Hosting Exchange on a Virtual Machine

K

K@izer§øze™

Well-Known Member
Joined
Mar 11, 2008
Messages
237
Reaction score
0
Location
Pretoria
Morning. I am currently setting up a domain using VMware. I already have a PDC and a Exchange server ( All Virtual ) I will be getting fixed Ip's sometime this week and will be tackling the nightmarish task of trying to set up my mx records correctly. I AM NOT a expert, but i've managed to get this setup to work so that i can join physical Pc's and virtual Pc's to my domain. We are currently using Pop3 download ( Internet mail ) , but the users are going apesh*t and using 10Gb on mails alone ( 40 users )

Is there any expert on here that will be able to help me and even give me some pointers on how to implement this system successfully?

Thanks in advance!
 
1. Implement mailbox size limits. So that the users won't go over their limits. Do let them know that you have implemented these limits and they have to adhere to it. They get 3 warnings from Exchange before Exchange blocks them.
2. Implement email attachment limits. Same as above. 10Mb is a good ballpark figure to go with - otherwise they'll clog your ADSL/Diginet line up with lots and lots of attachments.
3. Backup your Exchange DB on a regular basis. Very important!
4. Set aside a dedicated partition for your Exchange DB, and set the Exchange DB size to be 40% of that total partition size. Because if your Exchange DB gets corrupted, or you want to defrag it, then you have the space to work in.
5. You can also set up each and every Outlook with a .PST file so the user's email won't remain on the Exchange server. Normally Outlook and Exchange syncs data, and the data is duplicated - both on the user's workstation and on the server by default.
6. Implement incoming and outgoing spam filtering. Or route your email via an ISP so they can spool your email should your server(s) go down, and filter the email at the same time.
 
What version of VMWare are you using?
There is no real difference in running a MS Server in a virtual environment versus a real one. A bit more planning has to go into the planning, and what other virtual you plan to run on the same host.

If you are using exchange why don't you limit the size of mails folks are allowed to send and receive ?
 
That is why we are moving over to exchange to implement all the goodies u mentioned. Thanks, i appreciate. The real problem lies with the initial setup and once i have that done, and the domain is tranferred to the new ISP, I will start setting up rules etc. Currently, the users are downloading their mails to local machine (pst) and the problem with that is obvious. Hdd crash an all mails are gone. What is the approximate size of the Exchange DB? ( lets say 50 Users 1Gb mailbox size max )
 
Here's my setup. Im using as a basemachine a Intel Server with 2 x E5310 Xeon 1.60 Cpu's, 8Gb Ram and one 500Gb Sata and then a raid config of 4 x 500Gb Sata drives. Im Using Server 2003 R2 as my O/S and VmWare Workstation Version 6.0.2.

I am planning on running a Symantec Corporate Edition update server and possibly ISA server 2006. The SCE is also up an running and instyalling virus updates to my test machines successfully. The current setup is pop3 download with Vproxy.
 
I trust symantec, although its cumbersome and very resource intensive, the filtering and firewall option installed really is worth the schlep. Havent had any outbreaks or downtime with it installed. Can you suggest any other products thats got the network capabilities of symantec and is not priced through the roof?
 
I don't have anything to add to the conversation, but knowing Exchange and Windows 2003 and having worked with it before. Why would you want to run exchange with VMware? What are the benefits of doing this?
 
VMWare Server is also free, I'd suggest that over Workstation... I work with ESX / VMWare Infrastructure basically every day with over 80 machines (Prod, as well as Dev) and never had a issue with VMWare before...
 
AcidRaZor said:
I don't have anything to add to the conversation, but knowing Exchange and Windows 2003 and having worked with it before. Why would you want to run exchange with VMware? What are the benefits of doing this?
Click to expand...

With the low volume of users (40 I think), it's quiet possible. Should work very nicely based on the hardware spec that was provided...;)
 
Well, the benefits are numerous. For one, i dont have to buy 2 servers. It is not advisable to run your exchange on your PDC as you well know. So costing is a huge factor. Secondly, i dont need to purchase a 5U rack to keep my servers in. One Machine for PDC, Exchange, AV and ISO and one machine to run my Backups To . Thirdly, if my Exchange server " falls over ", it will take me less than 30 minutes to reload my virtaul machine and carry on.
 
If I understand you correctly you want to deliver email directly to your exchange virtual server? If so you'll need to use PAT or NAT to deliver through your firewall.

I ran an exchange environment for around 1500 mailboxes and the following limits worked for me.

1. 10MB send and receive limit on external mail
2. 150MB mailbox limit

Remember that the smaller you keep the store the easier it will be to restore in the event of failure and also do an offline defrag every 6 months.
 
Thanx, 150Mb sounds good. Mweb is supplying me with a cisco router and 4 ip adresses. I cannot access the routing tables. Will that be a problem? And yes, i want to have mail delivered to the exchange server directly. As i said, im no expert, so any help with this will be greatly appreciated.
 
K@izer§øze™ said:
Thanx, 150Mb sounds good. Mweb is supplying me with a cisco router and 4 ip adresses. I cannot access the routing tables. Will that be a problem? And yes, i want to have mail delivered to the exchange server directly. As i said, im no expert, so any help with this will be greatly appreciated.
Click to expand...

Oh I see. I've ran Small Business Server and can definitely say it's a bitch if something falls over. As for the 4 IP addresses etc. What I did was to get MWEB to port forward to a specific Internal IP address.

So any incoming traffic on one IP address from the outside would be forwarded to a specific internal IP address.

I imagine if you get all 4 IP addresses to route to your ISA Server you'd be able to route any port specific traffic on those IP addresses to the different virtual machines? Not really sure if a Virtual Machine has an IP address even ^^
 
You'll need to get them to update your DNS MX record as well to route email to your ISA server. From there you can reroute all traffic to any internal IP you choose. Maybe a better option would be a content filter/scanner solution from MWeb. They can block certain attachments/spam/viruses on there side and then forward relevant email to your ISA box. They would also give you access to the blocked email folders so you can release relevant email to your users.

I've used products like MailMarshal and Ironport which are very good.
 
The virtual machine bridges the base machine's ip. It gets a tad tricky. My Virtual machine ( PDC ) is my dhcp and dns server as well. As for the Port Forwarding. That sounds about right. I will call them and ask them to set it up from their side. So i will then need to set up my forward an reverse lookup zones to my internal range and my mx records as well? And im looking to for an alternative to ISA, one thats less complicated and something i can manage my users internet activity with. ( restricting access to all internet except banking and governemnt sites for some and unlimited access to other users ) Any ideas?
 
K@izer§øze™ said:
The virtual machine bridges the base machine's ip. It gets a tad tricky. My Virtual machine ( PDC ) is my dhcp and dns server as well. As for the Port Forwarding. That sounds about right. I will call them and ask them to set it up from their side. So i will then need to set up my forward an reverse lookup zones to my internal range and my mx records as well? And im looking to for an alternative to ISA, one thats less complicated and something i can manage my users internet activity with. ( restricting access to all internet except banking and governemnt sites for some and unlimited access to other users ) Any ideas?
Click to expand...

There are a few products you can use.

Bluecoat (very expensive)
Web Marshal
Squid (linux)

I would stick with ISA and yes, you'll have to have your PTR and MX updated. I would also get them to add an SPF record. Some spam filters for target emails addresses wont allow you to deliver email to them without all the info.
 
Well, it seems i have my work cut out for me. Thanx for all the tips and advice people, i really appreciate it.You are bound to see me on here more as the applications to Mweb went thru today and i'll be set up next week. I will post my progress here and im willing to answer as much questions anyone may have wrt the setup and problems i encountered along my merry way!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X