| Author | Messages | |
stevethemusicman
Posts:7
 | | 09/24/2008 2:28 PM |
| Hi All,
Thank you all. This group has helped me quite a bit. Mail is going in and
out of SmarterMail. I did just what you recommended.
On Exchange/AD:
1. I had a smartermail@utrecht.com in AD with an exchange mailbox.
2. Created a contact called SmarterMailContact@utrecht.com
3. In this contacts Exchange General email properties I entered
SMTP:smartermail@email.utrechtnj.com for the E-mail
4. Forwarded mail from smartermail@utrecht.com to
SmarterMailContact@utrecht.com. For now I am delivering it to both the
smartermail and the smartermailcontact inbox.
In SmarterMail:
1. I added the domain email.utrechtnj.com as the domain for the
SmarterMail software.
2. SmarterMail box's IP is 208.178.106.236 and resolves to
email.utrechtnj.com (Exchange is mail.utrecht.com and resolves to
208.178.106.243)
3. Created a SmarterMail user named smartermail.
Viola, it works. A couple of caveats are right now people have to log into
their accounts as smartermail@email.utrechtnj.com but the mails come in and
go out as smartermail@utrecht.com. I believe that is fixable as well.
Now I have another quandary and this might be more political than technical
so I would like your advice. There was another consultant who worked at
Utrecht in the past. Utrecht asked that I run everything I've been doing by
him so I've been sharing what I've been doing. Today I received the
following from him. Although I agree his way is a quick way to do it I feel
as though he's missing something that could hurt me in the long run. I'd
like your input to what he had to say.
Here is his note to me and again, thanks for all your help. I couldn't have
done it without your input.
Hi Steve:
You're overcomplicating a simple process:
Follow these steps to cut your mail over:
1) Set up the Utrecht.com domain in Smartermail
2) Set up the required domain aliases (utrechtart.com, etc)
3) Set up the Active Directory plugin on Smartermail.
4) Test Smartermail. From your Outlook add an account that pops/sends
through smartermail. Use this account to send mail to another user on the
smartermail system (an active directory user) Login to the web interface
to insure that they got the mail or just check the spool directory.
5) Set up an additional account for Smartermail on every desktop that
will continue to use Outlook after you've migrated to Smartermail. Check
the box that says that "my mail server requires auth for outgoing mail, and
use the altport 587 (you'll need to set this up globally in SMartermail
under protocols)
6) Add rules to the firewall to allow POP-110/AltSMTP-587 to the
Smartermail server.
7) (best to perform this step after hours) Change the firewall rules
on the Sonicwall that govern SMTP (send email) pointing them to the
Smartermail server instead of the Exchange server
8) From an account outside the network send/receive a few emails (they
will go to the Smartermail server)
9) Go home and get some sleep and move on to the next project. This
should be a half-day project.
Don't try to send mail to two places
Don't change your external DNS MX records
Don't try to add more NAT policies to the firewall
Don't try to forward mail from the Exchange server to the Smartermail server
(you'll just confuse yourself and others)
Steve Lewis - Systems Operation Consultant
Utrecht Art Supplies
6 Corporate Dr
Cranbury, New Jersey 08512
T. 609-409-8001 X118
F. 609-409-8002
C. 732-670-4406
<mailto:slewis@utrecht.com> slewis@utrecht.com
http://www.utrecht.com
_____
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Tuesday, September 16, 2008 10:01 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Even More confusion on migrating from Exchange to
SmarterMail
Yeah he would need to shadow every recipient in Exchange with my example.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Tony Murray
Sent: Tuesday, September 16, 2008 8:46 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Even More confusion on migrating from Exchange to
SmarterMail
Hi Brian
Just a point regarding your statement about not needing to do anything with
recipient policies. I don't have a test environment available, but I'm
pretty sure this would result in NDRs for anything sent from within the
Exchange environment to any @utrecht.com <mailto:user@utrecht.com> address
that did not already exist within the Exchange environment. This is fine
if the mail environment remains static during the mailbox migration, but not
if additional @utrecht.com addresses needed to be created directly on
SmarterMail (i.e.outside of the Exchange environment). The checkbox for
"This Exchange Organization is responsible for all mail delivery to this
address" must be cleared for the @utrecht.com recipient policy. Without
this, Exchange will think it "owns" the @utrecht.com address space and will
only route to internal addresses matching that address space. Anything else
will generate an NDR.
Tony
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Brian Desmond
Sent: Wednesday, 17 September 2008 9:24 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Even More confusion on migrating from Exchange to
SmarterMail
Steve, defining the additional internal domain is the easy way to do this.
Create a domain called smartermail.utrecht.com in your internal DNS and an
MX record pointing to your smartermail server.
Create users on smartermail whose SMTP address is user@utrecht.com. Give
them a secondary (or whatever they call it) address of
user@smartermail.utrecht.com.
In exchange create a contact for each user. Mail enable the user with
user@smartermail.utrecht.com. Hide the contacts from the GAL.
When you're ready to forward a user's mail, open their account in AD, goto
Exchange Advanced, Delivery Options, and forward the mail to the contact.
When all of your users are being forwarded to smartermail, you can change
your Utrecht.com MX record to point to smartermail, and shutdown exchange.
You don't need to do anything with recipient policies, SMTP connectors, etc
this way.
Thanks,
Brian Desmond
brian@briandesmond.com
c - 312.731.3132
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Steve Lewis
Sent: Tuesday, September 16, 2008 2:55 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Even More confusion on migrating from Exchange to
SmarterMail
Hi all,
Thanks for all you help. I'm starting to understand this and I believe I'm
getting closer to understanding what I need to do.
I looked at the articles for "Sharing SMTP Address Spaces" on
support.microsoft.com. They go into a lot of options but I can't seem to
find out if there is a non-exchange solution to this. In order to get a
handle on what I need to do I want to be able to ultimately forget about
Exchange and just use AD.
I believe that it was Michael who recommended that I create contact records
on the Exchange server that will forward the email to the SmarterMail
server. That should work and I believe I have it working. I created an email
account for Exchange named <mailto:smartermail@utrecht.com>
smartermail@utrecht.com. I also created a contact called
<mailto:johnqpublic@utrecht.com> johnqpublic@utrecht.com. When the email
came in for smartermail AD/Exchange tried to forward it to the new account.
However I did create a new domain that tells the contact to go there so
ultimately the email bounced. This way however, I believe is a waste of
time. Utrecht is going to bring down the Exchange server once mail is moved
over.
The idea of continuing to use the AD accounts, then change the
mailbox-enabled users to mail-enabled users, instead of contacts sounds just
like what I want to do but there is so much knowledge my brain has absorbed
that it's getting jumbled on how to implement this.
The idea of un-checking the box in the recipient policy that says Exchange
is authoritative for the domains in that recipient policy seems like it
should work as well but there like above there is so much I have to
understand that I am unsure how to create an SMTP connector for the domain
and specify that the mail should be forwarded to SmarterMail and would this
way still have a tie into Exchange?
I finally have an idea as to what is going where at this moment in Utrecht's
IP structure and their email system.
People send an email to <mailto:xyz@utrecht.com> xyz@utrecht.com. The MX
records point the email to the MailProtector servers.
The Mailprotector servers scrub the email and then send the email to
ntserver2.utrechtnj.com. (note that it is utrechtnj.com and not
utrecht.com). This is set in DNS where they host the webserver (yes, Utrecht
uses an outside vendor for their server. Not my call :-)).
ntserver2.utrechtnj.com resolves to 208.178.106.243. This is a slave DNS and
the Exchange 2000 server.
ntserver1.utrechtnj.com resolves to 208.178.106.235. This is our master AD
server
email.utrechtnj.com resolves to 208.178.106.236 and is the physical
SmarterMail server. This IP is available on the web right now.
As one of you mentioned, many factors will determine the right path for me
and there is no single "right" for this. I believe that the right path is
to keep everything the same at MailProtector (it ain't broke so don't fix
it). I believe also that we can still have the email come into
ntserver2.utrechtnj.com the way it was and then let AD decide where to send
this based upon the email address. Am I way off base on this?
This way the only thing I should have to do is to slowly change where a user
in Active Directory sends that email.
Does that make sense to you? Am I barking up the wrong tree? Please excuse
my lack of knowledge in AD and Exchange but I was thrown to the wolves to
fix this and I intend to do it right the first time (yeah right eh?)
Thanks in advance,
Steve Lewis - Systems Operation Consultant
Utrecht Art Supplies
6 Corporate Dr
Cranbury, New Jersey 08512
T. 609-409-8001 X118
F. 609-409-8002
C. 732-670-4406
<mailto:slewis@utrecht.com> slewis@utrecht.com
http://www.utrecht.com
| | | |
|
|