Configuring and installing Mail Exchange 2019

mail-exchange-2019.md

Microsoft Mail Exchange Server 2019 Installation

---

Download and install the prerequisites

• VC++ 2012
• VC++ 2013
• VC++ 2017
• .NET 4.7.2
• UCMA 4.0
• UCMA 6.0 Not needed

---

Run the following commands in powershell with admin

Install-WindowsFeature server-media-foundation

Install-WindowsFeature RSAT-ADDS

Install-WindowsFeature NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, RSAT-Clustering-Mgmt, RSAT-Clustering-PowerShell, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation, RSAT-ADDS

Setup Active Directory

• Server Manager > Manage > Add roles and features
• Tick Active Directory Domain Services
• Tick DNS Server
• Setup everything with your organisation name to be as domainname.local

Setup DNS Stuffs

---

Setup static ip

• Network and Sharing Center > Change Adapter Options > Assign Static IPv4 such as
• Ip Address : 192.168.0.29
• Subnet mask : 255.255.255.0
• Default gateway : 192.168.0.1
• Preferred DNS : 192.168.0.29
• Alternate DNS : . . .

Setup Reverse Lookup Zones

• Server Manager > Tools > DNS
• Right click Reverse Lookup Zones > New Zone
• Tick Primary zone & Store the zone in Active Directory...
• Tick To all DNS servers running on domain controllers in this domain: <domain.local>
• IPv4 Reverse Lookup Zone
• Network ID : 192.168.0 & then Tick Reverse lookup zone name:
• Allow only secure dynamic updates...
• Finish

Setup Forward Lookup Zones

• domain.local
• server name > Properties > Tick Update associated pointer (PTR) record
• Go to Reverse lookup zones & right click > refresh to see the new added one.
• cmd > nslookup should have Default Server either Unknown or domain name
• type domain.local it should show you your server ip (192.168.0.29)
• type 192.168.0.29 it should show you your servername.domain.local

Creating a UPN Suffix for a Forest

• Server Manager > Tools > Active Directory Domains and Trusts
• Right click on Tools > Active Directory Domains and Trusts
• domain.com > Add

Mail Exchange Installation

---

• Mount the Mail Exchange Server 2019 ISO and note down the Drive letter.
• Powershell Admin

cd E:/

./Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

./Setup.exe /PrepareAD /OrganizationName:"YOUR_DOMAIN_WITHOUT_.LOCAL_WORD" /IAcceptExchangeServerLicenseTerms

./Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms

• Double-click on the Setup.exe.
• After Successfull installation.
• Search in Start Menu Exchange Administrative Center or visit https://localhost/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2flocalhost%2fecp%2f%3fExchClientVer%3d15
• Enter username Administrator and its password that you set during active directory installation.
• You can also go to Exchange Management Shell and run the following command to check the status of the mailbox:

Get-ExchangeServer

• Add Mailbox Import Export role to your Administrator account in Exchange Management Shell

New-ManagementRoleAssignment –Role "Mailbox Import Export" –User Administrator

WildCard Certificate Generation

• Generate WildCard SSL Certificate using this link
• Along with adding it in Web Hosting, add also in Personal Section1 in certlm.msc

Mail Exchange Server configuration

---

• Restart the machine.

Servers configuration

---

servers

• Login to the Administrator ECP dashboard in browser using the link above where you can replace owa with ecp for admin dashboard.
• Go to servers add valid product key.
• Go to DNS Lookups > Select Intel(R) Gigabit Network other than All Networks.
• Go to Outlook Anywhere add mail.yourdomain.com in every field and select Basic in dropdown.

virtual directories

• replace your_machine_name.domain.local in the link in the following places:

Do not remote the parts after /xxxx/xxx only replace the above mentioned text.

• ECP: Internal & External
• EWS: External
• MAPI: Extenal
• Microsoft-Server-Active-Sync : Internal & External
• OAB: Internal & External
• OWA: Internal & External
• Powershell: External keep empty

certificates

• Edit the certificate that you added
• Select services > tick SMTP & IIS > Save

Mail flow configuration

---

accepted domains

• Add accepted domain domain.com
• Tick Authorative
• Make this default domain

email address policies

• Edit Default Policy.
• Email Address Format > Add > select domain.com.
• Tick `Make this format the reply email address.
• Click Save
• Click Apply on the right side column

receive connectors

• Edit Client Frontend
• Edit Scoping
• Add FQDN : mail.domain.com
• Save

send connectors

• Add
• Name : domain.com
• Type : Custom
• MX
• Add Address space > FQDN value set to *
• Select Server > Press Add > Ok
• Finish

Recipients configuration

---

mailboxes

• Add new mailbox and then select the email suffix as domain.com

Domain DNS Records Configuration

---

A Records

• Add a new A record
• mail.domain.com
• points to the public IP of your router.
• You can check your public IP using google search what is my ip

MX Record

• Add a new MX Record

Router Port Forwarding

443

• Add a port forward open rule
• External port 443
• Forward to Internal port 443
• Your server local IP = 192.168.0.29

25

• Add a port forward open rule
• External port 25
• Forward to Internal port 25
• Your server local IP = 192.168.0.29

Windows Firewall Settings

• Open TCP ports 443 and 25 both in Inbound and Outbound in Windows Firewall

Exchange Mail Activer Directory Preparation

Run the following command in your powershell with admin by mounting the .iso

Run the following powershell commands

Install-WindowsFeature ADLDS

E:\Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareDomain:domain.local

E:\Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareDomain

Enable SMTP For sending email using programatically

Run the following command in your Exchange Management Shell

Get-ReceiveConnector

• Note down the Identity of similar to this YOUR_SERVER\Client Frontend YOUR_SERVER

Get-ExchangeCertificate

• Note down the Thumbprint for the certificate which has Services ...WS..

$cert = Get-ExchangeCertificate -Thumbprint YOUR_THUMBPRINT_VALUE_HERE

$tlscertificatename = "<i>$($cert.Issuer)<s>$($cert.Subject)"

Set-ReceiveConnector "YOUR_IDENTITY" -Fqdn MAIL.YOUR_DOMAIN.COM -TlsCertificateName $tlscertificatename

• Open TCP ports 587 Inbound in Windows Firewall
• Now go to ECP Administrator > mail flow > receive connectors
• Edit Default Frontend YOUR_SERVER_NAME > security
• Tick Exchange users in Permissions groups: section

To test whether it is working or not, try the following command

$credential = Get-Credential

Send-MailMessage -SmtpServer MAIL.YOUR_DOMAIN.COM -Credential $credential -From 'mailbox@YOUR_DOMAIN.COM' -To '[email protected]' -Subject 'Test email' -Port 587 -UseSsl

Increase the Each Mail Attachment Size Limit

• Go to mail flow
• receive connectors
• three dots
• Organization Transport Settings
• Input the size in MB

How to See, Update, Cancel,Remove Export PST Request

• Run following commands in Exchange Powershell Management.
• Following command shows Export Requests Get-MailboxExportRequest
• Follwing command removes Completed Requests Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest

Congratulations

• Open https://mail.domain.com
• Try sending mail.

Helper Links

• Reduce High Memory Usage