I have a client who owns multiple sub-companies, and a single Forest, domain Windows 2008 R2 with an Exchange 2013 on premises organization. Client has several authoritative domains for all their subsidiaries, and client uses MessageLabs as spam gateway. When a client sends an email to firstname.lastname@example.org basically sends email to an external MX record managed by our external DNS provider, then redirects all email flow through Message Labs, then email is forwarded to our external firewall, then external load balancer, then Exchange 2013 edge servers, and finally email is delivered to mailbox servers.
The request that I have is, the company is looking to split or separate the companies in terms of email, where each one has their own SMTP in and OUT, and there is no confusion in terms of administration. Presently, if a company’s A employee encrypts an email with message labs, the client receives it on behalf of Company’s B. This is because that is the default and only allowed domain through message labs.
Can you please summarize all steps required to separate emails organization in terms of Exchange, firewall rules, AD, MX records, spam gateways, and so on ?
Should we need to create new MX records, and more servers to separate companies?
Please, summarize high level steps for all activities required? Firewall, MX records, spam gateway, AD forest, domains, and anything that I could missed.