Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Need help for MX records (Setup MX records)
  •  
echo

Messages: 15
Karma: 0
Send a private message to this user
Hi, i am running KMS and KWF as a mail relay and now i have 2 ISP with different public ip, when link on ISP1 is down and then kwf change to ISP2 (failover).
My question how to setup MX record with multiple IP's for one mail server?

Thanks

[Updated on: Wed, 29 October 2008 17:15]

  •  
roly

Messages: 47
Karma: -3
Send a private message to this user
hi echo

mail.yourdomain.xxx = preference 0
(main kms)ip-adress isp1

failover.yourdomain.xxx = preference 20 or higher
(failover)ip-adress isp2

is that what you need to know?

by from ch, roly
  •  
bigmountain

Messages: 116

Karma: 0
Send a private message to this user
Just as mentioned in the previous reply, you will need to create a domain name for each IP address. For example, if you currently are using mailserver.com for your server name, then you can keep mailserver.com, but also create a subdomain of mx2.mailserver.com and point that to the second IP address. You will need to setup both IP addresses in your server and make sure that your Kerio is setup to listen at both IPs and not just one of them.

Then, for your domain or any other domain you host mail for, you will specify two MX records with your main mailserver.com as being the primary with a higher precedence. Does that make sense? I just want to make sure I am explaining correctly. If you are using any external firewalls or spam filters, then that may change things a bit, but you didn't mention any, so I am guessing that you have a simple internet to server connection. Thanks!

Preferred Kerio Partner and Cloud Solutions Provider - Offering both shared and dedicated Kerio Connect hosting solutions.
Visit us at http://bigmountainmail.com
  •  
jshaw541

Messages: 471
Karma: 0
Send a private message to this user
One thing to keep in mind is that for any servers there is an MX record for, they should be powered on at all times, as some legitimate Internet email servers like to ignore the MX priority.

Additionally, spammers will often try to spam you via the MX with the highest priority number (and thus lowest priority), hoping your backup server's spam protection isn't as good as your primary. So make sure that all your MX hosts are hardened for spam.

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
Nixs

Messages: 159
Karma: 0
Send a private message to this user
First, the above solutions are better than mine - just presenting an alternative solution;

You can always use service like DynDNS.com to handle this.

Just because your e-mail is <_a.t_>domain.com doesn't mean your MX records have to be, so you don't have to move your <_a.t_>domain.com to DynDNS.com either.

For example, register mydomainmailserver.com with Network Solutions or whoever.

Then have your server run DynDNS client (I run this on one of mine in a similar situation) and have it dynamically update the MX record;

http://www.dyndns.com/services/dns/dyndns/

That way your DNS MX record will only point to your primary IP address. It will point to your secondary one only in the event of failure.

RFC for MX record states MX records are not to be cached and are to be looked up each connection. This isn't always done by everyone. Checkpoint is an example. If that's a concern then you could use mailhop to get around both these issues; http://www.dyndns.com/services/mailhop/ or http://www.lanechange.net/html/email_defense.shtml

These are very cheap solutions. I've used DynDNS for years and have never paid a penny (though I don't do MX.) I've used Lanechange in the past for years and they had excellent service for very low price.
  •  
echo

Messages: 15
Karma: 0
Send a private message to this user
roly wrote on Thu, 30 October 2008 00:32

hi echo

mail.yourdomain.xxx = preference 0
(main kms)ip-adress isp1

failover.yourdomain.xxx = preference 20 or higher
(failover)ip-adress isp2

is that what you need to know?

by from ch, roly


So on local dns i should make cname record since my mail server is one?
Is`t right?

Thanks
  •  
generic_penguin

Messages: 45
Karma: 10
Send a private message to this user
I think you are making this harder than you need to
All this should be done on your external DNS, Normally this can be edited by you and is either part of your ISP's solution, Domain name register service, or your web hosting supplier

Either way

Lets say your primary mail server is at 202.1.1.1 (Insert valid external IP here)
Lets say this IP 202.1.1.1's dns is mail.company.com
Lets say your secondary mail server is at 203.1.1.1 (Insert valid external IP here)
Lets say this IP 203.1.1.1's dns is mail2.company.com

Then your external DNS will may a MX10 of mail.company.com and an MX20 of mail2.company.com, your ISP may even supply a mail relay for you and this could be MX30 etc..

The mail server at 202.1.1.1 and 203.1.1.1 will accept email for company.com and will have a valid SSL certificate on them for either mail.company.com or mail2.company.com

As for your internal DNS inside your network you will always point your mail clients to the primary mail server. If you want to make life easy have them all point to mail.company.com and have your internal DNS resolve this to the internal IP of the mai server (EG 10.1.1.1) This way your end users will not have to change the mail server entry when in the office to out of the office and all traffic will be local when in the office.

Kerio does not support mail clustering at this time so no need for round robin DNS or multiple MX records internal or load balancing switches. (Well unless you are doing really funky stuff)

Mind you I would love Kerio to support mail clustering, Then we could host the mail store on a XSAN or ADIC (file level locking shared storage) and we could pitch Kerio into some larger installs. At least Kerio 6.5.2 onwards can do "kerio-Mail-HomeServer", so we can split home folders across multiple servers. If only we could get the calendars (free and busy) to work across multiple servers..

Anyhow.. all the best
  •  
atifdarr

Messages: 1
Karma: 0
Send a private message to this user
I read this thread and I think generic_penguin has the knowledge to advise me on my issue.

How do I force my mail server to do an MX lookup?

My issue is that I am sending mail from a local mail server and I want bounced mails to be collected by another external mail server. I am finding that the local mailserver is not performing an MX lookup and it will just sends the email back to itself.

Please note MX priorities are setup and tested. The problem is that MX records do not come into play.

Thanks in advance for any advise you can give me.

  •  
j.a.duke

Messages: 351
Karma: 11
Send a private message to this user
atifdarr wrote on Thu, 27 March 2014 09:09
I read this thread and I think generic_penguin has the knowledge to advise me on my issue.

How do I force my mail server to do an MX lookup?

My issue is that I am sending mail from a local mail server and I want bounced mails to be collected by another external mail server. I am finding that the local mailserver is not performing an MX lookup and it will just sends the email back to itself.

Please note MX priorities are setup and tested. The problem is that MX records do not come into play.

Thanks in advance for any advise you can give me.


What is your local server? Kerio?

If it is Kerio, then you can always set forwarding options for a user not found in the local domain which could be set to forward to your external server.

Cheers,
Jon
Previous Topic: SMTP sending email to a particular domain
Next Topic: Cannot parse sticky note message file
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Aug 18 06:49:42 CEST 2017

Total time taken to generate the page: 0.00465 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.