Mail Gateway Integration I: Prerequisites

Roles and Features

	Windows Server 2019	Windows Server 2016	Windows Server 2012
Server Roles	Web Server (IIS)	Web Server (IIS)	Web Server (IIS)
Features	.NET Framework 3.5 Features NET Framework 3.5 (includes .Net 2.0 and 3.0) HTTP Activation Non-HTTP Activation .NET Framework 4.5 Features ASP.NET 4.5 Windows PowerShell Windows PowerShell 2.0 Engine Windows Process Activation Service Process Model .NET Environment 3.5 Configuration APIs	.NET Framework 3.5 Features NET Framework 3.5 (includes .Net 2.0 and 3.0) HTTP Activation Non-HTTP Activation .NET Framework 4.5 Features ASP.NET 4.5 Windows PowerShell Windows PowerShell 2.0 Engine Windows Process Activation Service Process Model .NET Environment 3.5 Configuration APIs	.NET Framework 3.5 Features NET Framework 3.5 (includes .Net 2.0 and 3.0) HTTP Activation Non-HTTP Activation .NET Framework 4.5 Features ASP.NET 4.5 Windows PowerShell Windows PowerShell 2.0 Engine Windows Process Activation Service Process Model .NET Environment 3.5 Configuration APIs
Web Server Role (IIS) Role Services	Common HTTP Features Default Document Directory Browsing Static Content Health and Diagnostics Request Monitor Tracing Performance Static Content Compression Security Request Filtering Application Development .NET Extensibility 3.5 Management Tools IIS Management Console	Common HTTP Features Default Document Directory Browsing Static Content Health and Diagnostics Request Monitor Tracing Performance Static Content Compression Security Request Filtering Application Development .NET Extensibility 3.5 Management Tools IIS Management Console	Common HTTP Features Default Document Directory Browsing Static Content Health and Diagnostics Request Monitor Tracing Performance Static Content Compression Security Request Filtering Application Development .NET Extensibility 3.5 Management Tools IIS Management Console

Install Roles & Features

Open PowerShell as an Administrator
Run the following PowerShell command

Install-WindowsFeature Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Net-Ext,Web-Request-Monitor,Web-Http-Tracing,Web-Filtering,Web-Stat-Compression,Web-Mgmt-Console,NET-Framework-Core,NET-Non-HTTP-Activ,NET-HTTP-Activation

Firewall Rules

Traffic source (from)	Destination (to)	Port Protocol
Incoming
Devices (Internet)	Mail Gateway	443/tcp
Devices (e.g Wi-Fi)	Mail Gateway	443/tcp
Outgoing
Mail Gateway	Online Certificate Status Protocol Endpoint	80/tcp or 443/tcp
Mail Gateway	Certificate Revocation List	80/tcp 443/tcp

DNS

As Devices requires devices to connect via DNS, appropriate DNS entries must be setup for the Mail Gateway. This DNS entry should target your Mail Gateway and will be used later in the Exchange ActiveSync configuration as your Exchange ActiveSync server address. Within the following guides, the target name is set to smg.imagoverum.com.

SSL Certificate

A SSL certificate is required for the incoming email client traffic from the internet, e.g. for smg.imagoverum.com. The target devices must communicate over HTTPS and trust the server to ensure the data in transit is encrypted. Therefore, the SSL certificate presented on the Mail Gateway for the device access must be from a certification authority that is trusted by the devices. It’s recommended that you purchase a Subject Alternate Name (SAN) or Wildcard certificate, e.g. *.imagoverum.com for this purpose. This will ensure that devices will trust the server no matter what endpoint they connect to.

Next Step

Proceed with Mail Gateway Integration II: SSL Certificate, Binding and Config