How-to multiple domains on one mail server (Full Version)

All Forums >> [Microsoft Exchange 2000] >> General



Message


drapp -> How-to multiple domains on one mail server (29.Feb.2004 10:55:00 PM)

Scenario...
Running Windows 2000 Server
Running Exchange 2000 Server
Running DNS / Active Directory

I am trying to learn and setup this server for web-hosting. Aside from my own company, I intend to host mail for other clients I have lined-up.

I can get default mail to my own domain, but now need to get support for the rest. I've read through MANY of the other message boards about adding Virtual SMTP, but that fails with some stupid message when trying to assign IP address. All the domains will be pointing to the same IP address and it complains about one already existing at such IP address, so I can't add a Virtual SMTP.

I've also looked into the Recipient Policies too and have been able to add the SMTP component there, but nothing seems to be hitting right.

So... With the following scenario, can SOMEONE help me figure / understand this stuff?

1. Server setup as MyServer.Com
2. IP address is (ex: 192.168.0.10)
3. First client hosting is OtherClient.Com
4. IP address is same (192.168.0.10)

I can't even get to a point of using Active Directory to allow me to add users to an OtherClient.com.

So...
If I want email to

Bill_Board@MyServer.Com
and
Bill_Board@OtherClient.Com

They need to be treated as completely different users. This scenario/name is just coincidence... How many "Bob Smiths" are there in the U.S. So, don't assume that "Bill_Board" here implies the same person.

Can anybody help? Thanks...

Don




vitro06 -> RE: How-to multiple domains on one mail server (1.Mar.2004 11:55:00 AM)

Hello Don,

If you manually add a 2nd, 3rd ... whatever IP address to the server NIC - then create the new SMTP virtual server, assign the new IP address [from drop-down box], stop and then restart the server SMTP service and the new virtual server will start. Obviously, you would need a MX record to the new address.

R/Bill

[ March 01, 2004, 11:59 AM: Message edited by: Bill Brown ]




drapp -> RE: How-to multiple domains on one mail server (1.Mar.2004 1:44:00 PM)

Bill, Thanks for the response... But clarification about the IP addresses.

IP setup scenario.
I have a server co-located at a data center and have been assigned 1 static IP address (ex: 200.200.200.200) That gets sent to my router/firewall. From behind the firewall is my server where all traffic is sent to (ex:192.168.0.10)

Since all internet visible responses will be assigned the 200.200.200.200 IP address, what IP addresses will I be assigning the NIC...

Will it be the internal network ex: 192.168.0.11, .12, .13, .14, .15 etc, or do I have to get more internet visible IP addresses...
200.200.200.201, .202, .203, .204, etc...

Also, due to this, what would the MX records look like... Would they still point to the main entry point 200.200.200.200 from the internet, but all the internal virtual SMTP IP addresses are the internal 192.168... versions?

Please confirm.
Thanks




uemurad -> RE: How-to multiple domains on one mail server (1.Mar.2004 3:40:00 PM)

Don,

As far as MX records go, on external DNS systems, the addresses have to be Internet Routable. They would not be your private addressing range of 192.168.x.x, but would all point to the same static IP 200.200.200.200 as the one domain you have working.

Do you control the domain names? Do you act as the external DNS? I'm sensing confusion about the difference between running DNS on Windows and actually resolving names for the outside world.

Once the message comes in, AD will find the appropriate mailbox by the SMTP addresses you attach to each mailbox. So if you want messages for Bill.Board@abc.com to end up in a separate mailbox than Bill.Board@xyz.com you just have to create separate users with unique addresses.




drapp -> RE: How-to multiple domains on one mail server (1.Mar.2004 4:15:00 PM)

As far as the DNS resolution, I am acting as the manager for the domains in question. ie:

1. MyCompany.com is registered with NetworkSolutions.com... On their entry, I have changed the DNS entries to point to my server (200.200.200.200) for resolution of everything (www, ftp, mail, whatever)

2. OtherClient.com is registered with GoDaddy.com... Likewise, on their registrar record, I have their DNS entry point to my server. Again, I handle the www, ftp, mail, whatever.

So... If I'm understanding all this stuff, as far as the outside world is concerned, All my IP resolutions will be directed to my static IP of 200.200.200.200. Of which, my router will actually pass in the requests via the internal network address of 192.168.x.x. Now, MS Exchange gets hold of the email request (via the header identifying the @MyCompany.com vs @OtherClient.com and simulates redirecting yet again to the internal IP address of 192.168.x.11, .12, .13, .14 for the Virtual SMTP servers? Then it delivers as it so needs to.

Am I getting close on this cycle?

Thanks




uemurad -> RE: How-to multiple domains on one mail server (1.Mar.2004 5:22:00 PM)

Don,

It sounds like you have most of the difficult part set up (the parts you don't fully control).

The address of the MX record still has to be Internet routable. What will happen is something like (paraphrasing):

1. An outside mail system wants to send a message to Joe.Schmoe@otherclient.com.
2. The outside mail system queries NetworkSolutions for the address of the DNS server for OtherClient.com and NSI responds with the address 200.200.200.200
3. The outside mail system queries 200.200.200.200 for the MX record for your mail gateway
4. Your DNS server replies with the address 192.168.x.x
5. The outside mail system attempts to send SMTP traffic (via port 25) to 192.168.x.x and fails

So, the address of your MX record has to be something reachable from the outside that understands what to do with port 25 traffic. That could be a router, a mail gateway, or your Exchange server. This should all work if the address of the MX record for OtherClient.com is the same as the for the MX record of MyCompany.com.

If they are the same, you might have to check your router to see what is happening to those port 25 packets destined for OtherClient.com.




drapp -> RE: How-to multiple domains on one mail server (1.Mar.2004 6:04:00 PM)

Thanks... Getting very close now...

Ok... got all that Querying / DNS and making the available 200.200.200.200 to my server. All the MX records should also be pointing to the 200.200.200.200 router IP...

However, once the email comes inside the firewall, and MS Exchange gets it, is this where it now does something like:

MS Exchange
1. Request for email coming in...
2. Determines email to Someone@OtherClient.com
3. MS Exchange looks at Virtual SMTP and finds it to be an alternate INTERNAL IP address assigned to the NIC (ie: 192.168.0.11, .12, .13)
4. MS Exchange relays to itself (INTERNALLY) to that IP address, gets resolution as a valid @OtherClient.com destination and allows mail to go through

Does that sound right?




uemurad -> RE: How-to multiple domains on one mail server (1.Mar.2004 6:43:00 PM)

Are you able to establish a Telnet session on port 25 to either your 192.168.x.x or 200.200.200.200 addresses? Let me know if you need instructions for doing that.




uemurad -> RE: How-to multiple domains on one mail server (1.Mar.2004 9:13:00 PM)

Just in case you don't know what I meant by the Telnet test, you should be able to test the connectivity for OtherClient.com by doing the following:

1. From a command prompt window, type TELNET 200.200.200.200 25 (that will open a Telnet session to your mail gateway using port 25)
2. After getting an acknowledgement from your gateway, type the following (don't get freaked out if you can't see what you're typing):
2a. HELO TEST<cr>
2b. MAIL FROM:joe.schmoe@abc123.com<cr>
2c. RCPT TO:jack.spratt@OtherClient.com<cr>
2d. DATA<cr>
2e. SUBJECT:Connectivity Test<cr>
2f. <cr>
2g. This is a test<cr>
2h. <cr>
2i. .<cr>
2j. QUIT<cr>

The above commands are not case-sensitive. <cr> indicates the Enter-key (carriage return), and step 2i above is a period followed by a <cr>. Please note any responses from your gateway and include them if you have any questions.




uemurad -> RE: How-to multiple domains on one mail server (1.Mar.2004 9:18:00 PM)

I forgot to mention that in the above instructions, "jack.spratt@OtherClient.com" should be a real SMTP address for that domain as defined in AD. If the test does not generate any errors, you should end up with a message in that Inbox.

For the parameters for the other commands - HELO (some systems require you to use EHLO instead), MAIL FROM:, Subject:, etc. - do not have to represent any real address or message.




drapp -> RE: How-to multiple domains on one mail server (12.Mar.2004 5:39:00 PM)

Still stumped...

Most prior options listed were not do-able. But I did stumble on to a couple things and maybe that can help clarify direction.

1. Under Active Directory/Domain trusts, I noticed something about "UPN"... some "alternative" that allows different suffixes to be entered to represent other "domains". This started to appear to work as I could create users for Me@Domain1.com and Me@Domain2.com (via UPN) However, this required me to enter a different "alias" name on the second as it still lists the person in Active directory as conflict with first instance of Me@Domain1.com (something about the alias for Pre-Windows2000 compliance allows it to go through).

So this doesn't appear to work as hoped.

My next stumbling came to how Active Directory is/can be setup. Currently it is set as a single domain. Should I update (or actually do full reload of server) to allow a FOREST format so the FOREST can recognize all the different POSSIBLE instances of

Me@Domain1.com
Me@Domain2.com
Me@Domain3.com

Thanks for any help that y'all may provide me.




pvong -> RE: How-to multiple domains on one mail server (12.Mar.2004 6:55:00 PM)

I'm not sure why this post is confusing me, but it is. I keep thinking this is a simple question with simple answer, but I might be wrong. Please answer these questions for me so I know exactly what you want.

1. Your domain is myserver.com. You have a user@myserver.com and that person can send/receive emails with no problems. You registered with a new domain (otherclient.com) and you want the same user to get emails for this new domain also..user@otherclient.com. Am I right about this?

2. You also want some clients to just get emails from this new domain.....otheruser@otherclient.com. Right?

3. You have both domains (MX records) pointing to your outside firewall's public IP. Right?

Am I missing something else?




drapp -> RE: How-to multiple domains on one mail server (12.Mar.2004 7:21:00 PM)

Close...
The examples of
Me@MyDomain.com and
Me@OtherDomain.com
are sample purposes only and not necessarily the exact same person. Such as there are probably thousands of "Bob Smith" across the united states. So, the Me does not necessarily mean the same person.

For the domains.
I have my domain registered and pointing to my public IP address (MyDomain.com).

I have clients on my web-server that I WANT to support their email needs too. So I could have a BobSmith@MyDomain.com and a client OtherClient with by-coincidence an employee Bob Smith. so HE would need a BobSmith@OtherClient.com.

Right now, it WOULD work if I had it as BobSmith1@OtherClient.com, but if that's the only email for that site, why does it require the "1" (or other suffix to differentiate). Also, for myself (having emails at 3 different domains), I dont want a Me@Domain1.com, Me2@domain2.com and Me3@domain3.com.

The Active directory will allow the use of the UPN to allow me to enter
Me@Domain.com
Me@OtherDomain.com
Me@ThirdDomain.com

HOWEVER, it requires a different internal user ID due to the Pre-2000 Windows users format. So, behind the scenes, the users are actually something like...
Me
Me_AtOtherDomain
Me_AtThirdDomain

for the Pre-2000 user login. By doing this, to login such as throuh outlook, I have to have my "login user" as the Pre-2000 name (Me_AtOtherDomain) instead of Just "Me"

So....
My thought was to reconfigure my machine as Active Directory setup as a Forest (as I will be responsible for maintaining users for the different domains in question and could have truely a "Me@Domain1" not conflict with "Me@Domain2". However, I'm unfamiliar with configuration of forests, and can a forest of domains all be managed and pointing to the same physical machine (as resolve by the same IP address).

Hopefully this clarifies more for you.

Thanks




pvong -> RE: How-to multiple domains on one mail server (12.Mar.2004 8:18:00 PM)

I understand what you're trying to do. You have 1 AD, 1 Exchange, multiple domains and possible some users with the same name. Basically, multiple domains for multiple companies under the same Exchange. This is what I would do.

1. In Exchange, I would create a new Information Store for each domain. Example, I would create an Information store for just everone under Otherdomain.com and another Information Store for thirddomain.com.

2. I would go into ESM and undo adding the other domains in the Recipient Policy. When it ask you if you want to erase this domain for all users, make sure to say yes. Don't worry, you're going to put all these back in. Do this so all your original users will not carry the new domains. Also this will solve your same name different company and different domains issue. Check your original users and make sure they are not carrying these new domain now. If they still are, you have to manually take them all out.

3. Once you clear them all out, put the domains back into the Recipient Policy, BUT DO NOT POPULATE THIS TO ALL USERS.

4. In AD - Create a different Organization Unit (OU) for each domain. I would create an OU call otherdomain and thirddomain. For clients in otherdomain, go into the OU and create a new user. If the user already exist, just call it user1. Trust me.

5. Then create a mailbox for this user pointing to the otherdomain.com Information Store. You will see that you can add an alias, this is where you'll change it for emails. The user will use user1 to login, but their email will be whatever you assign for the alias. Under the email tab of the properties, make sure no email addresses exist except for alias@otherdomain.com and make sure it's the Primary.

Just keep doing this and that should fix your problem. This will keep all your domains seperated in AD and all their Exchange stuff is kept in their own Information Store. This way, if the whole domain quits, you can remove all users in the OU and then just remove the whole information store and it will not affect the others. Do the same thing for thirddomain.com.

Phil

[ March 12, 2004, 08:21 PM: Message edited by: pvong ]




pvong -> RE: How-to multiple domains on one mail server (12.Mar.2004 8:29:00 PM)

Oh yeah, I forgot to mention a couple of things. You do not need multiple IPs. Just have your Firewall point all smtp port 25 traffic to your Exchange server. You really don't even need an internal DNS entry if you have your Internet Public DNS hosting these domains and you have the MX pointing to your one IP.




drapp -> RE: How-to multiple domains on one mail server (13.Mar.2004 12:32:00 PM)

Thank you all...

I guess the only thing I can do is the alternate login user ID for uniqueness and apply alias for actual email when spanning the different domains.

Thanks for the help all of you.

Don




Page: [1]