Exchange Server 2013 Service Pack 1 saw the return of the Edge Transport role, which was missing in the RTM release.

The Edge Transport role is involved in SMTP communications (email transport), and one or more Edge Transport servers are typically placed in a DMZ to satisfy the needs of organizations who require no direct connectivity between the internal network and the internet. Edge Transport can also serve this role for hybrid deployments with Office 365, so that mail flow between the on-premises organization and the cloud passes through the Edge server.

exchange-2013-edge-transport

Edge Transport also contains some additional transport agents that are not installed on Mailbox servers. Here is the complete list of transport agents for Edge Transport:

[PS] C:\>Get-TransportAgent

Identity                                           Enabled         Priority
--------                                           -------         --------
Connection Filtering Agent                         True            1
Address Rewriting Inbound Agent                    True            2
Edge Rule Agent                                    True            3
Content Filter Agent                               True            4
Sender Id Agent                                    True            5
Sender Filter Agent                                True            6
Recipient Filter Agent                             True            7
Protocol Analysis Agent                            True            8
Attachment Filtering Agent                         True            9
Address Rewriting Outbound Agent                   True            10

In comparison, here is the list for the Mailbox server role:

Identity                                           Enabled         Priority
--------                                           -------         --------
Transport Rule Agent                               True            1
Malware Agent                                      True            2
Text Messaging Routing Agent                       True            3
Text Messaging Delivery Agent                      True            4

For more on the Edge Transport server role in Exchange Server 2013 see the following articles:

About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.

Comments

  1. Jeffrey Morgan

    My military organization is looking to enable Outlook Web Access to domain users outside of our Boundary Security System. We are running EXCH 2013 with 2ea internal Client Access and 2ea Internal Mail servers; with 2ea Edge servers in our DMZ. OWA is enabled on our internal domain, but when our VIPs travel we would like to offer them OWA access from the External military WAN; which is currently blocked through our BSS firewalls. Does EXCH 2013 contain an option to enable OWA service from the Edge servers? Or is the only way to enable OWA externally is to permit HTTPS access to our Mail server through our Firewalls? We would prefer to NOT expose our internal Mail servers to external traffic/vulnerabilities if possible.

  2. Big D

    I am looking to install Exchange 2016 in to an existing exchange 2010 o365 hybrid. Currently the mx record points to o365 which we use for antimalware anti spam etc.

    Is it actually worth installing an edge transport server (we don’t have one at the moment)or just make sure that the new 2016 servers form the hybrid with o365 and tie the firewall rule down between o365 and our exchange 2016 servers?

    1. GodSaveTheQueen

      I would know the same, do we still need an Edge Transport in this scenario?

      Many thanks

  3. Neagu Emanuel

    Hello,

    I have a situation and i dont know if i need Edge Transport for this:
    i have multiple accepted domains in my EX2016 server and each user must use all those SMTP adress as a receiver and sender. The thing is, when a user receive and email to an SMTP ex: user@domain.com, the mail goes to all his inboxes. I want to set the Exchange server to filter and deliver the mail into the right inbox.

    Thanks a lot,
    Emanuel

    1. Avatar photo
      Paul Cunningham

      A mailbox has one primary SMTP address and can have multiple secondary SMTP addresses (also known as “aliases” to some people). Email sent to any of the SMTP addresses will be delivered to the mailbox. When the user sends email, it only goes from the primary SMTP address.

      If you need the person to have multiple email addresses to send from, then you’ll need to set up separate shared mailboxes for each address, and give them SendAs permissions to each one. Exchange doesn’t let a user choose which of their email addresses to send from, it has to be a separate mailbox.

      1. Emanuel

        Thank you for your reply,

        If i do as you said, if the user set his account on his mobile phone he wont have the option to chose “from” alias. So i created x SMTP adresses, so they can configure the main smtp as “exchange server” in phone and for the rest of smtp they can add them as pop/imap. When they want to send from ” y alias” they can simply chose “from” on iphone/android. But my problem is that the exchange server can’t filter the incoming mail to deliver to the specific mailbox/smtp adress. I will dig more and if i get some results i will posted here.

        Thanks,
        Emanuel

        1. Avatar photo
          Paul Cunningham

          I don’t really know what you mean by “filter the incoming mail”. Exchange will deliver the email to whichever mailbox has that SMTP address. If the user needs to send and receive with multiple different SMTP addresses, then each SMTP address needs to be set up on a separate mailbox. That’s the only way to achieve the sending *and* receiving.

          1. Emanuel

            It should deliver the email to whichever mailobx has that SMTP address, but it doesnt, it deliver the email to all SMTP address even each SMTP has his own mailbox. Example: i send to user@domain1.com and i get the same email to all smtp user@domain2.com, user@domain3.com etc.

            I really appreciate your time,
            Emanuel

          2. Avatar photo
            Paul Cunningham

            An SMTP address can only exist on one mailbox at a time. If you are receiving email sent to user@domain1.com in other mailboxes as well, then there is likely a transport/mail flow rule set up that is forwarding copies of the emails, an inbox rule, or a forwarding rule set on the mailbox. Mail doesn’t magically deliver to mailboxes that it wasn’t sent to. I can’t see your environment so I can only provide guidance. You need to look into this further than just looking at SMTP addresses on mailboxes.

  4. Bong

    I have a question. We are running exchange 2007 on 3 sites. We have the Edge server at one site and this is a bottleneck for the two sites are mails need to route to that edge only. Can we add 2 more edge servers on the other sites? Is Exchange 2007 supports this configuration? or do we need to upgrade to a higher version of Exchange. Need your advise.

  5. Classe

    Hey,
    If the inbound internet email is to go to O365, does it traverse through edge servers to internal and then back through edge again out to O365…? or is there more logic to outer edge to send it directly to O365 without sending in to Internal?

    Thanks,

  6. Alex

    Hi Paul,
    I have two on-premise MB/CAS servers running behind a Symantec Messaging Gateway which is internet facing (not yet in the DMZ but will be). The SMG is performing inbound and outbound mail scanning via separate built in ethernet adaptors. FWIW all machines are VM’s.

    I have two questions:

    What receive connectors (if any) would i need to set up between exchange & SMG?

    Is it absolutely necessary that i install the Edge Transport Server role on another box or is that the role that the SMG is serving?

    Thanks in advance.
    Alex

    1. Avatar photo
      Paul Cunningham

      The default connectors installed by the CAS role are all you need.

      Edge is not a required role. If you’re happy that the SMG is providing what an Edge could provide for you then no real need to install another server.

  7. afzal

    hi Paul could you explane mail flow if i have 2 mail box server 2k13 with DAG and 2 CAS 213 and one EDGE 2k13.

  8. Jean-Luc

    Hi Paul, Do you know if it’s possible to install “Address Rewriting Inbound Agent” on the Exchange mailbox Server?

  9. Juan Martinez

    Is it possible to enable the antimalware agent on the Exchange 2013 edge role? I see it comes with the script for enabling it, but in my case it doesn’t work

  10. Ismat Sahar

    Thanks Sir for sharing such a wonderful lesson regarding Edge Transport Rule Exchange Server 2013. i really enjoyed this lesson.GOD bless you…

Leave a Reply