asked on
Setting up SBS2011 with IAMW but with different email addresses
Hi,
I am installing and configuring Small Business Server 2011 tomorrow. Last time I did an install, it was SBS2003. I have read as much as I can on what to expect but one thing worries me and I am hoping that someone can share their knowledge with me.
During the SBS2011, IAMW seems to require everyone to nominate a domain name to use to setup the company's public website and email addresses, etc., For various reasons, I want to leave the web hosting and email accounts on web hosting company's server (not self host).
I want to setup SBS2011 to use 'POP3 Connector' to collect emails (user1@companydomain.com) from hosting company's email server and of course send emails with the same @companydomain.com email addresses.
This might be easy if users did not need to access their emails on the road. I probably could have ignored IAMW setup. Unfortunately, users are use to "Outlook Web Access" (OWA) on SBS2003 so OWA or Remote Web Workplace (RWW) needs to be setup. For that, I already have another domain name registered (ie. staffuseonly.com).
So, if all goes well, I am hoping to achieve the following:
I am hoping their is a way to change the Exchange in SBS2011 to use @companydomain.com, can anyone please tell me how?
Can anyone see any issues I might bump into by setting it up this way?
It has been a little while since I setup SBS2003... my memory have failed me. If POP3 Connector collects email messages, where can I set the Outgoing Email Server details so all the outgoing messages can be forwarded to the ISP email server?
Any assistance or heads-up will be very much appreciated.
Paul
I am installing and configuring Small Business Server 2011 tomorrow. Last time I did an install, it was SBS2003. I have read as much as I can on what to expect but one thing worries me and I am hoping that someone can share their knowledge with me.
During the SBS2011, IAMW seems to require everyone to nominate a domain name to use to setup the company's public website and email addresses, etc., For various reasons, I want to leave the web hosting and email accounts on web hosting company's server (not self host).
I want to setup SBS2011 to use 'POP3 Connector' to collect emails (user1@companydomain.com) from hosting company's email server and of course send emails with the same @companydomain.com email addresses.
This might be easy if users did not need to access their emails on the road. I probably could have ignored IAMW setup. Unfortunately, users are use to "Outlook Web Access" (OWA) on SBS2003 so OWA or Remote Web Workplace (RWW) needs to be setup. For that, I already have another domain name registered (ie. staffuseonly.com).
So, if all goes well, I am hoping to achieve the following:
Users send and receive emails using @companydomain.com
Users can access RWW using remote.staffuseonly.com address
Do not want public website hosted on staffuseonly.com (this domain is 100% used by staff only)
Here is my game plan. I will install SBS2011 Standard as a clean install (not migrate from 2003). When I get to IAMW, I am planning to use staffuseonly.com address to setup. That should take care of RWW but all the user email addresses will be using the wrong domain.I am hoping their is a way to change the Exchange in SBS2011 to use @companydomain.com, can anyone please tell me how?
Can anyone see any issues I might bump into by setting it up this way?
It has been a little while since I setup SBS2003... my memory have failed me. If POP3 Connector collects email messages, where can I set the Outgoing Email Server details so all the outgoing messages can be forwarded to the ISP email server?
Any assistance or heads-up will be very much appreciated.
Paul
Microsoft Server OSWindows Server 2008SBS
Last Comment
Cliff Galiher
ASKER
Thanks Cliff for your reply!
The main reason I don't want the website and email hosted locally (on our own SBS2011) is due to lack my knowledge and not having someone to manage the IT onsite. I figured it would be more secure to leave web hosting to dedicated hosting companies running Linux servers then I try to host my own and get hacked... and possibly leave a hole open for someone to walk in to our file server. I will take your point on POP3 Connector not being a long term solution and I will look into it further, down the track but I have this weekend to switch over the server so I will be happy with band-aid solution at this point.
A clarification please. So you are saying, SBS2011 can not let me have different domain name for email (ie. john@abcd.com) and RWW (eg. remote.zxy.com)? That is a bad news for me. That would be a deal breaker. I will just have to reinstall SBS2003 and set it up the way it has been.
If you can think of a way to make it work, please chip in again and let me know.
The main reason I don't want the website and email hosted locally (on our own SBS2011) is due to lack my knowledge and not having someone to manage the IT onsite. I figured it would be more secure to leave web hosting to dedicated hosting companies running Linux servers then I try to host my own and get hacked... and possibly leave a hole open for someone to walk in to our file server. I will take your point on POP3 Connector not being a long term solution and I will look into it further, down the track but I have this weekend to switch over the server so I will be happy with band-aid solution at this point.
A clarification please. So you are saying, SBS2011 can not let me have different domain name for email (ie. john@abcd.com) and RWW (eg. remote.zxy.com)? That is a bad news for me. That would be a deal breaker. I will just have to reinstall SBS2003 and set it up the way it has been.
If you can think of a way to make it work, please chip in again and let me know.
As I said, your websites can remain hosted. The only thing local s the remote.* subdomain. Other subdomains can remain wherever you want them. For me to help you fund a solution, I need to better understand the problem. Why is the main domain name differences a deal breaker?!?
ASKER
I'm not sure if I am understanding the term 'subdomain' correctly but the reason we are using two different domain names is it just evolved that way. Originally, we had companyname.com domain name for the website and email pointing to hosting company. Our OWA was accessed by fixed IP address. We registered the domain name just to make it easier to remember the OWA address.
I miss understood you before, if you are saying that our website (www.companydomain.com) can be hosted by 3rd party but email (john@companydomain.com) can come to our SBS2011? Is that what you are saying? I thought the Internet Name Servers can only point to one IP address from one domain name. Are you saying I can split the traffic and have all web traffic directed to web hosting company's IP address and all email traffic directed to our SBS2011 (at the fixed IP address)?
I miss understood you before, if you are saying that our website (www.companydomain.com) can be hosted by 3rd party but email (john@companydomain.com) can come to our SBS2011? Is that what you are saying? I thought the Internet Name Servers can only point to one IP address from one domain name. Are you saying I can split the traffic and have all web traffic directed to web hosting company's IP address and all email traffic directed to our SBS2011 (at the fixed IP address)?
ASKER
I just realised I didn't answer your last question about the 'deal breaker'.
I don't want to host my own website (due to not having enough technical skills to protect it from hackers).
I don't want to host my own website (due to not having enough technical skills to protect it from hackers).
As I have said twice already, your public sites can remain hosted. Only OWA and RWW will be internal.
-Cliff
-Cliff
And yes, what I am saying is that www.company.com can point at your hosted web server, remote.company.com can point to SBS so users can use OWA and RWW, and mail for any-user@company.com can be delivered to SBS 2011.
The above is a stock-standard setup of sbs that 95% of the installations are designed to use.
-Cliff
The above is a stock-standard setup of sbs that 95% of the installations are designed to use.
-Cliff
ASKER
Lets say I wanted to implement everything you mentioned this weekend (instead of doing this in two stages), I still don't understand HOW (or what is involved) web traffic can be directed to hosted web server and email and RWW traffic to SBS2011 on totally different IP address. I appreciate you telling me that, 'it can be done' but without knowing 'how', it is not as helpful to me.
Let's start with DNS at the Domain Registry level. When someone registers a domain name, they nominate primary and 2ndary DNS servers (eg. ns1.hostingcompany.com.au)
Let's start with DNS at the Domain Registry level. When someone registers a domain name, they nominate primary and 2ndary DNS servers (eg. ns1.hostingcompany.com.au)
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Cliff,
Thank you very much for your very detailed explanation of how SBS should work. You are indeed a genius! You have sold me the idea of doing it 'properly'. Thanks!
You said you used additional examples above to illustrate and explain how MX and A records work within a DNS but I wonder if I can ask for a confirmation. I have contacted my DNS provider and they are able to do everything you said above! What a learning in itself!!
Can you please tell me exactly what I need to tell DNS provider to do for me?
IF my domain name for email is: mycompany.com
I will have:
(1) A record in DNS added for https://remote.mycompany.com to forward to my public IP address pointing to my SBS2011 server for RWW.
(2) MX record in DNS added for remote.mycompany.com to forward to my public IP address pointing to my SBS2011 server for incoming email.
Is this correct?
I do not need mail.mycompany.com forwarded to my public IP? Maybe SBS don't use that and that is ISP convention.
Finally, from your example, I noticed that you have backup-mail.comany.com... would it be a good idea to have higher weighted (lower priority) MX record added to DNS to point to hosting company's mail server, just as a backup. And setup SBS2011 the way you suggested but also have POP3 Connector checking every 15min, just incase SBS2011 mail server falls over? Or are you recommending never, ever using POP3 connector?
I'm sorry to ask, what must seem like a stupid question to you but my DNS provider informed me that DNS to propagate and work properly, it can take 4 hours or more so I need to be 100% sure what I'm asking my DNS provider to do is 100% correct.
Thanks again!
Paul
Thank you very much for your very detailed explanation of how SBS should work. You are indeed a genius! You have sold me the idea of doing it 'properly'. Thanks!
You said you used additional examples above to illustrate and explain how MX and A records work within a DNS but I wonder if I can ask for a confirmation. I have contacted my DNS provider and they are able to do everything you said above! What a learning in itself!!
Can you please tell me exactly what I need to tell DNS provider to do for me?
IF my domain name for email is: mycompany.com
I will have:
(1) A record in DNS added for https://remote.mycompany.com to forward to my public IP address pointing to my SBS2011 server for RWW.
(2) MX record in DNS added for remote.mycompany.com to forward to my public IP address pointing to my SBS2011 server for incoming email.
Is this correct?
I do not need mail.mycompany.com forwarded to my public IP? Maybe SBS don't use that and that is ISP convention.
Finally, from your example, I noticed that you have backup-mail.comany.com... would it be a good idea to have higher weighted (lower priority) MX record added to DNS to point to hosting company's mail server, just as a backup. And setup SBS2011 the way you suggested but also have POP3 Connector checking every 15min, just incase SBS2011 mail server falls over? Or are you recommending never, ever using POP3 connector?
I'm sorry to ask, what must seem like a stupid question to you but my DNS provider informed me that DNS to propagate and work properly, it can take 4 hours or more so I need to be 100% sure what I'm asking my DNS provider to do is 100% correct.
Thanks again!
Paul
I was indeed using examples. If you create an MX record that references remote.mycompany.com, you will be just fine. mail.mycompany.com is just an example convention I chose to use to illustrate that how the DNS entries work is not SBS specific and naming records can be named whatever makes the most sense to the person creating the records.
Regarding backup email services, as I said before, pop3 is really inadequate for server to server email delivery. Keep in mind that if you suffer an ISP outage or some other failure (server, firewall, router) that prevents mail from reaching your server, the standard reaction from most mail servers, if they cannot find an available server, is to retry every few hours for approximately 3 days. If your outage is longer than 3 days, chances are you have bigger things to worry about than emails bouncing back to senders (which at least they will get a bounce so they will be aware of the issue.)
If you truly feel you want a backup mail server, I still wouldn;t use a pop3 server such as one from your ISP. There are backup mail services such as those provided by mxlogic.com for only a few dollars a month that, just as outlined above, you set up as a second MX record so they catch mail if you are down. However, unlike pop3, these mail services preserve the original mail and will periodically check for your server until it detects that the connection is back up and will then complete delivery on the original sender's behalf. This all happens using SMTP, not pop3, and therefore avoids many of the shortcomings of pop3 while providing an easier administrative service.
In most cases a secondary mail server is completely unnecessary, but it is an option if you feel strongly about it. Regardless, using a pop3 service should be avoided.
-Cliff
Regarding backup email services, as I said before, pop3 is really inadequate for server to server email delivery. Keep in mind that if you suffer an ISP outage or some other failure (server, firewall, router) that prevents mail from reaching your server, the standard reaction from most mail servers, if they cannot find an available server, is to retry every few hours for approximately 3 days. If your outage is longer than 3 days, chances are you have bigger things to worry about than emails bouncing back to senders (which at least they will get a bounce so they will be aware of the issue.)
If you truly feel you want a backup mail server, I still wouldn;t use a pop3 server such as one from your ISP. There are backup mail services such as those provided by mxlogic.com for only a few dollars a month that, just as outlined above, you set up as a second MX record so they catch mail if you are down. However, unlike pop3, these mail services preserve the original mail and will periodically check for your server until it detects that the connection is back up and will then complete delivery on the original sender's behalf. This all happens using SMTP, not pop3, and therefore avoids many of the shortcomings of pop3 while providing an easier administrative service.
In most cases a secondary mail server is completely unnecessary, but it is an option if you feel strongly about it. Regardless, using a pop3 service should be avoided.
-Cliff
ASKER
Re: 3 days of outage - LOL! Indeed. Alright. I will instruct the DNS provider and see how things go.
Thanks for your guidance. Please know that, thanks to your help, one more SBS2011 in the world was setup properly!! : )
Thanks for your guidance. Please know that, thanks to your help, one more SBS2011 in the world was setup properly!! : )
ASKER
Thank you Cliff for talking me into setting up the SMS2011 in keeping with the best practice. I can see now the POP3 Connector is not doing justice to SBS2011.
ASKER
I have read a fair bit before starting this installation but at no stage did I read that POP3 Connector was only a migration tool while DNS is being setup.
If anyone else is 'travelling' along the same path as I was, take it from me, setting up as described by Cliff is a good solution. That is, website is still hosted by hosting company but emails can be sent directly to the SBS by setting up the DNS properly.
If anyone else is 'travelling' along the same path as I was, take it from me, setting up as described by Cliff is a good solution. That is, website is still hosted by hosting company but emails can be sent directly to the SBS by setting up the DNS properly.
As an FYI, MS mentions this in their deployment technet articles and on the SBS blog. Linked to the blog since it is the more obvious (very first paragraph) reference to pop3 being a migration tool, but the message is consistent in other docs as well.
http://blogs.technet.com/b/sbs/archive/2009/07/01/sbs-2008-introducing-the-pop3-connector.aspx
http://blogs.technet.com/b/sbs/archive/2009/07/01/sbs-2008-introducing-the-pop3-connector.aspx
1) When you run the internet address wizard, it will configure to receive and send email using <username>@example-name.co
2) The internet address wizard will create an internal lookup zone for remote.example-name.com so internal lookups work as expected.
3) The wizard will create a website at remote.example-name.com for OWA and RWW. your public site at www.example-name.com will remain intact and no changes are made to impact this.
What you *cannot* do is have email configured for <username>@example-name-1.
Finally, let me *strongly* discourage you from using the POP3 connector. MS has included a POP3 connector since the early days of SBS, first for companies that still had dial-up, and later as a migration tool. POP3 is appropriate for long-term mail collection. Limitations and security issues with the protocol itself are the underlying reason, not anything specific to MS or SBS in this case. It is just an extremely bad idea and all of the MS documentation make this clear. Planning to move to direct Exchange email delivery should be part of your installation and configuration plan. I can't stress this point strongly enough.
-Cliff