TechRepublic Tutorial: With this workaround, you can run Exchange without a static IP

Strategies for implementing Exchange without having a static IP address

In the past, I had never used Microsoft Exchange Server for my organization because I did not have a static IP address to assign to it. However, when my need for an Exchange server forced me to look into workarounds, I was able to find a way to implement Exchange servers without actually having a static IP address. My solution eventually ran into some problems, such as SPAM overload, that stemmed from not having a static IP address.

Here is my case study for implementing Exchange servers and overcoming the difficulties associated with not having a static IP address.

My mail setup
The reason an Exchange server must be assigned a static IP address is that the server’s host name must be associated with the server’s IP address in the Internet’s various DNS servers. Without this mapping, it is impossible for mail to be routed to the domain(s) managed by the mail server.

This has always been a headache for me. I own three different small businesses, and have people who work for me on a contract basis scattered all over the country. As my operation began to grow a few years ago, I really wanted to implement an Exchange server and create mailboxes for all of my associates. I wanted the mailboxes to be accessible via OWA (Outlook Web Access) or via a POP3/SMTP client, such as Microsoft Outlook.

Unfortunately, I'm located in the middle of nowhere. The local telephone company has a monopoly over all telephone, cable television, and Internet communications in the area. The phone company does not issue static IP addresses and because of the phone company’s monopoly, there is no one else that I can lease an address from either.

Fortunately, a close friend stepped in and saved the day. My friend owns an ISP. In addition to hosting my various Web sites, my friend developed an e-mail system that allows me to create, modify, and delete e-mail accounts for my various domains through a Web interface. This allowed me to create all necessary e-mail accounts and offered additional flexibility in that the users can access the accounts via a Web browser or an SMTP/POP3 client.

The difficulties of not having a static IP
The solution worked great for several years. During that time, I installed three Exchange Servers in my lab network, but those servers were strictly for the purpose of testing and helping me to write Exchange-related articles. All of my e-mail was being handled by the ISP. In fact, if you look at the way that I was getting my e-mail, my setup wasn’t much different than what's done by the average home user. The only difference was that I have many more e-mail accounts than the average home user.

My solution worked great for a while, but over time, SPAM began to become a huge problem. I used to laugh at people who threw a fit over SPAM. I was never worried about messages being offensive or anything like that, if I received a SPAM, I just deleted it. It was that simple.

However, by the end of 2002, I was routinely receiving over 200 pieces of SPAM each day. This was just within my personal e-mail. It doesn’t count the mail in other mailboxes. Obviously, it takes some time to delete 200 plus pieces of SPAM every morning.

By June of 2003, the volume of SPAM that I was receiving on a daily basis had doubled to over 400 messages. I knew that I had to do something. I was wasting a lot of time every day just deleting SPAM. I was also starting to accidentally delete legitimate messages from my wife, my editors, and my employees because the messages blended in with the extreme volume of SPAM.

I had spent a lot of time during the early part of 2003 hunting for anti-SPAM programs that really worked. I discovered that there were very few good solutions for SOHO users. I found one good anti-SPAM program, but it had two big problems. First, Outlook still had to download all of the SPAM before the filtering ever began, and the filtering process took just as much time as manually filtering the messages did. The other problem was that a bug in this particular software kept causing Outlook to close every time that I tried to open a message.

The more that I looked around, the more I realized that the only way that I was going to get decent anti-SPAM protection was to implement a production-level Exchange server. Initially, I thought about buying a server and sending it to my ISP to use as my mail server and having my friend at the ISP put some good anti-SPAM protection on it.

The problem was that every anti-SPAM product that I had tested for stand-alone computers (except for the one that I just talked about) would sometimes delete legitimate messages, regarding them as SPAM. I wanted the server to be hosted at my location so that I could closely monitor what messages were being deleted, until I was confident that the software was doing its job accurately.

It was about this time that someone approached Relevant Technologies, a security company that I partly own, and asked us to write a white paper that compared the various Exchange anti-SPAM products against each other. During the course of researching the paper, I learned that GFI MailEssentials contained a POP3 client for Exchange. This client made it possible to have an Exchange server download my e-mail from my ISP on my behalf. By the time that I open Outlook, the mail has already been downloaded and most of the SPAM has been removed.

In the next section, I’ll show you exactly how I implemented this technology in my organization. In case you’re wondering, MailEssentials ended up fairing very well in my anti SPAM study. You can see the study here.

Linking Exchange to an existing mail server
The way that I implemented the Exchange in my organization was that I allowed my ISP to continue to host my Web domain and all of my mailboxes. I then installed MailEssentials onto my Exchange server. This software acts as a POP3 client and downloads all of my e-mail from my ISP.

I then created mailboxes on my Exchange Server and told the GFI software which Exchange mailbox should be associated with which Internet mailbox. The software downloads new messages every couple of minutes and scans them for SPAM prior to placing the messages into the Exchange mailboxes. I then connected Outlook to my Exchange server and accessed the Exchange mailbox rather than the Internet mailbox. As soon as I open Outlook, the messages are already there waiting for me because they have already been downloaded by Exchange.

Configuring the GFI software is a fairly straightforward process, but depending on how your organization uses its e-mail, there are a few tricky issues that you may have to figure out. To make the initial connection, I installed Exchange in the normal manner, but did not create an Internet Mail Connector. After installing the Exchange service packs, I installed MailEssentials onto the server.

Once MailEssentials was installed, I opened the Mail Essentials Configuration Console and selected the POP2Exchange container. Then I double clicked the General container appearing in the pane to the right to reveal the main POP2Exchange configuration screen.

As you can see in Figure A, this screen is fairly simple. There is a check box that you must select in order to enable POP2Exchange. Beneath this check box is a list of Internet mailboxes and the corresponding Exchange mailboxes. I’ll come back to these in a little while. Beneath the addresses is a field that allows you to control how often new messages are downloaded. As you can see in the figure, I have my server set to check for messages every two minutes. Keep in mind, though, that I only have about 10 mailboxes that I am downloading mail from. If you have more mailboxes, you will probably want to download messages less often to prevent overburdening your server or Internet connection.

Figure A

Beneath the download time option, you can specify what message size should not be downloaded. I tend to receive some pretty large attachments, so I told POP2Exchange not to download anything over half a GB in size. Most people will want to set this value to something much smaller. You can also control whether mail exceeding the size that you specify should be deleted or if you would rather that the postmaster (mail administrator) be informed of the message.

As I mentioned before, the tricky part is configuring the e-mail addresses. If you click the Add button shown on the screen shown in Figure A, you will see the Add POP3 Mailbox dialog box. As you can see in Figure B, this dialog box simply asks for your POP3 Server, your login name, password, and the e-mail address that the message should be delivered to.

Figure B

This screen is deceptively simple because there can be message-delivery problems if the SMTP mailboxes on your Exchange server don’t match up with the domain name used for the Internet mailboxes. For example, my private network contains two domains: and Because I was creating mailboxes on my production network, the mailboxes all had the address of My Internet domain, on the other hand, is It’s easy enough to configure POP2Exchange to take any message sent to and deliver it to The problem is that any outbound messages use the return address

This means that if someone sends me a message at, I can receive the message in my Exchange mailbox. If I send people messages from my Exchange mailbox, they will receive the messages. However, if they reply to messages that I have sent, the reply will go to Since this address isn’t publicly accessible, I would never get the reply and the senders will wonder why they are receiving a non-delivery report.

The solution is to use the exact same address for your POP3 Server as for your Exchange mailboxes. You can see an example of this shown in Figure C.

Figure C
You must use the same e-mail address for both your Internet mail account and your Exchange account to prevent delivery problems.

Of course, Exchange won’t just recognize your Internet address automatically. You have to associate this address with a user account. To do so, open the Active Directory Users and Computers console, right click on your user account, and select the Properties command from the resulting shortcut menu. When you see the account’s properties sheet, go to the E-mail Addresses tab. On this screen, you will see the SMTP address assigned to the account by Exchange. In my case, this was the address. Simply select this address and click the Edit button. You may now type in your Internet address. As you can see in Figure D, my Exchange account now thinks that it is Any Internet e-mail that I send now bears as the return address. This makes it possible for recipients to reply to a message that I have sent them and for me to receive that reply correctly.

Figure D

If you look carefully at Figure D, you will notice that I was using the Administrator account. The reason for that is that since my network exists in my home and the only employee who ever directly touches it is my wife, I always just log in as the Administrator. This presented an interesting challenge though. After implementing my Exchange server, any time that I sent someone an e-mail message, the message appeared to be from the name "Administrator" rather than from Brien Posey.

It would have been easy to create an account named Brien and start using it rather than the Administrator account, but that would mean having to reconfigure all of my desktops for the new account. It was easier to just change the Administrator account’s display name. To do so, I went back to the account’s properties sheet and went to the General tab. I simply changed the information on the General tab to reflect how I wanted my name to appear on outbound e-mail messages. You can see an example of this in Figure E.

Figure E

Still another challenge that I faced was the fact that I had an Outlook profile that was designed to open four different mailboxes. There are actually two ways that you can accomplish this in POP2Exchange. I solved the problem by going to my ISP mail setup and having all mail addressed to,,, and forwarded to the ibox. I then configured Outlook to open this one mailbox. This way, I have mail from all four accounts waiting for me in one place.

The other alternative would have been to use Exchange delegation. I could have given the Administrator account permission to open mail addressed to the other accounts and to send messages on behalf of the other accounts, but it was a lot less work using the technique that I chose.

There is one last step that you have to take to make everything work. You must close the POP2Exchange configuration section and select the General container from the GFI MailEssentials Configuration console. Right click on this container and select the Properties command to reveal the General Properties sheet. Now, select the Local Domains tab. You must now configure this tab so that the software knows the names of both your local domain(s) and your Internet domain(s). For example, on my system I specified and as my local domains, and as my Internet domain. You can see an example of this in Figure F.

Figure F

Final word
It took me about a day to install and fine tune the GFI software. I am happy to say that my mail is flowing perfectly and that the GFI software does an excellent job of filtering SPAM, although I have had to add to the default keyword list in order to improve the filtering.

When I started this project I never dreamed how much time it would save me. Every morning I would open Outlook and wait for hundreds of messages to download and then go through the messages to see which were SPAM and which were legitimate. The entire process usually took close to an hour. Now, when I open Outlook, the messages are already waiting for me and have already been filtered. In general, I tend to get about five or six SPAMs a day that slip through the filter, but this is much better than the hundreds that were arriving in my Inbox on a daily basis. I also have yet to lose a legitimate message to the SPAM filter.

I also took my implementation a step further by installing an Exchange-based antivirus program—Hauri’s ViRobot. Now, not only do I never have to look at SPAM, but I can also rest assured that any messages containing attachments have already been scanned for viruses before being placed in my Inbox.

Editor's Picks

Free Newsletters, In your Inbox