Performing the cut over of client access namespaces during a migration to Exchange Server 2016.
Emails sent using web forms on a website may not be received in the mailbox of the recipient due to a configuration or filtering issue.
I recently encountered a mail flow problem between two of my test lab environments that was being caused by the DNS configuration on the receiving server's network interface.
Learn how Sender Policy Framework (SPF) records work to prevent email spoofing, and how you can implement the correct SPF record for your domain.
How to use hosts files on client computers for Exchange Server testing and troubleshooting scenarios.
How to use the Resolve-DnsName PowerShell cmdlet to query MX records for multiple domain names at once.
How to manually configure the DNS servers used by Exchange Server 2013 for external lookups.
How to plan, test and implement changes to MX records and inbound email traffic routes in an Exchange Server environment.
In this article I explain just what an MX record is and how they play a role in a working email system.
You may encounter an issue with servers running both the DNS and IAS services that have installed update MS08-037 (Vulnerabilities in DNS could allow spoofing – 953230). The IAS services will fail to start and any authentication that relies on IAS (such as VPNs) will fail.
When connecting to the IAS server with the IAS management console the following errors may appear:
Event ID 7023 will appear in the System event log of the IAS server.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Time: 9:15:17 AM
The Internet Authentication Service service terminated with the following error:
Only one usage of each sock address (protocol/network address/port) is normally permitted.
The cause of the issue is explained in KB956188:
You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)
This issue occurs because the service cannot obtain the port that it requires to function correctly. This issue occurs because of changes to the port allocation in the DNS Service after security update 953230 is installed.
The solution is to reserve the IAS ports from the ephemeral port range to ensure that the DNS Server service does not dynamically allocate those ports to itself. To determine which ports are being used by IAS open the IAS management console, right-click the server name and select Properties.
Navigate to the Ports tab and note the port numbers in use.
Follow the instructions in KB812873 (How to reserve a range of ephemeral ports on a computer that is running Windows Server 2003) and enter the correct ports in the registry key like this.
The server must be restarted for the change to take effect. After the restart the DNS Server will no longer allocate the IAS ports to itself, which will allow IAS to start properly.