Our current exchange 2003 organization is managing 3 companies email domains, A.com, B.com and C.com. All of their MX records are pointed to same IP address and handled by a 3rd party Anti-Virus & Anti-SPAM engine (Smart Host) then forwarded to our exchange 2003 mailbox server (server name - EXCH01).
Currently, all users from these 3 companies are sharing the same network infrastructure), they all log on to the same AD forest called “internal.A.com”. All users are using outlook (2003 to 2013) on windows platform to access their company emails.
All users from these 3 companies are using “webmail.A.com” this external host name to do the ActiveSync & webmail access with our front-end Exchange 2003 server (Server name – EXCH02). On this server, we purchased and installed a single name SSL certificate.
We have just installed an Exchange 2010 server with CA, HT and MB roles (Server name – EXCH2010) on the network, and we are going to purchase the SAN SSL certificate for the exchange 2010 server.
From cost effective & privacy point of view, management team prefer to buy a distinct public domain name for example called “myemailaccess.com”, and use “mail.myemailaccess.com” external host name to provide OWA, ActiveSync, Outlook Anywhere, Exchange Web service, and TLS SMTP service access for all 3 companies.
According to the requirement above, I have listed the host name we might need to put on Exchange 2010 SSL certificate Request:
Outlook Web App is on the Intranet: “exch2010.internal.A.com”
Outlook Web App is on the Internet: “mail.myemailaccess.com”
Exchange Active Sync is enabled: “mail.myemailaccess.com”
Exchange Web Service is enabled: “mail.myemailaccess.com”
Outlook Anywhere is enabled: “mail.myemailaccess.com”
Autodiscover used on the Internet: “autodiscover.A.com”, “autodiscover.B.com” and “autodiscover.C.com”
Use Mutual TLS to help secure Internet Mail: “mail.myemailaccess.com”
Use Legacy Domain: “Legacy.A.com”, “Legacy.B.com” and “Legacy.C.com”
So here are my questions:
1. Are these host name settings correct for our companies’ scenario?
2. Does Exchange 2010 must to use SSL certificate for secure SMTP communications (is the secured SMTP service compulsory)
3. For the new purchased domain “myemailaccess.com”, do we need specify the mx record and setup the “Postmaster@ myemailaccess.com” mailbox to ease the process of issuing certificate with commercial CA?
Thanks a lot!