Re: Front end server name by Ed
Ed
Fri Oct 27 21:24:32 CDT 2006
A front-end server does not have to route SMTP traffic, so I cannot answer
that question. By definition a front-end server handles OWA, IMAP and POP
traffic for multiple back-end servers. If your front-end is acting as a
bridgehead, which may or may not be a good idea, then you would want to
change your MX record, NAT setting, or the like to direct the inbound SMTP
traffic to it. If you aren't using it as a bridgehead, you don't. Note
that if you're using a PIX firewall, you will need to turn off the Mailguard
feature or else mail to and from Exchange won't work right.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"
"Lenny" <Lenny@discussions.microsoft.com> wrote in message
news:18B74C59-EF61-49D0-A0EE-F361A750F6AE@microsoft.com...
> Mr. Crowley,
>
> Let's try again: all we need to know is a clear answer from a
> professional
> MVP like you to the following question: our MX record points to the
> production exchange server which is the only exchange server right now.
> We
> are going to add one more exchange and make the new one the front end
> server.
> And we believe the MX record should point to the frontend server. Please
> verify.
>
> BTW, pix firewall in front of exchange servers and no security
> complication
> needs to be factored in. Thank you
>
>
>
>
> "Ed Crowley [MVP]" wrote:
>
>> You know, if you had posted your real DNS domain name this thread would
>> likely have ended several nesting levels ago.
>> --
>> Ed Crowley
>> MVP - Exchange
>> "Protecting the world from PSTs and brick backups!"
>>
>> "Lenny" <Lenny@discussions.microsoft.com> wrote in message
>> news:B88A3A54-B6AB-4063-830B-9548F3683350@microsoft.com...
>> > All we ask is whether MX record points to our Front end server, which
>> > is
>> > our
>> > security boundary (otherwise why should we ask). BTW, I do not care
>> > what
>> > you
>> > call us, son, father, or bloody son, you should be professional, Mr.
>> > MVP.
>> >
>> > "Mark Arnold [MVP]" wrote:
>> >
>> >> On Thu, 26 Oct 2006 11:29:01 -0700, Lenny
>> >> <Lenny@discussions.microsoft.com> wrote:
>> >>
>> >> >Yes, of course, the A record points to exchange.corp.com. (or the ip
>> >> >address
>> >> >in the A record is the public IP address for the server called
>> >> >Exchange)
>> >> >
>> >> >MX record means: mail for corp.com goes to a server named
>> >> >Exchange.corp.com
>> >> >and this server's IP address is x.y.z.w, and the Exchange is the real
>> >> >name
>> >> >for this server. Therefore, our question: MX record should be
>> >> >"point"
>> >> >to
>> >> >Front end server and there fore the front end server should use
>> >> >Exchange
>> >> >as
>> >> >its name. Please verify.
>> >>
>> >> I know exactly what a bloody MX record means son. The MX points to the
>> >> A. The A has an IP. That IP is the FE.
>> >>
>> >> >
>> >> >( in our senario, we need to use the old exchange server as the
>> >> >fronend
>> >> >server since it is already named as Exchange, and Exchange server
>> >> >name
>> >> >cannot
>> >> >be changed. Of course, when setting up Frontend and backend, we will
>> >> >migrate
>> >> >mailboxes from the server called Exchange to the new server which
>> >> >will
>> >> >be the
>> >> >backend server)
>> >>
>> >> What the hell has the name of the server got to do with anything. The
>> >> external name has no bearing on anything. You can give the server a
>> >> name that matches the naming convention of your organisation (UKEX001,
>> >> planets, southpark characters, dog names WHATEVER) and you can have
>> >> the MX called "webmail" or "remote" or "something sensible" an have an
>> >> A record of that name pointing at whatever your security boundary is
>> >> (FE, firewall, ISA, WHATEVER)
>> >>
>> >>
>> >>
>> >> >
>> >> >"Mark Arnold [MVP]" wrote:
>> >> >
>> >> >> On Thu, 26 Oct 2006 10:30:02 -0700, Lenny
>> >> >> <Lenny@discussions.microsoft.com> wrote:
>> >> >>
>> >> >> >Hi,
>> >> >> >
>> >> >> >I do not think you understand my question, expecially, # 1.
>> >> >> >Let's
>> >> >> >try it
>> >> >> >again. Please forget about the previous question, let me rephrase
>> >> >> >it
>> >> >> >as
>> >> >> >following:
>> >> >> >
>> >> >> >The question is: in a Front end and back end situation, the MX
>> >> >> >record
>> >> >> >should point to the front end. Please confirm.
>> >> >>
>> >> >> Kind of. The MX record points to an A record. The A record points
>> >> >> to
>> >> >> an IP address. The IP address there goes either to the FE or it
>> >> >> goes
>> >> >> to the firewall which forwards SMTP to the FE.
>> >> >>
>> >> >> >
>> >> >> >
>> >> >> >The following senario will help you understand the real situation
>> >> >> >which
>> >> >> >boils down to one point: MX record should points to the frontend
>> >> >> >server.
>> >> >> >For example, the mx record for corp.com points to the record of an
>> >> >> >Exchange
>> >> >> >server: exchange.corp.com
>> >> >> >
>> >> >> >And the exchange server is Exchange. Currently, the Exchange
>> >> >> >server
>> >> >> >is the
>> >> >> >only exchange server. However, we need to introduce another
>> >> >> >Exchange
>> >> >> >server
>> >> >> >and set up Frontend and backend topology. If we still want to
>> >> >> >keep
>> >> >> >the MX
>> >> >> >record the same, namely, all email to corp.com will be directed to
>> >> >> >exchange.corp.com. We should use the old server Exchange as the
>> >> >> >frontend
>> >> >> >server, and should not use it as the backend server - please
>> >> >> >confirm.
>> >> >> >
>> >> >> >
>> >> >> Yeah, just ignore the whole thing with the MX records beyond what I
>> >> >> said above. If you want a complete answer (and I was hoping youd
>> >> >> take
>> >> >> the hint earlier) then you need to tell us what that A record
>> >> >> points
>> >> >> to (physically)
>> >> >>
>> >> >> Eliminate from your head all thoughts of MX records, you do not
>> >> >> need
>> >> >> to involve yourself in such things.
>> >> >>
>> >> >>
>> >>
>> >>
>>
>>
>>