Setup Exchange 2013 Edge Server

Hello ,

I have an Exchange 2013 installation and i want to setup an Edge server for it . I read that i can setup exchange 2010 Edge and use it without any problems. Are there any prerequisites that i must aware  ? Exchange 2013 must have specific CU Updates or SP ? Also i must have specific updates for the Edge Server ?

Thanks
Anestis PsomasSystem and Network AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sumit GuptaSystem and Virtualization EngineerCommented:
For starters, there is no Edge Transport role in the Exchange 2013 Preview, and Microsoft has stated that Edge Transport will not ship with Exchange 2013 RTM. (http://blogs.technet.com/b/exchange/archive/2012/07/23/the-new-exchange.aspx)

Whether it will ship with a later service pack or not at all is still an unknown, but there has been speculation that the Edge Transport server role will not exist in future.

In the meantime you can use Exchange Server 2013 with Exchange 2007/2010 Edge Transport servers.
0
Daniel HelgenbergerCommented:
Edge Transport only works in Exchange 2013 with Exchange 2010 edge transport server, to my knowledge. But maybe later on the Edge Transport role may be available:
In Microsoft Exchange Server 2013, the Edge Transport server role isn’t available and will be introduced later. Until the Exchange 2013 Edge Transport server role is added, Exchange 2013 organizations that want to use Edge Transport servers have the option of deploying Exchange Server 2010 Edge Transport servers running Service Pack 3 (SP3) for Exchange 2010 if you don’t want to expose internal Exchange 2013 Client Access or Mailbox servers directly to the Internet.
After the Exchange 2013 Edge Transport server role is available, the Exchange 2010 SP3 Edge Transport servers should be replaced with Exchange 2013 Edge Transport servers in a hybrid deployment.
(http://technet.microsoft.com/en-us/library/hh134662(v=exchg.150).aspx)

IMHO Edge transport is a waste, since you need a full server license for that plus the Windows Server. Rather deploy postfix on linux as relays and do apply message filtering there, since you might be blocked by RBLs otherwise (please see this thread, here exactly this happend: http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_28251757.html)

For the hardware requirements a virtual machine will work perfectly well, you can assign little RAM (2GB) and CPU (1 core) resources even on high traffic scenarios. If you use linux as relay, you can even make do with 1GB RAM or less.
0
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Thanks for your answers ,

I agree that edge is a waste but i want to setup there Forefront for Exchange since microsoft abandon forefront and it does not exist for Exchange 2013.

It is a good idea to setup postfix but it is to complex to setup and maintain . Forefront for Exchange works like magic .
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Daniel HelgenbergerCommented:
...microsoft abandon forefront and it does not exist for Exchange 2013
This is not entirely true, it exists and is now part of Exchange for free, called 'Protection' and 'Malware Filer'.

As for postfix, it is not as hard; but of course a very different approach. The advantage will be LDAP receiver filtering and greylisting; two things you do not have with Exchange as relay. Maybe worth giving it a try - if you install for instance with CentOS, there is little more to do then setup the mentioned filtering and the accepted domains - of course I only say that because I have it running smoothly and am a fan of linux server applications ... ;)
0
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Hello helge000,

Is there any guide available for postfix in front of Exchange ? Can i also have antivirus both with antispam filtering ?

Thanks
0
Daniel HelgenbergerCommented:
Hello Anestisc,

I think this is worth a new thread, but to give you an idea:
http://www.riccardoriva.com/blog/?p=279
It is quite old, for RHEL/CentOS5 but still works. The important part are the transport maps.
This is the main part of your postfix forwarder.

The content filtering would be a little bit more work; since it is very flexible compared to Exchange and will need some testing:
For a top notch content filtering, use this guide:
http://wiki.centos.org/HowTos/Amavisd
It covers ClamAV (free virus checking; but Forefront will still be applied in Exchange) and SpamAssassin, it does mail inspection for Spam.

Setting up RBLs comes down to this, it uses a lot of RBLs (not recommended, I think, but an example):
smtpd_recipient_restrictions =
...
    reject_rhsbl_client blackhole.securitysage.com,
    reject_rhsbl_sender blackhole.securitysage.com,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client blackholes.easynet.nl,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client proxies.blackholes.wirehub.net,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client sbl.spamhaus.org,
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client multihop.dsbl.org,
....

Open in new window


This is a guide for graylisting:
http://wiki.centos.org/HowTos/postgrey

You can even do recipient filtering before forwarding:
http://doc.zarafa.com/7.0/Administrator_Manual/en-US/html/_MTAIntegration.html
(this is for Zarafa, but a good guide. Ignore the Zarafa stuff and the virtual_transport)

Keep in mind that there is an easy way to test all the content filtering:
http://www.postfix.org/SMTPD_ACCESS_README.html#testing
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Hello Helge000

Thanks for all the information. I will try it in a lab to see if i can complete the configuration for start. Im not so good in linux operating systems.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.