set up exchange 2010 server after migration to office 365 as a relay server


We currently have the following setup
•      Exchange 2010 SP3 server setup in a hybrid deployment with Office 365. All mailboxes have moved to office 365.
•      Dirsync is used to sync up the AD accounts.
•      On the Hybrid deployment wizard emails are set to use the exchange server to send external emails and not office 365

I have read the following document

I understand that we need to keep the exchange tools so we can create remote mailboxes so it creates the necessary fields in AD.
What I would like to do is setup the exchange as a relay only server so our internal applications and devices can send emails to our internal exchange server and it gets relayed to office 365.

So am I correct in thinking I need to carry out the following:

•      Run the deployment wizard again and set the external mails to be sent from office 365 instead. Update the MX records to point to office 365.
•      Remove the database role from the exchange server – is there a guide just to remove this role only
•      Leave the hybrid deployment so emails can be relayed to office 365 and if the exchange goes down emails will still working fine as its going through office 365 (except the relaying emails)

For the hybrid deployment to remain would I still need to renew the SAN certificate for the exchange server when it expires so the exchange can still relay the emails?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Amit KumarCommented:
1. Point MX records to Office 365, so all incoming mails will come through office 365 only. Also it is good as your org's mailboxes are already hosted on Office 365.

2. Now there are method to relay mails of application server to outside,
                   one is your internal Hub servers those will relay application servers and Hub will transfer external mails to  Office 365 via Send connections configured on HUB Servers. if you are relaying mails from HUB servers then you will have to renew certificates.
                 Second is you can NAT your application server with a public IP and add public IPs in relay connectors of Office 365, so your application server will be able to send mails externally without any intervention of internal HUB Servers.

3. You can follow this guide to uninstall Mailbox server (uninstall it if you don't have any plan to host users internally)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ReapitAuthor Commented:
Thanks Amit.

I will be trying it over the weekend and let you know how i get on.
ReapitAuthor Commented:

I have moved the MX records, and re-ran the hybrid config wizard to point to 365 for external mail and its working fine.

II will be removing the mailbox role in a few days and will let you know how I get on.

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

ReapitAuthor Commented:
Hi Anil,

We have purchased a SAN cert as the current one is running out. I have imported the Certificate into exchange but when re-running the Hybrid deployment wizard I cannot see the new certificate only the existing ones in the select transport selection?
Amit KumarCommented:
I think this article will help you in this case, please go through with it.
ReapitAuthor Commented:
Thanks Amit,

As you  don't need the hybrid deployment for replaying it did not cause an issue for us. We just renewed the cert and it worked.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.