0

TL;DR:

I want to setup an exchange server at a remote office, which does send / receive for those users to mask the ISP network issues that happen on occasion.

Topology:

MX -> Edge Gateway and spam filter running DKIM and DMARC (Linux) -> Exchange <- VPN -> Remote office users

What I think I want:

MX -> Edge Gateway and spam filter running DKIM and DMARC (linux) -> Exchange <- VPN -> Exchange -> Remote office users

Background:

We have two offices that connect via box-to-box VPN. All users authenticate through a single AD controller at the main office. The remote office (sometimes - 2% of the time) has connectivity issues that cause Outlook to go nuts showing "online with exchange", "exchange is offline" over and over once per second for hours at a time. Then, when the network issue resolves itself, it goes back to normal.

Needless to say, the online / offline messages are really annoying to the users.

In Linux, I would just put a postfix relay on premise, and have them send to that. Users would think the email went out instantly, and Postfix will wait until the connection is up, and relay upstream.

What is the equivalent setup with Exchange? CAS needs to be configured to send to the local exchange server, but receive from the main one? (Or, do I setup some form of replication?)

DrDamnit
  • 348
  • 5
  • 18
  • 2
    Maybe instead of implementing some convoluted work around you could address the actual source of the problem? – joeqwerty Jan 10 '18 at 17:20
  • That would be nice. However, source of the problem is outside our control - it's at the ISP. They have admitted it's an issue with no ETA. – DrDamnit Jan 10 '18 at 17:34

2 Answers2

1

In your situation you will want a branch office Exchange and Domain Controller (on separate boxes). You should setup two sites in AD. The sites will replicate AD to one another less frequently. The remote Exchange server will talk to its local DC and have all the AD information it needs sitting right there next to it.

AFAICR, you will not need to setup any send/receive connectors between the Exchange servers. They should just know this mail should be delivered to this database and hand it over to the Exchange server that owns the DB. If they are in the same org as long as the proxy addresses are correct when a message hits Exchange it will figure out how to deliver the mail between the Exchange servers/DBs. One thing you may want to do on your send connector is to leave it scoped to your main Exchange server so that outgoing messages flow from Branch -> Main -> Edge. You will have to setup all Exchange roles in the branch office.

Let me say that it has been a few years since I have worked on Exchange 2010 and so my recall on the finer details of mailflow might be off a bit, but I believe the above will work. Of course you will want to test everything to be sure.

To me the biggest gotcha would be the namespace planning. Here's one document on namespace planning I could find. Unfortunately I know there is a better document out there that I cannot find right now. After a bit more searching I found it. CAS array names and relating to sites (among other things).

JBaldridge
  • 484
  • 3
  • 10
0

You can setup an Exchange server at the remote office, but it will need to be a full-fledged Exchange server, and it will have to host the mailboxes for the users in the remote office; otherwise, they will still need to connect to the main Exchange server and won't be able to work if the VPN link is down.

Also, you will need to set up a local domain controller in the remote office, because Exchange can't work without AD (and, BTW, if you only have one domain controller in your network, you are just asking for troubles; you should always have at least two of them, regardless of their position).

Massimo
  • 70,200
  • 57
  • 200
  • 323