Internal Emails to Remote Worker

Posted on 2013-06-28
Last Modified: 2013-07-15
I have a Small Business Server 2008 with the majority of users working within the office.

However, I have a couple of users who have laptops and receive their emails directly to their laptops via POP3 accounts (the server uses POP3 Connector to receive emails).

The Remote users do logon using a VPN to access files so they have a user logon to the Server. By default they also have a mailbox in SBS.

The problem is that when somebody inside the office, connected to the Server, sends an email to the remote user the email fails to reach as I presume it goes into the mailbox on the server.

Therefore I have 2 questions:
1. Can I delete / remove the mailbox for the remote user? If so How
2. If the user then has no mailbox how do I force the emails being sent to them by the internal users to leave the office?

Question by:JayHine
LVL 23

Expert Comment

by:Thomas Grassi
ID: 39284289
Before trying to delete the mailbox lets see what is going on here.

Can the remote user sent email to the local users?

Can another remote user send to other remote users?

When users logon to your server using VPN they are just like the local users they just are in a remote location.
They can access all the shares on the local lan printers etc,

What email system are you using?

Expert Comment

ID: 39284298
Are the POP3 accounts and the mailboxes hosted on your server both using the same email address?

Author Comment

ID: 39284456
In answer to both of the above:

The external user can send emails to the internal user. Remote users cna send emails between themselves.

The laptops have local pst files and collect emails form the hosting server. So even if they are connected via the VPN their emails are only on their laptops.

All emails are on a hosted system (1and1) and the server collects via POP3 connector and the laptops via pop3 in outlook
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 39284707
What I would do, aside from converting the SBS from pop3 to SMTP as it works better, is:

Create an account on the SBS for the remote users, bring their mail to the Exchange server and have them use Outlook Anywhere for corporate mail.    As a poor second have them pop the Exchange server instead of the host.

As a poor third you can create an alais on the SBS and have their corporate email forwarded to their or accounts.

Author Comment

ID: 39284764

I am sorry but in SB Server 2003 when his happened it was possible to go to "Default Recipient Policy" and change the properties so the server did not think it was responsible for the whole of the Thgis was done by setting it to Non-Authoritative.

This in conjunction with the user not having a mailbox allowed emails to be sent to remote users.

I need to know if this is possible to do in SBServer 2008 & 2011


Expert Comment

ID: 39284810
Well I'm a bit lost by what you've said just now, but in answer to these questions:

Therefore I have 2 questions:
1. Can I delete / remove the mailbox for the remote user? If so How
       You can mark the user's mailbox for deletion in Exchange Management Console. They don't have to have a mailbox associated with them.

2. If the user then has no mailbox how do I force the emails being sent to them by the internal users to leave the office?
       You might have to set up a send connector to route all emails for the 1and1 accounts to a smart host, that being the 1and1 email server. I'm sure one of the more experienced guys will correct me if I am wrong.
LVL 57

Accepted Solution

Cliff Galiher earned 500 total points
ID: 39285593
Splitting a single domain across multiple servers is very complex. And unless you control *both* servers (and in the case of a hosted server such as 1and1, you don't) you can create a loop scenario where Exchange will forward emails to 1and1, and the 1and1 server will then drop the mail back into a catch-all that goes back to your server, and your server will forward it back to 1and1....and so on.

In short, I would earnestly consider doing this another way. And two ways comes to mind:

First, the easier of the two to implement:

Exchange fully supports pop3. Have the pop3 connector pick up their mail from 1and1 just like all of the local users. Then have their email program pick up their email from Exchange via pop3 instead of from 1and1 via pop3.

That is two changes. Enabling pop3 on your end. And changing the pop3 server on their end, or configuring their client to use Outlook Anywhere. The benefits are that now their email is on your server and being backed up just like everyone else. From an administrative point of view, this is *much* easier to troubleshoot and manage. The experience is also consistent. And, as far as mailflow goes, when an internal user sends them an email, it goes to their Exchange mailbox and they'll pick it up via pop3 just like the mail that gets dropped off by the pop3 connector. Completely seamless integration for them.

The second solution, and the one I actually recommend, is slightly more complex (but only slightly) but far better long-term. And that is get rid of 1and1 and the pop3 connector altogether.

The pop3 connector was designed and intended as a migration tool. It was to help new SBS owners transition from hosted mail to their in-house Exchange server. It was never meant to be a "permanent" solution as it sounds like you are using now.

POP3 as a protocol has limitations. If someone sends an email and BCC's any of your users, you may not get the mail. This is because of how POP3 handles BCCs. The headers are stripped. POP3 sends passwords in cleartext. So right now, your 1and1 passwords are going out in cleartext because of the remote users and the pop3 connector.

Reconfiguring your domain to accept SMTP traffic natively is a minor change. Just a single DNS record and making sure you've opened the appropriate ports in your firewall. As long as you've set up SBS with the wizards, all of the other pieces are already in place.

Then, as far as the remote user goes, just as above, they can either pop3 from your server (which, for reasons I also mentioned above, is not a great idea) or they can use Outlook Anywhere. And again, now the experience is seamless.

So you have a decision to make on both the server and the client.

On the server side, you can decide if you want to continue using the pop3 connector and have *all* mail get popped down, including the remote users' mail. Or transition to SMTP. Either one is "okay" but I strongly encourage the latter.

Then on the client side, you have another decision. And this decision is independent of the decision above. You can change the remote client to use pop3. but have them pop from your server instead of 1and1. Or you can configure the remote client to use Outlook Anywhere from your server. And again, I encourage the latter.

You can mix and match either decision on the server and the client above, so there are four possible configurations. And all are relatively straightforward and all address the problem you are having. And all are *significantly* easier than the solution you are considering.

Author Closing Comment

ID: 39326043
Set the server to collect from 1and1 and then the laptops use POP3 to collect from the server. Not ideal but for what they needed it was the best solution

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question