Once we have installed Exchange Server 2016 in the organization, it requires configuring mail flow and client access in order to send to Internet and external clients such as Microsoft Office Outlook, and Exchange ActiveSync.
In my example I have taken a basic Exchange deployment with a single Active Directory site and a single simple mail transport protocol (SMTP) namespace.
Below are the steps involved in Mail flow and CAS server configuration:
Create a Send connector
Add additional accepted domains
Configure the default email address policy
Configure external URLs
Configure internal URLs
Configure an SSL certificate
Create a Send connector:
Send connector is the one which permits an Exchange server to send emails externally based on the configuration on it.
Open EAC and Navigate to Mail Flow Send Connectors Click on New:
In the new send Connector window, provide Name and select the type of Connector and click on next:
Select the Network Settings to send emails with the connector and click on Next:
Here we have two options available to route the emails.
MX record associated with recipient domain
: Using MX record as email routing option, the Exchange server will try to find target email server using DNS lookups. Make sure the internal DNS server can resolve external domain names while selection this option.
Route mail through smart host
: Smart hosts can be SMTP server of the Internet provider or any other SMTP server.
In my case I am selecting MX routing option send mail with this connector.
Provide the Address Space for which the send connector routes the mails: Click on Add:
Provide the Type, domain Fully Qualified Domain Name FQDN and cost and click on Save as below:
As we need to send emails to all target domain names, provided * as FQDN.
Review the Address Space configuration and click on Next:
In the new window, Click on Add to select the Source server Select the server click on Add and OK
Verify the Source Server Details and Click on Finish to complete the send connector configuration:
We can find the send connector as below:
: An inbound Receive connector will be created by default when an Exchange server 2016 is installed. This default Receive connector accepts anonymous SMTP connections from external servers; hence it is not required make any additional configuration for receive connector.
Add additional accepted domains:
An accepted domain is a SMTP namespace for which a Microsoft Exchange Server sends or receives emails. Accepted domains comprise the domains that the Exchange organization is authoritative. When exchange handles mail delivery for recipients in the accepted domain, the Exchange organization is authoritative. Accepted domains also include domains for which the Exchange organization receives mail and then relays it to an external email server.
We can see there is an MSExchangeGuru1.Local is added by default and the domain type is Authoritative. By default an active directory site's root domain will be added as accepted domain.
Configure additional Accepted Domain:
Open EAC and Navigate to Mail Flow Accepted Domains Click on New:
In the new Accepted domain window, provide the name, Accepted domain and select the domain type Save:
Configure the default email address policy:
Email address policies describe the email address format. By default, the default email address policy is created and applied to all recipient types and the default email address format is Alias@contoso.com. The default email address policy is typically acceptable; hence I will leave the default. If required we can add different email address policy and apply to recipients based on different criteria.
Open EAC and Navigate to Mail Flow Email address policies select Default Policy Click on Edit :
Configure external URLs:
It's required to configure the external domains, or URLs, on the Mailbox server's virtual directories and then configure public domain name service (DNS) records Before clients connect to our new server from the Internet.
In the below example have configured the same external domain on the external URL of each virtual directory. If you want to configure different external domains on one or more virtual directory external URLs, external URLs must be configured manually.
Open EAC and Navigate to Servers
Servers select Internet facing sever Click on Edit:
NOTE: In my example I have only one server:
NOTE: Once we have the external URL configured on the Mailbox server virtual directories, need to configure the public DNS records for Auto discover, Outlook Web App, and mail flow. The public DNS records should point to the external IP address or FQDN of the Internet-facing Mailbox server and use the externally accessible FQDNs that have been configured on the Mailbox server.
Configure internal URLs:
There are two options to configure Internal URLs depends on the addressing scheme that is in place already or the one which we want to implement.
Configure internal and external URLs to be the same
Configure different internal and external URLs
NOTE: If a new addressing scheme is deploying, its recommend to use the same URL for both internal and external URLs. Using the same URL makes it easier for users to access the Exchange server as they have to remember only one address.
Regardless of the procedure we choose, we must configure a private DNS zone for the address space which is configured.
Configure internal and external URLs to be the same:
This can be achieved by using Exchange Power Shell using the below steps:
Open the Exchange Management Shell on the Mailbox server.
Store the host name of the Mailbox server in a variable that will be used in the next step. In my case it is Exchange16
$HostName = "Exchange16"
Run the following commands in the Shell to configure each internal URL to match the virtual directory's external URL
Set-EcpVirtualDirectory "$HostNameECP (Default Web Site)" -InternalUrl ((Get-EcpVirtualDirectory "$HostNameECP (Default Web Site)").ExternalUrl)
Set-WebServicesVirtualDirectory "$HostNameEWS (Default Web Site)" -InternalUrl ((get-WebServicesVirtualDirectory "$HostNameEWS (Default Web Site)").ExternalUrl)
Set-ActiveSyncVirtualDirectory "$HostNameMicrosoft-Server-ActiveSync (Default Web Site)" -InternalUrl ((Get-ActiveSyncVirtualDirectory "$HostNameMicrosoft-Server-ActiveSync (Default Web Site)").ExternalUrl)
Set-OabVirtualDirectory "$HostNameOAB (Default Web Site)" -InternalUrl ((Get-OabVirtualDirectory "$HostNameOAB (Default Web Site)").ExternalUrl)
Set-OwaVirtualDirectory "$HostNameOWA (Default Web Site)" -InternalUrl ((Get-OwaVirtualDirectory "$HostNameOWA (Default Web Site)").ExternalUrl)
Set-PowerShellVirtualDirectory "$HostNamePowerShell (Default Web Site)" -InternalUrl ((Get-PowerShellVirtualDirectory "$HostNamePowerShell (Default Web Site)").ExternalUrl)
NOTE: Once the internal URL is configured on the Mailbox server virtual directories, we must configure the private DNS records for Outlook Web App, and other connectivity.
Configure different internal and external URLs:
Virtual Directories Click on Edit:
Under internal URL, replace the host name between https:// and the first forward slash (/ ) with the new FQDN that needs to be used and click on Save for all Virtual directories:
Configure an SSL certificate:
Exchange services like Outlook Anywhere and Exchange ActiveSync, require certificates to be configured on Exchange 2016 server; hence we must configure and an SSL certificates as per the requirement.
Microsoft MVP | Exchange Server