You have everything installed. Your databases are replicating. Your loads are balanced. Performance is being monitored. Now it's time to move on to actually getting mail into and out of your system.
Accepted domains and email address policies
Make sure all of your domains are listed with the proper domain type under Mail Flow > Accepted Domains, and your default domain is correct. If you intend on using email address policies, now is a good time to review them to make sure you have the right domains and username format selected. You can do so under Mail Flow > Email Address Policies.
As with Office 365, you need to get your DNS entries set up correctly before mail can route to your system or clients can autodiscover their settings. This is a bit more difficult for on-premises solutions because you will need to configure firewall rules to allow port 25 inbound to either your front-end or edge transport servers depending on your specific configuration.
You will need to first create an A record for the IP address of your MTA (Message Transfer Agent). For instance, we are using mail.exampleagency.com in our lab. Once the A record is in place, create an MX record that points to it. Your DNS hosting provider should have adequate documentation to cover the creation of these records.
For autodiscover, you will need to create either an A record to the IP address of your client access server or, if it is the same as your MTA, a CNAME record pointing to it. Again, for our lab we use a CNAME record of autodiscover.exampleagency.com pointing to mail.exampleagency.com since they are both using the same IP address. It is required that this record be autodiscover.yourdomain.tld since that is how Outlook Autodiscover will look for it.
Unlike Office 365, which we covered in a previous article, on-premises Exchange does not automatically create a send connector for you. To do so, open EAC (Exchange Admin Center) and navigate to Mail Flow > Send Connectors. A basic connector will merely send out to the Internet via DNS resolution.
If you are using a third-party messaging gateway such as Mimecast, you will configure that as a custom connector. This is also where you will set up any enforced TLS connections to other MTAs. For instance, Bank of America requires enforced TLS connections for its vendors. For this, you will need to use a Partner connector.
Sign up for Computerworld eNewsletters.