Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The Exchange Server settings you must get right

J. Peter Bruzzese, Dustin Cook | Jan. 12, 2016
Ensure a solid foundation for your on-premises Exchange Server installation with these essential setup tips.

This is also a good opportunity to review your receive connectors. Here you can set maximum incoming message size (default is 35MB -- remember to account for the roughly 33 percent MIME encoding overhead), whether to enable connection logging, security settings such as enforced TLS, and IP restrictions.

Client access

You have the basic mail routing configured and you can send and receive email. Now you need to get clients connected to your system so that they can actually use it.

Certificates

With Office 365, Microsoft uses its own namespace for Outlook Autodiscover, Outlook Web App, and SMTP connectivity over TLS. As such, Microsoft use its own certificates. For on-premises Exchange, you will need to purchase new certificates from a trusted CA to allow trusted secure connectivity to your systems.

Fortunately, Microsoft has made the process easy to complete. To start, open EAC and navigate to Servers > Certificates. Add a new certificate and choose to generate a request. A wizard will open and walk you through the process. You will be given the opportunity to choose your domain for each access type. In this example, I've mainly used webmail.exampleagency.com for everything.

Exchange Settings: Adding a new certificate
To add a new certificate, open EAC and navigate to Servers > Certificates. 

Once you finish the wizard, take your certificate request file and upload it to your preferred certificate authority (we used GoDaddy). You will then receive the certificate in the form of a CER file. Simply click on Complete and import the CER file to have the certificate be imported and enabled for use in your environment.

Virtual directories

Now that you have your certificate installed, it's time to tell Exchange what domains to use for what services. Navigate to Servers > Virtual Directories. From here, you should configure external access for each one. In this example, we have configured the OWA virtual directory to use webmail.exampleagency.com.

Exchange Settings: Configure external access domain
Navigate to Servers > Virtual Directories to tell Exchange what domains to use for what services. (Click to expand).

There are more complex topics to discuss such as client access arrays and load balancing, but those are best left for a more in-depth exploration than this article. For more information, see Microsoft's Exchange Server documentation on TechNet.

Security and compliance

Even though your data isn't in a public cloud, you still need to carefully consider security. For starters, make sure you're applying regular updates to both Windows Server and Exchange Server. The same advice for administrator accounts applies, as well; always use separate administrator accounts from regular accounts.

 

Previous Page  1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.