Solved

Front End Exchange  - mounted mailbox store or not?

Posted on 2003-10-24
12
626 Views
Last Modified: 2012-08-14
I could use some help with clarification of the following :

A MS whitepaper on FE/BE Exchange topology states - "...if you are using SMTP (on a front end server), a mailbox store is required, but the mailbox store must not contain any mailboxes"  The reason for this is that SMTP requires a mail store for routing of NDRs.  

***What is the exact configuration of the front-end server where a private store is mounted but has no mailboxes?***

I was under the impression you HAD to use SMTP on the front end for the whole FE/BE thing to work.  What I need is to generate NDR's and support SMTP/IMAP/HTTP (OWA) clients.

Thanks for any insight!
0
Comment
Question by:davis
  • 6
  • 5
12 Comments
 
LVL 8

Expert Comment

by:JasonBigham
ID: 9616947
First, you have to have the Enterprise version of Exchange.

Once you set the server in front end mode, the rest is automatic. You don't ahve to worry about the above, there will bea  store, but you won't be able to add mailboxes to it... nor do you need to (it's a front end server)
0
 
LVL 10

Accepted Solution

by:
OneHump earned 250 total points
ID: 9616969
For SMTP, you need a private store on your FE server, but you don't want to put any user mailboxes on it.  FE functionality is separate from SMTP.  FE supports IMAP, POP and OWA.  SMTP will work on an FE server, but you need a store configured on that server for it to work.  There are a couple of hidden mailboxes used by the store driver to route mail; That's why you need a store.  

OneHump
0
 
LVL 1

Author Comment

by:davis
ID: 9617077
I'm not really sure that I need SMTP working on the FE server.  

Why would I want this - is this the only way to reliably generate NDR's?  

From onehump - "There are a couple of hidden mailboxes used by the store driver to route mail; That's why you need a store. " - is this necessary (see below)

The original article from MS i found on configuring the FE server stated :  "Dismount and delete public and mailbox stores"
...the article is entitled "Microsoft Exchange 2000 Server Front-End and Back-End topology"

Thanks for helping clear up this confusion.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 10

Expert Comment

by:OneHump
ID: 9617573
No, you would need SMTP if you want to use your SMTP server as a bridgehead.  A bridgehead would be used to route email to other routing groups or to the Internet.  You could also configure SMTP on an FE server if you want POP/IMAP clients to use that server as their SMTP server.

For an FE server without SMTP, you may delete your stores, that is a good practice.  If you are going to use SMTP, you'll need a private store, which means you may delete your public store, but leave your private store.

OneHump
0
 
LVL 1

Author Comment

by:davis
ID: 9617689
great info!  couple questions that I have still :

1- Would I need the FE server to run SMTP to route mail to other routing groups or distributed BE mailbox servers?  I have not specified a bridgehead but there may be a defalt bridgehead at the first server in the Exchange Org by default....
Currently, I have the Microsoft Information store 'disabled' in Services on the FE server  - things seem to work fine with OWA.  
As well, I thought it was an AD lookup to find the server with the correct user mailbox...

2- Since both FE and BE servers are behind the firewall, I may not want POP/IMAP clients to use that server as their SMTP server.  What is a best practice here?
I am mainly using the FE server for OWA.

thanks!
0
 
LVL 10

Expert Comment

by:OneHump
ID: 9617717
Here you go:

1.  You don't need it unless you want it.  If you arent overloaded, it's fine to use an FE server as a bridgehead.  You can use it as an IM server/router as well.

2.  I would not recommend allowing POP/IMAP from outside.  Big security risks there.  Also, OWA without SSL and two factor authentication is a big risk.  I would keep that stuff inside and use VPN for remote access.

If you do need to allow POP/IMAP or OWA, then you would want that server isolated.  You could either create a VPN tunnel from your dirty network to the network where your VPN is located, or you could simply open port 80/443 on the firewall between the FE and BE.  You could also dual home NICs, but I probably wouldnt do that unless you have firewalls protecting both exposed subnets. There are many, many ways to do this.

Keep asking questions if you have them.  It's not a problem.

OneHump
0
 
LVL 1

Author Comment

by:davis
ID: 9617777
gotcha -

..back to 1 - do I want it if I am really only using it for OWA?

..back to 2 - good point on the security.  We are using VPN to access the network.  As well, we are quarantining the OWA to an SSL VPN over web interface using the following product - http://www.netilla.com/   So, no ports open to the outside, other than port 25

So, we've isolated both servers FE & BE from outside.  With this cfg, do you have a recommendation for using or NOT using SMTP (deleting private store)on the FE?

thanks!
0
 
LVL 10

Expert Comment

by:OneHump
ID: 9618045
1.  No, you don't need SMTP or a store if you are doing OWA.  

You can use SMTP if you need it to connect to the Internet.  If you need it, use it, but if you just want OWA, then forget it.  :)

OneHump
0
 
LVL 1

Author Comment

by:davis
ID: 9620890
one more thing -

I can add a store back later, after deleting,  if SMTP is needed on the FE server?
0
 
LVL 10

Expert Comment

by:OneHump
ID: 9628268
Absolutely.  You just right-click on the storage group and create a new store.

OneHump
0
 
LVL 1

Author Comment

by:davis
ID: 9641722
thanks again!
0
 
LVL 10

Expert Comment

by:OneHump
ID: 9643384
My pleasure.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question