Hi All,
I'm following the steps from the Exchange2010 Deployment Assistant guide. I understand most of the steps, but I'm a little uncertain on the "Configure a legacy host name" section. Most specifically, figuring out the External DNS/firewall side. I'm hoping I could post some questions and get some feed back to see if I'm on the right path. First, let me list the way our mail flows:
(Externally)
- there are 3 MX records. The first MX record is set so that all incoming email first comes through our SPAM server. The SPAM server then redirects all mail to the mail server internally.
- (Firewall) - we have a firewall rule with an external ip address that maps internally to our mail server and allows access to ports 443, 993, 587. This external address has a dns host (A) record that maps to the mail server internally.
* The questions I have relate to the following bullets from the Exchange2010 deployment assistant. I will note my thoughts in bold. Could you please advise me if I'm on the right path*
(1) Create a DNS host (A) record in your internal and external DNS servers that points to the IP address of your legacy Internet-facing Exchange server (for example, Exchange 2007 Client Access server, Exchange 2003 front-end server, etc.) in internal DNS or the public IP address on your reverse proxy or firewall solution (external DNS). The host name should be in the format of legacy.domain.com (for example, legacy.contoso.com).
- I understand what to do internally (create a legacy host record and point to the exchange2007 server - This will allow Exchange2010 to properly direct mail once Internal DNS is configured correctly
- (Externally) - Because the MX records points to our SPAM server, and the SPAM server redirects mail to the internal mail server, I'm guessing all I do here on the SPAM server is change the mail configuration to redirect to the Exchange2010 server (where the legacy dns host is already created and will know where to direct mail)? My assumption here is I do not need to create a legacy.xxxxx.org record externally, only internally? 2. Create a publishing rule for the legacy host name in your reverse proxy or firewall solution to point to your legacy Internet-facing Exchange server. Refer to your proxy/firewall solution's user manual for instructions on how to do this.
- I'm a little confused with this one. Right now we do have a firewall rule configured (see my Firewall note above) that points to the Exchange2007 server. My original thought is that I would just keep the external address and change the internal
address to the Exchange2010 server and based on the internal legacy record, Exchange2010 would then know how to redirect mail. Am I over thinking this step? Or do I need to create a 2nd rule (and have our ISP create another record referencing legacy.xxxxx.org)
and map externally to the internal legacy server?
3. Configure the existing DNS host (A) record in your internal and external DNS servers for your original host name (for example, mail.contoso.com) to point to your Exchange 2010 organization; for example, the IP address of your Client Access server or array (internal DNS), or the public IP address on your reverse proxy or firewall solution (external DNS).
(Internally) - I understand what to do here
(Externally) - Again, I'm thinking I don't need to create a legacy record externally, because the incoming mail goes directly to the SPAM server and I will be changing the server record to the Exchange2010 server. Any thoughts?
Sorry for the long post. I hope I don't discourage anyone from posting. I appreciate any feedback.
Thanks in advance,
Bob