Bringing It Home Again
Admin wants to bring Exchange e-mail services back into the company, but first wants to set up a test bed.
- By Bill Boswell
I have a couple of questions regarding Exchange
Installation. Currently my company e-mail is outsourced. I want to set
up an Exchange server to handle our mail. If I configure the server to
receive Internet e-mail, will there be any problems/interference with
mail delivery to either the test Exchange server or our outsource host
due to the domain name being set up on two different locations/servers?
Also, what is the recommended type of server to use for Exchange, a domain
controller or member server? I'm currently running Windows Server 2003
with Active Directory and integrated DNS.
Help from Bill
Got a Windows or Exchange question or need troubleshooting
help? Or maybe you want a better explanation than provided
in the manuals? Describe your dilemma in an e-mail
to Bill at mailto:firstname.lastname@example.org;
the best questions get answered in this column.
When you send your questions, please include your
full first and last name, location, certifications (if
any) with your message. (If you prefer to remain anonymous,
specify this in your message but submit the requested
information for verification purposes.)
Answer: Well, first of all, please call me Bill. I was
an enlisted man in the U.S. Navy, so being called Mr. Boswell makes me
With that out of the way, I have good news and bad news. The good news
is that Internet mail is routed to the e-mail server at your ISP using
an MX (Mail eXchange) record in your public DNS zone. As long as you don't
change this record, you won't get any interference between your test server
and your actual e-mail.
The bad news is, setting up a test Exchange server in a test domain requires
a little work if you want to be able to send and receive e-mail via the
For testing, you should register a new domain name that's signficantly
different from your production domain name so that nobody will be confused.
Registration only costs a few dollars and you can keep the domain name
for future testing as long as you're willing to pay the renewal fee. Don't
take a name that's already in use or you won't be able to route e-mail
Once you have a test domain, you'll need to register your DNS server
so that the top level DNS servers for the Internet contain the Name Server
(NS) record for your new domain. The agency you use to get the domain
name will have instructions for doing this registration. As an alternative,
you can arrange for your ISP to host the test zone.
You can accomplish both objectives at once getting a test domain
name and setting up a DNS zone by taking advantage of one of the
dynamic DNS services available on the Internet. Just search Google for
"dynamic DNS" and you'll get lots of hits. Choose one that's
either free or very low cost. These services typically have a selection
of domain names and you append your selected name onto their domain. For
example, if their domain is d-dns.com, then you might be able to use mydomain.d-dns.com.
Most dynamic DNS services can either dynamically point to your own DNS
server or host the zone and give you tools to add resource records.
You're now ready to install a test Exchange server. Don't install the
server into your production domain. Exchange uses Active Directory to
store configuration information and it's something of a chore to remove
that information once it's there. (Not impossible, just inconvenient.)
For testing, set up a single server to act as a domain controller and
Exchange server in the test domain. When selecting a name for the test
Active Directory domain, use the domain name you registered with either
a .pri or a .local extension. This avoids a namespace conflict between
your public DNS zone and your private DNS zone.
Once the Exchange server is up and running in the test domain, configure
your firewall to route port 25 traffic (SMTP) to the server. Then, in
the Internet DNS zone, add an A (host) record that points at the public
interface of your firewall and an MX record that contains the name you
assigned to the A record. Don't forget to configure the firewall to allow
outbound port 25 traffic from the Exchange server.
You should now be able to send e-mail to and from accounts in the test
Exchange domain. For example, you can use OWA at the Exchange server (don't
install Outlook on an Exchange server to avoid conflicts with MAPI32.DLL)
to send an e-mail to your personal POP account then reply to the e-mail
and make sure the reply arrives at the Exchange account.
Once you're comfortable managing mail flow through the Exchange server,
you're ready to install an Exchange server in production. Use a Windows
Server 2003 member server. You can run Exchange on a domain controller,
but you get more operational flexibility by using a separate server. The
installation requires modifying the Schema of Active Directory, so make
sure you have a full System State backup of your domain controllers. (You
should have at least two domain controllers in the production domain.)
With the production server up and running, configure your firewall to
pass port 25 traffic to it. Then contact your ISP (or whoever hosts your
DNS zone) and have them modify the MX record for your production domain
to point at your firewall rather than the current POP server. Send a few
test e-mails to verify your configuration and you're done. Of course,
the configuration could be a lot more complicated, depending on whether
or not you use additional SMTP domains in your organization, but that's
the basic game plan.
Hope this helps!
Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.