We have an on-premises Exchange Server 2019. Everything was working fine until we got an external spam filtering service. We changed our MX records to point to the spam filtering service, and then the filtering service sends the emails to the Exchange Server. That part works great.
The problem is when we try to add an account to Outlook or a smartphone, it won't connect to the Exchange Server to setup the account. The only records changed were the MX records. Autodiscover, mail.{domain].com, and autodiscover records still point to the Exchange server.
Here are the error messages I get.
![thumbnail image 1 of blog post titled Changed Exchange 2019 DNS MX Records for Spam Filter Service and Exchange Active Sync Now Fails](https://techcommunity.microsoft.com/t5/image/serverpage/image-id/603175i1436799DF0A10640/image-size/large?v=v2&px=999)
If I manually setup the Outlook profile putting in the mail server name (mail.{domain}.com, domain\username, password, etc., then I get this.
![thumbnail image 2 of blog post titled Changed Exchange 2019 DNS MX Records for Spam Filter Service and Exchange Active Sync Now Fails](https://techcommunity.microsoft.com/t5/image/serverpage/image-id/603176i882DE0CE2A997CDD/image-size/large?v=v2&px=999)
I ran the Microsoft Remote Connectivity Analyzer for Activesync, and it passed.
The autodiscover records look like this.
A autodiscover.mydomain.com XXX.XXX.XXX.XXX where XXX.XXX.XXX.XXX is the server public IP address.
A mail.mydomain.com XXX.XXX.XXX.XXX where XXX.XXX.XXX.XXX is the server public IP address.
SRV _autodiscover._tcp.mydomain.com 0 443 mail.mydomain.com
Some people use a CNAME instead of an A record for autodiscover.mydomain.com. I don't know if that makes a difference.
Anyone have any ideas or workarounds?