-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Non Deliverable or Bounce Messages are not coming back
03/26/2020 
1,115 People found this article helpful
483,947 Views
Description
Non Deliverable or Bounce messages are not coming back. How to configure a internal MX record on a Microsoft DNS server.
Unable to receive bounced/undelivered/log emails when using email security. The email security does use the extrenal MX-record which is used on the internet.
Resolution
If the client has a UTM with EnhancedOS, a loopback rule can be created. However, the recommended resolution is to create an internal MX record. This document explains how to create such a mx record.
Requirements: Microsoft DNS server (which is used by the email sec in the host configuration)
Example: Windows 2003 SP1
Procedure:
-
Start the DNS manager snap-in.
-
The client should already have a local forward lookup zone, similar to:
For the purposes of this example, the mail server is represented by the record “server” pointing to 192.168.100.25.
-
In the local lookup zone, ensure that an A host record exists for both the email security and the email server
-
Create a new forward lookup zone, this one with the public domain (eg. sonicwall.com)
(right click on “Forward Lookup Zones” | New Zone). In the options that follow, ensure that “primary zone” is selected and enter the public zone in the zone name. All the other options can be left as default. You should have something similar to:
-
In the new zone, create a new MX record:
In the dialog box leave everything as is, and click the “browse” button:
Click on the server | forward lookup zones and then click on the local domain and select the mail server:
Click OK, and the internal MX record is created. To ensure all is as it should, run nslookup and type:
> set type=mx
> sonicwall.com (or whatever the public domain is)
And you should get an output similar to:
Note:
- The internet address is the address of the mail server, the internal MX record has been created successfully.
- For these changes to propagate to the email security appliance, the DNS cache must be flushed. This happens periodically however to flush this manually obtain SSH access to the device, point the device to a different DNS server, and change it back to force an update.
Related Articles
- Email Security: Convert a .cer format SSL Certificate to .pem for TLS
- How to set up your MX record after you activated Email Security Hosted Solution
- Email Security: How to troubleshoot NDR's.
Categories
- Email Security > Email Security Appliance
- Email Security > Email Security Software
- Email Security > Hosted Email Security
YES
NO