We are a relatively small site: 350ish users, single NT4 domain, 1 PDC, 1
BDC, Single Exchange 5.5/NT4 server currently banging up against the 16Gb
store limit.

"Ordinary" users are configured with max 100Mb mailbox, about "Managers"
(bless them) have 200Mb each but over 50% users actually utilise more than
50% of their 100Mb capacity (usual story of a small number of users
constantly filling whatever you give to them whilst the majority read &
delete everything they receive).

Throughput is also relatively low in that we rarely exceed 75 inbound & 75
outbound SMTP emails an hour even at peak times. I don't (yet) have a handle
on internal email frequencies but again I expect them to be very low in
comparison to the sort of thing E2003 is capable of, even on a single
server.

BC requirements are generally really low (some bright spark seems to think
they can live without mailservers for 48hrs - can't see that getting through
to conception once the managers see it!) but I want room to manouvre in the
not too distant future. Clustering has been mentioned by a "consultant" at
one stage but I feel it's way overkill for their requirements (I already
manage a couple of clusters here so am well aware of the costs etc. of
them).

I'm looking to plan for an AD/Exchange migration and trying to understand
the options with FE/BE setups.

Initial requirement is to get over the mail store limits, so that means get
migrated/upgraded to AD and get an Exchange 2003 infrastructure in place.
However, I *know* that there *will* be a requirement for external (and
possibly internal) OWA and PDA access.

Current reading also indicates that, to be able to do anything more than
read Public Folders via OWA requires a FE server.

Other advantages I see are, if you have a FE/BE config, you can "seemlessly"
move users between BE servers (and presumably introduce new BE servers)
without any knowledge of the users (obviously except during the physical
move of a mailbox perhaps) as clients only ever access the FE server.

However, if a FE was hosted in the DMZ (we don't yet use reverse-proxying
although that might be investigated in future) would that be the same FE
server that we get clients to access internally, or would it be advised to
have a seperate internal FE server for internal clients?

How realistic, given the stated usage patterns, would it be to utilise the
likes of VMWare for FE & OWA servers/services, whilst utilising physical
servers for the BE/Mailbox servers?

We also need to look into the options re: Enterprise/Standard. 75Gb is
probably plenty, but I'm not keen on everything in one such large store due
to single point of failure for ALL malboxes, plus restore times for such a
large store. I'd probably prefer to use enterprise and split into multiple
25Gb stores or similar (possibly even smaller).

I've skimmed through a wad of MS documentation relating to FE/BE but all of
them imply either a single FE server or a DMZ-based proxy filtering back to
a single internal-based FE server, which I guess kind of gives a good
overall solution, but requires purchasing an ISA server /  software (we also
use SurfControl SMTP at the moment to pre-filter mails so that'd need to be
built in somewhere too.

Actually, for just this sort of use (no more than 20-30 simultaneous
external users peak load accessing email) would it be realistic to run ISA
on a decent VMWare host?

Any thoughts would be appreciated.

Paul