There is a requirement to host the email infrastructure of a company across 2 different solutions, such that both the solutions share the same SMTP address space and the company can divide their mailboxes across the two solutions. This is typically done to allow a set of users to use one of the solutions for the value that it offers and allow the remaining users to derive benefit from the value delivered by the other mailing solution.
Essentially your critical requirements are not met entirely by one solution, but the benefits offered by that solution cannot be ignored either. In the case of Google Apps (GApps), some of the key management people, may need to use the GApps features and may need tighter integration with their G+ profiles etc, which will not be available with the Mithi solution. At the same time, the remaining set of users, have no need for all the capabilities of GApps and it would be most effective to host them on a simpler solution.
A Co-existence solution, as the name suggests, is a solution where 2 or more mailing systems work seamlessly together to provide a common/ shared address space (email domain name like acmecorp.com), and if possible a centralized directory for authentication and personal properties of entities (users, groups), and common contacts of all mailing systems to all users.
Such a solution allows the organization to host separate groups of users on different systems depending on their usage requirements. E.g. in an organization with 1000 users, a typical co-existence between Mithi SkyConnect and GApps will allow the organization to host 100 users on GApps and 900 on Connect Xf/Mithi SkyConnect, sharing a common domain name in their email ids, and with seamless mail flow between the users of both systems.
Key benefits of such a setup :
- It provides the critical features/ functionalities required by the top management in a way they would want.
- It also enables the organization to save big time on the overall infrastructure, management and upgrade costs, by ensuring that a majority of the users remain on a low-cost, resource-efficient system.
- It brings in value from the open world, which gives the business an IT edge, like archival, mobility for almost all types of devices, access to free clients and applications like Thunderbird, Jabber chat clients etc. E.g. With open technologies, you could use any Android based phone/ pad/ tab, iPhone, iPad, to get seamless access to email, calendar, chat, and address book, while on the move. A possibility like this allows the field force to be more connected to each other and not just the top management.
To explain the working, we have assumed an example domain of acmecorp.com and also assumed that there would be 100 users on GApps and 900 users on the Mithi Setup (Connect Xf or Mithi SkyConnect).
The GApps system has a feature which supports such co-existence configurations to share an SMTP address space. This is done via the
Google Apps > Settings for Email > Advanced Settings – Routing (Email routing)
You would need to configure catchall routing as explained below.
- On GApps setup, add the acmecorp.com domain and configure the 100 users, who will use the GApps setup.
- Also Add an alias to this domain called gapps.acmecorp.com
- On the Mithi setup, configure the remaining 900 user accounts who will access their mailboxes from the Mithi setup.
- On the GApps setup, configure the email routing for the catchall account (all mail meant for unknown email ids of acmecorp.com) to push this mail to the Mithi Connect Xf or Mithi SkyConnect server host name as the destination.
- On the Mithi setup, add and configure the remaining 100 accounts (whose mailboxes are on GApps) to forward mail to the corresponding email id on the alternate domain viz. gapps.acmecorp.com (forward to alternate domain)
The mail flow explanation which is below will make it clear as to why we need an additional domain as an alias on GApps.
Inbound Mail flow :
The MX for acmecorp.com and gapps.acmecorp.com will land on the GApps servers, which will deliver mail locally for the users hosted on the GApps server, and forward mail for unknown users to the host name specified for the Mithi server. GApps will assume that if the mail is destined for an email id of acmecorp.com, which doesn’t exist on GApps as a mailbox, is a user on the foreign email system and will use the configured destination host to route mail to the foreign mail server.
Mail destined for gapps.acmecorp.com is aliased to acmecorp.com e.g. mail sent to email@example.com is translated to firstname.lastname@example.org via the domain aliasing capability.
Local Mail flow on acmecorp.com domain :
- GApps to GApps : An acmecorp user of the GApps system sends a mail to another acmecorp user on the GApps system. This mail is routed internally within GApps and delivered to the recipient.
- GApps to Mithi : An acmecorp user of the GApps system sends a mail to another acmecorp user on the Mithi system. Since the recipient ID is unknown, GApps will route this mail via the catchall configuration to the Mithi server. The Mithi server accepts the mail and delivers it to the recipient’s mailbox.
- Mithi to GApps : An acmecorp user of the Mithi system sends a mail to another acmecorp user on the GApps system. The Mithi system will attempt to deliver the mail to the acmecorp.com recipient on the Mithi system, who is configured to forward the mail to an alternate domain with the same user id (forward to alternate domain). E.g. if email@example.com sends a mail to firstname.lastname@example.org, the mail delivery configuration of this user instructs the Mithi system to forward the email to email@example.com. This is routed to the Internet as an outbound mail and is received via the GApps system on the MX landing points. Thus the GApps system receives a mail for firstname.lastname@example.org, and because of the domain alias configuration of the gapps.acmecorp.com domain and the acmecorp.com domain, the mail is delivered to the email@example.com, which is then delivered to the recipient’s mailbox locally.
- Mithi to Mithi: An acmecorp user of the Mithi system sends a mail to another acmecorp user on the Mithi system. This mail is routed internally within the Mithi server and delivered to the recipient.
Outbound Mail flow :
- GApps to Internet :
- Mithi to Internet :
An acmecorp user on GApps sends a mail to an external recipient. This mail is routed to the Internet directly from the GApps system.
An acmecorp user on Mithi sends a mail to an external recipient. This mail is routed to the Internet directly from the Mithi system.
Virus and Spam control :
- Since MX is landing on GApps, the spam and virus scanning for all the mail is done by the GApps system. Thus the spam scanning on the Mithi system is disabled since it is redundant.
- Outbound mail from GApps are scanned for Spam by the GApps system.
- Outbound mail from the Mithi system are not scanned for spam.
- The virus control engine is enabled on the Mithi system and all mail (inbound, outbound and local) are scanned for viruses.
To ensure that the recipients can perceive the hybrid mailing system to be one, its important to configure the SPF record to contain the IP addresses of the outbound relay servers from both GApps and the Mithi setup. The SPF record has to be configured with your DNS service provider.
Address Books :
The Mithi users will see the entire address book since all the 1000 users are added to the directory (although 100 of them will not have their mailboxes there). This makes it possible for the users of the Mithi system to see a complete global address book comprising of all 1000 users. As for the GApps users, they will only see an address space of 100 users unless you can populate the Global address list on GApps with all the 1000 users and also maintain this during provisioning (Adding and deleting users)
The users on GApps and Mithi will maintain their own passwords in the respective directories and via the respective interfaces. The password policies etc will apply from the separate systems respectively.
Using this kind of coexistence, it is possible to achieve seamless mail flow, but not possible to have archiving done for all mail of all users at a single point. The archival will necessarily need to be configured at two different points, viz. for the 100 users on GApps and for the 900 users on the Mithi system.
To get this co-existence running with GApps, you would need to subscribe to the business edition of GApps. The features of forwarding to another domain/host that are required to enable this co-existence are not supported in the free(legacy) edition of GApps. Please check this link for more details on the different GApps editions. It may be noted that at the point of writing this blog post, Google’s free edition of GApps did not support the co-existence connector.