Professional Documents
Culture Documents
Active Directory
1.
The Mailbox server uses LDAP to access recipient, server, and organization configuration information from
Active Directory.
2.
The store driver on the Hub Transport server places messages from the transport pipeline into the
appropriate mailbox. The store driver on the Hub Transport server also adds messages from a sender's
Outbox on the Mailbox server to the transport pipeline. To learn more about the store driver, see
Understanding Moderated Transport.
Information protection and control policy. Email moderation allows a designated moderator to
manually approve or reject emails before completing delivery.
Email moderation gives you better message delivery control over previous Exchange versions. In Exchange 2003
and 2007 we had Delivery Restrictions. However this only allowed for explicitly setting restrictions on distribution
lists with the options to "Accept messages from", "Reject messages from" or "Require that all users are
authenticated". This effectively equated in whitelisting or blacklisting users from sending to a Distribution List. With
the email moderation feature in Exchange 2010, you can allow everyone to send messages to the list but have
designated moderators monitor and approve/reject messages as necessary. Thus the decision is taken by a human
being rather than being automated through fixed white/black listing settings.
One core consideration you must make when looking at implementing Exchange 2010 in an Exchange 2007
environment is that for email moderation to work, you must ensure that the message hits the Exchange 2010 Hub
Transport role first. Otherwise, if the Exchange 2007 Hub is hit first then the distribution group will be expanded
and sent out to all members bypassing moderation.
Email moderation can be configured on distribution groups, mailboxes and contacts. In this article we will look at
how to configure all of these, as well as the concept of how email moderation actually works.
How it works
At a high level, the concept of how email moderation works is easy. A user sends an email to a moderated entity,
the moderator views and actions it. The fate of the message is decided based on this action - approved messages
are allowed through whereas rejected messages are deleted.
Let's take a closer look at this concept in more detail. This is what happens "under the hood" when a message is
sent to a moderated recipient:
1.
The sender creates a new message and sends it to the moderated group/recipient.
2.
The message is routed to the arbitration mailbox (instead of Exchange expanding the group and sending it
out to the group members straight away).
3.
The message is stored in the arbitration mailbox and an approval request it sent to the moderator.
4.
As part of the approval process, the moderator approves or rejects the messages by using the buttons
provided within the email message itself. The original message in the arbitration mailbox is tagged with
this decision.
5.
If the moderator approved the message, it is re-submitted to the submission queue, and subsequently
delivered to the recipient. On the other hand, if the moderator rejected the message, it will be deleted
from the arbitration mailbox and the sender will be notified accordingly.
From the Exchange Management Console, navigate to Organization Configuration | Hub Transport
2.
In the Transport Rules tab, right click and select New Transport Rule
3.
4.
Select the Conditions under which you want the rule to apply and click Next. In this example I selected
"from people" as the condition and chose Kenneth's mailbox address.
5.
In the Actions page, select either "forward the message to addresses for moderation" or "forward the
message to the sender's manager for moderation". The former allows us to directly specify which users
will act as moderators; the latter identifies the sender's manger as moderator.
6.
On the next page, select any Exceptions to this rule and complete the wizard for the rule to be created.
From the Exchange Management Console, navigate to Recipient Configuration and Distribution Group.
2.
From here, select the Distribution Group you want to configure email moderation on, right click it and
select properties.
Note: If you do not have any Distribution Groups configured, right click on a blank part of the window and
select New Distribution Group - complete the wizard and then proceed to the next step.
3.
From the properties dialog, select the Mail Flow Settings tab and double click Message Moderation.
4.
Tick the option "Messages sent to this group have to be approved by a moderator". Click the first "Add..."
button to identify the group moderators and the second "Add..." button to exclude any users who do not
require message approval (the exceptions).
Note: You can assign multiple group moderators. When you do this, if one moderator takes action, further
action on the message cannot be taken by the other moderator(s). The Approve and Reject buttons will be
disabled and the item will be moved to the deleted items folder.
5.
Finally, select the appropriate moderation notification option from the bottom and click OK.
If you have sufficient rights to do so, you can also configure this from the Exchange Control Panel within OWA:
1.
2.
Click on the Groups node on the left hand pane and select the distribution group from the "Public Groups |
Own" list. Now click Details to bring up the configuration window.
3.
Expand Message Approval and select the configuration options you want before clicking "Save".
Following on from my previous article, Overview of MailTips in Exchange 2010, when configuring a group from the
Outlook Web App you can also set a MailTip that will appear when someone is creating a message to be sent to the
Distribution Group. To create a MailTip, from the group configuration window, expand MailTip and enter the
message you want to be displayed before clicking the "Save" button again.
Sender are notified of this message via a MailTip when creating emails addressed to the distribution group, as
shown below:
Now, with all this set, when an email is sent to the moderated group, the moderator (in this case the
Administrator) receives an email asking for approval or rejection. The moderator can do so by clicking on the
Approve or Reject buttons within the notification email, as shown below:
Note: If moderators are using earlier Outlook versions, their Approve or Reject buttons will appear as voting
buttons.
In the example above, Raymond actually meant to send an email to his colleague in HR Alan but the address was
auto completed to "All Employees" instead. If email moderation hadn't been configured on this group, then
Raymond would have let the entire office know that Tina was about to be terminated from her employment!
Conclusion
In this article we have looked at what email moderation in Exchange 2010 has on offer. I showed you how to
configure email moderation for mailboxes, contacts and distribution groups, and went over the operational aspects
of email moderation. Personally I think this is a very cool addition to Exchange 2010 and will help safeguard your
critical distribution groups.
3.
The Client Access server sends requests from clients to the Mailbox server, and returns data from the
Mailbox server to the clients. The Client Access server also accesses OAB files on the Mailbox server
through NetBIOS file sharing. The types of data that the Client Access server sends between the client and
the Mailbox server include messages, free/busy data, client profile settings, and OAB data.
4.
The Unified Messaging server retrieves e-mail, voice mail messages, and calendar information from the
Mailbox server for Outlook Voice Access. The Unified Messaging server also retrieves storage quota
information from the Mailbox server. To learn more about Outlook Voice Access, see Understanding
Outlook Voice Access.
5.
Outlook clients inside your firewall access the Client Access server to send and retrieve messages.
Outlook clients outside the firewall can access the Client Access server by using Outlook Anywhere (which
uses RPC over HTTP). However, Outlook clients that are viewing or modifying public folders directly access
the Mailbox server by using RPC over TCP. To learn more about Outlook Anywhere, see Understanding
Outlook Anywhere.
6.
The administrator-only computer retrieves Active Directory topology information from the Microsoft
Exchange Active Directory Topology service. It also retrieves e-mail address policy information and
address list information.
7.
The Client Access server uses LDAP or Name Service Provider Interface (NSPI) to contact the
Active Directory server and retrieve users' Active Directory information
We recommend breaking the storage design process into three steps. The following sections provide detailed
information about each of the design steps, including mailbox storage requirements and best practices.
Step 1: Gather Storage Input Requirements
Design factor
Description
Mailbox count
Mailbox
concurrency
Mailbox size
Mailbox usage
profile
E-mail client
types
Server
applications
High
availability
requirements
Note:
The content of each blog and its URL are subject to change without notice. The content within each blog is
provided "AS IS" with no warranties, and confers no rights. Use of included script samples or code is subject
to the terms specified in the Microsoft Terms of Use.
Step 3: Validate Storage for Performance and Reliability
Note:
ESRP-Storage isn't a Microsoft certification, qualification, or logo program.
Important:
The Exchange Jetstress tool should be used on systems prior to placing production data on the server.
Jetstress shouldn't be used on systems containing production data.
Important:
The Exchange Load Generator is intended for use in test environments, not in production environments.
Monitoring Server Storage Health
Monitoring Storage Solution Health
2011 Microsoft. All rights reserved. Terms of Use | Trademarks