SBS 2011 domains & email setup

jezscott

jezscott

jezscott

Associate
Joined
18 Oct 2002
Posts
322
Location
North London, UK
Hi there,

I'm currently trying to setup Windows Small Business Server 2011 Standard edition for our office.

Our setup is currently looking like this:

We have many domains registered at 1and1.co.uk, but we only use 2 of them, which I'll call DomainA and DomainB.

DomainA, used for:
- Emails, using 1and1 mail server, accessed through Gmail clients and 1and1 webmail
- Website, using 1and1 website builder

DomainB, used for:
- name server, points to dyndns.org
- dyndns.org 'Standard DNS' service for access to our home and office routers (both Cisco RV042g), which automatically update dyndns.org with dynamic IP's from each location.
- Each location has a subdomain of domainB.com ie. home.domainB.com, office.domainB.com

Server
SBS 2011 has been updated, it is connected to the internet. Server is accessible via office.DomainB.com. SBS 2011 is a VM on ESXi 5.1.

Router
DHCP server disabled, ports 25, 443, 987 are open (confirmed with SheildsUp test) and points to the SBS2011 server. Port 80 not open as yet. Site-to-site VPN between home.domainB.com, office.domainB.com

Clients
Windows 7 pro x64 with Outlook 2013

Strategy
I would like to setup SBS 2011 in the simplest way possible to send and recieve emails using DomainA.com and I would prefer very little down time on DomainA.com emails or website while I try to figure out how to setup everything up.

Can I do this using the standard settings in 1and1 and dyndns?


Thank you very much for any suggestions!
 
Are you intending to directly host your own email server using a dynamic IP? If you are then I'd suggest that you reconsider your options. If there’s a ‘Smart Host’ involved then that’s a different matter.

If you’re wanting to host it directly:

  1. Get a static IP.
  2. Get the rDNS configured to match the domain.
  3. Configure your 1&1 DNS with a MX record that points to your server.
The server side configuration should be handled by going through the ‘Getting Started Tasks’ in the SBS console.

To get everything working correctly you'll probably end-up needing to purchase and install a SSL certificate as well.
 
I'd recommend a smart host that can clean your incoming an outgoing mail - there are a lot of advantages in my opinion:

-you can avoid a static IP address
-you have anti-spam/anti-virus for email sorted
-You can lock down your edge firewall to only accept incoming mail on port 25 from the smart host

Open up port 25 for incoming (allow only the smart hosts range of IP addresses) and port 443 for Exchange webmail/RWA/Outlook Anywhere (these are the only 2 ports you need open for SBS 2011). Set up the user's mailboxes/Outlook (sounds like you don't use this at the moment which will help as the other client can continue to be used while you transition).

Lastly swap the MX records to point to the smart host, mail will then start to flow to Exchange on SBS - any that doesn't come in while the records propagate can be got at using the 1and1 webmail.

And as suggested above, purchase an SSL cert as the self signed one makes things more difficult for users. Some tips here.
 
I'm not familiar with Smart Hosts but it sounds like a good idea. I'm just worried about ongoing costs.

There are currently only 5 of us but we do send/recieve a lot of large emails (architects practice) maybe 100 emails a day each some with large attachments.

GoDaddy was the only Smart Host listed in the SBS 2011 setup, although I cant find the service on the website. Socket Labs is free for 500 emails/month, but that is not enough and I'd rather not have to pay £25/month for 10k.

I'd rather not get a static IP as our office maybe moving twice in the next 12 months and the speed of the business service is less than half the domestic dynamic IP service using the same cables.

Dyndns seems to be working well and its only £20 per year.

I'm heading out now, but I'll get back to your other points later today.
 
For smart hosts that also provide mail hygiene services have a look here:

http://forums.overclockers.co.uk/showthread.php?t=18500606

Plenty of options mentioned. I use SpamHero, ExchangeDefender, and Postini with clients. Think of them as a mail server in front of your Exchange server that sends and receives your mail for you. They also clean your mail as well. An added bonus I forgot to mention is that a lot of them will spool mail if your internet connection is down for a length of time or if your SBS hardware goes awol (has happened to some of my clients).

Your ISP may also offer this too, sometimes for free. In my opinion it's a no brainer as you don't have to deal with the spam/virus/junk mail in the user's mailbox. All you then need is a free dynamic dns host to keep track of your dynamic IP address (dyndns do a free one but you have to log into the portal every month).
 
Jez, I work for a very large architects practice but also helped and advised on many smaller ones over the years as staff have gone off to run there own business.

Big question, why setup Exchange internally for such a small group of people? personnel I would look at a hosted solution that can handle all your requirements and eliminate the issues the guys above are highlighting. It will also take a lot of issues and stress off your self or anyone else in the practice. 365 or some other 3rd party solution would be my approach. It will also help with these office moves your having as it will continue to let staff have incoming mail even if the system is down during the move.

Also worth thinking about SBS 2011 end of life coming closer and closer in time.

But if you're real set on having it all internally you really need to take on board the advice already given above. Smart Host who can handle your ques and spam is crucial and will help with any issues you may have.

You have mentioned large emails coming in? Have you thought about what impact this is having on your mail quotas, accessing inbox, sending these back to clients and backup? I would look at investing in ftp service or something like dropbox that can handle clients sending your files. A good system with a good front end will sever you better in the future. All our large files are sent via a ftp site and mailbox size limits locked to 10mb (use to be lot smaller but we can afford better internet lines now).

I think I could go on for hours with suggestions and ideas but I will leave it there. Thing you need to keep in your mind all the time is your clients and how effective having a in house system will be for that communication. If it ends up being problematic the business will go. I know architects like to do things on the cheap with IT sometimes :) but its thinking and maybe investing a bit more if it means keeping the work load coming in during this difficult time.
 
Second the hosted Exchange approach; this is what i advise most of my small-business clients now.

Unless there is specific reasoning, for such a small number of clients it really isn't worth the agro nor headaches implementing and overseeing an in-house Exchange server. Especially not when the budget is an issue, the correct infrastructure can't be put in place (using dynamic IPs is a no-no) and hosted mailboxes are so cheap - Office 365 Exchange mailboxes are ~£3 per user per month and takes about 20 mins to setup.
 
I looked into hosted email options
1&1 Exchange 2013 25Gb per user at £5.00/user/month
Google Apps 30Gb email and storage per user at £3.30/user/month
Office 365 50Gb-email + 25Gb-storage per user at £3.30/user/month

However, although there are currently only 5 of us, we send and receive from several different email address, including our own individual email address, several project email addresses (used for most correspondence), and office type email address (like office@, info@, fax@, etc) I need to manage who has access to these on a regular basis and there must be a better setup for shared access, project folder archiving etc.

I'm leaning towards a Smart Host for the reasons you've all suggested

Searching around I discovered the term "Smart Host" is also know as "Outgoing email relay" its not easy to find the exact service I'm looking for.

I'm looking at:

Prolateral
Mimecast
MXguarddog
SpamHero
ExchangeDefender
vamsoft Orf Fusion
prolateral
GoDaddy

Some of these it is fairly obvious what product I need, others I can't find it.

SSL certificate £50/year from GoDaddy (5 domains if signed up for 3 years)

We currently use Autodesk 360 to host our project files, its ok as it keeps document history, but I would prefer the flexibility of my own FTP.
 
jezscott said:
Office 365 50Gb-email + 25Gb-storage per user at £3.30/user/month

However, although there are currently only 5 of us, we send and receive from several different email address, including our own individual email address, several project email addresses (used for most correspondence), and office type email address (like office@, info@, fax@, etc) I need to manage who has access to these on a regular basis and there must be a better setup for shared access, project folder archiving etc.
Click to expand...
Nothing there that a hosted Exchange setup can't do, ie - multiple domains per user accounts, a number of distribution groups etc. And certainly with Office 365, the interface is pretty straight forward to use.

Again, i'd highly advise going with a hosted Exchange (personally would stay away from other mail services, Google Apps etc) solution as the headaches involved looking after and keeping an Exchange server running just outweigh any advantages with such a small number of users.


jezscott said:
I'm leaning towards a Smart Host for the reasons you've all suggested
Click to expand...
You're pretty much forced to use a relay/smarthost (not a bad thing though apart from cost) if you're not planning to stump up for a static address.


And obviously you want to make sure you have a number of backup solutions in place if handling local storage - onsite as well as off.

Good luck :)
 
I will eventually get a Static IP, once we settle our office somewhere.

I'll look into hosted exchanges more tonight, I could just try the 1&1 option and cancel if its not what we need. Maybe the same with Office 365. Would a hosted exchange 2013 server integrate well with our SBS 2011 server?

We currently use WHS 2011 on an HP Microserver, however I've built a couple of almost identical servers for home and office to back up to each other over a VPN, so if the office server is difficult to recover from a problem, I could just swap it for the home server. They are both (don't laugh) all-in-one servers using esxi 5.1 and OI with napp-it setup in RAID-10. I'll also copy the files to an external hard disk, just incase.

We have Virgin Media and BT broadband into our dual WAN router, which switches to BT when our fast VM connection goes down (often).

I do need to look into UPS.
 
Jez,

Simple Google comes back with this http://blogs.technet.com/b/sbs/arch...ndows-sbs-2011-essentials-released-today.aspx . Should be fine, it will just let you sync your AD with 365 and SBS. Not sure how easy 1&1 is to setup with AD integration but suspect it wont be as easy as using that module.

Tech sounds ok for now if your just going to stay with 5 people. Have done nearly the same for small office too in the past. Option you could think about is going pure Windows 2012 R2 with a Virtual DC on it if you have not purchased the SBS licence yet and go with the 365 route.

Backup also done the same but only as a short term solution. Maybe look at Crashplan as a option? just remember how long you have to keep architectural documents for :)

Did forget to mention the lines, guess those are not SDSL spec so hosted email will be better option again.

Yep, if your like me and have office power problems a UPS is good to at least tell the machines to power down correctly :)
 
As all ways RTFM before setting up or using a major product like this :)

Jez, just saw the post about the yesterday about the still going with the smart hosts. Remember look at the cost of these compared with hosted Exchange. Hosted Exchange will do all that smart hosts do plus more for probably not much more a month. Remember there still be significant costs involved hosting internally too. End of the day £3.30 a month per person is nothing in business terms to have a secure high availability system.

Visibleman right, in this case I wouldn't go with anyone else apart from Microsoft it will just make life complicated for you. Also the hosted solution will handle multiply domains and project/group email address fine just as you would have a internal system.

I would also look at the other packages Microsoft are offering? you could make good saving if you look at consolidating other services also under one account.

360 is a good option for you and you could easily use Skydrive in the mix as a basic collaboration system.
 
So, just to check I have this right. Do we need 5 mailboxes or 25?

We currently have 5 people in the office. Each with their own 1&1 mailbox and each with their own free gmail account. We need additional mailboxes for temporary contract staff as and when we hire.

We have a number of alias setup in 1&1 such as [email protected], [email protected], [email protected]...
These have no mailbox and each are setup to forward to the correct people.

We have about 20 live project mailboxes, which are forwarded to the relevant members of each project. These projects each have mailboxes to allow us to search the whole project archive as different people join and leave the project.

Each user can email from all relevant email addresses. Most emails are sent and received through project emails (eg [email protected])

We currently have 2gb per 1&1 inbox which we empty every few months. This is especially annoying. Our gmail mailboxes archive every email received, each have over 30gb and are still ok. We occasionally back these up using 'Gmail backup' to our server.
 
You'd purchase a single license for each permanent staff and then you'd purchase licenses on a monthly basis for contract staff (you forgot to mention that, so you'd need to work out costings etc) - but note, when you remove users, it free's up the license so you can swap users in and out etc.


Then setup (granted what you have is a tad messy but doable) is the same as a local server, just the interface differs.

So each user is setup with mailbox with a primary address, [email protected], and then you'd use standard email address aliases for [email protected]/[email protected]/[email protected] etc - Tutorial Here.
If however, a user needs to be able to send mail from one of the aliases attached to their mailbox then you'll need to bodge it with a distribution group (potentially you can use dummy POP accounts) as Exchange doesn't allow sending of mail from aliases (not that i'm aware of) - follow this tutorial.

For company wide address such as [email protected], [email protected], then you'd use vanilla distribution groups and assign users to the group accordingly.

And for the project addresses you'd also use distribution groups.

Again, if you need to send mail from a distribution groups (project groups etc) then follow the PowerShell section in the above tutorial.

As for backup/archiving, unless you pay up for the archiving feature from Microsoft then you're limited to exporting mail via Outlook (to a PST) or employing a similar setup as you do with your GMail accounts.
Unfortunately, i've yet to find a better solution here - if anyone knows otherwise, then please do share :)
 
Thank you for the detailed advice! I was out yesterday so couldn't respond. I think I'd be ok following those tutorials setting up the Office 365 mailboxes and distribution groups.

I have already purchased SBS 2011, about a year ago and have not used it until now. It has Exchange and SharePoint built in. I would still like to use SBS for file sharing and remote access, but I'm still undecided on using it for our email.

We already have MS Office 2013 including Outlook 2013, so the MS Office 365 options including office would be a unnecessary, so that leaves the following:

Office 365 Small Business £3.30/user/month
Office 365 Enterprise E1 £5.20/user/month
Hosted email (Exchange Online Plan 1) £2.60/user/month

Enterprise E1, seems useful, as I'm interested in the options that have 'Site mailboxes' and 'Active Directory integration'

I need to confirm if I would still need an SSL certificate, to remotely access the server which is £49/year for multi domain from GoDaddy.

I'm waiting for a few companies to call me back about smart host / email relay services etc, so far I've come across the following:

turboSMTP 200emails/day £free
SendGrid 200emails/day £free
Prolateral 10emails/day £free (200/day £3.5/month)
SpamHero 100'000 emails £3/month
ExchangeDefender Essentials £0.30/user/month
Vamsoft Orf Fusion £100/year
MX Guarddog £Free + fussy arrangement
 
Ahh the wonderful cloud,

Honestly you have everything set, just use SBS......forget the bull about Microsoft puulling support on SBS 2011, they are pulling the overall product all major components of SBS are being supported until 2018 and beyond+

Right, MX record change the two domains point to Exchange. Setup multiple accounts, Outlook 2013 allows you to open mutiple Exchange accounts and send from both, easy right! Don't use pop! Why? Static IP is a must if you want to use SBS properly, create PTR record or use ISP smart host, careful on relay file sizes if relaying.....

Backup is sooo easy with SBS its a crime, cheap usb hard disks rotate. Bare metal recovery from the bat, set Exchange rentention policy's if needed to trim mailboxes from lazy users, try and avoid PST collection's unless you have to. Your going to need a inhouse anti-virus solution so why not get one budled with anti-spam? Sophos?

If this was a new solution from scratch the above would be different
 
Last edited:
An SSL certificate is prefered but not essential, SBS 2011 will happily work without one, outlook anywhere and remote access are fine out the box
 
krozor said:
Honestly you have everything set, just use SBS......forget the bull about Microsoft puulling support on SBS 2011, they are pulling the overall product all major components of SBS are being supported until 2018 and beyond+t
Click to expand...

This. Even more so as you already have sbs sitting there waiting. Just do it properly (buy the Administrator's companion book, it's worth it) and use the wizards, use the wizards, use the wizards.
 
I'm going to try to setup our server rather than use the cloud. I've come this far and lets face it, I'm on an OcUK forum; I like to tinker :)

My progress today:

Our emails and website are at DomainA using free 1&1 services

done - back up the 1&1 emails from DomainA

done - in 1&1 account, move the 1&1 website to DomainC (basically a shorter version of DomainA)

done - in 1&1 account, set DomainA to use Dyn.com name servers, this takes up to 12 hours!

done - add DomainA as a Zone to my Dyn account (Dyn won't let me swap from DomainB to DomainA, I will look into cancelling, or just let it expire)

done - use Dyn account to forward the URL of DomainA.com to DomainC.com with cloaking enabled, to keep our basic website up until we get a proper one designed.

done - use Dyn account to setup dynamic IP subdomains such as home.DomainA.com (for home router), office.DomainA.com (for office router), remote.DomainA.com (for SBS2011 server) etc.

done - Buy GoDaddy 'Multiple Domain UCC' for SSL Certificates for upto 5 subdomains of DomainA.
All of these changes and new services are still pending update/deletion/activation. The next phase tomorrow will be to setup the server. I will initially try to use the 1and1 servers as a Smart Host and see how it goes, then try one of the other free SMTP relay services mentioned previously ...then probably end up paying for a proper service. I'll look into it all more tomorrow morning, but my plan is:

pending - Incoming email: Point MX record to 1and1 mail server (probably not possible), or
- point MX record of DomainA DNS record to server remote.DomainA.com (virus/spam?)

pending - Outgoing email: relay mail to auth.smtp.1and1.co.uk using SMTP connector in exchange, or
- configure an MX record on exchange server back to 1and1 mail servers (apparently: mx00.1and1.co.uk Priority: 10 & mx01.1and1.co.uk Priority: 20)
I have 'Kaspersky Small Office Security', also purchased a year ago. This may take care of general virus's spam on clients, but probably not the exchange server, I need to look into it.

When I total into my incoming & outgoing emails, my email usage averages 1200emails and 524mb per month (peak 2300emails and 744mb) this email backs up most of the project emails, so the total office use (if set up efficiently?) shouldn't use much more than this. I should probably allow for double. This is both in & out though.

....as an aside, it has taken me all week to figure out I needed to uninstall the Windows Home Server Connector software before trying to use SBS's http://connect on the clients. Days of googling the error didn't help.

I'll buy the SBS 2011 companion book.
 
You must log in or register to reply here.
Back
Top Bottom