Recent articles‎ > ‎

Microsoft Exchange 2007

 

This documentation contains following topics.

 

1)      Introduction to Exchange 2007 and Installation.

2)     Storage Groups and Database Structure. 

3)     Hub Transport

4)     Anti-Spam on Hub Transport

5)     Recipient Objects (Mailbox)

6)     Client Access Server (CAS) + POP/IMAP

 
 
Introduction
 
Microsoft Exchange Server 2007 is the latest release in messaging and
communications.
 
Exchange 2007 works with Active Directory.
 
Active Directory is Database which contains information about the organization.
Information about objects and their attributes. For example: information about
user, his email id, his cell phones no etc.
 
 
New Structure of Exchange 2007
 
We have five server roles in Exchange 2007.
 
1)  Edge Transport server role
 
2)  Hub Transport server role
 
3) Client Access server role
 
4)  Mailbox server role
 
5)  Unified Messaging server role
 
Multiple roles can reside on a single server, or multiple servers can have
the same role. For performance / load balancing  you could have multiple
roles on multiple server.
            
 

 
 
 
1)  Edge Transport server :  (like our Mail rescue)
 
The Edge Transport server role is unique to Exchange 2007, and consists of a standalone server that typically resides in the demilitarized zone (DMZ) of a firewall. This server filters inbound SMTP mail traffic from the Internet for viruses and spam, and then forwards it to internal Hub Transport servers. Edge Transport servers keep a local AD Application Mode (ADAM) instance that is synchronized with the internal AD structure via a mechanism called EdgeSync.
 
 
 
2)  Hub Transport server:
 
The Hub Transport server role acts as a mail bridgehead for mail sent between servers in one AD site and mail sent to other AD sites. There needs to be at least one Hub Transport server within an AD site that contains a server with the Mailbox role, but there can also be multiple Hub Transport servers to provide for redundancy and load balancing
 
 
 
 
3)  Client access server (CAS) :
 
 
The CAS role allows for client connections via nonstandard methods such as Outlook Web Access (OWA), Exchange ActiveSync, Post Office Protocol 3 (POP3), and Internet Message Access Protocol (IMAP).
 
 
 
 
4) . Mailbox server :
 
 
It acts as the storehouse for mail data in users’ mailboxes and down-level public folders if required. It also directly interacts with Outlook MAPI traffic. All other access methods are proxy through the CAS servers
 
 
5) Unified Messaging server :
 
The Unified Messaging server role is new in Exchange 2007 and allows a user’s Inbox to be used for voice messaging and fax capabilities.
                                        
 

 

Installation.

 

System Requirements: 

64 bit processor

Minimum RAM 1 GB

 

Prior to installing Exchange 2007 you need to create an Active Directory.

 

 

 
 

Above you have to install all the components from 1 to 3 that are.

 

.NET Framework 2.0 :

Microsoft Management Console version 3

Powershell

 

On Step 4 you actually start the Exchange Installation.

 
 

Here the options available are

 

Typical : This would install all the components excluding the Edge Transport server

Custom : Choose this to get options to install specific role on a specific server

 
As from our requirement for testing purpose we could install four Server Roles
on a single server.

 

Mailbox Server

Hub Transport Server

CAS : Client Access Server

Unified Messaging Server

 

Installing of Edge Transport on the same server as above is not supported.
In case we are not installing the Edge Transport we could have all the similar
functionality in the Hub Transport server role.

 

#############################################################

 

 .

 

Storage Groups and Database Management.

 

Storage Groups         :    Storage Groups are just folders which provide logical

                                       grouping of mail databases that share a single

                                       set of logs.

 

Storage Architecture:  Whenever a mail come to a mailbox it is processed

                                      in memory, transaction log are written and then

                                      data moved to the database.

 

Files Involved.

 

In the storage group you would find following files.

 

Mailbox.edb : This is the file where all the mail are stored.

 

Temp.edb : This is the temporary workspace for processing
                    transaction to your database.

 

.chk  : this is the checkpoint files, keeps track of which transaction
           has moved from transaction log to database,

 

Log files –

   

     Current transaction log:   As name suggests its current transaction log it is
                                               always smaller than 1MB. Its name is smaller than
                                               transaction log

 

     Transaction log file     :    After getting to size 1 mb of size current transaction

                                               log are renamed to long filename and are set aside.

 

    .jrs extension               :   This are reserved for space emergency.

 

 

 

By default after installation we have “First Storage Group” and has Mailbox database.

 

Creating New Storage Group.

 

Open Exchange Management Studio => Server Configuration => select your server => In Database management Pane, => Right Click to create New Storage Group

 

In the Form you have to specify the Log files path.

After you have created the storage group you could create Mailbox database for that Storage Group.

 

Creating Mailbox database:

 

Right Click on Storage Group on which you want to create => Create Mailbox => specify the path where you want to create the database.

 

[Note: the Log files would be created in the path specified and the mail would be stored in the mailbox database]

 

 

Quotas :  Right click and go to properties of the database.

                Here you could configure following Items

   Storage Limits, Warning limits + timings, Deletion Settings,

 

 

 

Circular Logging :  Once a transaction log  is completed and entered in
                               database, ,circular logging  enables the  server to write
                               over the completed transaction log this saves space on
                               the server, but the disadvantage is the you cannot do
                               recovery from the transaction log if they are lost.

 

Circular logging is to be set on the storage group, go to its properties here a
checkbox is there to enable / disable the circular Logging.

 

 

Mount / Dismount:  Database should be mounted to access them, however
                                 when for maintenance purpose required we could
                                 mount / dismount from the properties of the Mailbox
                                 database.

 

 

Log Files Path = Contains the Log Files.

System Files Path = Contains the .chk file and the tmp.edb database.

 

 
###############################################################################
 
 

 

Hub Transport

 

By default User can send mail to each other on same domain, but not to outer
domains on the internet, for sending and receiving mail we have to set SMTP
connectors,

 

SMTP Connectors  : We have two types of connectors Receive connectors and Send connectors
 
Receive Connector : Is for Receiving Mails
 

We have two already established connectors

 

        1) Client : Uses port 587, receive mail from NON MAPI client for SMTP relay

        2) Default : Uses port 25, receives mail from internet, other hub transport, or edge transport

 

Send Connector : Is for sending mails, by default there is no send Connectors

 

Steps to creating Send Connectors:

 

  1) Organization Configuration => Hub Transport => Actions Pane => Create New Send Connector.

        2) In Wizard set Indented Use of Send Connector as internet

        3) In Address put * to send all mail that are not for domain on the server out to outer domain.

 

The Transport Pipeline

Hub Transport can receive mail from Store Driver, Pickup Directory, or Receive connector

Store Driver : There is a service Exchange mail submission service, when a mail
                       is submitted, store driver pickups the mail from outboxes.

NOTE : If there are multiple Hub transport server, it would distribute the load.

Pickup Directory: To support legacy application.

Receive Connector: Receive mail from NON MAPI Client.

All mail coming from above goes into submission queue, categorizer picks up mail one at time, checks where it is heading.

If it is for outer domain it sends it to internet via send connector, if for other user on same domain sends it to his mailbox.

 

Mail Flow Troubleshooting

1) Mail Flow Troubleshooting

2) Message Tracking

3) Message Queue
 

1) Mail Flow Troubleshooter

Tools => Mail Flow Troubleshooter=> select symptoms, to display possible solutions.

2) Message Tracking

Tools => Message Tracking, put required parameter, you would log of the all the mails, and possible problems.

3) Queue Viewer

Tools => Queue viewer, go to mail properties, it would give detailed report.

Protocol Logging,

Logs information about our connections between our send connector, receive connectors with other server. Logs are made as CSV files

Step to enable protocol logging: Go To the properties of the connector on which you want to enable protocol logging, enable the checkbox.
 
 
##################################################################################################################
 
 
*4*
 
 
 
Anti-Spam on Hub Transport
Setting Hub Transport for Anti-Spam in absence of Edge Transport.

Execute the script, in the script folder i.e. C:\Program Files\Exchange Server\Scripts\install-anitspamagent.ps1 after that you have to restart Transport service then you’ll get Anti-Spam Management tab in console.

Following are the levels of filtering.

1) Connection Filter

2) Sender and Recipient Filter

3) Sender ID Filter

4) Content Filter + Attachment Filter

Connection Filter: First Level of Filtering

IP Allow List: You could provide IP Address, or range

IP Block List: You could provide IP Address, or range

Safe Provider List (White List)

These are the third party agency providing the spam senders IP

Realtime Block List (Black List)

These are the third party agency providing the spam senders IP.

Sender and Recipient Filter

Block email from sender with blank sender information, block email from particular sender or domain, you could take the actions like REJECT, or STAMP the message

Recipient filtering, for block mail from outside to particular email ID inside the domain.

Sender ID Filter

It will query the DNS record of the domain from which mail was received to check whether it is authorized to send mail

Sender Reputation Filtering

If the sender is using open proxy, then most likely it is a spammer.

Content Filtering

Check the message for it being SPAM; you could set specific words for checking in the mail.

0 - for mail is not a spam

9 - Mails is likely to be spam

Depending upon SCL we could take actions like, delete, reject, and quarantine.

Attachment Filtering.

You could block attachment with specific extension.

 

#################################################################################################################

 

 

*5*

 

Recipient Objects (Mailboxes)

Creating Mailboxes:

Steps,
Go To

Recipient Configuration => Mailbox=>Right Click or through Actions pane. =>Wizard comes up

Following are the types of Mailboxes.

User Mailbox: Active Directory user with mailbox on the exchange, this is the type we would be using.

Mail –Enabled Account: Active Directory Account and an external email.

Resource Mailbox: Account: Account set up for Rooms, equipment, so that we could schedule meetings etc.

Mail-Contact: Its not an Active Directory Account, it’s just an entry in Global Address List, or any other address list.

Linked Mailbox: Users that are part of separate trusted forest,
In the wizard we have to specify the Storage Group and the database where this mail will reside.
 
##################################################################################################################
 
 
 
*6*
 
 
 

 

Client Access Server (CAS) + POP / IMAP
 

CAS: This is the Role which is responsible for accepting connections from NON-MAPI Clients

We have two types of connections here

1) Outlook Web Access

2) Outlook Anywhere

In Brief

1) Outlook Web Access

Allows access to mail through browsers.

Management of Outlook web Access.

Go To

Server Configuration => Outlook Web Access => owa properties.

Properties you could set

1) Outlook web Access URL

2) Authentication, Logon Format,

3) Segmentation , you could enable /disable the feature like Calendar, Address List, etc

4) Public computer / Private computer settings ( While logging into the owa user could choose whether the pc is public or personal , based on these, settings could be made so as to enable file access of specific format)

2) Outlook Anywhere:

You could have outlook outside the exchange network, connected via RPC proxy service.

What happens is that the RPC connects to exchange wraps the response in HTTP/HTTPS and sends it to the client.

Enable Outlook Anywhere:

Server Configuration => Actions Pane => Enable Outlook Anywhere

1) set the hostname

2) select Authentication mode.(Basic and NTLM)

Client Configuration: Select Proxy setting and enter the hostname of the Outlook Anywhere set earlier,

select the authentication method and its done.

POP / IMAP

POP and IMAP services are not started by default; you could start it and set it to automatic.

For Exchange 2007 without sp1 we have to configure advance settings through exchange shell, while in sp1 we get graphical interface.

LoginType, AuthenticatedConnectionTimeout, MaxConnections, MaxConnectionFromSingleIP, MaxConnectionsPerUser etc are settings that could be configured
 
 
#################################################################################################################
 
 
 
 

Email Policies, Accepted Domains, Distribution list, and Global Address List

 

Email PoliciesEmail Policies: Policy defines what the name should be for the user mailbox, i.e. the part before the @ sign. So that users get a particular naming standard.

Also we set email policy based on particular attribute-value

Creating Policy Go To

Organization Configuration => Email Address Policies=> New, it will start a wizard.Accepted Domains

Accepted Domain. We could created new domain for which this sever will take mails.

Three types of Domain

1) Authoritative : Mail is relayed to user in the exchange organization
2) Internal Relay : Mail is relayed to mail server to another Active directory forest
3) External Relay : Mail is relayed to mail server by the edge transport itself

Creating New Accepted Domain:

Go To

Organization Configuration=> Accepted Domains Pane=> Right click to create New Accepted Domain

 

NOTE : For Hosting Multiple Domain we could choose the domain as to be Authoratative Domain.

          
Also we could define Email Address Policies for above domain

 

Distribution List: Mass sending of mail, we could put user’s mailbox, mail contact, and other groups

                          Exchange 2007 supports the following types of distribution groups:

 

Exchange 2007 supports the following types of distribution groups:

Mail-enabled universal distribution groups :  These are Active Directory distribution group objects that are mail-enabled. They can be used only to distribute messages to a group of recipients.

Mail-enabled universal security groups :  These are Active Directory security group objects that are mail-enabled. They can be used to grant access permissions to resources in Active Directory and can also be used to distribute messages.

Mail-enabled non-universal groups :  These are Active Directory global or local group objects that are mail-enabled. In Exchange 2007, you can create or mail-enable only universal distribution groups. You may have mail-enabled groups that were migrated from previous versions of Exchange that are not universal groups. These groups can still be managed by using the Exchange Management Console or the Exchange Management Shell.

Dynamic distribution groups :  These are distribution groups for which membership is based on specific recipient filters rather than a defined set of recipients. Dynamic distribution groups were called query-based distribution groups in Exchange 2003

 
 
Creating Distribution Group:
 
Go To
 
Recipient Configuration => Distribution Group=>New Distribution Group=>Wizard Comes up.
 
We could set Distribution Group for any Group in Active Directory.
 
Dynamic Distribution Group => You could select recipient based on specific attributes
 
Global Address List: Includes all the recipient objects in the exchange, which helps
in finding a particular mail contact.
 
We could create our own address list based on specific department, location etc.
 
Organization Configuration => Mail Box => Address List
 
We have one default Global Address List.
 
Through Actions Pane we could create a new address list or sub address list (i.e. address
list inside other address list) based on specific Attributes.
 

 

Comments