Google Apps migration

0

If you are trying to migrate from your own Exchange server (in our case we are using Mac Kerio Connect which emulates Exchange) to Google Apps, it is a little mysterious how to do it, but the basic idea is similar to the Office 365:

  1. First signup for Google Apps. There are third parties that do this like bluehost.com or you can sign up directly at their site. It is $6/month for 30GB per user and $12/month for unlimited storage.
  2. Now validate your domain, you have to stick some strange TXT record thing in your domain name to be verified.

  3. If you are like me and careful about mail, then you need to create some MX records for Google apps, but leave your old MX record in place just in case. The values for the MX records are buried deep in the Google Apps console, they are in Admin/Apps/Gmail/Advanced Setup or there is a just a page that tells you the entries which come down to the address ASPMX.L.GOOGLE.COM and there are four backup servers called ALT1.L.GOOGLE.COM all the way through to ALT4. However, make sure your current mail server is at a lower priority (lower means deliver first in MX record land). That way you are just getting ready for migration

  4. Now you can run their MX record debugger to make sure you have the right ones and the most common problem is a Spam Protection Filter that needs to get fixed as explained to a very specific v=spf1 include:_spf.google.com ~all. Make sure you use a tilde and not a dash. If you are wondering what this means, use the “send permitted from v1” format. The include says to take anything from google.com on what to take. Then it says which places should the mail server get mail. One thing that is common is to put mx into there means that it will accept mail from any servers in the MX records. The ~all means do a “soft fail” for anything else. It parses it in order, so the ~all should go last.

  5. Setup DKIM which are encryption keys to reduce spamming and this is hard because the Google Help is confusing, but basically there are two admin consoles now. The legacy one and the new one. The new one, you find this by logging in and then navigating to Apps/GMail/Authenticate Mail. This generates a public key for the TXT record google_domainkey which you put into your DNS.

  6. Now you create some users and then go to the Migration section, type in the password for your user and the system will automatically migrate your mail to your gmail inbox (pretty awesome).

  7. You can migrate your contacts by saving your contacts into an Outlook CSV format and then loading into Gmail

  8. Same with calendards. Export as an ICS file. You can either user your client or your desktop application to do this (like Apple Mail, Contacts and Calendar).

  9. Note that you can still access your mail with your old IMAP, SMTP and CalDAV and CardDav typically by using the real mail server name (typically something like mail.yourdomain.com) so you can always go back.

  10. Note that if you use two factor authentication with Google Mail, then for login on IMAP you can use your usual password, but to send on SMTP via smtp.google.com, you have to use an Application Specific password. This is true for iOS Mail and for Apple Mail on OS X.

  11. Now you create a mail routes in the Hosts tab to your old mail system. In the Advanced section, you create a route and give it you SMTP port and old mail server name. You really want to test this first to make sure it works. So try with a client doing this logon and make sure that Google can impersonate you can forward mail on as needed. The main question is what is the host name and what is the port you want to use. It’s also unclear how passwords are handled. The normal thing is to use port 25 for unencrypted mail, but most mail servers require more security like a user password and a different port:

  • Bluehost uses port 25 and 26 for unencrypted SSL SMTP (bad!), 487 for encrypted SSL SMTP (good!) and port 993, 465 or 143 for or encrypted IMAP

  • Gmail uses 587 for encrypted SMTP, 993 for encrypted IMAP

  • Kolabnow uses 993 for encrypted IMAP and 587 for SMTP.

  • Kerio Connect uses 143 for encrypted IMAP, 587 for encrypted SMTP

  1. Now the big change is to insert Google Apps into your mail chain is what they call routing. First you need to know how to access your mail server SMTP port. This is because Google Apps will take over the MX Records and then can push. There are a couple of flavors:
  • Split delivery. This is good for migrations. It means some mail goes to Google Apps and other goes to another mail server.

  • Dual delivery. This means you get your mail delivered to both Google Apps and also to another mail server. This is good for migration cases where you want mail in both places.

Related Posts

© All Right Reserved