Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 859
  • Last Modified:

Setting up a new Front-End Exchange Server

We have a few companies that all use the same Exchange setup.  Right now I am in the process of setting up a second Front-End Exchange server that will be used for the larger of the companies.  I wasn't able to find a good solid best practice scenario for some of my questions, so I wanted to see what the expert's opinions were:

1) Is there any potential problem with having 2 Front-End Exchange servers pointing to the same back-end?

2) Does the computer name on our domain have to be the same as the public A record?  If I have it as FEMailServer on the domain & exchange.domain.com on the public internet.  Also, I want to get an SSL certificate registered in that name too.

3) I want to put it behind my firewall completely, so I need to know what ports I need open to the world.  I plan on doing the following:
- SMTP
- POP3
- IMAP
- Exchange ActiveSync
- OWA
- OMA
- RPC over HTTPS
- What other options are there? =)

4) Are there any articles on other best-practices to consider when implementing a new one?

5) I want to create an SMTP connector in our Exchange Manager to take all email that is coming from a list of domains & send it through the bridgehead of my new FE Exchange Server & then out to our managed security service.  I know how to build the generic portion of the SMTP Connector, but how would I specify only to allow for the certain domains going out it.  

Thanks for your help
0
rustyrpage
Asked:
rustyrpage
2 Solutions
 
SembeeCommented:
You can have as many frontend servers as you like. There is no issue with numbers.
Do ensure that they are patched to the same level as the backends. If the backends went through Exchange 2003 SP1 and then SP2, then repeat that and any additional updates.

Ports wise, most things run through 443 - you will need to open 25 for SMTP, 110 for POP3 and 143 (IIRC) for IMAP.

The name of the computer doesn't matter - the only thing that matters is that the DNS resolves.

On your final question - that isn't possible. Exchange doesn't route based on sender, only on destination.

Microsoft have a white paper on Exchange 2003 frontend/backend scenarios. You can download it from their Technet site.

Simon.
0
 
cshepfamCommented:
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now