Link to home
Start Free TrialLog in
Avatar of pphilippides
pphilippidesFlag for Canada

asked on

Exchange 2010 Coexistence - DNS

Hello,

Our organization is currently using an Exchange 2007 server.  We have set up an Exchange 2010 environment in the same forest and would like to start testing it before we migrate our mailboxes over.  The question I have is with regards to DNS.  If I add the Exchange 2010 MX record with a lower priority, I'm worried that mail servers may query this server even when the primary is up.  Am I right that this may happen?  If this is the case, what is the best way to set this up?  I don't want to set it up on a sub-domain as I don't want to have to change all of the certificates when we go to migrate.  I also don't want to route all 2010 emails through the 2007 send connector as this doesn't fully test the environment.

Any ideas?

Thank you,
Phil
ASKER CERTIFIED SOLUTION
Avatar of neilpage99
neilpage99
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
...you'll need an address policy to generate email subdomain (i.e. @test.mycompany.com) address for your users. I like to use custom attributes on users, and apply test email domains in address polcies based on the existence of the custom attribute (so not everyone gets the test email address) - but that's optional.

You are absolutely correct that sending email servers will use ANY AND ALL servers listed on the MX records. Preference matters very little anymore.
Hi Phil,

Testing should be done in the form of telnet and test mailboxes, that way you know if routing works or not. In most cases you should be fine.

I wouldn't try to add a MX record to your new 2010 server, you're just complicating matters.

Exchange 2007 and 2010 can coexist. The MS documentation will tell you that you just need to point your port 25 traffic to the new 2010 server and routing will work for your existing users and services.

You can create a separate send connector on the 2010 box so that way it does not route via 2007.

See the following links for further reading: http://technet.microsoft.com/en-us/library/dd638158.aspx

http://technet.microsoft.com/en-us/library/ff805041.aspx

Best of luck!
@neilpage99, think your missing the question, OP doesn't want to use a sub domain.
Plus preference does matter on MX records. Or what would be the point? You may be referring to spammers to target lower preferences - highest number.

Further reading: http://en.wikipedia.org/wiki/MX_record#Spammers
I'm not missing anyone's point Netflo. I'm clarifying that adding an email subdomain is far less complicated that they may be anticipating, AND it does not interfere with the certificate.

MX preference fails over and over on the scale of the internet. The point was obvious, to prefer one MX record over another - but this is inconsistent at best, regardless of whether it's a spammer or not.

I run many email systems and deal with MX records all the time. I have seen over and over again, using legitimate sending and receiving servers, the MX preference occasionally fails to perform as desired. Statistically, you may get more hits on the lower preference MX record, but it will be far from perfect.
Avatar of pphilippides

ASKER

Thanks for the reply guys.

@neilpage99, I get what you are saying with regards to creating a sub-domain, but I guess I was hoping there was a way I could avoid this in order to limit the amount of steps when it comes to migrating off of and decommissioning the Exchange 2007 server.  

Just to clarify, besides adding another MX record to our primary domain and taking the risk of not getting emails, there isn't another way of having both email servers route emails for the same domain?  I suppose forwarding through the 2007 connector would work but as I said this isn't really a true test of the environment.
Have faith in Exchange 2010, it will work. You don't need to worry about MX records and any complications that occur from that.

If you don't like it, you can delete the inter-routing connector and you're back to your single server.

What exactly are you concerned about or wanting to test the functionality about? Exchange 2010 is a great product, period!
Using this as a reference:
http://social.technet.microsoft.com/Forums/en/exchange2010/thread/b057aedf-660e-4443-bf01-840c87de592c

...mailboxes homed on the EX 2010 server will use send connectors setup on in that EX 2010 environment.

Put another way - the EX version of the mailbox (i.e. 2007 vs 2010) will determine which send connector it will default to.

Use of an Edge Transport server influences this - also noted in the article I linked above.
You can make your tests as thorough as you wish. If really want to know how well your EX 2010 environment can accept mail from the internet - without disrupting production mail flow, then a good way to go is additional MX records which point to a test email subdomain (or some other test domain that you own that is publicly resolvable). Setting up receive connectors and SPAM management etc can be tricky depending on the environment, but if you're confident  you won't have any problems with it - skip the MX records and march forward.
So to clarify, if I didn't want to mess around with sub-domains or MX records I could tell my Exchange 2010 Edge Transport internet-facing connector to route through the 2007 smart host and test that way?  Is that typically how people would test coexistence?  I suppose I could be over-complicating things..
Your MX records are only for "incoming" mail - into your Exchange organization. You wouldn't add or change MX records to test outbound email.

As I described in my post above, you cant test outbound email from the EX 2010 server by creating a test mailbox on the EX 2010 server; as that test mailbox will use an EX 2010 hub/connector. This is cited in the article above:
http://technet.microsoft.com/en-us/library/bb232045.aspx
I understand that the MX records are for incoming mail - I also want to test incoming, as I believe it is a necessary step in testing the full solution.  I believe when we migrated from 2003 to 2007 I just created another MX record but we already ruled that option out.

In any case, it sounds like we will have to go the sub-domain route.  Thanks for your help.