Microsoft Exchange 2007

This documentation contains following topics.

1) Introduction to Exchange 2007 and Installation.

2) Storage Groups and Database Structure.

3) Hub Transport

4) Anti-Spam on Hub Transport

5) Recipient Objects (Mailbox)

6) Client Access Server (CAS) + POP/IMAP

7) Email Policies, Accepted Domain, Global Address List, Distribution List

Introduction

Microsoft Exchange Server 2007 is the latest release in messaging and

communications.

Exchange 2007 works with Active Directory.

Active Directory is Database which contains information about the organization.

Information about objects and their attributes. For example: information about

user, his email id, his cell phones no etc.

New Structure of Exchange 2007

We have five server roles in Exchange 2007.

1) Edge Transport server role

2) Hub Transport server role

3) Client Access server role

4) Mailbox server role

5) Unified Messaging server role

Multiple roles can reside on a single server, or multiple servers can have

the same role. For performance / load balancing you could have multiple

roles on multiple server.

Installation.

System Requirements:

64 bit processor

Minimum RAM 1 GB

Prior to installing Exchange 2007 you need to create an Active Directory.

Above you have to install all the components from 1 to 3 that are.

.NET Framework 2.0 :

Microsoft Management Console version 3

Powershell

On Step 4 you actually start the Exchange Installation.

Anti-Spam on Hub Transport

Setting Hub Transport for Anti-Spam in absence of Edge Transport.

Execute the script, in the script folder i.e. C:\Program Files\Exchange Server\Scripts\install-anitspamagent.ps1 after that you have to restart Transport service then you’ll get Anti-Spam Management tab in console.

Following are the levels of filtering.

1) Connection Filter

2) Sender and Recipient Filter

3) Sender ID Filter

4) Content Filter + Attachment Filter

Connection Filter: First Level of Filtering

IP Allow List: You could provide IP Address, or range

IP Block List: You could provide IP Address, or range

Safe Provider List (White List)

These are the third party agency providing the spam senders IP

Realtime Block List (Black List)

These are the third party agency providing the spam senders IP.

Sender and Recipient Filter

Block email from sender with blank sender information, block email from particular sender or domain, you could take the actions like REJECT, or STAMP the message

Recipient filtering, for block mail from outside to particular email ID inside the domain.

Sender ID Filter

It will query the DNS record of the domain from which mail was received to check whether it is authorized to send mail

Sender Reputation Filtering

If the sender is using open proxy, then most likely it is a spammer.

Content Filtering

Check the message for it being SPAM; you could set specific words for checking in the mail.

0 - for mail is not a spam

9 - Mails is likely to be spam

Depending upon SCL we could take actions like, delete, reject, and quarantine.

Attachment Filtering.

You could block attachment with specific extension.

#################################################################################################################

*5*

Mail Flow Troubleshooting

1) Mail Flow Troubleshooting

2) Message Tracking

3) Message Queue

1) Mail Flow Troubleshooter

Tools => Mail Flow Troubleshooter=> select symptoms, to display possible solutions.

2) Message Tracking

Tools => Message Tracking, put required parameter, you would log of the all the mails, and possible problems.

3) Queue Viewer

Tools => Queue viewer, go to mail properties, it would give detailed report.

Protocol Logging,

Logs information about our connections between our send connector, receive connectors with other server. Logs are made as CSV files

Step to enable protocol logging: Go To the properties of the connector on which you want to enable protocol logging, enable the checkbox.

##################################################################################################################

*4*

Here the options available are

Typical : This would install all the components excluding the Edge Transport server

Custom : Choose this to get options to install specific role on a specific server

As from our requirement for testing purpose we could install four Server Roles

on a single server.

Mailbox Server

Hub Transport Server

CAS : Client Access Server

Unified Messaging Server

Installing of Edge Transport on the same server as above is not supported.

In case we are not installing the Edge Transport we could have all the similar

functionality in the Hub Transport server role.

#############################################################

Storage Groups and Database Management.

Storage Groups : Storage Groups are just folders which provide logical

grouping of mail databases that share a single

set of logs.

Storage Architecture: Whenever a mail come to a mailbox it is processed

in memory, transaction log are written and then

data moved to the database.

Files Involved.

In the storage group you would find following files.

Mailbox.edb : This is the file where all the mail are stored.

Temp.edb : This is the temporary workspace for processing

transaction to your database.

.chk : this is the checkpoint files, keeps track of which transaction

has moved from transaction log to database,

Log files –

Current transaction log: As name suggests its current transaction log it is

always smaller than 1MB. Its name is smaller than

transaction log

Transaction log file : After getting to size 1 mb of size current transaction

log are renamed to long filename and are set aside.

.jrs extension : This are reserved for space emergency.

By default after installation we have “First Storage Group” and has Mailbox database.

Creating New Storage Group.

Open Exchange Management Studio => Server Configuration => select your server => In Database management Pane, => Right Click to create New Storage Group

In the Form you have to specify the Log files path.

After you have created the storage group you could create Mailbox database for that Storage Group.

Creating Mailbox database:

Right Click on Storage Group on which you want to create => Create Mailbox => specify the path where you want to create the database.

[Note: the Log files would be created in the path specified and the mail would be stored in the mailbox database]

Quotas : Right click and go to properties of the database.

Here you could configure following Items

Storage Limits, Warning limits + timings, Deletion Settings,

Circular Logging : Once a transaction log is completed and entered in

database, ,circular logging enables the server to write

over the completed transaction log this saves space on

the server, but the disadvantage is the you cannot do

recovery from the transaction log if they are lost.

Circular logging is to be set on the storage group, go to its properties here a

checkbox is there to enable / disable the circular Logging.

Mount / Dismount: Database should be mounted to access them, however

when for maintenance purpose required we could

mount / dismount from the properties of the Mailbox

database.

Log Files Path = Contains the Log Files.

System Files Path = Contains the .chk file and the tmp.edb database.

###############################################################################

Hub Transport

By default User can send mail to each other on same domain, but not to outer

domains on the internet, for sending and receiving mail we have to set SMTP

connectors,

SMTP Connectors : We have two types of connectors Receive connectors and Send connectors

Receive Connector : Is for Receiving Mails

We have two already established connectors

1) Client : Uses port 587, receive mail from NON MAPI client for SMTP relay

2) Default : Uses port 25, receives mail from internet, other hub transport, or edge transport

Send Connector : Is for sending mails, by default there is no send Connectors

Steps to creating Send Connectors:

1) Organization Configuration => Hub Transport => Actions Pane => Create New Send Connector.

2) In Wizard set Indented Use of Send Connector as internet

3) In Address put * to send all mail that are not for domain on the server out to outer domain.

The Transport Pipeline

Hub Transport can receive mail from Store Driver, Pickup Directory, or Receive connector

Store Driver : There is a service Exchange mail submission service, when a mail

is submitted, store driver pickups the mail from outboxes.

NOTE : If there are multiple Hub transport server, it would distribute the load.

Pickup Directory: To support legacy application.

Receive Connector: Receive mail from NON MAPI Client.

All mail coming from above goes into submission queue, categorizer picks up mail one at time, checks where it is heading.

If it is for outer domain it sends it to internet via send connector, if for other user on same domain sends it to his mailbox.

Client Access Server (CAS) + POP / IMAP

CAS: This is the Role which is responsible for accepting connections from NON-MAPI Clients

We have two types of connections here

1) Outlook Web Access

2) Outlook Anywhere

In Brief

1) Outlook Web Access

Allows access to mail through browsers.

Management of Outlook web Access.

Go To

Server Configuration => Outlook Web Access => owa properties.

Properties you could set

1) Outlook web Access URL

2) Authentication, Logon Format,

3) Segmentation , you could enable /disable the feature like Calendar, Address List, etc

4) Public computer / Private computer settings ( While logging into the owa user could choose whether the pc is public or personal , based on these, settings could be made so as to enable file access of specific format)

2) Outlook Anywhere:

You could have outlook outside the exchange network, connected via RPC proxy service.

What happens is that the RPC connects to exchange wraps the response in HTTP/HTTPS and sends it to the client.

Enable Outlook Anywhere:

Server Configuration => Actions Pane => Enable Outlook Anywhere

1) set the hostname

2) select Authentication mode.(Basic and NTLM)

Client Configuration: Select Proxy setting and enter the hostname of the Outlook Anywhere set earlier,

select the authentication method and its done.

POP / IMAP

POP and IMAP services are not started by default; you could start it and set it to automatic.

For Exchange 2007 without sp1 we have to configure advance settings through exchange shell, while in sp1 we get graphical interface.

LoginType, AuthenticatedConnectionTimeout, MaxConnections, MaxConnectionFromSingleIP, MaxConnectionsPerUser etc are settings that could be configured

#################################################################################################################

Email Policies, Accepted Domains, Distribution list, and Global Address List

Email PoliciesEmail Policies: Policy defines what the name should be for the user mailbox, i.e. the part before the @ sign. So that users get a particular naming standard.

Also we set email policy based on particular attribute-value

Creating Policy Go To

Organization Configuration => Email Address Policies=> New, it will start a wizard.Accepted Domains

Accepted Domain. We could created new domain for which this sever will take mails.

Three types of Domain

1) Authoritative : Mail is relayed to user in the exchange organization

2) Internal Relay : Mail is relayed to mail server to another Active directory forest

3) External Relay : Mail is relayed to mail server by the edge transport itself

Creating New Accepted Domain:

Go To

Organization Configuration=> Accepted Domains Pane=> Right click to create New Accepted Domain

NOTE : For Hosting Multiple Domain we could choose the domain as to be Authoratative Domain.

Also we could define Email Address Policies for above domain

Distribution List: Mass sending of mail, we could put user’s mailbox, mail contact, and other groups

Exchange 2007 supports the following types of distribution groups:

Exchange 2007 supports the following types of distribution groups:

Mail-enabled universal distribution groups : These are Active Directory distribution group objects that are mail-enabled. They can be used only to distribute messages to a group of recipients.

Mail-enabled universal security groups : These are Active Directory security group objects that are mail-enabled. They can be used to grant access permissions to resources in Active Directory and can also be used to distribute messages.

Mail-enabled non-universal groups : These are Active Directory global or local group objects that are mail-enabled. In Exchange 2007, you can create or mail-enable only universal distribution groups. You may have mail-enabled groups that were migrated from previous versions of Exchange that are not universal groups. These groups can still be managed by using the Exchange Management Console or the Exchange Management Shell.

Dynamic distribution groups : These are distribution groups for which membership is based on specific recipient filters rather than a defined set of recipients. Dynamic distribution groups were called query-based distribution groups in Exchange 2003

Creating Distribution Group:

Go To

Recipient Configuration => Distribution Group=>New Distribution Group=>Wizard Comes up.

We could set Distribution Group for any Group in Active Directory.

Dynamic Distribution Group => You could select recipient based on specific attributes

Global Address List: Includes all the recipient objects in the exchange, which helps

in finding a particular mail contact.

We could create our own address list based on specific department, location etc.

Organization Configuration => Mail Box => Address List

We have one default Global Address List.

Through Actions Pane we could create a new address list or sub address list (i.e. address

list inside other address list) based on specific Attributes.

Recipient Objects (Mailboxes)

Creating Mailboxes:

Steps,

Go To

Recipient Configuration => Mailbox=>Right Click or through Actions pane. =>Wizard comes up

Following are the types of Mailboxes.

User Mailbox: Active Directory user with mailbox on the exchange, this is the type we would be using.

Mail –Enabled Account: Active Directory Account and an external email.

Resource Mailbox: Account: Account set up for Rooms, equipment, so that we could schedule meetings etc.

Mail-Contact: Its not an Active Directory Account, it’s just an entry in Global Address List, or any other address list.

Linked Mailbox: Users that are part of separate trusted forest,

In the wizard we have to specify the Storage Group and the database where this mail will reside.

##################################################################################################################

*6*

Page updated

Google Sites

Report abuse