Page 1 of 2 12 LastLast
Results 1 to 20 of 29

Thread: set up exchange server

  1. #1
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601

    Question set up exchange server

    Here is my situation... I have all kinds of software at my disposal. I think I would like to set up a domain at home (I mean heck I have enough computers for it :-p). What I am really focused on is setting up exchange for my mail.

    I have a domain and that is where the mail comes through. My desire is to have an exchange server that works the mail instead of the web host working the mail. The first thing is I am a DBA not an exchange Admin. So, I am working "in the dark" so to speak. Is anyone smart with exchange and mail that might be able to tell me if this is 100% doable and perhaps give me a few pointers on the configuration.

    My software is limited to server 2008 and below (nothing in the past couple of years that I have licenses for). So, the clients are currently vista and below...

    Thanks,
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  2. #2
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Hi!

    Small Business Server? Or Exchange Standard?
    Are you running a network at home now with active directory? If not, you'll need it, Exchange needs AD.
    Do you have a business account with your ISP? Many ISPs block port 25 for home/dynamic accounts...others don't..and they wont' bother you as long as you stay off their radar (small amounts of e-mail, no heavy usage)
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  3. #3
    Member Diver012's Avatar
    Join Date
    Nov 2003
    Location
    On the botom of the Ocean
    Posts
    63
    I would get with who ever hosts your DNS records, and setup an SPF record for your mail domain..

    Also, consider putting a security gateway in front of your network such as http://www.untangle.com Their Lite version is completely free and well worth the effort of getting it setup. I wouldnt run a network with out it. It will greatly reduce the amount of spam and virus you get into your exchange server as well as do intrusion prevention and web filtering/monitoring

  4. #4
    R.I.P. 2018-07-16 RoundEye's Avatar
    Join Date
    Jul 2000
    Location
    In a dry but moldy New Orleans, Louisiana
    Posts
    18,219
    I set up a domain when I worked on PC’s, to help me learn the software better. Me, my mom and dad, wife and son, after a while it became a drag coming home from work and being tech support again. If it’s just for you it’s no big deal but for me it was two families across two houses, after a while I gave up on the domain issue. It can turn into a major ordeal when there is a problem, especially if you’re the only one who understands how to fix it.

    EDIT:

    Stick to a workgroup if there is a few people involved, it’s a lot easier.
    Sliding down the banister of life ..........................

  5. #5
    SG Enthusiast koldchillah's Avatar
    Join Date
    Apr 2002
    Location
    Orlando, FL
    Posts
    4,609
    I've been using Windows Small Business Server (includes Exchange) at home for the past several years.

    In regards to email.. Exchange is awesome, but I still prefer to formally host my mail elsewhere for a few reasons.

    1.) decent hosting accounts are out there and they are almost all favorably priced for tech guys like many of us here at SG.

    2.) My ISP is far more likely to go down than a good mail host. If I'm down at home, I don't want my mail to be down entirely.

    3.) SMTP complications. Not only are there more restrictions on port 25 traffic by most residential providers, but your IP address (even if a business account) might be more susceptible to incidental scrutiny by the major mail providers which can lead to frustrating false-positive blacklisting etc..

    You have to make sure your DNS setup is spot on. You need an SPF record setup and you will want to follow as many "best practices" as possible in order to keep your mail from being delayed, tagged, or returned by the big boy providers.

    Even when it's working, you could wake up the next day and suddenly you can't send to yahoo recipients only, or gmail... or aol.. etc. etc. All the big boys have their own set of rules they play by and their aggressive countermeasures to battle spam often result in unfortunate annoyances to the small do-it-yourself mail servers. Most of the time the issues can be fixed, it's just annoying to deal with.

    I prefer to have the ability to put in a ticket with my mail hosting provider and have them figure out the problem and fix it. If they don't, i start looking for another mail host.

    My setup:

    I simply use the SBS POP Connector to leech mail from my mail host down to the exchange server and then tell Exchange to use my mail host's server as an SMTP smarthost. In some cases you may have to use your ISP's mail server as a smarthost and even use a custom port in some cases.

    I have the POP connector tweaked (in the registry) to pull down my mail every 5 minutes from my mail host. I believe I can still drop this interval down further in the registry I just haven't gotten around to it.

    Since I have several other email accounts that I also like to keep track of, I set them up as normal POP accounts in Outlook except all the incoming messages are going into my exchange mailbox instead of a local PST file.

    When I switch between my desktop and laptop my mail is all there. This goes for our iPhones as well, which can also connect to exchange. I can also keep an eye on my POP accounts when I don't have outlook open on my computer by adding them to the iPhones as well.

    Our laptops are configured to connect to Exchange via RPC over HTTP so we are not tied down to the LAN in order to connect to exchange when we travel. I also have my hardware-based VPN setup to keep me connected to my LAN occassionally but I rarely use it and it's a whole other topic for another thread.
    "Nobody's invincible, no plan is foolproof, We all must meet our moment of truth." - Guru

  6. #6
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    I do not hava a single business client that has their Exchange server send out directly to the internet, they all do SMTP forwarding to their smart hosts SMTP server (such as us, or Postini, or Appriver, or MXLogic, etc)...or...SMTP forwards to their ISPs outgoing server.

    This eliminates the worry about being put on a blacklist, or even worrying out SPF records and the other 1/2 of the equation...RevDNS entries. That is done with your ISP.

    Another thing I do with my clients Exchange servers...similar to above, I don't have them receive e-mail directly from the internet either, they all run with a mail bastion host that washes the mail for spam and viruses, and then delivers it to their Exchange server. The big advantage here...their exchange server can have firewall rules to allow port 25 to be open only to the IP addresses of their mail bastion provider (postini, mxlogic, appriver, or with most of them..my companies services). Instead of having port 25 exposed to the ENTIRE WORLD...being poked and prodded all the time in someones attempt to hack into it. It just flat out eliminates that worry.

    Another DNS topic related to mail servers, the "mx record". That's an entry you make which tells mail traffic heading towards your domain what IP address to go to...like, where you mail server is...(or mail bastion service).
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  7. #7
    Senior Member nightowl's Avatar
    Join Date
    Feb 2000
    Location
    ottawa, canada (ROCKS)
    Posts
    7,405
    I just finished setting up my domain exchange server PM me if you want some tips/tricks
    Quote Originally Posted by Zilog B
    Loading the dishwasher at brembo's house means bringing the fiancee a sixpack home.

  8. #8
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601

    Smile

    Currently I don't have an Active Directory running at home. It has been a project of mine for a while though. Since I am a DBA with limited knowledge in other areas I thought it would really help me. Running an exchange server I thought would be a great benefit to learn from and allow me to better control the spam I currently get in my mail. As well, my wife subscribes to so many lists that she get's so much mail it fills her mailbox limit (set by webhosting company). We have u-Verse at home (AT&T) and my hosting company is godaddy.

    I plan to run everythign in a virtual environment at home spanned across a few physical hosts. I do have somewhat of a limit on resources but definately enough to pull this off with plenty to spare.

    There will only be about 5 physical clients and the rest will be virtual machines. (VMWare is what I prefer but, the MS stuff is also there to use). So, I thought with this configuration, things would just work out and I could learn a lot along the way (and so could the family).

    I am interested in any and all help I can get on this endeavor though. Like I said, I am a DBA (MSSQL primarily but I have also worked plenty with Oracle). So throw it all at me, in the forum, PM, or email.

    Thanks to all,

    -lance
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  9. #9
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Lets keep it in the forums..that way everyone can benefit from the thread.

    You need active directory first (a domain) for Exchange to run on, it's not a stand alone product.

    Generally make internal domains ending in .local instead of .com/.org, such as lancetek.local
    And then for e-mail, say you wanted lancetek.com, you'd set that in the Exchange servers default recipient policy (as well as any other domain names you wanted to add to it..as Exchange can handle many different domains, even for the same users).

    Does your home have a static IP from your ISP, or a dynamic one?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  10. #10
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601
    Currently the IP is a reserved dns entry. That's how U-Verse is set up. I think it's lease is renewed monthly. I know that for a small amount I can call the ISP and get a static IP if I find that this is causing issues though... (5 usable statics for 15/mo)

    I have all of the software to start it all up with so, I will take your advice and start setting up the AD as a .local instead of .com ;-)
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  11. #11
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Depending on your approach, how you set it up, a static IP is the "proper" and most reliable setup. Importantly, if you want to send outgoing SMTP mail directly from your server and learn how SPF/RevDNS/PTR stuff works...you need a static IP. If you want to eliminate that part and have your Exchange server send outbound e-mail to your ISPs SMTP server, or another SMTP service...you don't have to worry about static as much. But a static IP helps the reliability if your inbound e-mail. You can sort of half-arse a dynamic DNS alias for your inbound e-mail..and it works "most of the time"...it's acceptable if you're just dorking around with Exchange at home. But it's not really proper.

    To start off with Exchange, using Microsoft Small Business Server gets you up and running quickly. Setup is a breeze with the wizards, and you can still drill down manually and learn Exchange more.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  12. #12
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601
    exchange is not the highest priority (we still get our mail) though it sometimes is rather delayed (don't know why). But definately setting up the AD and the exchange server to work within the house would be great. Then once that has been taken care of moving to the fullest extent is the next step.

    I really don't think I want to use SBS because it is all embedded. I think I can learn a lot more if I work with the raw products. But perhaps I can start with SBS and then "upgrade" at a later time? Or is this just double working the concept? (DBA not sys admin or network admin remember )

    -lance
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  13. #13
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601

    Unhappy

    I currently have 3 servers (well 4 if you count my baseline image). I have one configured as a DC and "on the domain". I have another which is my "netServices" server (DHCP, DNS, WINS) and it is all ready to go BUT it isn't able to find the DC...

    I may be too "advanced" for what I should be doing I guess... I didn't plan to run DHCP on the DC so I build it's own server for that. But, the DHCP server can't join the domain (or even ping the DC ).

    The third sever (for exchange) can ping the netServices server (and vice versa) but it can not ping the DC either...

    I have ensured that the firewalls are all turned off but that is all I know to do... The DC can ping everything but nothing can ping it? Nothing seems to be able to join it either...

    Any ideas?

    Thanks,

    -lance
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  14. #14
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Active Directory starts with DNS. You start building your internal domain (active directory) by building your DC first. The process of making it a domain controller is called "dcpromo", and part of that process is installing the DNS service on that server...on top of which the rest of active directory gets deeply integrated with.

    Once your DC is up and running, you can join everything else...other servers, and workstation....going through the process of having them "join a domain"....moving away from workgroup mode. In order to this properly, they MUST use the IP address of your DC as their DNS server. Nothing else. So they cannot use the LAN IP of your router or the IP of your ISP servers or anything else. If your DC has an IP of 192.168.10.11, your other servers and workstations need to use that for their DNS. Either quickly set that manually in their TCP/IP properties, or reconfigure your DHCP scope. I generally run all the infrastructure services on the DC..meaning DNS, WINS (if needed), DHCP...but you can run them on other servers if you want.

    I set the DNS forwarding....ah, lemme show you a link....
    http://www.speedguide.net/read_articles.php?id=1660
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  15. #15
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601
    a link to this thread?

    Anyway, if I understand you correctly I have to use the DC as the DNS server initially and once the DNS server is joined to the domain I can then repoint everything to it as the actual DNS server. Right?

    Thanks,
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  16. #16
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Link in above reply.
    Step 1..you build your DC...lets say you use 192.168.10.11 for its IP address, in its TCP/IP properties, you set it to look at itself for DNS...192.168.10.11, you can leave the 2ndary DNS server empty. You go and do the dcpromo stuff. Now it's a domain controller, assuming all went well, DNS zones populate, etc. Now...you build additional servers..and once up and running, you manually set their IP addresses, lets say your exch server..you make it 192.168.10.12, but you would set its DNS server to be 192.168.10.11 (leaving the 2nd one blank). And your 3rd server, say you set it at 192.168.13, you'd set it's DNS server also to 192.168.10.11.
    And your DHCP service...say it will hand out workstation IP addresses at 192.168.10.100, 101, 102, etc....you'd set it to hand out 192.168.10.11 for the DNS server that clients will use.

    Now if you want additional DCs on the network..you can install the DNS service locally on them, and you can set that server, as well as the DC, to look at each other in their TCP/IP properties DNS section...your first DC still look at itself for the primary DNS, but you can enter the IP of your second DC for the 2ndary DNS server. And visa versa on your 2nd DC...as you run DCPROMP on that. Afterwards you check the DNS replication to ensure they're talking to each other. You can get flexible in this area, depending on circumstances like slow WAN links and such.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  17. #17
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601
    Well, I got past the issue (I did make the DC the DHCP server). I was able to add the other two servers to the domain. So, now it is just a matter of setting everything up... and the learning begins (or continues considering the difficulties I have had thus far)...

    -lance
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  18. #18
    SG DC Team Member lance-tek's Avatar
    Join Date
    Apr 2001
    Location
    Indianapolis, IN
    Posts
    5,601
    and I had cloned the machines so... I had to run sysprep in order to actually be on teh domain (same SID on all 3 servers due to cloning)...
    A mistake does not become an error until one refuses to correct it

    Folding for the future

  19. #19
    SG Enthusiast Far-N-Wide's Avatar
    Join Date
    Jan 2000
    Location
    His Tavern of Solitude
    Posts
    1,160
    anyone have a walk through website for setting this stuff up in in a home business? This is an interesting read so far.
    USAF RETIRED

  20. #20
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,907
    Quote Originally Posted by Far-N-Wide View Post
    anyone have a walk through website for setting this stuff up in in a home business? This is an interesting read so far.
    Most of this is a little too much for "quick guides"....the quick guides can show you a few of the very basic necessities, but there's usually a whole heck of a lot more going on that happens that you want to be comfortable with or have some working knowledge of.

    One site that has some good guides..
    http://www.petri.co.il/
    There is a link on the lower left for setting up a 2003 domain controller, perhaps there's some for Exchange setup.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

Similar Threads

  1. DHCP server not functioning properly
    By Faust in forum Networking Forum
    Replies: 7
    Last Post: 07-15-09, 09:23 PM
  2. Server Complaint
    By sani in forum Networking Forum
    Replies: 1
    Last Post: 04-23-09, 06:27 AM
  3. Question to Philip, and YeOldeStonedCat
    By TheNetNewbie in forum Networking Forum
    Replies: 4
    Last Post: 02-28-09, 02:12 PM
  4. HOWTO: Minimizing Vcores and Operating Temps-must read
    By graysky in forum Hardware & Overclocking
    Replies: 0
    Last Post: 05-04-08, 09:41 AM
  5. Windows Server 2003 can't connect to other computers
    By NWSoldier in forum Networking Forum
    Replies: 1
    Last Post: 09-30-07, 07:03 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •