˛ Under the Accepted Domains tab, we specify the SMTP domains for which our Exchange 2007 organization should either be authoritative, relay to an e-mail server in another Active Directo
Trang 1˛ When you set a remote domain, you can control mail fl ow with more precision, specify message formatting and policy, and designate acceptable character sets for messages that are sent to, and received from, the remote domain
˛ Under the Accepted Domains tab, we specify the SMTP domains for which our Exchange
2007 organization should either be authoritative, relay to an e-mail server in another Active Directory Forest within the organization, or relay to an e-mail server outside the respective Exchange organization
˛ E-mail address policies were known as recipient policies back in Exchange 2000 and 2003 Exchange address policies defi ne the proxy addresses stamped onto recipient objects in the Exchange organization
˛ With the increasing complexity of government and industry regulations, there’s a greater need for the effi cient management of internal message routing Exchange 2007, or more specifi cally the Hub Transport Server role, includes a new transport rules agent that pro-vides easy and fl exible ways to set rules for internal message routing and content restriction throughout the Exchange organization
˛ Exchange Server 2007 supports both Standard and Premium journaling (the latter
requires Exchange 2007 Enterprise CALs) Standard journaling is similar to the journaling functionality we had in Exchange 2003 since it’s journaling per Mailbox database
Premium journaling is a Hub Transport server feature based on a new journaling agent that can be confi gured to match the specifi c needs of an organization Premium journaling lets you create journal rules for single mailbox recipients or for entire groups within the organization
˛ Send connectors are used to control how Hub Transport servers send messages using SMTP, and how connections are handled with other e-mail servers This means that a Hub
Transport server requires a Send connector in order to deliver messages to the next hop on the way to their destination
˛ A Receive connector only listens for connections that match the settings confi gured
on the respective connector—that is, connections that are received through a specifi c local
IP address and port, and/or from a particular IP address range Receive connectors are local to the Hub Transport server on which they’re created This means a receive connector created on one Hub Transport server cannot be used by another Hub Transport server in the organization
Managing Message Size and Recipient Limits
˛ Like previous versions of Exchange, Exchange 2007 allows you to restrict the size
of messages a user can send and receive The message size limits can be set globally
in the organization, or on a per-server, per-connector, or per-user basis Message
size and recipient limits can only be confi gured using the Exchange
Management Shell
Trang 2Managing the Hub Transport Server Role • Chapter 6 373
Message Tracking with Exchange Server 2007
˛ When message tracking is enabled, the Simple Mail Transfer Protocol (SMTP) transport
activity of all messages transferred to and from an Exchange 2007 computer that has the
Hub Transport, Mailbox, or Edge Transport server role installed are recorded into a log that,
by default, is located in the C:\Program Files\Microsoft\Exchange Server\TransportRoles\ Logs\MessageTracking directory Message tracking logs can be used for message forensics,
mail fl ow analysis, reporting, and troubleshooting
˛ When message tracking is enabled (which is the case, by default), the maximum age for
message tracking log fi les is 30 days After 30 days, the oldest message tracking log fi les are deleted using circular logging
˛ The Message Tracking directory, responsible for holding the message tracking log fi les, has a default size limit of 250 MB
˛ The Message Tracking tool can be found in the Toolbox Work Center
Using the Exchange 2007 Queue Viewer
˛ With the Queue Viewer now an Exchange tool, and thus located under the Toolbox work
center in the Exchange Management Console, you can view information about queues and examine the messages held within them
˛ Exchange Server 2007 uses fi ve different types of queues, and the routing of a
message determines which type of queue a particular message is stored in
˛ With Exchange Server 2007, message queues are stored in the ESE database, unlike previous
versions of Exchange where the messages (.EML fi les) were stored in a queue folder in NTFS
Introduction to the Exchange Mail Flow
Troubleshooter Tool
˛ If you’re experiencing mail fl ow issues in your organization, you can also give the new Exchange Mail Flow Troubleshooter a try It’s used by starting with mail fl ow symptoms and slowly moving customers through the correct troubleshooting path, providing easy access to various data sources required to troubleshoot problems with mail fl ow Based on the collected data, it will present an analysis of the possible root causes and then suggest corrective actions as necessary
Confi guring the Hub Transport Server as an
Internet-facing Transport Server
˛ If you’re an Exchange administrator in a small organization, or if you’re primarily doing
Exchange consulting for small shops, chances are the IT budget may hinder you from
Trang 3deploying an Edge Transport server in the perimeter network when transitioning to Exchange Server 2007 (especially if the environment will only consist of a single Exchange
2007 server) In this case, you can confi gure a Hub Transport server as the Internet-facing transport server in your organization
˛ By default, no anti-spam fi ltering agents are installed on a Hub Transport server (since the Exchange Product group expects you to deploy an Edge Transport server in the perimeter network as a best practice) If you want to use the anti-spam agents on a Hub Transport
server, you can install them by running the install-AntispamAgents.ps1 script located in the
Exchange 2007 \scripts folder, which can be found, by default, under C:\Program Files\ Microsoft\Exchange Server
Trang 4Managing the Hub Transport Server Role • Chapter 6 375
Frequently Asked Questions
Q: What protocol is used when two internal Hub Transport servers exchange messages?
A: Hub Transport servers use secure SMTP when exchanging messages internally They use the industry standard SMTP Transport Layer Security (TLS), so that all traffi c between the Hub Transport servers are authenticated and encrypted This will remove the capability for internal snooping
Q: What protocol is used when a Hub Transport server delivers a message to a mailbox on a
Mailbox server?
A: When a Hub Transport server communicates with a Mailbox server, it’s done using encrypted
RPC Again, this will remove the capability for internal snooping
Q: Is there no way to make use of the Exchange 2007 anti-spam agents if I don’t deploy an Edge
Transport server in my organization’s perimeter network?
A: Yes, you can install the anti-spam agents on a Hub Transport server by running the
install-AntispamAgents.ps1 script located in the Exchange 2007 \scripts folder, found by default
under C:\Program Files\Microsoft\Exchange Server
Q: I’ve deployed Exchange 2007 in my organization, but I cannot receive inbound messages from
the Internet Why?
A: One of the design goals for Exchange 2007 was to be as secure as possible, by default—for
example, the Hub Transport server has been confi gured in such a way that it only accepts
messages from internal Exchange users, Exchange servers, and legacy Exchange servers This
means that the Hub Transport server doesn’t accept inbound messages sent from unauthenticated (untrusted) e-mail servers, which typically are external e-mail servers on the Internet Instead it expects to receive inbound messages from the Internet via an Edge Transport server in the
perimeter network In order to be able to receive inbound messages from e-mail servers on the Internet, you must check to allow Anonymous users, located under the Permission Groups tab on the Default <servername> Receive connector property page
Q: I don’t see any Routing Groups in the Exchange Server 2007 Management Console?
A: Routing groups have been discontinued in Exchange 2007 Instead, Exchange 2007 takes
advantage of the existing site topology in Active Directory
Q: Since a Hub Transport server uses the SMTP protocol to exchange messages with internal transport servers and other e-mail servers on the Internet, I don’t understand why I shouldn’t install the
Windows IIS SMTP component prior to installing the Exchange 2007 Hub Transport server role?
A: Exchange 2007 no longer uses the SMTP protocol stack included with Internet Information
Services (IIS), as was the case with previous versions of the product Instead, the Exchange
Product group has rewritten the SMTP transport stack in managed code, resulting in a much
more stable and secure protocol stack