What is the best way to setup a Windows SBS 2003 and Exchange in a small office with satellite Internet?

I'm working with a small business located in a very rural area where the only high-speed Internet available is satellite.  They currently have about 5 computers, all running Windows XP pro with POP3 email addresses provided by their previous dial-up ISP.  The intent was to setup a single powerful server to initially share files centrally, while later using Exchange for email, shared contacts, calendars, etc.

I wanted to install the server with the least amount of disruption to users while one by one implementing and testing services.  The wizard-oriented nature of SBS essentially requires you to "homerun" nearly the entire process of implementing the server.  I didn't want to risk taking down the whole network by letting SBS change the settings on the router, automatically take control of DHCP, DNS, email, My Documents redirection, etc.  In addition, the wizards don't always work. In my case, the connect computer wizard, on 3 of the 5 machines, did not successfully transfer the users profiles over to the newly created domain accounts.  So, I have thus far avoided certain wizards and been OK.

My question now is regarding Exchange.  I have read many posts stating that POP3 connectors are terrible, you MUST run the Internet Connect and Email Wizard to use them, etc.  Currently the Outlook clients are still setup with their POP and SMTP settings from pre-existing dial-up email addresses and working OK as far as I can see.  Should I want to move one "shared" account to a POP3 connector on the server so everyone can view the inbox, is it impossible to do it manually in Exchange System Manager or just strongly discouraged?  Secondly, is it still more ideal to use Exchange purely even on this slow satellite connection?  The ISP-hosted email also has strong SPAM filtering that would go away in the event that I switch to the Exchange SMTP server and change the MX records.  What is the best setup in this situation?
wega1985Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Michael WorshamStaff Infrastructure ArchitectCommented:
I do know that HughesNet will not supply a static IP address, so you will have to use a dynamic IP address setup for your domain and MX records. That is actually not a problem as that is how I have my SBS server environment running and am quite pleased with it.

As for the Exchange environment, you have the option of setting up Exchange to handle e-mail like any other business site or have it pull e-mail from your ISP (via POP3 or IMAP) and send e-mail back out the same way (like using your ISP as a 'smart host').

0
wega1985Author Commented:
I'd also like to consider the fact that hosted SPAM blocking required for internal Exchange SMTP would likely require a more advanced firewall/router purchase such as a Watchguard Firebox for tighter traffic filtering than a Linksys.  Would it not?  The OWA would probably be very slow over the satellite vs. the fast webmail provided by the ISP.  I'm wanting this to be as low maintenance for them as possible, while also keeping costs down.  I don't know how many false-positives they have with the ISP-based SPAM blocking, but the added hosted Barricuda, for example, would seemingly add even more required admin intervention than before (from my experience).
0
Michael WorshamStaff Infrastructure ArchitectCommented:
For my SBS server infrastructure, I setup a Linksys RV082 VPN/firewall router. It has the capability to access DynDNS.org up update my dynamic IP address to my assigned dynamic domain name. I then take my fully qualified domain name and point it at this dynamic domain name address. That way I can access my site from where ever I want /need to for OWA, RWW, RDC etc.

The cool thing with OWA is that it has two different 'gui' interfaces -- one for slow speed and one for broadband, thus making it functional anywhere.

Linksys RV082:
http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1115416833289&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=3328956699B01

As for the SPAM blocking, actually there are a few alternatives rather than having to setup a hardware spam filtering system.

Under Exchange 2003, you can setup Intelligent Message Filtering (IMF) along with having Exchange check RBL lists (this is what I setup on my server and it reduced spam nearly 90%):
http://www.petri.co.il/block_spam_with_exchange_2003.htm

You can also look at Kaspersky's Enterprise Space Security suite package. It has an anti-virus/anti-spam module just for Exchange. It also will protect your server environment as well as the workstations on the network as well.
http://usa.kaspersky.com/products_services/enterprise-space-security.php
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wega1985Author Commented:
So basically all I'd need to start would be a router that supports DynDNS (which the current Linksys does).  I'd set up the domain with DynDNS.org and set that up on the router.  Then I'd need to take control of the domain out of the hands of the ISP (listed as the technical contact on the registration information of the domain registered with Network Solutions).  

Would the company then pay Network Solutions directly for the domain registration instead of the ISP?  Should the ISP give me the information needed to login to the registration settings and modify the records?  After I have control of the records, I'm assuming I'd point the FQDN to the dynamic domain name address.  Then, after the Exchange SMTP setup and port opening I should start to see emails coming in?  Any tips on avoiding lost emails in the DNS propogation period?  I've read that you can sometimes use an ISP mailserver as a backup to yours if they allow it.  Do you think this is still true with HughesNet?  

Thanks for your answers so far.
0
Michael WorshamStaff Infrastructure ArchitectCommented:
I actually host my DNS information through GoDaddy.com as their web interface is very easy to use for setting up A, CNAME and MX records.

As for domain registration, yes, your company would then pay for handling it as you would become the 'site administrator' for it.

Q: "After I have control of the records, I'm assuming I'd point the FQDN to the dynamic domain name address.  Then, after the Exchange SMTP setup and port opening I should start to see emails coming in?"

A: Yes. If port 25 is opened (and your ISP allows e-mail servers on dynamic addresses), then you should be able to send and receive e-mail. I do, however, recommend that once you have got the FQDN pointed to your dynamic IP address, goto DNSStuff.com and run a DNS Report. It can see if your site has any DNS issues as well as check your MX records for any possible issues (i.e. some dynamic IP addresses are black listed, thus send/receive won't work right -- thus might require using a 'smart host relay' if you want to bring e-mail totally in-house)

You might need to ask HughesNet to see if they allow secondary MX record backups.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.