Microsoft Exchange 2007
This documentation contains following topics.
1) Introduction to Exchange 2007 and Installation.
2) Storage Groups and Database Structure.
5) Recipient Objects (Mailbox)
6) Client Access Server (CAS) + POP/IMAP
7) Email Policies, Accepted Domain, Global Address List, Distribution List
Introduction
Microsoft Exchange Server 2007 is the latest release in messaging and
communications.
Exchange 2007 works with Active Directory.
Active Directory is Database which contains information about the organization.
Information about objects and their attributes. For example: information about
user, his email id, his cell phones no etc.
New Structure of Exchange 2007
We have five server roles in Exchange 2007.
1) Edge Transport server role
2) Hub Transport server role
3) Client Access server role
4) Mailbox server role
5) Unified Messaging server role
Multiple roles can reside on a single server, or multiple servers can have
the same role. For performance / load balancing you could have multiple
roles on multiple server.
Installation.
System Requirements:
64 bit processor
Minimum RAM 1 GB
Prior to installing Exchange 2007 you need to create an Active Directory.
Above you have to install all the components from 1 to 3 that are.
.NET Framework 2.0 :
Microsoft Management Console version 3
Powershell
On Step 4 you actually start the Exchange Installation.
Anti-Spam on Hub Transport
Setting Hub Transport for Anti-Spam in absence of Edge Transport.
Execute the script, in the script folder i.e. C:\Program Files\Exchange Server\Scripts\install-anitspamagent.ps1 after that you have to restart Transport service then you’ll get Anti-Spam Management tab in console.
Following are the levels of filtering.
1) Connection Filter
2) Sender and Recipient Filter
3) Sender ID Filter
4) Content Filter + Attachment Filter
Connection Filter: First Level of Filtering
IP Allow List: You could provide IP Address, or range
IP Block List: You could provide IP Address, or range
Safe Provider List (White List)
These are the third party agency providing the spam senders IP
Realtime Block List (Black List)
These are the third party agency providing the spam senders IP.
Sender and Recipient Filter
Block email from sender with blank sender information, block email from particular sender or domain, you could take the actions like REJECT, or STAMP the message
Recipient filtering, for block mail from outside to particular email ID inside the domain.
Sender ID Filter
It will query the DNS record of the domain from which mail was received to check whether it is authorized to send mail
Sender Reputation Filtering
If the sender is using open proxy, then most likely it is a spammer.
Content Filtering
Check the message for it being SPAM; you could set specific words for checking in the mail.
0 - for mail is not a spam
9 - Mails is likely to be spam
Depending upon SCL we could take actions like, delete, reject, and quarantine.
Attachment Filtering.
You could block attachment with specific extension.
#################################################################################################################
*5*
Mail Flow Troubleshooting
1) Mail Flow Troubleshooting
2) Message Tracking
3) Message Queue
1) Mail Flow Troubleshooter
Tools => Mail Flow Troubleshooter=> select symptoms, to display possible solutions.
2) Message Tracking
Tools => Message Tracking, put required parameter, you would log of the all the mails, and possible problems.
3) Queue Viewer
Tools => Queue viewer, go to mail properties, it would give detailed report.
Protocol Logging,
Logs information about our connections between our send connector, receive connectors with other server. Logs are made as CSV files
Step to enable protocol logging: Go To the properties of the connector on which you want to enable protocol logging, enable the checkbox.
##################################################################################################################
*4*
Here the options available are
Typical : This would install all the components excluding the Edge Transport server
Custom : Choose this to get options to install specific role on a specific server
As from our requirement for testing purpose we could install four Server Roles
on a single server.
Mailbox Server
Hub Transport Server
CAS : Client Access Server
Unified Messaging Server
Installing of Edge Transport on the same server as above is not supported.
In case we are not installing the Edge Transport we could have all the similar
functionality in the Hub Transport server role.
#############################################################
.
Storage Groups and Database Management.
Storage Groups : Storage Groups are just folders which provide logical
grouping of mail databases that share a single
set of logs.
Storage Architecture: Whenever a mail come to a mailbox it is processed
in memory, transaction log are written and then
data moved to the database.
Files Involved.
In the storage group you would find following files.
Mailbox.edb : This is the file where all the mail are stored.
Temp.edb : This is the temporary workspace for processing
transaction to your database.
.chk : this is the checkpoint files, keeps track of which transaction
has moved from transaction log to database,
Log files –
Current transaction log: As name suggests its current transaction log it is
always smaller than 1MB. Its name is smaller than
transaction log
Transaction log file : After getting to size 1 mb of size current transaction
log are renamed to long filename and are set aside.
.jrs extension : This are reserved for space emergency.
By default after installation we have “First Storage Group” and has Mailbox database.
Creating New Storage Group.
Open Exchange Management Studio => Server Configuration => select your server => In Database management Pane, => Right Click to create New Storage Group
In the Form you have to specify the Log files path.
After you have created the storage group you could create Mailbox database for that Storage Group.
Creating Mailbox database:
Right Click on Storage Group on which you want to create => Create Mailbox => specify the path where you want to create the database.
[Note: the Log files would be created in the path specified and the mail would be stored in the mailbox database]
Quotas : Right click and go to properties of the database.
Here you could configure following Items
Storage Limits, Warning limits + timings, Deletion Settings,
Circular Logging : Once a transaction log is completed and entered in
database, ,circular logging enables the server to write
over the completed transaction log this saves space on
the server, but the disadvantage is the you cannot do
recovery from the transaction log if they are lost.
Circular logging is to be set on the storage group, go to its properties here a
checkbox is there to enable / disable the circular Logging.
Mount / Dismount: Database should be mounted to access them, however
when for maintenance purpose required we could
mount / dismount from the properties of the Mailbox
database.
Log Files Path = Contains the Log Files.
System Files Path = Contains the .chk file and the tmp.edb database.
###############################################################################
.
Hub Transport
By default User can send mail to each other on same domain, but not to outer
domains on the internet, for sending and receiving mail we have to set SMTP
connectors,
SMTP Connectors : We have two types of connectors Receive connectors and Send connectors
Receive Connector : Is for Receiving Mails
We have two already established connectors
1) Client : Uses port 587, receive mail from NON MAPI client for SMTP relay
2) Default : Uses port 25, receives mail from internet, other hub transport, or edge transport
Send Connector : Is for sending mails, by default there is no send Connectors
Steps to creating Send Connectors:
1) Organization Configuration => Hub Transport => Actions Pane => Create New Send Connector.
2) In Wizard set Indented Use of Send Connector as internet
3) In Address put * to send all mail that are not for domain on the server out to outer domain.
The Transport Pipeline
Hub Transport can receive mail from Store Driver, Pickup Directory, or Receive connector
Store Driver : There is a service Exchange mail submission service, when a mail
is submitted, store driver pickups the mail from outboxes.
NOTE : If there are multiple Hub transport server, it would distribute the load.
Pickup Directory: To support legacy application.
Receive Connector: Receive mail from NON MAPI Client.
All mail coming from above goes into submission queue, categorizer picks up mail one at time, checks where it is heading.
If it is for outer domain it sends it to internet via send connector, if for other user on same domain sends it to his mailbox.
Client Access Server (CAS) + POP / IMAP
CAS: This is the Role which is responsible for accepting connections from NON-MAPI Clients
We have two types of connections here
1) Outlook Web Access
2) Outlook Anywhere
In Brief
1) Outlook Web Access
Allows access to mail through browsers.
Management of Outlook web Access.
Go To
Server Configuration => Outlook Web Access => owa properties.
Properties you could set
1) Outlook web Access URL
2) Authentication, Logon Format,
3) Segmentation , you could enable /disable the feature like Calendar, Address List, etc
4) Public computer / Private computer settings ( While logging into the owa user could choose whether the pc is public or personal , based on these, settings could be made so as to enable file access of specific format)
2) Outlook Anywhere:
You could have outlook outside the exchange network, connected via RPC proxy service.
What happens is that the RPC connects to exchange wraps the response in HTTP/HTTPS and sends it to the client.
Enable Outlook Anywhere:
Server Configuration => Actions Pane => Enable Outlook Anywhere
1) set the hostname
2) select Authentication mode.(Basic and NTLM)
Client Configuration: Select Proxy setting and enter the hostname of the Outlook Anywhere set earlier,
select the authentication method and its done.
POP / IMAP
POP and IMAP services are not started by default; you could start it and set it to automatic.
For Exchange 2007 without sp1 we have to configure advance settings through exchange shell, while in sp1 we get graphical interface.
LoginType, AuthenticatedConnectionTimeout, MaxConnections, MaxConnectionFromSingleIP, MaxConnectionsPerUser etc are settings that could be configured
#################################################################################################################
Email Policies, Accepted Domains, Distribution list, and Global Address List
Email PoliciesEmail Policies: Policy defines what the name should be for the user mailbox, i.e. the part before the @ sign. So that users get a particular naming standard.
Also we set email policy based on particular attribute-value
Creating Policy Go To
Organization Configuration => Email Address Policies=> New, it will start a wizard.Accepted Domains
Accepted Domain. We could created new domain for which this sever will take mails.
Three types of Domain
1) Authoritative : Mail is relayed to user in the exchange organization
2) Internal Relay : Mail is relayed to mail server to another Active directory forest
3) External Relay : Mail is relayed to mail server by the edge transport itself
Creating New Accepted Domain:
Go To
Organization Configuration=> Accepted Domains Pane=> Right click to create New Accepted Domain
NOTE : For Hosting Multiple Domain we could choose the domain as to be Authoratative Domain.
Also we could define Email Address Policies for above domain
Distribution List: Mass sending of mail, we could put user’s mailbox, mail contact, and other groups
Exchange 2007 supports the following types of distribution groups:
Exchange 2007 supports the following types of distribution groups:
Mail-enabled universal distribution groups : These are Active Directory distribution group objects that are mail-enabled. They can be used only to distribute messages to a group of recipients.
Mail-enabled universal security groups : These are Active Directory security group objects that are mail-enabled. They can be used to grant access permissions to resources in Active Directory and can also be used to distribute messages.
Mail-enabled non-universal groups : These are Active Directory global or local group objects that are mail-enabled. In Exchange 2007, you can create or mail-enable only universal distribution groups. You may have mail-enabled groups that were migrated from previous versions of Exchange that are not universal groups. These groups can still be managed by using the Exchange Management Console or the Exchange Management Shell.
Dynamic distribution groups : These are distribution groups for which membership is based on specific recipient filters rather than a defined set of recipients. Dynamic distribution groups were called query-based distribution groups in Exchange 2003
Creating Distribution Group:
Go To
Recipient Configuration => Distribution Group=>New Distribution Group=>Wizard Comes up.
We could set Distribution Group for any Group in Active Directory.
Dynamic Distribution Group => You could select recipient based on specific attributes
Global Address List: Includes all the recipient objects in the exchange, which helps
in finding a particular mail contact.
We could create our own address list based on specific department, location etc.
Organization Configuration => Mail Box => Address List
We have one default Global Address List.
Through Actions Pane we could create a new address list or sub address list (i.e. address
list inside other address list) based on specific Attributes.
Recipient Objects (Mailboxes)
Creating Mailboxes:
Steps,
Go To
Recipient Configuration => Mailbox=>Right Click or through Actions pane. =>Wizard comes up
Following are the types of Mailboxes.
User Mailbox: Active Directory user with mailbox on the exchange, this is the type we would be using.
Mail –Enabled Account: Active Directory Account and an external email.
Resource Mailbox: Account: Account set up for Rooms, equipment, so that we could schedule meetings etc.
Mail-Contact: Its not an Active Directory Account, it’s just an entry in Global Address List, or any other address list.
Linked Mailbox: Users that are part of separate trusted forest,
In the wizard we have to specify the Storage Group and the database where this mail will reside.
##################################################################################################################
*6*