Configuration EDGE

Summary

Configuration Edge Server. In this document, we will go without Edge subscription.

---

Overall Design

The public IP address is not displayed in the document.

Procedure

1. Edge Server preparation

1. Changing hostname

1. Change host name

2. Click ‘More’ and add domain suffix

3. Click ‘OK’ and restart

2. Proceeding installation

1. Check Edge Transport role when you proceed installation

2. The prerequisite is ‘.NET Framework 4.8’ and ‘Visual C++ 2012 Redistributable Package’.

3. Click install

4. Set up progress

When the set up completed, you can check these two application are recented added

3. Changing queue directory(Optional)

1. Stop ‘Microsoft Exchange Transport’

2. Open this file using this command on the ‘run’

   Notepad %ExchangeInstallPath%Bin\EdgeTransport.exe.config 
   

   

3. Change ‘QueueDatabasePath’, ‘QueueDatabaseLoggingPath’ I recommend seperate this path as other drive.

3.1 Create new disk if you need.

3.2 Enter the amount of space to shrink in MB

3.3 After shrink, allocate New Simple Volume

3.4 Assign drive letter properly

3.5 The new volum has been created

1. Set the both path as ‘D:\Queue\QueueDB’ As-Is

To-Be

1. Start ‘Microsoft Exchange Transport’ again

2. The Queue DB location has changed

4. Changing Log directory(Optional)

1. Changing log directory ```shell #Exchange 메일 송수신 Log 위치 변경 $path= “D:\ExchangeLogs”

#Transport Service Get-Transportservice|Set-TransportService -ConnectivityLogPath “$path\edge\Connectivity” -MessageTrackingLogPath “$path\MessageTracking” -IrmLogPath “$path\IRMLogs” -ActiveUserStatisticsLogPath “$path\edge\ActiveUsersStats” -ServerStatisticsLogPath “$path\edge\ServerStats” -ReceiveProtocolLogPath “$path\edge\ProtocolLog\SmtpReceive” -RoutingTableLogPath “$path\edge\Routing”-SendProtocolLogPath “$path\edge\ProtocolLog\SmtpSend” -QueueLogPath “$path\edge\QueueViewer” -WlmLogPath “$path\edge\WLM” -PipelineTracingPath “$path\edge\PipelineTracing” -AgentLogPath “$path\edge\AgentLog” -DNSLogEnabled $true -DnsLogPath “$path\edge\DNSLog”

#암시적 송신 커넥터 로그 활성화 Get-TransportService|Set-TransportService -IntraOrgConnectorProtocolLoggingLevel Verbose

In the shell
<img width="3544" height="236" alt="image" src="https://github.com/user-attachments/assets/abdfc3cb-6d8e-4173-9268-db0921f16cec" />


2. After execute the command, you can check the '**ExchangeLogs**' in the 'D:\'
<img width="566" height="266" alt="image" src="https://github.com/user-attachments/assets/3eacb4c2-cb42-41c0-a5a8-e000af740549" />


### 5. Specify the internal SMTP servers
```shell
Set-TransportConfig -InternalSMTPServers @{Add="<ip address1>","<ip address2>"...}

6. Binding Public Certificate on the SMTP Service

If you use public ssl certificate, you should bind the certificate on the SMTP service. Use following command on the Exchange management shell.

Enable-ExchangeCertificate -Thumbprint <Thumbprint> -Services SMTP

2. Set up Inbound flow on Edge

Before we start though, we will configure ‘External → Edge → Exchange’

1. Accepted Domain

New-AcceptedDomain -Name whtpq.com -DomainName whtpq.com

Now, the EDGE can receive from external mails regarding to ‘whtpq.com’ domain

Exteranl → Edge

2. Send Connector

New-SendConnector -Name "To whtpq.com" -AddressSpaces whtpq.com -SmartHosts 10.10.4.41

Now, the EDGE can send mails to the whtpq.com Exchange server(10.10.4.41)

External → Edge → Exchange

3. Set up Outbound flow on Edge

We will configure this flow: Exchange → Edge → External

1. Create Send Connector on the Exchange server side(Exchange → Edge)

1. Set the name and the type would be ‘Custom’

2. Route mail through smart hosts(edge, 10.10.4.44)

3. None for authentication

4. Set the domain as *

5. Add source server

6. Disable other connector which route to the internet directly

2. Create Receive Connector on the Edge server side(Exchange → Edge)

1. New receive connector

   New-ReceiveConnector -Name "From whtpq.com" -Bindings 0.0.0.0:25  -RemoteIPRanges 10.10.4.41-10.10.4.42 
   

   

2. Add permission to the new receive connector

   Get-ReceiveConnector -Identity "whtpqEDGE\From whtpq.com"|Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
   

   

3. Create Send Connector on the Edge server side(Edge → External)

1. New send connector

   New-SendConnector -Name "To External" -Internet -AddressSpaces *
   

   

2. Logging send/receive connector(Oprional)

   Get-ReceiveConnector|Set-ReceiveConnector -ProtocolLoggingLevel Verbose
   Get-SendConnector|Set-SendConnector -ProtocolLoggingLevel Verbose
   

   4. Check the meesage header if it’s working or not

   1. whtpqsuperuser@whtpq.com → leeyosebi@naver.com

3. MessageTrackingLog

4. Queue

5. Message Header

2. leeyosebi@naver.com → whtpqsuperuser@whtpq.com

1. /image is missing/

Reference

• https://learn.microsoft.com/en-us/exchange/architecture/edge-transport-servers/edge-transport-servers?view=exchserver-2019
• https://learn.microsoft.com/en-us/exchange/mail-flow/queues/relocate-queue-database?view=exchserver-2019
• https://learn.microsoft.com/en-us/exchange/antispam-and-antimalware/antispam-protection/antispam-on-mailbox-servers?view=exchserver-2019#step-3-specify-the-internal-smtp-servers-in-your-organization