Implementing SBS 2003 Exchange, hard are suggestions / fault tolerance, spam solution.


I manage a network for a local client of mine and they are interested in bringing e-mail in house utilizing the Small Business Server 2003 that is already in place mainly to cut down on the spam and increase productivity.

The server in question is by far the most widely used server within the network.

Here's a quick breakdown of the server:

The server is a white box that I inherited from the previous admin
AMD Athlon 64 3800+ Processor
1 GB Ram
2 160GB SATA Hard Drives with hardware Raid 1via motherboard
single 500 watt generic power supply

Applications on server:

Attendance Rx 2.0 - Time clock software
AVG Admin / Anti-virus
Filezilla Server - used to accept backup's from our linux box and replicate to our SonicWall 4440i CDP
Spectorsoft Spector 360
Live Communications server 2005
Occasionally used for WireShark
Used heavily for Remote Web Workplace and I suspect Outlook mobile once exchange has been implemented
Used heavily as a file server as well

The server plays all the roles of a SBS with the exception of Exchange.

Now here is where my question comes.

Before I bring the email in house I would like to upgrade the server as far as hardware fault tolerance. I'm looking for suggestions on a raid 5 possibly and possibly speeding the whole machine up without doing a total rebuild.

Also is it possible to point the domain's secondary MX record to a shared hosting account with a catch all in case the server were to crash?

In addition to this multi part question the network will also be serving remote branches. What is the best way to serve exchange across a site to site VPN utilizing SonicWall TZ-170's at each end.

Please keep in mind that after Exchange implementation my client will begin to bring other Exchange oriented services into place. IE: unified messaging, unified fax collaboration.

I will also need a solution for a spam filter. Previously I have used the ORF (open relay filter) from and I like it being easy to use and pretty inexpensive but I would like more control.
I have used SonicWall's hardware spam solution in the past with great success but I'm attempting to do this on a "light" budget. Any suggestions here would be greatly appreciated.

A bit about the network it self.

All locations utilizing a dynamic T-1
The home office uses a TZ-170 as the Gateway/router/firewall
A netgear managed switch handles the traffic
Sonicwall 4440i CDP handles all backups
MS server 2003 std is utilized for terminal services

I'm looking for any opinions on the best way to implement this correctly without costing my client a lot of money and provide SOME email fail over.

I know this is a very long multi part question so I will be offering 500 points to a great answer / opinion.

Thank you in advance for any replies!
Who is Participating?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
The very design of SBS is optimized to handle Exchange and it does it quite well.

To clear up a few issues though:
"Also is it possible to point the domain's secondary MX record to a shared hosting account with a catch all in case the server were to crash?"

That wouldn't provide much help.  Email messages that are bound for the Exchange Server will keep trying to reach it for at least 48-hours if it's off-line, and some servers try for up to 72-hours.  If the SBS is down for that long you have more worries than email, but you also have time to switch the MX record if required.  Otherwise a backup MX with a catch-all will only catch thousands of SPAM messages each day.

The key to preventing problems with email are to properly provision, configure and maintain your SBS.  I've deployed over 100 SBS's in the past few years... and the vast majority of them are up 99.999% of the time.  We occasionally have disk failures and mobo failures, but those are repaired within hours and do not cause major outages.

"I will also need a solution for a spam filter."
Before getting any expensive SPAM filter you should look at what Exchange has natively -- The Intelligent Message Filter.  Which is pretty terrific!

Then, I'd look at replacing the AVG-Anti-Virus?  I recommend TrendMicro Client/Server/Messaging Suite for SMB which is VERY reasonably priced (about $24.00 per workstation (as a competative upgrade for replacing AVG - with no additonal cost for the server) and includes a rather good secondary SPAM filter.  The advantage of using your AV program for SPAM is that it works much more efficiently as it handles both virus scanning and SPAM, and even content monitoring if you want at the same time and at the same place in the message routing.

I didn't see any mention of how many clients you have attached, but you should know that there should be no performance issues at all for up to about 50 users with your current server if you upgraded the RAM to 4GB.  Adding a RAID would be more for redundancy than performance.

"In addition to this multi part question the network will also be serving remote branches. What is the best way to serve exchange across a site to site VPN utilizing SonicWall TZ-170's at each end."

This is an entirely different topic, and should be asked in a separate question.

Lee W, MVPTechnology and Business Process AdvisorCommented:
I would upgrade the RAM to 4 GB.
As for the disk subsystem, leave the existing mirror, but I would add EITHER a RAID 5 or a RAID 10 - and don't worry physical space for the disks - you can always use eSATA or SCSI.  In either case, I would get a RAID controller that supports RAID5.  Then put the Exchange databases on the new RAID.

As for SPAM filtering, I like GFI - I admit, I haven't used many low end products, but I've found GFI highly customizable and, I think, fairly cheap.  Of course, you can also look into the built in filtering in SBS using the Intelligent Message Filter.

And yes, you should be able to implement a second MX record where mail can go if the primary (your SBS Server) is unavailable.  Though keep in mind, a momentary hiccup in connection could cause messages to go to that other server, so you'll need to have that server checked regularly.  And also, if your server went down, you'd likely have 2-4 days before the messages would be lost and even then, the senders would be notified.
One suggestion I would say is use something like Postini.  It would both be a spam filter (they are excellent at that), and also would spool incomming mail incase your server died.  I think the default is 12 hours of spooling.  It's a great tool I have used many times with clients.  I would say it eliminates 95 to 98% of spam with no need to install applications on the server or purchase upgrade licenses.  All you do is pay a per user monthly fee ($3/user I think).  
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

kinetik20Author Commented:
Thank you for your responses, can anyone suggest an external raid array to host the exchange databases? Also any help for serving exchange to the remote branches?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Oh... don't use an EXTERNAL RAID for your Exchange Databases... it should be INTERNAL.  

kinetik20Author Commented:
TechSoEasy once again Thanks for your awesome response, I'm beginning to wonder If I should just direct questions to you! :)

Just to clear something up you do suggest going to a raid 5?

Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
If the server can handle it and the client can afford it, yes.  That's my preference.  But it can get pricey and the server needs to be able to handle that amount of drives.

Also... if you want only me to answer questions... then you'll miss out on all the other great folks here.  In addition, I would think that would be like hiring me... in which case you would need to see the info in my profile.  :-)

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.