SBS 2011 domains & email setup

jezscott · 20 Oct 2013 at 19:49

Hi there,

I'm currently trying to setup Windows Small Business Server 2011 Standard edition for our office.

Our setup is currently looking like this:

We have many domains registered at 1and1.co.uk, but we only use 2 of them, which I'll call DomainA and DomainB.

DomainA, used for:
- Emails, using 1and1 mail server, accessed through Gmail clients and 1and1 webmail
- Website, using 1and1 website builder

DomainB, used for:
- name server, points to dyndns.org
- dyndns.org 'Standard DNS' service for access to our home and office routers (both Cisco RV042g), which automatically update dyndns.org with dynamic IP's from each location.
- Each location has a subdomain of domainB.com ie. home.domainB.com, office.domainB.com

Server
SBS 2011 has been updated, it is connected to the internet. Server is accessible via office.DomainB.com. SBS 2011 is a VM on ESXi 5.1.

Router
DHCP server disabled, ports 25, 443, 987 are open (confirmed with SheildsUp test) and points to the SBS2011 server. Port 80 not open as yet. Site-to-site VPN between home.domainB.com, office.domainB.com

Clients
Windows 7 pro x64 with Outlook 2013

Strategy
I would like to setup SBS 2011 in the simplest way possible to send and recieve emails using DomainA.com and I would prefer very little down time on DomainA.com emails or website while I try to figure out how to setup everything up.

Can I do this using the standard settings in 1and1 and dyndns?

Thank you very much for any suggestions!

jezscott · 21 Oct 2013 at 09:18

I'm not familiar with Smart Hosts but it sounds like a good idea. I'm just worried about ongoing costs.

There are currently only 5 of us but we do send/recieve a lot of large emails (architects practice) maybe 100 emails a day each some with large attachments.

GoDaddy was the only Smart Host listed in the SBS 2011 setup, although I cant find the service on the website. Socket Labs is free for 500 emails/month, but that is not enough and I'd rather not have to pay £25/month for 10k.

I'd rather not get a static IP as our office maybe moving twice in the next 12 months and the speed of the business service is less than half the domestic dynamic IP service using the same cables.

Dyndns seems to be working well and its only £20 per year.

I'm heading out now, but I'll get back to your other points later today.

jezscott · 21 Oct 2013 at 20:36

I looked into hosted email options
1&1 Exchange 2013 25Gb per user at £5.00/user/month
Google Apps 30Gb email and storage per user at £3.30/user/month
Office 365 50Gb-email + 25Gb-storage per user at £3.30/user/month

However, although there are currently only 5 of us, we send and receive from several different email address, including our own individual email address, several project email addresses (used for most correspondence), and office type email address (like office@, info@, fax@, etc) I need to manage who has access to these on a regular basis and there must be a better setup for shared access, project folder archiving etc.

I'm leaning towards a Smart Host for the reasons you've all suggested

Searching around I discovered the term "Smart Host" is also know as "Outgoing email relay" its not easy to find the exact service I'm looking for.

I'm looking at:

Prolateral
Mimecast
MXguarddog
SpamHero
ExchangeDefender
vamsoft Orf Fusion
prolateral
GoDaddy

Some of these it is fairly obvious what product I need, others I can't find it.

SSL certificate £50/year from GoDaddy (5 domains if signed up for 3 years)

We currently use Autodesk 360 to host our project files, its ok as it keeps document history, but I would prefer the flexibility of my own FTP.

jezscott · 21 Oct 2013 at 21:46

I will eventually get a Static IP, once we settle our office somewhere.

I'll look into hosted exchanges more tonight, I could just try the 1&1 option and cancel if its not what we need. Maybe the same with Office 365. Would a hosted exchange 2013 server integrate well with our SBS 2011 server?

We currently use WHS 2011 on an HP Microserver, however I've built a couple of almost identical servers for home and office to back up to each other over a VPN, so if the office server is difficult to recover from a problem, I could just swap it for the home server. They are both (don't laugh) all-in-one servers using esxi 5.1 and OI with napp-it setup in RAID-10. I'll also copy the files to an external hard disk, just incase.

We have Virgin Media and BT broadband into our dual WAN router, which switches to BT when our fast VM connection goes down (often).

I do need to look into UPS.

jezscott · 23 Oct 2013 at 13:48

So, just to check I have this right. Do we need 5 mailboxes or 25?

We currently have 5 people in the office. Each with their own 1&1 mailbox and each with their own free gmail account. We need additional mailboxes for temporary contract staff as and when we hire.

We have a number of alias setup in 1&1 such as [email protected], [email protected], [email protected]...
These have no mailbox and each are setup to forward to the correct people.

We have about 20 live project mailboxes, which are forwarded to the relevant members of each project. These projects each have mailboxes to allow us to search the whole project archive as different people join and leave the project.

Each user can email from all relevant email addresses. Most emails are sent and received through project emails (eg [email protected])

We currently have 2gb per 1&1 inbox which we empty every few months. This is especially annoying. Our gmail mailboxes archive every email received, each have over 30gb and are still ok. We occasionally back these up using 'Gmail backup' to our server.

jezscott · 25 Oct 2013 at 11:26

Thank you for the detailed advice! I was out yesterday so couldn't respond. I think I'd be ok following those tutorials setting up the Office 365 mailboxes and distribution groups.

I have already purchased SBS 2011, about a year ago and have not used it until now. It has Exchange and SharePoint built in. I would still like to use SBS for file sharing and remote access, but I'm still undecided on using it for our email.

We already have MS Office 2013 including Outlook 2013, so the MS Office 365 options including office would be a unnecessary, so that leaves the following:

Office 365 Small Business £3.30/user/month
Office 365 Enterprise E1 £5.20/user/month
Hosted email (Exchange Online Plan 1) £2.60/user/month

Enterprise E1, seems useful, as I'm interested in the options that have 'Site mailboxes' and 'Active Directory integration'

I need to confirm if I would still need an SSL certificate, to remotely access the server which is £49/year for multi domain from GoDaddy.

I'm waiting for a few companies to call me back about smart host / email relay services etc, so far I've come across the following:

turboSMTP 200emails/day £free
SendGrid 200emails/day £free
Prolateral 10emails/day £free (200/day £3.5/month)
SpamHero 100'000 emails £3/month
ExchangeDefender Essentials £0.30/user/month
Vamsoft Orf Fusion £100/year
MX Guarddog £Free + fussy arrangement

jezscott · 27 Oct 2013 at 00:37

I'm going to try to setup our server rather than use the cloud. I've come this far and lets face it, I'm on an OcUK forum; I like to tinker

My progress today:

Our emails and website are at DomainA using free 1&1 services

done - back up the 1&1 emails from DomainA

done - in 1&1 account, move the 1&1 website to DomainC (basically a shorter version of DomainA)

done - in 1&1 account, set DomainA to use Dyn.com name servers, this takes up to 12 hours!

done - add DomainA as a Zone to my Dyn account (Dyn won't let me swap from DomainB to DomainA, I will look into cancelling, or just let it expire)

done - use Dyn account to forward the URL of DomainA.com to DomainC.com with cloaking enabled, to keep our basic website up until we get a proper one designed.

done - use Dyn account to setup dynamic IP subdomains such as home.DomainA.com (for home router), office.DomainA.com (for office router), remote.DomainA.com (for SBS2011 server) etc.

done - Buy GoDaddy 'Multiple Domain UCC' for SSL Certificates for upto 5 subdomains of DomainA.

All of these changes and new services are still pending update/deletion/activation. The next phase tomorrow will be to setup the server. I will initially try to use the 1and1 servers as a Smart Host and see how it goes, then try one of the other free SMTP relay services mentioned previously ...then probably end up paying for a proper service. I'll look into it all more tomorrow morning, but my plan is:

pending - Incoming email: Point MX record to 1and1 mail server (probably not possible), or
- point MX record of DomainA DNS record to server remote.DomainA.com (virus/spam?)

pending - Outgoing email: relay mail to auth.smtp.1and1.co.uk using SMTP connector in exchange, or
- configure an MX record on exchange server back to 1and1 mail servers (apparently: mx00.1and1.co.uk Priority: 10 & mx01.1and1.co.uk Priority: 20)

I have 'Kaspersky Small Office Security', also purchased a year ago. This may take care of general virus's spam on clients, but probably not the exchange server, I need to look into it.

When I total into my incoming & outgoing emails, my email usage averages 1200emails and 524mb per month (peak 2300emails and 744mb) this email backs up most of the project emails, so the total office use (if set up efficiently?) shouldn't use much more than this. I should probably allow for double. This is both in & out though.

....as an aside, it has taken me all week to figure out I needed to uninstall the Windows Home Server Connector software before trying to use SBS's http://connect on the clients. Days of googling the error didn't help.

I'll buy the SBS 2011 companion book.

jezscott · 28 Oct 2013 at 16:40

Sunday not as productive as Saturday.

I started off with all the clients connected to the server using http://connect, the server ready to setup the certificates...

Then GoDaddy tells me I can't use .local for my internal domain; as I had selected a 3 year certificate. So my options were, not add certificate for server, reduce to 2 years and deal with later, or sort it out properly now. I went with the later.

So I couldn't just change the domain name in SBS 2011, I had to reinstall the whole thing. Then when I get the stage in the wizard that asks for domain name, it forces me to use .local! So I reinstall the server again and instead I use the Answer File Tool to enter my server name, internal domain as DomainA and full DNS as a subdomain ad.DomainA.com. Then off it went installing SBS 2011. When it loaded to desktop it spent the rest of the day downloading millions of updates, service packs etc. Just finished this morning. went through the wizards, added the users, but not added the certificate yet.

I went to each of the clients to reconnect to the new domain and none of them allowed me to select the user's profile as it had before and restoring the machines to an earlier date would leave their profiles corrupted, so I've asked everyone to empty their profiles of any data and I'll then go round and setup new workgroup profiles for each and then clean up all the old redundant profiles, then http://connect should work again.

Dyn is now temporarily redirecting DomainA emails to 1and1 webmail using 1and1's MX servers.

I have my architect hat on today, so not much progress until this evening when I can put my IT admin hat on.