Exchange 2007 has introduces server roles based model, which provides better, strong Exchange infrastructure. With exchange 2003, when Enterprise needed some certain roles such as Exchange Bridge head server, just routes SMTP mail in and out to the Mail box server, we had to go back to Exchange Public folder databases and delete them all since server was not going to be used as mailbox server.
Most of the time e implemented in DMZ a hardware solution, as Mail gateways and Smart host with capabilities spam and virus scanning cap[abilities when mail get accepted from internet.
Now Exchange 2007 is providing this entire same requirement with plus enhancements, along with ROLE base more granular control over SMTP domain infrastructure and needs
Hub Transport Server Role (HTS)
Responsible for all message within the SMTP E-mail Domain, Every Mail is touched by Hub Transfer Role, When message send from user A to user B, Hub Transfer is responsible moving this message, even these user messages are sitting on the same Mail server.
Client Access Server Role (CAS)
This is as Close as Exchange FE( front End) Role in exchange 2003, so The key role of CAS is
All Client compliance connectivity pieces, Client connectivity protocol are handled here, including OUTLOOK Anywhere
POP3, IMAP4, Exchange active sink, Exchange web access.
Outlook Anywhere( new name for OWA)
Unified Messaging Server Role (UMS)
UM server is responsible handling inbounded calls , it is tight into voice mail , exchange 2007 client gets their voice mail right into their outlook.
Mailbox Server Role (MS)
MAPI connections will be handled on Mailbox Server Role.
User mailboxes will be sitting in the MS.
Edge Transport Server Role (ETS)
Sits in DMS, it is NOT a member of your domain ( it can be)
This is Smart Relay host, handling outbound and inbound SMTP traffic, and also
When E-mail hits the Edge transport role, Edge server talks to your Hub transport server back into your network and passes SMTP traffic on port 25.
Edge uses ADAM and sync the following information into the ADAM which is sitting on the local server
Designed to minimize the attack surface, the Edge Transport server handles all Internet-facing mail flow and provides Simple Mail Transfer Protocol (SMTP) relay and smart host services for the Exchange organization. Additional layers of message protection and security are provided by a series of agents that run on the Edge Transport server and act on messages as they are processed by the message transport components. These agents support the features that provide protection against viruses and spam and apply transport rules to control message flow
Edge sits on DMZ, your organization's perimeter network. Edge transport server role is sit by its own and Sits in DMZ. Edge won't handle any of the Client communications it is dedicated for SMTP communication only; it is Smart host or SMTP mail gateway for SMTP domain.
Main communication model will be Edge transport Server Role. Edge transport server role is optional but it is recommended. Edge transport server, who sits in DMZ, triggers the EdgeSync service over secure LDAP (TCP 50636) EdgeSync synchronization process provides one-way replication of data from Active Directory to ADAM, Changed data in ADAM never synchronizes to Active Directory.
Download the ADAM form a link I have provided. Here is recap for ADAM. An application can use Active Directory Application Mode to store "private" directory data, which is relevant only to the application, in a local directory service. The idea is simple and necessary, especially in new Exchanged 2007 role bases administration model.
Where does exchange 2007 store, attribute, configuration and recipient information
NTDS.DIT database is portioned database, and Exchange utilize following partitions.
How Exchange 2007 does determines the best route delivery mail within SMTP Domain
By the Cost of an IP site link, Exchange is Site Aware and will look at the Proper SITE in AD.
Exchange 2007 has delegation of administration summarized as below.
Exchange Organization Administrator ROLE
Read access to all Domain users Contains, access all exchange specific attributes and configuration data
Exchange Recipient Administrator ROLE
Must run Setup/PrepareDomain for each domain for this group to be applicable, Write access to all exchange-Specific attribute
Exchange View-Only Administrator ROLE
Read only type access
Exchange Server Administrator ROLE
Local administrator on the local Server.