Solved

MS Exchange Backend Server

Posted on 2008-09-29
4
308 Views
Last Modified: 2012-05-05
I have two servers, server A running Exchange 2003 Standard Edition SP2 on Windows Server 2003, and server B running Exchange 2003 on Small Business Server.  Each server is in a different location with a connection to the internet but no WAN connection between them.

I've been advised it's not good security practice to have mail delivered directly to Exchange running on SBS.  Therefore server B has mailboxes but uses POP connector to get new emails from external POP3 email accounts, with MX record pointing to the external POP mail server.  Server B sends emails as normal.

I want to get rid of these POP accounts.  Is it possible to have mail delivered to my main email server  on server A (which already recieves email for other domains).  Then have server B retrieve new emails from server A in a similar way to the current POP connector?

Would this be a front end/back end or bridge head server?  I'd appreciate any links showing how to set this up.

Regards, Peter.
0
Comment
Question by:Peter_Cull
  • 2
4 Comments
 
LVL 7

Accepted Solution

by:
knightfox earned 125 total points
ID: 22595675
Hi Pete,

Yes this could be done.  in essence you would still need to have one of your servers visable to the internet ie server A.  You could make this a front end server and remove ALL mail stores.  It would in effect become a load or protocol server servicing requests from your mail store.  

However....  the sheer fact that they are in different locations would factor somewhat in the setup.  All mail would be delivered into your front end server so would leave site B accross the internet, enter site A get processed via server A and back out the internet connection.  No pop conenctor would be needed as the servers would be a part of the same routing group.

This would of course put much more strain on your existing internet pipes....

Do you currently have mail stores on server A???

One of your options would be to use a third party service such as postini (http://www.postini.com/postini_solutions/isp.php) this essenticly becomes your mail ISP.. your mx records would all point to postini so all email sent to xxx.com would arive at the posinit gateway. You can also have multiple domains added.

Posinit then allows you to route to different sites based on the client name.. so jo.b@xxx.com could be routed to site A and john.s@xxx.com could be routed to site B  

You can then configure your premieter firewalls to only accept mail from the posini servers, thus giving you more security.

Poistini also gives you the added bonus of Virus and spam filtering.

/Fox
0
 
LVL 23

Assisted Solution

by:ormerodrutter
ormerodrutter earned 125 total points
ID: 22596100
"I've been advised it's not good security practice to have mail delivered directly to Exchange running on SBS" - I don't think thats true. What you might be concerning is that SBS has everything in ONE box so if it is out of operation you would have nothing else; while if you have a separate Exchange server the worst is losing your emails.

You can make your SBS server just as secure as you normally do with your Exchange server.

Yes it is kind of a FE/BE scenario. However you mentioned the two servers are in different locations and no WAN link - are they in the same domain? If they are not in the same domain then NO you can't.
0
 

Author Comment

by:Peter_Cull
ID: 22598165
Hi,
Thanks for the info.  My main mail server (server A) handles mail for 4 domains and 60+ mailboxes.  Probably best to leave it as is.  Server B has a different location, windows domain and email domain,  so probably wouldn't work.  If there's no greater risk delivering mail directly to it I shall so that.  Thanks for the sugestion of POSTINI I will look into that.
Regards, Peter
0
 
LVL 23

Expert Comment

by:ormerodrutter
ID: 22603464
Because the two are in different domain what you suggested will NOT work. SBS do NOT support domain trust so if you want it to work you HAVE to bring the Windows server and Exchange server into the exist SBS domain.

Remind you that SBS only supports upto 75 users/devices and you simply cannot go over that limit. So even if you are willing to bring the two together consider if your SBS can support your need. mind you  also that SBS has to be the master DC!!
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question