- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Non Deliverable or Bounce Messages are not coming back
03/26/2020 
1,112 People found this article helpful
98,378 Views
Description
Non Deliverable or Bounce messages are not coming back. How to configure a internal MX record on a Microsoft DNS server.
Unable to receive bounced/undelivered/log emails when using email security. The email security does use the extrenal MX-record which is used on the internet.
Resolution
If the client has a UTM with EnhancedOS, a loopback rule can be created. However, the recommended resolution is to create an internal MX record. This document explains how to create such a mx record.
Requirements: Microsoft DNS server (which is used by the email sec in the host configuration)
Example: Windows 2003 SP1
Procedure:
-
Start the DNS manager snap-in.
-
The client should already have a local forward lookup zone, similar to:
For the purposes of this example, the mail server is represented by the record “server” pointing to 192.168.100.25.
-
In the local lookup zone, ensure that an A host record exists for both the email security and the email server
-
Create a new forward lookup zone, this one with the public domain (eg. sonicwall.com)
(right click on “Forward Lookup Zones” | New Zone). In the options that follow, ensure that “primary zone” is selected and enter the public zone in the zone name. All the other options can be left as default. You should have something similar to:
-
In the new zone, create a new MX record:
In the dialog box leave everything as is, and click the “browse” button:
Click on the server | forward lookup zones and then click on the local domain and select the mail server:
Click OK, and the internal MX record is created. To ensure all is as it should, run nslookup and type:
> set type=mx
> sonicwall.com (or whatever the public domain is)
And you should get an output similar to:
Note:
- The internet address is the address of the mail server, the internal MX record has been created successfully.
- For these changes to propagate to the email security appliance, the DNS cache must be flushed. This happens periodically however to flush this manually obtain SSH access to the device, point the device to a different DNS server, and change it back to force an update.
Related Articles
- SonicWall HES IP address blocklisted by UCEProtect or Backscatter
- How to add O365 connector for domain specific routing
- SonicWall Email Security on Hyper-V Platform
Categories
- Email Security > Email Security Appliance
- Email Security > Email Security Software
- Email Security > Hosted Email Security
YES
NO