From the course: Deploying Exchange Server 2019
Design intersite mail flow - Microsoft Exchange Server Tutorial
From the course: Deploying Exchange Server 2019
Design intersite mail flow
- [Instructor] When a large organization has multiple companies and email servers that need to be kept separate to avoid legal complications, intersite email comes into play. An example would be a financial firm that both audits and prepares taxes for the same client. This could be considered a conflict of interest so it may require all businesses to have separation between their entities. When this occurs there will inevitably be email that needs to go back and forth to various employees in both businesses. Normally when an email goes out from an email server it will leave the outside firewall to other destinations around the world. In this case we need to keep that from happening. This can be accomplished using an intersite mail flow connector. As we can see in the graphic when email goes out to the Internet it will hit its destination server. But when company A needs to email someone in company B it goes across the switch behind the firewall to the other server. This keeps separation but keeps the email internal. There's also the issue of many firewalls not allowing the same port traffic to go out and come back in again due to it being a security issue. We're in the Exchange admin center and we're going to go to mail flow. From here we'll make sure we're in the send connectors tab at the top and we'll click plus. By default there is no send connectors so we need to create a new one. So let's start by creating the default one. We'll choose the Internet as the option, click next. Then we'll choose the MX record associated with the recipient domain and choose next. And now under address space we're just going to put in an asterisk. That means all email, click save, next, and then we'll choose the server. And we only have the one right now so we'll choose our exchange one server and click finish. What this does is it sends all email outbound to the Internet and it will use public DNS to resolve email domains to their IP addresses. But now we need to set up an intersite connector so let's click plus again. And this time we'll call the name company B. And we're going to say it's going to be internal for Internet mail. Click next. We'll then choose a smart host and that will be the other email server. Let's just put in the IP address of a fictitious email server that we believe is now company B. You can either set up no authentication needed or click basic authentication and use a username and password. You can also choose exchange server authentication or externally secured such as a VPN using IPsec. We'll choose none because it is internal and then we'll go to address space and we'll say this is company B dot net. And click save, next. Once again we'll choose our source server. As the only server that we have, exchange one. And finish. Now if we send any email to company B dot net it will automatically go internal rather than external and be delivered to that internal exchange server. By redirecting the internal mail to another internal server using a send connector we can keep multiple businesses separate from each other for compliance purposes.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.