Viral Rathod Exchange Server 2016 Blog

Microsoft Exchange Server Blog

  • Click here to Register for Experts-Exchange Account

  • My Experts Exchange Profile

  • Disclaimer

    All information is provided "AS IS" with no warranties, and confer no rights, and as such you perform at your own risk.

    NOTE: You should always make a backup of your server or export the registry before making any changes to it.

Edge Transport

Edge Transport Server Role

This part includes all the information about Edge Transport Server Role options introduced in Exchange Server 2007.

please, Leave your comments on this….

1. What is Edge Transport Server?

The Edge Transport Server Role is to transfer mails from inside of your organization to the outside world. This role installed on the edge of your network (perimeter Network). Main purpose is to prevent your exchange server from all kinds of Attack. Must have ports 25 (SMTP) and 50636 (LDAPS) open from it to the hub transport server on the internal LAN.  Port 25 is to send mail in.  Port 50636 is to replicate the Exchange information that it needs, such as changes to users’ safe and blocked senders lists

Edge Transport Server Role placed on the Edge of the Network, functionalities includes virus and spam blocking, perform antivirus and anti spam filtering, and route the messages internal Exchange organization to external web.

2. Explain the Message flow from Edge Transport Server to Hub Transport Server?

The flow of messages in an Exchange 2007 environment with Edge Transport Server to the inside organization by the following ways

  1. An incoming message from the Internet first goes to the Edge Transport server.
  2. The Edge Transport server performs first-level recipient validation as well as spam and virus filtering. The message is then passed on to the Hub Transport server.
  3. The Hub Transport server performs compliance content assessment and then looks at the internal routing for messages and forwards the message to another Hub Transport server or directly to a Mailbox server.
  4. The Mailbox server places the incoming message into the user’s mailbox and notifies the user that a message has arrived.
  5. The user launches Outlook, OWA, their Windows Mobile device, or another client System and connects to the Client Access server. The Client Access server confirms the destination point of the user’s mailbox and provides the user access to their mailbox data.
  6. In parallel, if a voice mail message comes in for a user, the Unified Messaging server processes the incoming voice message, and then takes the message and places the voice message into the user’s mailbox residing on the Mailbox server for the recipient.

3. What are the planning considerations to install Edge Transport Server Role?

  • Edge Transport Should not be included in Active Directory
  • Should be installed in a Standalone Server
  • Edge Transport Should not be Part of the domain
  • ADAM Should be installed
  • Pre requisites .Net framework, Windows Management Shell, MMC 3.0 to be installed
  • Two networks cards

4. What are the important considerations to install Edge Transport Server?

  • Edge transport Server is not required for small organization; Hub Transport Server will function as Edge Transport Server
  • Edge Transport Server Role should not be a member of the Active Directory
  • ADAM stores the configuration of Active Directory for Edge Transport Server
  • Edge Synchronization to connect Hub Transport Server and Edge Transport Server
  • Security Configuration Wizard, Important ports to be opened, Port 25, 50389, 50636

5. What are the options available in Edge transport Server to configure?

  1. Anti Spam / Anti Virus
  2. Transport Rules and Accepted Domain
  3. Address Rewriting

6. What are the Port setting to be done between Edge Transport Server and Hub Transport Server?

Protocols and Port setting

The following ports are opened through SCW

Port 25 – Should be opened both internally and externally, mails flow takes place with this port

Internal Port setting (Edge Transport Server to Hub Transport Server)

Port 50389 – LDAP local connection to ADAM in Edge Transport Server

Port 50686 – SLDAP (Secure Light weight Directory Access Protocol) Edge Sync Synchronization

Port 3389 – RDP optional

7. What is Edge Sync?

Edge Sync – it’s a one way replication from Hub Transport Server to Edge Transport Server, while Edge Sync happens the recipient configuration will be replicated from Active Directory to ADAM in Edge Transport Server

8. How to establish Edge Sync?

Edge sync can be established by

  1. Create a Edge Subscription file from Edge Transport Server ( XML file)

New-EdgeSubscription –file “c:\edge.xml, after entering this command it will ask for confirmation type “Y”

2. Move the file to Hub Transport Server  – by using a pen drive or portable media.

  1. Subscribe the file in Hub Transport Server

9. What are the settings available with Edge Transport Server?

With Edge Transport Server we can have the following configuration

  1. Anti Spam / Anti Virus
  2. Transport Rule, Accepted Domain and Email Address Policies
  3. Address Rewriting

10. What are the post installation tasks to be done in edge Transport Server?

Following are the post installation tasks that we have to do

Post Master Mailbox – create a New Post Master Mailbox which is used to receive the Non delivery reports, Postmaster can be in Edge Transport Server and also in Edge Transport Server

DNS Setting – DNS setting is the most important setting for internal and external mail flow

Internal DNS – Host record for the Edge transport server has to be created

External DNS – MX Record pointing towards Edge Transport Server should be configured

11. Hot to create a post master Mailbox?

To create a Postmaster mailbox – (Set-TransportServer “server Name “ –Externalpostmaster Address “ Mail Address” After Creating a new email address for Postmaster and running the same command Get-Transport Server will shows the postmaster Mail Address

12. What is Viruses or Trojan horse messages?

Viruses have existed in the computer world long before the first email message was sent. However, just as email provides users with an easy method of communication, it also is an extremely efficient method of spreading malicious or troublesome code. Once considered the largest problem that email administrators had to face, viruses have been combated by an entire industry devoted to their prevention.

13. What is Spam?

The proliferation of unsolicited messages, often referred to as “spam” mail, has truly become the bane of the messaging world with recent estimates stating that spam accounts for 85%–90% of the messaging traffic on the Internet today. These unsolicited, usually unwanted, and often offensive advertisements cost companies and users billions of dollars annually in lost time and productivity. Unfortunately, because sending bulk messages to thousands (or millions) of recipients can be accomplished with very little expense, offending companies do not need a large response to maintain profitability. It is sad to note that as long as this method of advertising is profitable and effective, spam will be with us to stay. Fortunately, Exchange 2007 has several features to help alleviate the problem.

14. What is Address spoofing?

One tool that is commonly used by the distributors of both viruses and spam is known as address spoofing. By changing the From line in a Simple Mail Transfer Protocol (SMTP) message, users can often be fooled into opening a message that they think is from a friend or co-worker, only to find that the message originated somewhere else entirely. This method has been especially effective in the distribution of email worms. Because the message appears to come from a known associate, and often has an intriguing Subject line, the unwitting recipient opens the message and, if not properly protected, becomes a distributor of the virus to others.

15. What is Phishing?

Over the past several years, a relatively new type of fraudulent email has emerged. Known as phishing, this attack comes in the form of an official looking email message, often appearing to be from a reputable organization, such as a credit card company or a large electronics retailer. The message usually contains a link that, once clicked, brings up an official looking website—often an exact replica of the official site that is being mimicked. However, the fraudulent site has one purpose, to fool you into giving away personal information, such as passwords, credit card numbers, or Social Security numbers. With this information in hand, the offending party can steal your identity, make charges to your credit card, or otherwise profit from your loss.

16. What is Address Rewriting?

Address Rewriting Agent runs in Edge Transport Server. The main purpose of Edge Transport Server is to rewrite the Address the address to some other address. This plays an important role, consider if there are 5 Sub domain inside a forest and the entire sub domain want send mail outside with a unique address space.

17. How to create an Address Rewriting?

To create a New Address Rewrite Entry, ( New-AddressRrewriteEntry – Name “ Internal to External” – InternalAdress – “Name” ExternalAddress –“name of the external address”

18. What happen if mails come into exchange server?

Once the mail comes into the exchange server it writes the mails as transactional logs and also the same in system memory simultaneously. What the transactional log will do in the sense, it will hold the mails for a while until the mailbox database is freed up. The transactional logs are 1 MB in size and if the mail comes with size of 5 MB, the transaction log will first write the 1Mb log and creates a another transactional log, it will write the log files until the mails have completed.

19. What are the available Anti spam and Antivirus feature in Edge Transport Server?

  • · Anti-Spam Stamps
  • · Attachment Filtering
  • · Connection Filtering
  • · Content Filtering
  • · Recipient Filtering
  • · Sender Filtering
  • · Sender ID
  • · Sender Reputation
  • · Safelist Aggregation
  • · Spam Quarantine

20. What is connection filtering?

The Connection Filter agent is an anti-spam agent that is enabled on computers that have the Microsoft Exchange Server 2007 Edge Transport server role installed. The Connection Filter agent relies on the IP address of the remote server that is trying to connect to determine what action, if any, to take on an inbound message. The remote IP address is available to the Connection Filter agent as a by-product of the underlying TCP/IP connection that is required for the Simple Mail Transfer Protocol (SMTP) session. Because the Connection Filter agent must evaluate the IP address of the remote server that is sending the message to be effective, the Connection Filter agent is typically enabled on the Internet-facing Edge Transport server

The Connection Filter agent compares the IP address of the server that is sending a message to any of the following data stores of IP addresses:

  • Administrator-defined IP Allow lists and IP Block lists
  • IP Block List providers
  • IP Allow List providers

21. What is recipient filtering agent?

The Recipient Filter agent relies on the RCPT TO Simple Mail Transfer Protocol (SMTP) header to determine what action, if any, to take on an inbound message.

When you configure anti-spam agents on an Edge Transport server, the agents act on messages cumulatively to reduce the number of unsolicited messages that enter the organization

22. What is sender filtering?

The Sender Filter agent relies on the MAIL FROM: Simple Mail Transfer Protocol (SMTP) header to determine what action, if any, to take on an inbound e-mail message.

When you configure anti-spam filters on an Edge Transport server, the filters act on messages cumulatively to reduce the number of unsolicited messages that enter the enterprise

23. What is sender ID filtering?

The Sender ID agent relies on the RECEIVED Simple Mail Transfer Protocol (SMTP) header and a query to the sending system’s domain name system (DNS) service to determine what action, if any, to take on an inbound message.

24. What is sender reputation?

Sender Reputation is anti-spam functionality that is enabled on computers that have the Microsoft Exchange Server 2007 Edge Transport server role installed to block messages according to many characteristics of the sender. Sender reputation relies on persisted data about the sender to determine what action, if any, to take on an inbound message.

25. What is safe list aggregation?

The term safelist aggregation refers to a set of anti-spam functionality that is shared across Microsoft Office Outlook and Exchange. This functionality collects data from the anti-spam Safe Recipients Lists or Safe Senders Lists and contact data that Outlook users configure and makes this data available to the anti-spam agents on the computer that has the Edge Transport server role installed. Safelist aggregation can help reduce the instances of false-positives in anti-spam filtering that is performed by the Edge Transport server

26. What is spam quarantine?

Many organizations are bound by legal or regulatory requirements to preserve or deliver all legitimate e-mail messages. In Microsoft Exchange Server 2007, spam quarantine is a feature of the Content Filter agent that reduces the risk of losing legitimate messages. Spam quarantine provides a temporary storage location for messages that are identified as spam and that should not be delivered to a user mailbox inside the organization

27. What is attachment filtering?

Attachment filtering lets you apply filters at the server level to control the attachments that users receive. Attachment filtering is increasingly important in today’s environment, where many attachments contain harmful viruses or inappropriate material that may cause significant damage to the user’s computer or to the organization as a whole by damaging important documentation or releasing sensitive information to the public.

Test-EdgeSynchronization

  • Set-SendConnector
  • New-SendConnector
  • Remove-SendConnector
  • New-AcceptedDomain
  • Set-AcceptedDomain
  • Remove-AcceptedDomain
  • New-MessageClassification
  • Set-MessageClassification
  • Remove-MessageClassification
  • New-RemoteDomain
  • Set-RemoteDomain
  • Remove-RemoteDomain
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: