question

MatthewRidleyDigitalandICTServices-8427 avatar image
0 Votes"
MatthewRidleyDigitalandICTServices-8427 asked AndyDavid answered

Hybrid and Edge servers

Hi,

We are planning the move from Exchange On-premises to Exchange Hybrid and I have a few questions about the Edge Transport server and how it fits in.

The plan is to place an Edge Transport server in our DMZ so that incoming email from EOP will go via the Edge server before reaching the Exchange servers. This is to limit the exposure of our Exchange servers to the Internet
Does the Malware and Anti-Spam need to be enabled and configured on this edge server? Is there a recommendation for this?

We currently have a third party mail system that we use for email security and emails generated from servers on the DMZ are directed to this server and the email security server routes the emails either internally or to the Internet. This server will be going. Will we need an additional Edge transport server separate to the one used for Hybrid for this or can the Hybrid Edge transport server be used? I am not quite sure if the Edge transport server used for Hybrid can only be used for the Hybrid and nothing else.

Thank you

office-exchange-server-mailflowoffice-exchange-hybrid-itprooffice-exchange-server-deployment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndyDavid avatar image
0 Votes"
AndyDavid answered

The hybrid one will do. As long as the connectors are set up so it knows where to route the mail, you dont need a separate server!

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndyDavid avatar image
0 Votes"
AndyDavid answered MatthewRidleyDigitalandICTServices-8427 commented

You can install anti -spam on the Edge, yes.
https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antispam-protection/antispam-protection?view=exchserver-2019#antispam-agents-on-edge-transport-servers

Anti-malware is already enabled:
https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antimalware-protection/antimalware-procedures?view=exchserver-2019

I would argue that you dont need anti-spam however and would not enble on the Edge if you are routing everything to and from the internet through EOP ( Set your mx to EOP as soon as possible)

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you AndyDavid.
I am tending to agree with you on the Anti-Spam as emails will be coming through EOP anyway.

Are you able to comment on whether I would need a seperate Edge server so that I can send emails from servers on the DMZ or if the one used for Hybrid will do?

0 Votes 0 ·