Have you encountered that Exchange cannot deliver mail to some destinations on Internet? This is becoming more and more common. You may ask why this happen in the first place and why it’s becoming more common.
The answer lies in how Exchange do DNS queries. Exchange was designed to run on a corporate network where you have full control on how DNS is setup and configured. Basically Exchange believe that DNS will always respond with a correct answer. But when Exchange send mail to Internet, DNS queries and answers might not always be what you expect, this is especially true when more and more organizations start using IPv6.
Using Network Monitor or any other network sniffer when Exchange tries to deliver a mail over Internet you will see that there is query for MX. One problem here is if the destination domain have IPv6 information in their Internet DNS but do not have AAAA records for hosts specified in their MX records, Exchange will simply do not another query for A records for the MX hosts and mail will queue on Exchange.
There are variations on what information is in the destination DNS zone and how your DNS is configured, if you have IPv6 yourself etc, but the behavior is the same, DNS will sometimes fail.
Solution is very simple. configure the sendconnector used for sending mail to Internet to use an external DNS, that is not to reconfigure your windows box to query another name server but simply use the Exchange configuration
Set-SendConnector <SendConnectorNameToInternet> -UseExternalDNSServersEnabled $True
You don’t even have to specify a specific name server on your HUB/Edge server, but you can if you like.
This will change the behavior of Exchange DNS queries to not to stop when there is no AAAA records if other IPv6 information is found, but to continue to do IPv4 DNS queries. remember that Windows prefer IPv6 over IPv4. This can be verified by using a network sniffer.
Have done testing both with HUB and Edge servers and with Exchange 2010 and 2013, and the behavior is the same.
The only reference on Technet on this matter is this article http://technet.microsoft.com/en-us/library/bb676467(v=exchg.150).aspx that talks about normal and lenient mode, but it doesn’t explain the changed behavior if using external DNS or not.
So in short, configure your sendconnectors sending to Internet to use an external DNS to make your live easier.
