Email is not just for people.  It is also used by other services, applications and devices for a multitude of communication scenarios.

Some examples of this are applications that send email reports to users, such as enterprise backup software; devices that offer email capabilities, such as scan-to-email; and applications that receive and parse email messages, such as job ticketing systems.

With these types of requirements it is very common for an Exchange Server environment to host a lot of non-user mailboxes.  In larger environments this can present some challenges.  Each mailbox requires a corresponding user account, which presents some security risks.

And if not tracked and managed properly the number of mailboxes can grow and result in mailboxes that no one knows about or understands the actual purpose for.  This type of mismanagement will crop up at key times such as when migrating to a new Exchange Server, which makes planning and risk management difficult for the project team.

With all of that in mind here are some tips for maintaining a well managed Exchange Server environment for service and application mailboxes.

Only Use a Mailbox When Necessary

This may seem an obvious statement, but a mailbox is usually only required to receive email, not to send it.  For devices and applications that simply need to send out messages over SMTP there is usually no need to create them a dedicated mailbox.

For Meeting Rooms and Equipment Use Those Mailbox Types

Exchange Server 2007 and 2010 come with a dedicated mailbox type for room and equipment facilities.  Using the correct mailbox type ensures that the room or equipment is shown correctly in address lists and calendar appointments.

For more information about these mailbox types check out this three part series on managing Exchange resource mailboxes.

Secure the Mailboxes

When you do create mailboxes for non-user access always set a very strong password, and disable the user object in Active Directory.  When you use the special Room and Equipment mailbox types the account is automatically disabled for you.

The exception to this rule is for applications that need to authenticate with Exchange to function.  This is usually the case with backup products that need an active logon and mailbox to be able to backup the mailbox databases.

Use Descriptive Names and Notes

Two years from now when someone asks “What is this EUK-DRJ-VAR mailbox for?” and there is no one around who knows it is going to cause some headaches and potentially some service downtime if the mailbox is moved or modified.

Always give non-user mailboxes a clear, descriptive name that provides lots of clues as to what it is for.  Each mailbox also has a “Notes” field that can be filled out with as much detail as you like about the purpose of the mailbox.

Keep a Database or Register

Aside from descriptive naming and notes it is wise to keep a separate register of non-user mailboxes for reference over time.  This can provide the maximum detail about the mailboxes and avoid situations in the future where valuable time is wasted investigating mystery mailboxes.

Using just these few simple tips for creating and managing service and application mailboxes will ensure that administrative effort is minimised, services and applications aren’t interrupted unnecessarily, and changes such as migration projects don’t suffer delays.