Solved

Front End Exchange  - mounted mailbox store or not?

Posted on 2003-10-24
12
609 Views
Last Modified: 2012-08-14
I could use some help with clarification of the following :

A MS whitepaper on FE/BE Exchange topology states - "...if you are using SMTP (on a front end server), a mailbox store is required, but the mailbox store must not contain any mailboxes"  The reason for this is that SMTP requires a mail store for routing of NDRs.  

***What is the exact configuration of the front-end server where a private store is mounted but has no mailboxes?***

I was under the impression you HAD to use SMTP on the front end for the whole FE/BE thing to work.  What I need is to generate NDR's and support SMTP/IMAP/HTTP (OWA) clients.

Thanks for any insight!
0
Comment
Question by:davis
  • 6
  • 5
12 Comments
 
LVL 8

Expert Comment

by:JasonBigham
Comment Utility
First, you have to have the Enterprise version of Exchange.

Once you set the server in front end mode, the rest is automatic. You don't ahve to worry about the above, there will bea  store, but you won't be able to add mailboxes to it... nor do you need to (it's a front end server)
0
 
LVL 10

Accepted Solution

by:
OneHump earned 250 total points
Comment Utility
For SMTP, you need a private store on your FE server, but you don't want to put any user mailboxes on it.  FE functionality is separate from SMTP.  FE supports IMAP, POP and OWA.  SMTP will work on an FE server, but you need a store configured on that server for it to work.  There are a couple of hidden mailboxes used by the store driver to route mail; That's why you need a store.  

OneHump
0
 
LVL 1

Author Comment

by:davis
Comment Utility
I'm not really sure that I need SMTP working on the FE server.  

Why would I want this - is this the only way to reliably generate NDR's?  

From onehump - "There are a couple of hidden mailboxes used by the store driver to route mail; That's why you need a store. " - is this necessary (see below)

The original article from MS i found on configuring the FE server stated :  "Dismount and delete public and mailbox stores"
...the article is entitled "Microsoft Exchange 2000 Server Front-End and Back-End topology"

Thanks for helping clear up this confusion.
0
 
LVL 10

Expert Comment

by:OneHump
Comment Utility
No, you would need SMTP if you want to use your SMTP server as a bridgehead.  A bridgehead would be used to route email to other routing groups or to the Internet.  You could also configure SMTP on an FE server if you want POP/IMAP clients to use that server as their SMTP server.

For an FE server without SMTP, you may delete your stores, that is a good practice.  If you are going to use SMTP, you'll need a private store, which means you may delete your public store, but leave your private store.

OneHump
0
 
LVL 1

Author Comment

by:davis
Comment Utility
great info!  couple questions that I have still :

1- Would I need the FE server to run SMTP to route mail to other routing groups or distributed BE mailbox servers?  I have not specified a bridgehead but there may be a defalt bridgehead at the first server in the Exchange Org by default....
Currently, I have the Microsoft Information store 'disabled' in Services on the FE server  - things seem to work fine with OWA.  
As well, I thought it was an AD lookup to find the server with the correct user mailbox...

2- Since both FE and BE servers are behind the firewall, I may not want POP/IMAP clients to use that server as their SMTP server.  What is a best practice here?
I am mainly using the FE server for OWA.

thanks!
0
 
LVL 10

Expert Comment

by:OneHump
Comment Utility
Here you go:

1.  You don't need it unless you want it.  If you arent overloaded, it's fine to use an FE server as a bridgehead.  You can use it as an IM server/router as well.

2.  I would not recommend allowing POP/IMAP from outside.  Big security risks there.  Also, OWA without SSL and two factor authentication is a big risk.  I would keep that stuff inside and use VPN for remote access.

If you do need to allow POP/IMAP or OWA, then you would want that server isolated.  You could either create a VPN tunnel from your dirty network to the network where your VPN is located, or you could simply open port 80/443 on the firewall between the FE and BE.  You could also dual home NICs, but I probably wouldnt do that unless you have firewalls protecting both exposed subnets. There are many, many ways to do this.

Keep asking questions if you have them.  It's not a problem.

OneHump
0
Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 1

Author Comment

by:davis
Comment Utility
gotcha -

..back to 1 - do I want it if I am really only using it for OWA?

..back to 2 - good point on the security.  We are using VPN to access the network.  As well, we are quarantining the OWA to an SSL VPN over web interface using the following product - http://www.netilla.com/   So, no ports open to the outside, other than port 25

So, we've isolated both servers FE & BE from outside.  With this cfg, do you have a recommendation for using or NOT using SMTP (deleting private store)on the FE?

thanks!
0
 
LVL 10

Expert Comment

by:OneHump
Comment Utility
1.  No, you don't need SMTP or a store if you are doing OWA.  

You can use SMTP if you need it to connect to the Internet.  If you need it, use it, but if you just want OWA, then forget it.  :)

OneHump
0
 
LVL 1

Author Comment

by:davis
Comment Utility
one more thing -

I can add a store back later, after deleting,  if SMTP is needed on the FE server?
0
 
LVL 10

Expert Comment

by:OneHump
Comment Utility
Absolutely.  You just right-click on the storage group and create a new store.

OneHump
0
 
LVL 1

Author Comment

by:davis
Comment Utility
thanks again!
0
 
LVL 10

Expert Comment

by:OneHump
Comment Utility
My pleasure.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now