Exchange Server 2010 has similar capabilities to Exchange Server 2007 when it comes to adding disclaimers to emails sent by end users.

However two improvements have been made in Exchange Server 2010 – the ability to use HTML to format the text, and the ability to insert Active Directory attributes into the text.

These new capabilities make it very easy to add a standardised email signature and disclaimer to all emails sent in the organization.

For this to work the desired Active Directory attributes need to be populated on the user account objects.  Attributes that would commonly be used in email signatures include the person’s name, job title, phone number, and street address.

You can view and edit these attributes in the properties of the mailbox or user account.

When the user accounts are populated with the necessary attributes you can proceed with the creation of the Transport Rule that will add the signature and disclaimer. Continue reading How to Add Automatic Email Signatures and Disclaimers with Exchange 2010

Most Exchange Server environments will grow beyond their original sizing.  Sometimes this growth has been accounted for in the design, and sometimes it is not.  In either case the question to ask as the user base increases is whether to scale up or scale out.

What do each of those terms mean?  An example of scaling up would be increasing the capacity of a server to handle higher loads.  An example of scaling out would be adding new servers to spread the higher load across more hosts.

Each approach has its pros and cons in the context of the different Exchange Server roles.  In this post I’ll discuss the Exchange Server 2007 Transport server roles and the different scaling considerations that they have.

Edge Transport/Hub Transport Servers

The role of the Edge Transport server is to route incoming and outgoing internet email while applying security and compliance rules to messages.  The role of the Hub Transport is basically the same though it is also responsible for routing emails between internal mailboxes as well.

The Transport Server workload relies primarily on fast CPUs to assess and process each email message against these rules, and fast disks for reading and writing messages to the transport queue.

Processor Scaling

Scaling up with more CPU cores to handle higher workloads is appropriate; however, there is a practical limit of 4 CPU cores per Edge Transport server and 8 cores per Hub Transport server.  This is an obvious “scale out” threshold for this server role – if the server is already at the maximum number of cores and CPU is showing signs of a performance bottleneck then it is time to look at scaling out to more Transport servers.

Disk Scaling

Disk performance is slightly different.  Each Transport server has a transport queue, which is a location on the disk in which emails are read and written in a database.  Emails are only temporarily stored in this queue, and large capacity disks are quite cheap and common in servers these days, so disk space is not likely to be a problem for the volume hosting the transport queue. Continue reading Scaling Up vs Scaling Out Exchange Server 2007 Roles Part 1 – Transport Servers

Exchange Server 2007 introduced new terminology for describing the domain names that it will accept email for, and what it will do with that email.  This is referred to in Exchange Server 2007 as Accepted Domains.

In Microsoft’s own words, “an accepted domain is any Simple Mail Transfer Protocol (SMTP) namespace for which a Microsoft Exchange organization sends or receives e-mail.”

Accepted Domains fall into one of 3 categories – Authoritative, Internal Relay, and External Relay.  Any given namespace that is an Accepted Domain can be only one of those three types.

Authoritative Domains

Authoritative Domains are those for which an Exchange organization hosts mailboxes that have email addresses that use that domain.

For example, a company named Contoso Pty Ltd may own the domain name contoso.com and use email addresses of name@contoso.com.  The Exchange organization would be configured to consider contoso.com an Authoritative Domain.

An organization can have more than one Authoritative Domain configured.  Using Contoso Pty Ltd as an example again, they may have a second brand name of Contoso Services and use the contososervices.com domain name in marketing materials.  In this case the Exchange organization would be configured with both contoso.com and contososervices.com as Authoritative Domains.

Internal Relay Domains

Internal Relay domains are those for which an Exchange organization hosts some, but not all of the mailboxes that use that domain.  This scenario is sometimes also referred to as a “shared SMTP namespace”.

Internal Relay domains are common when two companies have merged but are yet to consolidate their Exchange environment into a single organization.  When they have a need for consistent email addressing across both Exchange environments Internal Relay domains are the solution. Continue reading Understanding Exchange Server Accepted Domains

A few months ago I wrote about the challenges that email administrators face when asked to protect email distribution groups from spam and other unwanted emails.

I presented three options for protecting lists, each of which carried pros and cons.  Ultimately the best defense against spam to distribution lists is effective anti-spam filtering.

However anti-spam protection does not deal with mail that is not necessarily spam, but may be unwanted.  For example, a company’s “All Staff” email list may be available for use by anyone within certain guidelines, and the company wants each email checked first before they are sent to everyone to make sure inappropriate usage does not occur.

Exchange Server 2010 solves this problem for customers with a new feature called Moderated Transport.  Moderated Transport, or Email Moderation as most people will probably refer to it, is the capability to set certain recipients (either mailboxes or distribution groups) as a “moderated recipient” and designate one or more moderators who is responsible for deciding whether emails are delivered to that recipient or not. Continue reading Protecting Distribution Groups with Exchange Server 2010 Email Moderation

Let’s be clear about this before we go any further – yes you could use these techniques to spy on your staff, and yes at face value it may seem as though these techniques serve no purpose other than to spy on staff.  But the reality is that what I’m about to describe can be used quite legitimately within a business for purposes other than outright spying.

There are two features of Exchange Server 2007 that can be used for this – Journaling and Transport Rules.

Exchange Server 2007 Journaling

The best way to think of Journaling is that it is a way to make a copy of emails that match certain sender or recipient conditions.  Typically this is done for regulatory compliance purposes, such as a legal requirement to retain copies of all email received by a government department for Freedom of Information purposes.

When an email is “journaled” it is simply copied to another mailbox.  Basic Journaling will copy all emails sent to and from recipients on a mailbox database to a specified journal mailbox, whereas Premium Journaling allows some more granular control such as per-recipient journaling rules, but the concept remains essentially the same.

A genuine application of Premium Journaling might be to journal all emails sent to or from a customer service email address so that all such communications are kept on record.

Exchange Server 2007 Transport Rules

Transport Rules can be used to achieve the same outcome as Journaling however they have a lot more features available and offer much more granularity.  For example you can use Transport Rules to add disclaimers to emails in Exchange, or block confidential emails.

You can also use Transport Rules as a kind of internal email filtering for inappropriate content.  This would be useful for policing acceptable usage policies.  By configuring a Transport Rule that detects certain words and blind copies any such email to a HR mailbox for inspection an organization might detect and avoid harassment issues within the organization. Continue reading How to Spy on Your Staff with Exchange Server 2007

Exchange Server 2007 provides the capability to append a text disclaimer to any email message.  This capability is provided by the Transport Rules feature of the Hub Transport Server.  Email disclaimers are required by some businesses to notify recipients of such matters as copyright, confidentiality, or liability of a sent email.

Transport Rules are configured to perform certain actions on any email message that matches the criteria of the rule.  For example a Transport Rule can be configured to blind copy all emails sent to a certain person to another person.   For email disclaimers the Transport Rule is simply configured to append the text disclaimer to any message sent to an external recipient by using these steps. Continue reading How to Configure Email Disclaimers in Exchange Server 2007

In Part 1 of this series I discussed backup and recovery for each of the Exchange Server 2007 server roles and associated systems such as Active Directory.  In Part 2 I then described the process of backing up and recovering a Mailbox Server from the loss of a mailbox database.  In this part of the series I will demonstrate backup and recovery of the Hub Transport Server and Edge Transport Server roles.

Backing up Transport Servers

Unlike Mailbox Servers, the Hub Transport and Edge Transport roles do not require any special Exchange-aware backup software.  All of the necessary data for recovering a Transport server is contained within:

• Active Directory (for Hub Transport servers, but not Edge Transport servers)
• The Active Directory Application Mode (ADAM) database (for Edge Transport servers)
• The server’s file system
• The server’s System State

Hub Transport servers can be backed up using the built in Backup utility in Windows Server.  At the very least the backup should include the System State and the C:\Program Files\Microsoft\Exchange Server\TransportRoles location of the file system (and all sub directories).

Edge Transport servers are backed up in the same way as Hub Transport servers except for the Exchange Server configuration.  Because this is stored in ADAM it must first be cloned using the Export-EdgeConfig.ps1 script located in C:\Program Files\Microsoft\Exchange Server\Scripts.  Execute the script with the name of the file you wish to export to. Note this is a single command run on one line in the Exchange Management Shell.

export-edgeconfig.ps1 c:\edgeconfig.xml
 -key "abcdefghijklmnop"

It is recommended to either include this config file in your Edge Transport backups or use a path that is a shared folder on a remote server.

Recovering Hub Transport Servers

In this scenario the EXCHHUB server has been lost due to hardware failure.  Spare server hardware has been used to reinstall Windows Server 2003 along with the Exchange Server 2007 pre-requisites.  The newly built server has the same name and IP address of EXCHHUB.  Now we can begin the recovery of the Hub Transport server.
Continue reading Exchange Server 2007 Backup and Recovery Part 3 – Transport Servers