Kanchana_Silva
asked on
2 Exchange 2010 HUB and IMSS
hello Guys,
we have 2 Exchange 2010 HUB/CAS servers. We use TrendMicro IMSS server as a SPAM gateway. We want to pass all the emails to HUB servers that are comming from the internet. Only problem is how can we point both HUB servers ?
Regards
we have 2 Exchange 2010 HUB/CAS servers. We use TrendMicro IMSS server as a SPAM gateway. We want to pass all the emails to HUB servers that are comming from the internet. Only problem is how can we point both HUB servers ?
Regards
ASKER
hello ,
i think you didn't get my question yet. Actually my Mail Gateway is located at DMZ network.Its a software and we have point HUB servers on the Mail gateway server. We have 2 HUB servers here. So i am asking what is the best practice to point HUB servers on the IMSS servers.
i think you didn't get my question yet. Actually my Mail Gateway is located at DMZ network.Its a software and we have point HUB servers on the Mail gateway server. We have 2 HUB servers here. So i am asking what is the best practice to point HUB servers on the IMSS servers.
So, you are talking about outbound mail, not inbound? Send Connectors, in other words? If so, you create one Send Connector in the Hub Transport settings at Organization level. Specify IMSS as smarthost (they will have provided you with a hostname for their towers). Ensure both Hub Transport servers are selected as sources.
ASKER
No, iam talking abt inbound emails. When all emails will be come to IMSS servers, then IMSS servers will pas all email to HUB servers. When we point HUB servers, how can we point them because we have 2 HUB servers. Please advice on this ?
regards
regards
OK, so why can't you use part of the first suggestion about load-balanced servers? You can use NLB or a hardware load balancer.
What have you got between your DMZ and internal network? A firewall or a proxy or something else?
What have you got between your DMZ and internal network? A firewall or a proxy or something else?
ASKER
We cant use WNLB becox We use WNLB for CAS array.
We cant use hardware Load Balancer because they dont have budget for that .
We cant use hardware Load Balancer because they dont have budget for that .
Why couldn't you use WNLB if you already use it for CAS array?
Could you also let me know what you have between DMZ and internal network?
Could you also let me know what you have between DMZ and internal network?
ASKER
Mictosoft dosent recomand to use port 25 on WNLB if that is use for CAS array.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Public MX Records
The best and simplest would be to just have two MX records, pointing to your Hub Transport servers (or firewall or NAT device - whatever you have on the network boundary). You could either put them at the same value (e.g. 10) which would be as close to load balancing them, or you could prioritise one of them (so, values would be 10 and 20 where 10 is the first tried).
The thing to consider, though, is that if you have a single firewall in front of them, you retain a single point of failure.
Internal MX Records
Depending on your setup, you could also leverage MX records in your internal name resolution space, allowing the edge device - e.g. firewall - to load balance inbound traffic.
Load Balancers
You could use something as simple as Windows Network Load Balancing to have a shared IP address that could be used as a resolution point for a single MX record. Alternatively, you could use proper hardware load balancers, like F5 or Kemp.