| |
| |
| |
|
Page: 1 2 3
<cyberfrg> ok so i have a domain called "foo.local". I am setting up exchange and will be accepting emails to foo.com. When a new AD user is created their email address by default is user@foo.local. I can create a recipiant policy to add @foo.com as an smtp address for all users which makes all internal email work if i send to user@foo.local or user@foo.com however incoming smtp does not seem to work with any email addressed to user@foo.com bu
<cyberfrg> if that got cut off let me know heh
<cyberfrg> basically, domain is foo.local, users emails are user@foo.local, need incoming smtp to be accepted to user@foo.com and route to the proper person
<cyberfrg> my thinking is that the exchange server should have been setup to deal with foo.com not the internal one
<cyberfrg> cmon nef and infi :) help me out here
<Drakh> cyberfrog
<Drakh> go into your default recipient policy and allow the domain to receive mails for the @foo.com domain
<Adonis> yawn
<Drakh> hi
<Adonis> hi Drakh
<cyberfrg> Drakh: if a user sends an email outside and that person responds will the email address be the @foo.local
<cyberfrg> or will making @foo.com smtp recipiant policy primary fix that
<WrldBFree> why would u use foo.local, thats so problematic
<pukey> msft was teaching .local
<pukey> I think they since dropped that
<cyberfrg> they dropped it for .msft
<cyberfrg> heh
<cyberfrg> i'm all for not using it, i've asked advantages and disadvantages of using or not
<cyberfrg> but havn't gotten any good suggestions
<cyberfrg> are there problems with non-resolvable domain names or strictly .local
<cyberfrg> this being one of those issues probably
<WrldBFree> well youre experiencing the problem right now with using it, its not valid on the internet so you have to reconfigure exchange
<WrldBFree> why did you not just use foo.com
<cyberfrg> organizational reasons ... again, saw advantages to foo.local strictly for local network stuff
<cyberfrg> this is just a test env so by no means is it final but i'd like to find the best way to do it
<WrldBFree> most companies will use the same internal dns as they do external
<WrldBFree> you just have to manually add a few host records on your DNS server so users can access the external resources, no big deal
<cyberfrg> but there is a difference between internal hosts and hosts resolvable from the outside
<cyberfrg> i understand the concept and we're doing that now i just think it would be easier to use .local or something else
<WrldBFree> it's not
<cyberfrg> is the issue with exchange the only down fall?
<WrldBFree> one of the major ones
<WrldBFree> you can use .local if you want, you just have to reconfigure exchange so that the users will use the .com smtp address
<cyberfrg> does reconfiguring cause problems with reply to addresses
<cyberfrg> example a person send an email outside, will their reply to be user@foo.local or user@foo.com
<cyberfrg> if it's too much damn trouble we won't bother. we want to get it right the first time.
<cyberfrg> either we use .local and administration and organization is must easier or we stick with .com and not have mailing issues
<cyberfrg> s/must/much
<mes> cyberfrg: ive never gotten a straight answer on .local vs actual dns
<mes> definately more config for .local
<rworks> The straight answer?
<mes> well the official answer with documentation
<kneer0w> what happens if only port 636 is blocked?
<kneer0w> (ldap over ssl)
<mes> im guessing that traffic on 636 wont go through
<kneer0w> @_@
<kneer0w> i mean .. on the user side
<mes> well im guessing it wont work
<kneer0w> will they still be able to send and receive emails, but it wont be secure?
<mes> if you use ldap over ssl
<sbq> if the client is configured to use LDAP SSL then it won't work
<kneer0w> or will they just not be able to use any search functions?
<sbq> what application are you using and what LDAP server are you using?
<kneer0w> all native with Outlook
<kneer0w> well .. AD
<kneer0w> i've got all my cert books around me and i still can't figure out the answer to the question
<sbq> outlook in MAPI mode?
<sbq> or some other protocol like POP3 or IMAP?
<kneer0w> in MAPI mode
<rworks> mes: There is no "right" answer about that.
<sbq> it doesn't use LDAP SSL then
<mes> rworks: but whats the microsoft/consultant suggestion?
<rworks> The suggestion is to do what meets the need of your organization.
<sbq> the first question I have is why is 636 blocked?
<kneer0w> the user can't help it. it's his network policy
<sbq> outlook using MAPI doesn't use 636
<mes> rworks: true, and ive argued with a few about it, but what im looking for documentation that says this is best for this setup and why
<mes> and maybe that just doesnt exist
<kneer0w> ok .. so ..
<kneer0w> as this is my last cert question i can't figure out
<kneer0w> "your exchange server suddenly stops. you dertermine that the microsoft exchange information store" service has unexpectedly shut down. what should you do?
<kneer0w> A) restart the MEIS service B) Restart the Microsoft Exchange Server C) Restore the Exchange Server from backups D) Delete messages in bad mail folder E) delete all transaction logs
<kneer0w> E) obviously goes out the door
<pukey> not E
<DortoH> well restarting the service is usually good
<kneer0w> is there any reason why i'd want to do D) ?
<pukey> not B
<pukey> not C
<pukey> that leaves A and D
<kneer0w> i'm trying to remember if an obvious cause of MEIS failing could be bad mail
<kneer0w> i've never actually had bad mail happen to me, so i've no experience with it
<DortoH> well badmail piling up could fill up the hard drive
<kneer0w> that makes sense.
<DortoH> but with a default install that would kill the MTA stacks service
<kneer0w> okies, done!
<kneer0w> nice .. 92%
<pukey> what was the answer
<kneer0w> i have to contact the test administrator for more details on the test
<kneer0w> i'm writting her an email now, and i'll ask her
<kneer0w> anyhow, thanks guys
<kneer0w> i'll be back with answers
<Adonis> ok
<Adonis> just finished dvd5 of the Lost
<J2k^> ohrmm nice
<J2k^> World series still going
<J2k^> wtf
<J2k^> go Ashtro
<Adonis> it's like watching the longest movie ever
<Whitor> hi
<cyberfrg> woot, @foo.local + recipiant policy for all mail users setting @foo.com smtp as primary
<cyberfrg> easy
<snelson> If I have an MX record pointing to one server 208.188.66.250 but that connection is down, is it OK to have a secondary record pointinf to the same server via a different external IP 69.148.52.212 or does the second MX record have to point to a completely different server?
<mes> well think about it
<mes> if that box goes down
<mes> mail is f'd
<mes> if you point it to a different box
<mes> and one goes down
<mes> you arent f'd
<snelson> no, no, we only have the one box but it is UP, the connection to that box is up. I don't want to change the MX record for the one server, I simply want to add a backup CONNECTION to the server.
<mes> whats the point in adding a backup mx record to the same machine?
<mes> software failure?
<cyberfrg> isp failure
<mes> ahh
<mes> good point
<snelson> a network failure, server is up.
<cyberfrg> snelson: nothing wrong with that from where i stand
<snelson> k, thanks
<mes> yeah thats a good point, ive never had 2 diff isp connects going to the same box
<snelson> but when the other connectio comes back up it won't cause any routing problems, right?
<cyberfrg> run through a senario and make sure it makes sense
<cyberfrg> all you're doing is making sure your email server is able to accept incoming smtp. just ensure your firewall will forward smtp through both ips
<cyberfrg> to the box
<snelson> well, we will eventually get the other connection back up, at that point there will be two records pointing to the same server. As long as the server is up, it shouldn't matter which IP it is being forwarded to, right?
<cyberfrg> the real question is how does the sending mail server deal with it
<snelson> ours or someone else's?
<cyberfrg> the other person's
<snelson> shouldn't it default to the primary MX record? Does it really matter which record it uses since both are routed to the same server?
<cyberfrg> someone sends an email, their mail server looks up your mx record, they get an ip address, they try and send through route1, that route is down, does the server look up the mx record again? probably not
<cyberfrg> where round robin comes in (which is really what you're doing)
<cyberfrg> mail 1 looks up server 1, mail 2 looks up server 2
<cyberfrg> back and forth
<snelson> so, this won't work?
<cyberfrg> probably not 100%
<cyberfrg> if the sending mail server looks up your mx record again to resend it will work great
<snelson> well, what would you suggest then, a backup server?
<cyberfrg> if it queues and tries to keep sending based on the ip it looked up initially no it won't
<cyberfrg> When the remote host is multihomed, the name-to-address translation will return a list of alternative IP addresses. As specified in Section 6.1.3.4, this list should be in order of decreasing preference. Application protocol implementations SHOULD be prepared to try multiple addresses from the list until success is obtained. More specific requirements for SMTP are given in Section 5.3.4.
<cyberfrg> i think it will work
<cyberfrg> as long as the sending mail server wasn't written by idiots
<cyberfrg> set your priorities on your mx records and test it
<sco0by> J2k^
<snelson> OK, thanks :)
<sco0by> J2k^_^
<sco0by> you here
<mdasilva_> anyone know of documentation on the process of message transfers between exchange servers in the same exchange domain?
<mdasilva_> one of my exchange servers if having problems delivering mail to another.
<cyberfrg> smtp connector?
<mdasilva_> the exchange servers must be configured into a smtp connector for it to delliver mail to other exchagne servers in the same organization?
<mdasilva_> a FE exchange server can communicate with both BE servers.
<mdasilva_> BE02 can communicate with BE01.. but BE01 cannot deliver mail to BE02...
Return to exchange
or
Go to some related
logs:
elzeimers
net-wireless/bluez-kernel
wow
|
|