Hosting multiple domains on Exchange 2003   

I am working with a company that hosts multiple .org's on Exchange 2003. 
After coming aboard I have been researching the way messaging is handled and 
am finding it in a way that I do not think is optimal. Many of these .org's 
do mass emailing during certain times throughout the year and when you look 
at the header information of the emails they are listed to originate from 
our actual domain.

My goal is to split up the traffic and make it start coming from their 
domain. The problem however is that this is something I have never been 
involved with and need some help nudges in the right direction.

This is what I think could be a good start...

Inbound mail flow will be coming through a PIX with multiple external facing 
IP's pointing to a SPAM filter(s) which will then pass off the mail to the 
front end servers which are running in a NLB cluster. I am planning on 
adding 1 internal IP address per primary domain on the NLB cluster and will 
have set port 25 under the Filtering Mode to "Multiple Hosts" and Affinity 
to "None." This will then at least help balance out SMTP traffic as well as 
provide fault tolerance when a front end is taken down.

Getting mail in is the easy part however and I have tested this thus far and 
it appears to be working the way I wanted and without any major issues. 
Recomendations / critiques here are still welcomed.

Outbound mail flow is where it gets a bit hairy for me because we are 
littlerally hosting 15 or so individual company domains and when the mail 
exits our system it exits as though it was from us, but with their domain.

Example of email header:

Received: by 10.140.144.8 with SMTP id r8cs11265rvd;
        Fri, 21 Dec 2007 08:46:58 -0800 (PST)
Received: by 10.142.241.10 with SMTP id o10mr755701wfh.27.1198255617628;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST)
Return-Path: 
Received: from altmail.ourcompaniesdomain.org ([OurCompaniesIPAddress])
        by mx.google.com with ESMTP id 5si1453613wrh.37.2007.12.21.08.46.57;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST)

Ideally what I would like to have happen is when a user from any of the 
domains we host sends an email it exists our system stamped as though it 
came from them and exits out the IP address listed in their external DNS 
records (such as mail.theirdomain.org) so the resulting header information 
would be as such.

Received: by 10.140.144.8 with SMTP id r8cs11265rvd;
        Fri, 21 Dec 2007 08:46:58 -0800 (PST)
Received: by 10.142.241.10 with SMTP id o10mr755701wfh.27.1198255617628;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST)
Return-Path: 
Received: from mail.theirdomain.org ([TheirDomainIPAddress])
        by mx.google.com with ESMTP id 5si1453613wrh.37.2007.12.21.08.46.57;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST)

The direction I am taking on this is to setup multiple SMTP virtual servers. 
One VS on each front-ends and then pointing to the NLB IP address. Under the 
SMTP virtual server properties / Delivery tab / Advanced setting 
Fully-qualified name to the companies primary mail domain name (aka 
mail.theirdomain.org). After this is done a SMTP connector with the 
companies particular domain names is used and is told to use the two 
specific front end servers which are acting as bridge heads.

However getting this far still results in the following header information.

Received: by 10.140.144.8 with SMTP id r8cs11265rvd;
        Fri, 21 Dec 2007 08:46:58 -0800 (PST)
Received: by 10.142.241.10 with SMTP id o10mr755701wfh.27.1198255617628;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST)
Return-Path: 
Received: from mail.theirdomain.org ([OurCompaniesIPAddress])
        by mx.google.com with ESMTP id 5si1453613wrh.37.2007.12.21.08.46.57;
        Fri, 21 Dec 2007 08:46:57 -0800 (PST).

I really think I am heading in the right direction unless maybe I am 
overcomplicating things? The final piece of the puzzle besides making sure I 
am heading in the right direction is to make mail actually flow out the 
correct IP address. The reason I say this is because when SMTP traffic hits 
the NLB cluster it then says it originated from the interfaces IP address, 
not the NLB IP address. At that point I would imagine the Cisco boys can do 
the proper routing to make mail flow out the correct external IP address.

As I sit here and type it all out It appears I may need to drop the NLB part 
and assign multiple IP's on each of the bridge heads and then do equal 
costing for two connectors...but I digress Please help.

Thank you,

Craig

date: Wed, 26 Dec 2007 18:28:21 -0500   author:   CraigI

Re: Hosting multiple domains on Exchange 2003   

Hi,
You would have to have each customers mail route out through a different 
outbound IP to achieve this.

If I am honest, this isn't such a big deal. If someone uses BlackSpider or 
MessageLabs their outbound mail will also state something like 
'outbound.messagelabs.com' or such.

I think the biggest issue you have (which is cosmetic) is the fact the PTR 
for your outbound mailflow IP is identifying as your companies. If you are a 
Hoster, then really this isn't such a big deal. If this isn't acceptable 
then change it... Have your mail still go outbound and identifying with this 
PTR and setup a blanket/vanilla one for all other customers, for example 
'outbound.hostedmessagingcompany.com'.

I work for a Hosted Exchange provider, and this is what we do.

Oliver

date: Thu, 27 Dec 2007 12:17:07 -0000   author:   Oliver Moazzezi [MVP]