Exxhange SQL And IIS- P79 pptx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (362.94 KB, 5 trang )
Managing the Hub Transport Server Role • Chapter 6 367
Figure 6.39 List of Available Anti-Spam Agents
Of course, this solution allows all spam messages and other unwanted e-mail to enter your
internal network before it’s fi ltered, but most small shops should be able to live with that. If not, you
might want to consider using a hygiene service such as Exchange Hosted Services (EHS), which
not only provides effi cient anti-spam fi ltering, but also virus protection and other interesting services.
You can read more about EHS at />Changing the SMTP Banner
Something else you might want to do in a scenario where inbound messages are directly routed to a
Hub Transport server is to change the advertised FQDN sent in HELO/EHLO commands in SMTP.
This is done under the General tab of the Default Receive connector property page, as shown in
Figure 6.40.
368 Chapter 6 • Managing the Hub Transport Server Role
Disabling the EdgeSync Service
Since the EdgeSync service on the Hub Transport server isn’t used, when you don’t have an Edge
Transport server deployed in your perimeter network, it’s also a good idea to disable this service
(Figure 6.41) in order to save a few system resources. Just by simply running and not replicating with
an Edge Transport server, this service actually uses a little under 30 MB.
Figure 6.40 The General Tab on the Default Receive Connector Properties Page
Managing the Hub Transport Server Role • Chapter 6 369
Pointing the MX Record
to the Hub Transport Server
The fi nal thing you must do is point your domain’s MX record to the Hub Transport server. This is
done differently depending on your specifi c scenario, but typically you just need to redirect port 25
to the IP address of the Hub Transport server in your fi rewall. If you’re publishing your messaging
environment using an ISA 2006 Server, this is done under the To tab on the Inbound SMTP
properties page, as shown in Figure 6.42.
Figure 6.41 Disabling the EdgeSync Service
370 Chapter 6 • Managing the Hub Transport Server Role
Missed Features
There are a few drawbacks in choosing to have inbound messages go directly to a Hub Transport
server instead of via an Edge Transport server in your perimeter network, as best practices tell us.
Attachment Filter
Although the Hub Transport server does contain some attachment options, you won’t be able to scan
the incoming MIME stream for malicious attachment types, and thereby reject them at the protocol
layer. However, you could get this functionality on a Hub Transport Server by installing an anti-virus
product such as Microsoft Forefront for Exchange Server.
Address Rewrite Agent
You also won’t be able to take advantage of the address rewrite functionality since the Address
Rewrite agent can only be installed on an Edge Transport server. An explanation of this feature is
outside the scope of this chapter. Instead, refer to Chapter 7.
Figure 6.42 Redirect Inbound Mail on an ISA 2006 Server
Managing the Hub Transport Server Role • Chapter 6 371
Summary
In this chapter, we started out taking a brief look at the changes made in regards to message
routing and architecture in Exchange Server 2007. We then went through the confi guration settings
available on the Hub Transport server. Next, we discussed how you can create journaling and
transport rules so your organization can navigate the ever-increasing complexity of government and
industry regulations and compliance demands. We also covered the purpose of Send and Receive
connectors, and how to control message size limits in your organization. In addition, we took a look
at the different transport server–related tools such as Message Tracking, the Queue Viewer, and the
Exchange Mail Flow Troubleshooter tools. Finally, we went through the steps necessary to confi gure a
Hub Transport server as the Internet-facing transport server in your organization.
Solutions Fast Track
Message Transport and Routing Architecture
in Exchange 2007
˛ A lot has changed in regards to transport and routing architecture in Exchange Server 2007.
First, Exchange no longer uses the SMTP protocol stack included with Internet
Information Services (IIS), as was the case with previous versions of the product. Instead,
the Exchange Product group has rewritten the SMTP transport stack in managed code,
resulting in a much more stable and secure protocol stack.
˛ The new SMTP transport stack is now known as the Microsoft Exchange Transport service
(MSExchangeTransport.exe), and because it’s no longer dependent on IIS, it is not located
within IIS Manager.
˛ With Exchange Server 2007, the Exchange routing topology is no longer based on separate
Exchange routing groups. Instead Exchange 2007 takes advantage of the existing site
topology in Active Directory. Because Exchange 2007 is now dependent on Active Directory
sites—that is, Hub Transport servers use Active Directory sites as well as the cost assigned to
the Active Directory IP site link to determine the least-cost routing path to other Hub
Transport servers within the organization—all sites containing one or more Mailbox servers
must also have at least one Hub Transport server.
˛ Bear in mind that Mailbox and Hub Transport servers use RPC as the basis of communication,
but that two Hub Transport servers use SMTP/TLS when exchanging messages.
˛ Exchange Server 2007 is no longer dependent on Link State updates.
Managing the Hub Transport Server
˛ All organizationwide Hub Transport settings are stored in Active Directory. This means that
any modifi cations or confi guration settings, except Receive connector specifi c settings, are
refl ected on all Hub Transport servers in the organization.
