Good afternoon, all!
My company is starting a migration from dovecot on Linux using OpenLDAP to Microsoft Exchange using Active Directory. We have fewer than 10 employees, want to self-host and want a secure design that won't break the bank. I originally thought to have the mailbox server running on one of the two domain controllers and the client access running on a separate server in the DMZ. I've started to re-think this in favor of two independent servers.
Is there a design document out there on options for where to place which server in different scenarios? I see lots of information about large enterprise installations but nothing much for the small but secure installation. Management is set on having Exchange in-house, so hosted Exchange, no matter how much "more better" that would be, is not an option.
May thanks for looking into this!
Gregg