forward zone (zebrafilm.info) on my Windows server I could add
> an A record for server.zebrafilm.info
> Good news is that dnsreports.com is more or less reporting OK and so
> does reverseDNS checking after I added the new forward zone with A
> record.
> The bad news is that I cant receive emails anymore so there must be a
> missing link....

An A record is an Address record, a CNAME is an Alias.

When you created server.zebrafilm.info, you made it a CNAME record, it must
be an A record. That is a major error, you cannot use a CNAME in an MX
record.
Did you see this:
WARNING: One or more of your MX records points to a CNAME. CNAMEs are
prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4,
and RFC2181 10.3. The problem MX record(s) are:
server.zebrafilm.info.->85.12.17.104.zebrafilm.info.->Unknown [No A]

And this:
ERROR: I could not complete a connection to any of your mailservers!

server.zebrafilm.info: Could not connect without glue or A record.




--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Caught in my experiments ....

I had it as an A record but since nothing worked I changed A to Cname and
went to bed.
But even with setting it back to A record I keep the same problem.

If I run http://www.dnsreport.com/tools/dnsre...zebrafilm.info
There are no errors related to email.

Their email test also passes.

I am not sure which tests you run but you seem to get more details.
Any test I run, says it can reach the mail server.

But mail bounces back reporting about ³The recipient cannot be verified²

All my domain names are in the recipients settings.

When I do a telnet test to the SMTP server the mail suddenly gets through.
Locally as well as remote.(telnet zebrafilm.info 25)

I am lost.....







On 11-09-2006 00:57, in article uyxqCyS1GHA.4452@TK2MSFTNGP02.phx.gbl,
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>> > Dear Kevin,
>> >
>> > The reason I did not change the delivery settings was because you
>> > mentioned not to do it on the local server in an earlier post.
>> >
>> > But I did as you said. MX record fixed
>> > Changed the delivery tab in Exchange
>> >
>> > Made an A record on the FreeBSD name server and found out that if I
>> > created
>> > a new forward zone (zebrafilm.info) on my Windows server I could add
>> > an A record for server.zebrafilm.info
>> > Good news is that dnsreports.com is more or less reporting OK and so
>> > does reverseDNS checking after I added the new forward zone with A
>> > record.
>> > The bad news is that I cant receive emails anymore so there must be a
>> > missing link....
>
> An A record is an Address record, a CNAME is an Alias.
>
> When you created server.zebrafilm.info, you made it a CNAME record, it must
> be an A record. That is a major error, you cannot use a CNAME in an MX
> record.
> Did you see this:
> WARNING: One or more of your MX records points to a CNAME. CNAMEs are
> prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4,
> and RFC2181 10.3. The problem MX record(s) are:
> server.zebrafilm.info.->85.12.17.104.zebrafilm.info.->Unknown [No A]
>
> And this:
> ERROR: I could not complete a connection to any of your mailservers!
>
> server.zebrafilm.info: Could not connect without glue or A record.
>
>
>

Since there are some many places involved I have set up some screen shots:

http://www.zebrafilm.info/portal/temp/NS1.png

Is from my registrar where I have full control

Second NS I have no control and is the one from my DATA Centre where they
have only added a reverse PTR to my server.zebrafilm.com

Third snapshots from my own Win2K3 server¹s DNS

http://www.zebrafilm.info/portal/temp/Z_info.png
http://www.zebrafilm.info/portal/temp/Z_local.png
http://www.zebrafilm.info/portal/temp/Z_reverse.png

Your trained eye might see things straight away.

When I do a nslookup for the MX I get still no right reply so it seems
somewhere along the line there is still a wrong setting.
I was also wondering if it would not be better to point the domain name also
direct to my own DNS instead of /or additional to the nsx.phpBB3.nl servers

Thanks a lot!
Bastiaan




On 11-09-2006 00:57, in article uyxqCyS1GHA.4452@TK2MSFTNGP02.phx.gbl,
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>> > Dear Kevin,
>> >
>> > The reason I did not change the delivery settings was because you
>> > mentioned not to do it on the local server in an earlier post.
>> >
>> > But I did as you said. MX record fixed
>> > Changed the delivery tab in Exchange
>> >
>> > Made an A record on the FreeBSD name server and found out that if I
>> > created
>> > a new forward zone (zebrafilm.info) on my Windows server I could add
>> > an A record for server.zebrafilm.info
>> > Good news is that dnsreports.com is more or less reporting OK and so
>> > does reverseDNS checking after I added the new forward zone with A
>> > record.
>> > The bad news is that I cant receive emails anymore so there must be a
>> > missing link....
>
> An A record is an Address record, a CNAME is an Alias.
>
> When you created server.zebrafilm.info, you made it a CNAME record, it must
> be an A record. That is a major error, you cannot use a CNAME in an MX
> record.
> Did you see this:
> WARNING: One or more of your MX records points to a CNAME. CNAMEs are
> prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4,
> and RFC2181 10.3. The problem MX record(s) are:
> server.zebrafilm.info.->85.12.17.104.zebrafilm.info.->Unknown [No A]
>
> And this:
> ERROR: I could not complete a connection to any of your mailservers!
>
> server.zebrafilm.info: Could not connect without glue or A record.
>
>
>

Bastiaan Houtkooper wrote:
> Since there are some many places involved I have set up some screen
> shots:
>
> http://www.zebrafilm.info/portal/temp/NS1.png

Your public zone looks OK, but could use an SPF record

>
> Is from my registrar where I have full control
>
> Second NS I have no control and is the one from my DATA Centre where
> they have only added a reverse PTR to my server.zebrafilm.com
>
> Third snapshots from my own Win2K3 server¹s DNS
>
> http://www.zebrafilm.info/portal/temp/Z_info.png

This local zone is likely going to give you some issues. Since this zone is
for local resolution and connectivity, you should delete the two records
that have the public IP addresses. Keep in mind, all records in this zone
are not for public access and must resolve to local addresses.
I notice you have an SPF record, but this record is in the wrong place, it
should be in the public zone, if you can add a txt record in the public zone

> http://www.zebrafilm.info/portal/temp/Z_local.png

Again here, you need to delete those two records with the public IPs,
they're going to cause connectivity issue with Active Directory.
This is that server with RAS installed isn't it?
You need to add this to the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\DNS\Parameters

On the Edit menu, point to New, and then click String Value to add the
following registry value:
Value name: PublishAddresses
Data type: REG_SZ
Value data: 192.168.10.1

This should remove the (same as parent folder) record with the
192.168.234.235 IP address.


> http://www.zebrafilm.info/portal/temp/Z_reverse.png

You need to completely remove this zone, it is going to cause a conflict for
looking up PTRs in the rest of the subnet.

You can add a reverse lookup zone for 192.168.1.x if you want.

Make sure this server uses only its own address for DNS.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Dear Kevin,

Thanks for your extensive .
Yes this is the server that I use mainly with RAS. The only part having also
an IP address is the Remote Access Controller that DELL also connects to
windows. But I guess it should never show up in DNS.

I made every step you suggested:

Removed all public IP¹s from the local DNS (getting a better understanding
step by step, couldn¹t get that from my books)
Removed the reverse lookup zone.
Added the reg key

Questions that remain:
You suggested a possible reverse lookup zone fro 192.168.1 but I assume this
should be 192.168.10?
Would it anywhere to have this?

I have added a SPF record to the Unix system, funny enough I was confused if
I should do it for zebrafilm.info or for server.zebrafilm.info.
I have tried both and none gets recognized by dnsreport.com.

The nslookup looks better now but I am still not able to receive email.
Since I changed the delivery tab from *.local to *.info, the server doesn¹t
seem to accept mail anymore send by other mail clients. It does accept mail
when I send them manually with TELNET to the SMTP server.

Any idea what might cause this?

Regards,

Bastiaan

Bastiaan Houtkooper wrote:
> Dear Kevin,
>
> Thanks for your extensive .
> Yes this is the server that I use mainly with RAS. The only part
> having also an IP address is the Remote Access Controller that DELL
> also connects to windows. But I guess it should never show up in DNS.
>
> I made every step you suggested:
>
> Removed all public IP¹s from the local DNS (getting a better
> understanding step by step, couldn¹t get that from my books)
> Removed the reverse lookup zone.
> Added the reg key
>
> Questions that remain:
> You suggested a possible reverse lookup zone fro 192.168.1 but I
> assume this should be 192.168.10?

Yes, that was a typo.

> Would it anywhere to have this?

You know, its all coming back to me now, isn't this the box that has a modem
on it, and there aren't any local clients?
And you connect by VPN?

>
> I have added a SPF record to the Unix system, funny enough I was
> confused if I should do it for zebrafilm.info or for
> server.zebrafilm.info.
> I have tried both and none gets recognized by dnsreport.com.
>
> The nslookup looks better now but I am still not able to receive
> email. Since I changed the delivery tab from *.local to *.info, the
> server doesn¹t seem to accept mail anymore send by other mail
> clients. It does accept mail when I send them manually with TELNET to
> the SMTP server.
>
> Any idea what might cause this?

This is an Exchange server right?
Has it been set up to receive mail for zebrafilm.info?

In System manager, Expand Recipients, Select Recipient Policies in the left
hand pane, in the right hand pane, right click Default Policy and choose
Properties from the list. Select the E-Mail addresses tab, click "New"
Select SMTP address and Click OK, in the Address field type in
@zebrafilm.info and click OK. Place a check in the Box next to
@zebrafilm.info, then click the Set as Primary button. The Ok your way out
and close System Manager.

How do users connect to this server for E-mail?
With Outlook or Outlook Web Access?

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Kevin, that must have been a flash back rolling through all your previous
mails remembering this specific box :-)

Yes this is a server with no direct internal LAN.
Everything is websites or Exchange + some VPN with redirected documents etc.

We connect with Outlook and Entourage and sometimes OWA and OMA.
It servers for FTP and WebDav too.

Beside that it is also a learning system for me. That¹s why I pay the money
to MS for all the licenses ;-)

The recipient policy was already setup for the 5 domains that it receives
emails from.
Zebrafilm.info was set as primary.

Reg Bastiaan






On 11-09-2006 20:56, in article OF2eHQd1GHA.4392@TK2MSFTNGP04.phx.gbl,
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote:

> Bastiaan Houtkooper wrote:
>> > Dear Kevin,
>> >
>> > Thanks for your extensive .
>> > Yes this is the server that I use mainly with RAS. The only part
>> > having also an IP address is the Remote Access Controller that DELL
>> > also connects to windows. But I guess it should never show up in DNS.
>> >
>> > I made every step you suggested:
>> >
>> > Removed all public IP¹s from the local DNS (getting a better
>> > understanding step by step, couldn¹t get that from my books)
>> > Removed the reverse lookup zone.
>> > Added the reg key
>> >
>> > Questions that remain:
>> > You suggested a possible reverse lookup zone fro 192.168.1 but I
>> > assume this should be 192.168.10?
>
> Yes, that was a typo.
>
>> > Would it anywhere to have this?
>
> You know, its all coming back to me now, isn't this the box that has a modem
> on it, and there aren't any local clients?
> And you connect by VPN?
>
>> >
>> > I have added a SPF record to the Unix system, funny enough I was
>> > confused if I should do it for zebrafilm.info or for
>> > server.zebrafilm.info.
>> > I have tried both and none gets recognized by dnsreport.com.
>> >
>> > The nslookup looks better now but I am still not able to receive
>> > email. Since I changed the delivery tab from *.local to *.info, the
>> > server doesn¹t seem to accept mail anymore send by other mail
>> > clients. It does accept mail when I send them manually with TELNET to
>> > the SMTP server.
>> >
>> > Any idea what might cause this?
>
> This is an Exchange server right?
> Has it been set up to receive mail for zebrafilm.info?
>
> In System manager, Expand Recipients, Select Recipient Policies in the left
> hand pane, in the right hand pane, right click Default Policy and choose
> Properties from the list. Select the E-Mail addresses tab, click "New"
> Select SMTP address and Click OK, in the Address field type in
> @zebrafilm.info and click OK. Place a check in the Box next to
> @zebrafilm.info, then click the Set as Primary button. The Ok your way out
> and close System Manager.
>
> How do users connect to this server for E-mail?
> With Outlook or Outlook Web Access?

Bastiaan Houtkooper wrote:
> Kevin, that must have been a flash back rolling through all your
> previous mails remembering this specific box :-)
>
> Yes this is a server with no direct internal LAN.
> Everything is websites or Exchange + some VPN with redirected
> documents etc.
>
> We connect with Outlook and Entourage and sometimes OWA and OMA.
> It servers for FTP and WebDav too.
>
> Beside that it is also a learning system for me. That¹s why I pay the
> money to MS for all the licenses ;-)
>
> The recipient policy was already setup for the 5 domains that it
> receives emails from.
> Zebrafilm.info was set as primary.
>

I got to thinking about that, the only way you can access this box is by it
public IP address or VPN, so your going to need to make sure that only the
server itself uses the private address unless you're connected by VPN.

So, if your using Outlook you have to use the VPN, or connect by using RPC
over HTTP.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Kevin I am using HTTP/RPC, that works fine for all my machines.

Problem is that after all suggested changes my Exchange server refuses
messages sent to it.
It does send out out the messages.

It recieves ' internal' message send to people on the GAL

It receive message with a long delay,send by Telnetcoomands to port25
It refuses message from the othermail servers.
error back in Outlook:

There was a SMTP communication problem with the recipient's email server.
Please contact your system administrator.

<server.zebrafilm.info #5.5.0 smtp;550-"The recipient cannot be
verified. Please check all recipients of this>



This happened after the DNS/Exchange changes. It is a bit strange and very
inconvenient....








"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:%231Fcude1GHA.1252@TK2MSFTNGP04.phx.gbl...
> Bastiaan Houtkooper wrote:
>> Kevin, that must have been a flash back rolling through all your
>> previous mails remembering this specific box :-)
>>
>> Yes this is a server with no direct internal LAN.
>> Everything is websites or Exchange + some VPN with redirected
>> documents etc.
>>
>> We connect with Outlook and Entourage and sometimes OWA and OMA.
>> It servers for FTP and WebDav too.
>>
>> Beside that it is also a learning system for me. That¹s why I pay the
>> money to MS for all the licenses ;-)
>>
>> The recipient policy was already setup for the 5 domains that it
>> receives emails from.
>> Zebrafilm.info was set as primary.
>>
>
> I got to thinking about that, the only way you can access this box is by
> it
> public IP address or VPN, so your going to need to make sure that only the
> server itself uses the private address unless you're connected by VPN.
>
> So, if your using Outlook you have to use the VPN, or connect by using RPC
> over HTTP.
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>

Bastiaan wrote:
> Kevin I am using HTTP/RPC, that works fine for all my machines.
>
> Problem is that after all suggested changes my Exchange server refuses
> messages sent to it.
> It does send out out the messages.
>
> It recieves ' internal' message send to people on the GAL
>
> It receive message with a long delay,send by Telnetcoomands to port25
> It refuses message from the othermail servers.
> error back in Outlook:
>
> There was a SMTP communication problem with the recipient's email
> server. Please contact your system administrator.
>
> <server.zebrafilm.info #5.5.0 smtp;550-"The recipient
> cannot be verified. Please check all recipients of this>
>
>
>
> This happened after the DNS/Exchange changes. It is a bit strange and
> very inconvenient....

Sounds like its a DNS issue.
Send me your ipconfig /all, netdiag /fix and dcdiag /fix from a command
prompt.
Netdiag and dcdiag are in the server support tools on the CD. It would
probably be better if you eamil it to me. Take the nospam. out of my email
address.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Kevin, I send you the info by email, hope it arrived.

Bastiaan

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:%23o14Gve1GHA.3752@TK2MSFTNGP02.phx.gbl...
> Bastiaan wrote:
>> Kevin I am using HTTP/RPC, that works fine for all my machines.
>>
>> Problem is that after all suggested changes my Exchange server refuses
>> messages sent to it.
>> It does send out out the messages.
>>
>> It recieves ' internal' message send to people on the GAL
>>
>> It receive message with a long delay,send by Telnetcoomands to port25
>> It refuses message from the othermail servers.
>> error back in Outlook:
>>
>> There was a SMTP communication problem with the recipient's email
>> server. Please contact your system administrator.
>>
>> <server.zebrafilm.info #5.5.0 smtp;550-"The recipient
>> cannot be verified. Please check all recipients of this>
>>
>>
>>
>> This happened after the DNS/Exchange changes. It is a bit strange and
>> very inconvenient....
>
> Sounds like its a DNS issue.
> Send me your ipconfig /all, netdiag /fix and dcdiag /fix from a command
> prompt.
> Netdiag and dcdiag are in the server support tools on the CD. It would
> probably be better if you eamil it to me. Take the nospam. out of my email
> address.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>