Trying to remove single point of failure in our exchange topology

We currently have 3 Exchange servers on an MPLS network.

All email comes into the NY server, and is routed through a Smart Host on the DC server (required for TLS encryption mandated by a couple of our clients).  Each physical server has it's own routing group and routing group connector.

So, if I mail comes in for a user with a mailbox stored on NY server, the MX record points to NY server, the NY server then sends the mail to a smart host on the DC server, after which, the mail is sent back to the NY server for delivery to the users mail box.  This works fine, and is only necessary due to some clients requiring TLS encryption for both sending and receiving mails.

The problem arises that our DC office will be having a scheduled power outtage over the weekend.  Therefore, even if a mail was destined for delivery in NY, it will not be sent to the NY mailbox, but will instead be queued until the DC server comes back up.

Can someone recommend a full mesh scenario where such service interruptions like the DC server going down, would still facilitate mail delivery to other offices?
Who is Participating?
gupnitConnect With a Mentor Commented:
Transport rules are pretty much going to help you create Rules/Conditions/Filters for Compliance as the word goes.
Here are few links to guide you, as for Proof of Concept, I will have to sit in front of Server and guide you step by step:
Also try these Virtual Labs (free) to guide you on usage, they will guide you step by step:
Hope this helps
First things first..mails do not goto DC. DC is just used for AD Lookups .
Now coming back to your scenario.....
  • NY Exchange Server  Redundancy:
    • This is the first palce of failure as it receives all mails
    • Well in your case if this Exchange server goes down then there will be no incoming mails at all.
    • To overcome this if you have Budget then, point your MX Secondary to any of the Exchange Server in other Location (needless to say you will require Internet Connection there)
    • Now if NY Exchange server fails, incoming to other locations would also work.
  • DC Redundancy: Well where ever we have Exchange servers for DC Redundancy it is always recommended to have 2 Domain Controllers in that location. As Exchange will not work at all without a DC.
I am not sure whether I covered the very basic part, well there can be many scenarios that can be designed for your network, but for that you will have to give a lot of information.
If you can give me this info:
  • Number of Servers per Location (including DC/Exchange)
  • Number of Internet Connections (does every site has one or only NY)
zejokaAuthor Commented:
I should have clarified DC = Washington DC.

And actually, some further pertinent information.

Email goes through Postini (Spam & AV)
Postini then forwards to NYC Server
All mail has to go through NYC server first as we have a server called NYRelay (this is because certain mails have to be BCCd to a distribution list automatically for reasons I won't go in to)
So, once in NY all mail is forwarded to a smart host on the DC server (washington DC, not domain controller), and then it will be distributed to either, NY, DC or Miami mailbox servers.
I think the reason why the smart host is located on the Washington DC server is because of the 100Mbit pipe to the internet.
To answer your question, all offices have their own internet connection, as well as being on the MPLS.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

I see I see ;-) !!! It happens !!! Ok getting back to the question....
You need to clarify a few questions...
  • Is this the flow.....If I understood corectly......
    • Postini receives Internet Mails and forwards to New York Relay Server (for confidential compliance reasons) --> From the Relay Server to NY Exchange Server --> From NY Exchange Server to SMart Host @ DC --> From SH @ DC to other Exchange servers..........!!!
  • Now let me talk about some points here, that I understood....
    • NY Server has to receive all mails and you do not want to change that (due to compliance)....right?
    • DC Server is very very important as it is required as a client requirement for Encryption.
For me these 2 are going to be bottlenecks, if any one of them goes down then it would be an issue. I would recommend (assuming WAN link 100% availability)  the best solution would be to go for High Availability Solution for both of your servers (clustering or sth)
  • DC Server used for Encryption
  • NY Relay Server [This is until and unless your organization agrees to have a secondary MX pointing to another location like DC and having another Relay Server (for compliance).]
Hope this helps, let me know if you think I misunderstood sth or you need clarifications.
zejokaAuthor Commented:
Your interpretation of Mailflow is correct.

a) NY Server has to receive all mails and you do not want to change that (due to compliance)....right?

Yes and no, we need to retain this feature somehow.  Currently a 3rd party software called eXclaimer sits on a server called NYRelay (NYRelay is NOT an exchange server, just server 2k box with eXclaimer resident) with a rule that all email relating to a certain issue being cc'd to a compliance department.  However, we would like to remove the 3rd party software and deal with this on an exchange level - maybe with the introduction of an Exchange 2007 we can achieve this? The main premise appears to be all incoming / outgonig mail relating to this issue needs to be processed by this relay / or rule before any transport to mailbox / external recipient

b) DC Server used for Encryption

Again, we need a smart host that looks at all incoming / outgoing mail, and anything to and MUST be sent / received using TLS.  It doesn't have to reside on the DC server, if we can do this more efficiently that would be great.

At the moment, I am thinking of introducing a Front End server for iPhone connections, OWA, Activesyn, which will have SSL and communicate to all the back end servers via HTTP.  Now if possible, I'd like to handle the above using this solution too, I'm just not sure how feasible this would be.
Since you are already thinking of Exchange 2007, yes Transport Rules will take carfe of option a) and I would recommend rather than investing money in 2k3 now, it would be better to wait and deploy Exch 2k7. Else it will be an investment in terms of redundancy unncessarily
Let me know in case you need clarification.
zejokaAuthor Commented:
could you give me a little more information on the "Transport rules".  Like how this situation could be configured.  I've read a little about Exch 2007 and have it running on a virtual server for testing, and would love to try and implement a "proof of concept"
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.