Presentation is loading. Please wait.

Presentation is loading. Please wait.

Planning and Configuring Message Transport

Similar presentations


Presentation on theme: "Planning and Configuring Message Transport"— Presentation transcript:

1 Planning and Configuring Message Transport
20341B 8: Planning and Configuring Message Transport Presentation: 105 minutes Lab: 45 minutes After completing this module, the students will be able to: Describe message transport in Exchange Server 2013. Plan and configure message transport. Manage transport rules. Required materials To teach this module, you need the Microsoft® Office PowerPoint® file 20341B_08.pptx. Important: We recommend that you use Office PowerPoint 2007 or a newer version to display the slides for this course. If you use PowerPoint Viewer or an earlier version of Office PowerPoint, all of the features of the slides might not display correctly. Preparation tasks To prepare for this module: Read all of the materials for this module. Practice performing the demonstrations. Practice performing the labs. Work through the Module Review and Takeaways section, and determine how you will use this section to reinforce student learning and promote knowledge transfer to on-the-job performance. As you prepare for this class, it is imperative that you complete the labs yourself so that you understand how they work and the concepts that are covered in each. This will allow you to provide meaningful hints to students who may experience difficulties in a lab. It also will help guide your lecture to ensure that you cover the concepts that the labs cover. Module 8 Planning and Configuring Message Transport

2 Managing Transport Rules
20341B Module Overview 8: Planning and Configuring Message Transport Managing Transport Rules

3 Lesson 1: Overview of Message Transport and Routing
20341B Lesson 1: Overview of Message Transport and Routing 8: Planning and Configuring Message Transport What Are Transport Agents? This lesson provides in-depth information on how message transport works in Exchange Server Prepare to spend enough time to explain how all of the components work together to enable message transport. If some of the students have previous Exchange server experience, try to provide an analogy to the Hub/Edge Transport concept.

4 Message Transport Services
20341B Message Transport Services 8: Planning and Configuring Message Transport Message Transport Services: Front End Transport service Runs on the Client Access server role Performs SMTP proxying Hub Transport service Runs on the Mailbox Server role Routes messages between the Front End Transport Service and the Mailbox Transport Service Mailbox Transport service Consists of two components: Mailbox Transport Submission and Mailbox Transport Delivery Is the only service that handles RPC communication with the database It is critical that you explain how message transport works in Exchange Server 2013, and which components participate in message transport. If some of the students do not have previous Exchange experience, you can teach this topic from the beginning. However, if your students have Exchange Server or Exchange Server 2010 experience, be sure to compare message transport in Exchange Server with the Hub Transport server role in Exchange Server 2007 and Exchange Server 2010.

5 Message Transport Components
20341B Message Transport Components 8: Planning and Configuring Message Transport This is the key topic in this entire lesson. You should describe the function of each component that participates in the message-routing process, and also describe how the process works. Be prepared to spend enough time on this topic, as it is very important that the students fully understand the components and principles of message transport.

6 Message-Routing Changes in Exchange Server 2013
20341B Message-Routing Changes in Exchange Server 2013 8: Planning and Configuring Message Transport Changes in message routing in Exchange 2013 are: Routing is aware of DAGs Transport service runs on Mailbox Server Queuing for remote destinations is more precise Linked connectors have been deprecated Discuss the changes in message routing in Exchange Server Emphasize the importance of routing being aware of DAGs. Also explain how the Transport service on the Mailbox server works.

7 Routing Destinations and Delivery Groups
20341B Routing Destinations and Delivery Groups 8: Planning and Configuring Message Transport Routing destinations: Mailbox database Connector Distribution group expansion server Delivery Groups: Routable DAG Mailbox delivery group Connector source servers AD DS site Server list Make sure that the students understand the difference between routing destinations and delivery groups. These terms may not be familiar to most of the students. Be sure to spend enough time to describe them.

8 Mail Flow in Exchange Server 2013
20341B Mail Flow in Exchange Server 2013 8: Planning and Configuring Message Transport SMTP Traffic SMTP Discuss how mailflow in Exchange Server 2013 works. Be sure to emphasize the flow in cases when destination is Mailbox delivery group and when the destination is routable DAG.

9 Routing in the Front End Transport Service
20341B Routing in the Front End Transport Service 8: Planning and Configuring Message Transport Front End Transport Service acts as a SMTP proxy for all incoming and outgoing connections It communicates only with Hub Transport service on the Mailbox server You can use the following delivery groups: Routable DAG Mailbox delivery group AD DS site The purpose of this topic is to discuss the Front End Transport service. Emphasize that the Front End Transport service is a thin proxy for all SMTP traffic that communicates only with the Hub Transport server.

10 Routing in the Mailbox Transport Service
8: Planning and Configuring Message Transport Mailbox Transport service: Is stateless and runs on each Mailbox server Communicates with the Hub Transport service and the local mailbox database You can use following delivery groups: Routable DAG Mailbox delivery group AD DS site Discuss the routing in the Mailbox Transport service. Explain how routing works. Also emphasize the communication that occurs with RPC and when you use SMTP.

11 Modifying the Default Message Flow
20341B Modifying the Default Message Flow 8: Planning and Configuring Message Transport You can modify default message flow by performing the following: Configuring Hub Sites Set-ADSite –Identity sitename –HubSiteEnabled $true cmdlet Configuring Exchange-Specific Routing Costs Set-AdSiteLink –Identity ADsitelinkname –ExchangeCost value Configuring Expansion Servers for Distribution Groups Discuss how you can modify the default message flow. First, explain how Exchange Server calculates the least-cost routing path. Also briefly describe the difference between Exchange Server and Exchange Server 2013 in how they calculate this path.

12 Tools for Troubleshooting SMTP Message Delivery
8: Planning and Configuring Message Transport Queue Viewer Use to view and manage undelivered messages Tracking logs and Delivery reports Use to confirm message delivery Protocol Logging Use to provide detailed protocol-level information Telnet Use to check if the SMTP port responds, or to directly send a SMTP mail to a connector Remote Connectivity Analyzer website Use to test connectivity to Exchange services from the Internet Describe and discuss the tools available for SMTP traffic troubleshooting.

13 Demonstration: How to Troubleshoot SMTP Message Delivery
8: Planning and Configuring Message Transport In this demonstration, you will see how to use SMTP troubleshooting tools Leave the virtual machines running for the subsequent demonstrations. Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1, and 20341B-LON- CAS1 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Start 20341B-LON-CL1. Do not sign in until directed to do so. Important: Ensure that you start your virtual machines at least ten minutes prior to conducting the demonstration. Demonstration Steps On LON-DC1, open Windows PowerShell from the task bar. Explain that you will use Telnet to check if the Exchange Server responds correctly. At the command prompt, type Telnet LON-MBX1 SMTP, and then press Enter. When the Exchange server responds, explain to the students that the connection is working, and that the server responds to the request. That means that there is no firewall problem. You also can tell the students that if the response does not include the information shown, something is wrong. Most likely, it is either a firewall issue or the possibility that the Microsoft Exchange Transport service is not started on the Exchange server. At the command prompt, type helo, and then press Enter. At the command prompt, type help, and then press Enter. Explain that the students can see the services that the Exchange Server offers. For example, the STARTTLS indicates that Transport Layer Security (TLS) is available for secure communication. Type mail from: and press Enter. After you press Enter, the connection is lost, and you receive a “Client not authenticated” message. This means that the Exchange Server expects authentication before it is able to send messages, and that anonymous users are not enabled for this receive connector. (More notes on the next slide)

14 What Are Transport Agents?
20341B What Are Transport Agents? 8: Planning and Configuring Message Transport Transport agents process messages that pass through the transport pipeline Default Transport agents: Transport Rule agent Journaling agent Active Directory Rights Management Services Prelicensing agent It is possible to create and install custom transport agents Explain transport agents and the scenarios in which you should use them. Also discuss the default transport agents included in Exchange Server 2013.

15 Lesson 2: Planning and Configuring Message Transport
20341B Lesson 2: Planning and Configuring Message Transport 8: Planning and Configuring Message Transport Planning Exchange Messaging Transport Demonstration: Reviewing Mail-Flow Settings Planning Accepted Domains and Remote Domains Demonstration: Creating and Configuring Accepted and Remote Domains What Is an SMTP Connector? Demonstration: How to Create and Configure SMTP Connectors What Are Foreign Connections?

16 Planning Exchange Messaging Transport
20341B Planning Exchange Messaging Transport 8: Planning and Configuring Message Transport You can manage message transport on: Client Access server Mailbox server Edge Transport server Non-Microsoft SMTP Gateway When planning message transport consider: domains Point that initially accepts SMTP connections SMTP traffic inspection SMTP relaying needs SMTP traffic inside your organization Secure SMTP traffic Communicate with systems that does not use SMTP Identify the points where SMTP traffic can be managed in the Exchange Server 2013 infrastructure. Ask the students how they currently manage their SMTP traffic. After that, discuss considerations for message transport planning by reviewing the points listed on the slide, or by asking questions from the student handbook. We recommend that you cover this topic as discussion based.

17 Demonstration: Reviewing Mail-Flow Settings
20341B Demonstration: Reviewing Mail-Flow Settings 8: Planning and Configuring Message Transport In this demonstration, you will see available options for managing message flow Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1, 20341B-LON- CAS1, and 20341B-LON-CAS2 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Start 20341B-LON-CL1. Do not sign in until directed to do so. Demonstration Steps On LON-CAS1, switch to Internet Explorer. In the EAC, click on mail flow in the feature pane. Click on the rules tab. Explain to the students that this is where you can create transport rules that are applied on messages during their transport between senders and recipients. Click on the delivery reports tab. Explain that here you can perform message tracking by searching a specific mailbox, or searching by sender, recipient, or keyword. Also explain that a similar interface is available to users in Microsoft® Outlook Web App. Click on the accepted domains tab. Click on Adatum.com, and click Edit. In the Adatum.com window, show that this domain is added by default as an authoritative domain. Click cancel. Click on the address policies tab. Click on Default Policy, and then click Edit. In Address Policy window, click address format. in the list, and show how the address is constructed for users in Adatum.com. Click cancel two times. Click on the receive connectors tab. Explain that here you can configure receive connectors for incoming SMTP traffic. Also show the connectors that are created by default. Click on the send connectors tab. Explain that this is where you create SMTP connectors for outgoing SMTP traffic. Leave the EAC open. Instructor Note: Leave the virtual machines running for the subsequent demonstration.

18 Planning Accepted Domains and Remote Domains
20341B Planning Accepted Domains and Remote Domains 8: Planning and Configuring Message Transport Accepted domains define SMTP domain names for which the Exchange server will accept Accepted domains can be: Authoritative domains Internal relay domains External relay domains Remote domains define SMTP domains that are external to your Exchange organization You can set following properties for Remote domains: Out-of-office message delivery Message format options including acceptable character sets Explain accepted domains and which types of accepted domains exist. Point out the difference among these three types, especially between internal and external relay domains. Also introduce remote domains and explain their purpose. Note that you can create new accepted domains in the EAC, but you must use Exchange Management Shell to create and manage remote domains.

19 Demonstration: Creating and Configuring Accepted and Remote Domains
20341B Demonstration: Creating and Configuring Accepted and Remote Domains 8: Planning and Configuring Message Transport In this demonstration, you will see how to create new accepted and remote domains Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1 and 20341B-LON- CAS1 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Start 20341B-LON-CL1. Do not sign in until directed to do so. Demonstration Steps On LON-CAS1, in the EAC, click mail flow in feature pane. Click on the accepted domains tab. Click New. In the new accepted domain window, in the Name box, type adatum.local, and in the Accepted domain box, type adatum.local. Select Internal relay domain. Click save. On LON-CAS1, click to the Start screen, and then open Exchange Management Shell. In the Exchange Management Shell window, type Get-RemoteDomain, and press Enter. Ensure that you have only one remote domain with DomainName “*”. Explain that this covers all domains. Type New-RemoteDomain –DomainName Contoso.com –Name Contoso, and press Enter. Type Get-RemoteDomain –Identity Contoso | FL, and press Enter. Review the settings for the Contoso remote domain. Type Set-RemoteDomain –identity Contoso –AutoForwardEnabled $false – DeliveryReportEnabled $false, and press Enter. Ensure that you changed settings for AutoForward and DeliveryReport. Leave Exchange Management Shell open for the next demonstration. Instructor Note: Leave all virtual machines running.

20 What Is an SMTP Connector?
20341B What Is an SMTP Connector? 8: Planning and Configuring Message Transport SMTP connectors are Exchange Server components that support one-way SMTP connections Default SMTP Receive connectors: Default <server name> (HubTransport) Client Proxy <server name> (HubTransport) Default FrontEnd <server name> (FrontendTransport) Outbound Proxy Front End <server name> (FrontendTransport) Client Frontend <server name> (FrontendTransport) No default SMTP Send connectors are created, so they must be created manually This is a very important topic. Ensure that all of the students understand what SMTP connectors are. Also define Send and Receive connectors, and then discuss the default connectors created on the Client Access server and Mailbox server.

21 Demonstration: How to Create and Configure SMTP Connectors
20341B Demonstration: How to Create and Configure SMTP Connectors 8: Planning and Configuring Message Transport In this demonstration, you will see how to create and configure SMTP connectors Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1 and 20341B-LON-CAS1 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Start 20341B-LON-CL1. Do not sign in until directed to do so. Demonstration Steps On LON-CAS1 server, switch to the Exchange Management Shell. Type the following command: New-SendConnector –Name “Send to Internet” –AddressSpace * -SourceTransportServers LON-MBX1, and press Enter. Explain to the students that this creates a connector to send messages to the Internet. On LON-CAS1, switch to the EAC. In mail flow, click on the send connectors tab. Ensure that the connector is created, and then select it and click Edit. Show options that are configured on this protocol. Point out that proxy through Client Access server is not selected. Switch to Exchange Management Shell. Type the following: $CredentialObject = Get-Credential, and press Enter. Windows PowerShell Credential windows will appear. Type Administrator for the user name, and Pa$$w0rd for the password. Then click OK. In Exchange Management Shell, type: New-SendConnector –Name “Secure to Contoso” –AddressSpace contoso.com – DNSRoutingEnabled $false –AuthenticationCredential $CredentialObject –SmartHosts –SmartHostAuthMechanism BasicAuth, and press Enter. Switch to the EAC, navigate to mail flow, click Send connectors, click refresh, and then select the Secure to Contoso connector. Click Edit. (More notes on the next slide)

22 What Are Foreign Connectors?
20341B What Are Foreign Connectors? 8: Planning and Configuring Message Transport To send messages to non-SMTP messaging system, you can use the Foreign connectors Foreign connectors use Drop folder and file transfer mechanism To create and manage Foreign connectors, use: New-ForeignConnector Set-ForeignConnector Get-ForeignConnector Consider using delivery agents as an alternative to Foreign connectors Discuss the scenarios where students need to send messages to non-SMTP servers. Define foreign connectors and explain how they work. If time permits, you can demonstrate creating a Foreign connector in the Exchange Management Shell. Also mention delivery agents as an alternative.

23 Lesson 3: Managing Transport Rules
20341B Lesson 3: Managing Transport Rules 8: Planning and Configuring Message Transport Demonstration: Configuring Data Loss Protection Policies

24 What Are Transport Rules?
20341B What Are Transport Rules? 8: Planning and Configuring Message Transport Transport rules restrict message flow or modify message contents for messages in transit Transport rules have the following chracteristics: They are stored in the AD DS Configuration partition They are applied by all Mailbox servers They are used to apply compliance requirements Explain that the Exchange server applies transport rules to messages before users either send or receive them. Exchange Server applies the rules on transport servers, which means that the user has no control over whether Exchange Server actually applies the rule, and that Exchange Server can apply the rules at any point during a message’s transmission.

25 Configuring Transport Rules
20341B Configuring Transport Rules 8: Planning and Configuring Message Transport Transport rules have the following components that you should configure: Conditions Specify which message components are used to identify the messages Actions Specify the processes to be applied to messages Exceptions Specify which messages to exclude from having an action applied Predicates Are used by conditions and exceptions to define what part of an message will be examined As you describe the components that make up a transport rule, provide examples of some of the configuration options for each component. Some examples are: Conditions. Search for message sender or recipient, keywords in the message’s subject or body, regular patterns such as customer numbers and social insurance numbers, and other specific items. Actions. Block the message, send the message to an alternative address, add a disclaimer to the message, and other actions. Exceptions. This list is similar to the conditions list, and enables you to narrow down the conditions under which Exchange Server applies the actions. Predicates: The condition or exception can examine the To: or Subject fields, or an attachment size.

26 Planning Transport Rules
20341B Planning Transport Rules 8: Planning and Configuring Message Transport When planning for transport rules: Plan conditions and exceptions carefully Plan for transport rule priority and order Use regular expressions to check message contents Test the application of transport rules to avoid rule conflicts or duplication Plan for transport rule limitations with encrypted and digitally signed messages Document the transport rule configurations Transport rules enable many different options, but they must be implemented carefully. Stress that there are hundreds of possible variations that can be applied when using transport rules. Consider showing some of the conditions and actions that can be applied. Use this information to stress the importance of planning and testing the transport rule implementation very carefully. The transport rule implementation should be piloted to a small group of users first, and should be thoroughly documented to simplify the process of troubleshooting conflicting or unapplied rules. Mention that Hub Transport rules are stored in AD DS, which means that the policies are applied to all messages sent throughout the organization

27 Demonstration: Creating Transport Rules
20341B Demonstration: Creating Transport Rules 8: Planning and Configuring Message Transport In this demonstration, you will see how to create a Transport rule in the Exchange Administration Center Leave all virtual machines running for the final demonstration. Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1, and 20341B-LON- CAS1 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Start 20341B-LON-CL1. Do not sign in until directed to do so. Demonstration Steps On LON-CAS1 machine, switch to the EAC. In the EAC, in the feature pane, click mail flow. Click on the rules tab. Click New and then click Create a new rule. In the new rule wizard in the Name box, type Test Transport Rule. In the Apply this rule if drop-down box, select The subject or body includes. In the specify words or phrases window, type password in the text box, and click the + sign. Then click ok. In the new rule window, in the Do the following drop-down box, select Redirect the message to. In the Select Members window, select Administrator, and click add->. Then click ok. Click More options. Select the Activate this rule on the following date check box. Ensure that Enforce is selected. Click save. Switch to LON-CL1, and log on as Adatum\Aidan with the password Pa$$w0rd. (More notes on the next slide)

28 What Are Data-Loss Prevention Policies?
20341B What Are Data-Loss Prevention Policies? 8: Planning and Configuring Message Transport Data Loss Protection policies enforce compliance requirements for business-critical data being sent by When implementing Data Loss Protection you can choose to: Use the Data Loss Protection templates provided by Microsoft Use policy files created by a third-party vendor Create a custom policy Policy Tips can notify users if they are violating policy before they send Explain the scenarios in which Data Loss Protection policies are useful. Explain how these policies are different from standard transport rules, and how they are similar to transport rules. Provide some examples for predefined policies, and discuss how you can import or create your own policy.

29 Demonstration: Configuring Data Loss Protection Policies
20341B Demonstration: Configuring Data Loss Protection Policies 8: Planning and Configuring Message Transport In this demonstration, you will see how to create custom Data Loss Protection policies Preparation Steps To perform this demonstration, ensure that the 20341B-LON-DC1, 20341B-LON-MBX1, 20341B-LON- CAS1, and 20341B-LON-CAS2 virtual machines are running. Sign into all virtual machines using the Adatum\Administrator account with the password Pa$$w0rd. Leave machine 20341B-LON-CL1 as it is. Demonstration Steps On the LON-CAS1 machine, in EAC, click compliance management in feature pane. Click on data loss prevention tab. Click an arrow next to the + sign. Select New custom DLP Policy. In the new custom DLP policy window, in the Name box type IP address block. Click Enforce and then click Save. Select the IP address block policy and then click Edit. In the IP address block window, click rules. Click an arrow next to the + sign and then select Block messages with sensitive information. In the new rule window, click Outside the organization. In the select recipient location window select Inside the organization and click ok. Click Select sensitive information types. In the sensitive information types windows, click Add. Scroll down the list and select IP Address and then click add-> and then click ok two times. In the Do the following drop down box select Generate incident report and send it to, and then click Select one. In the list, select Administrator and click ok. Click Include message properties. (More notes on the next slide)

30 Lab: Planning and Configuring Message Transport
Exercise 3: Configuring Transport Rules and Data-Loss Prevention Policies Exercise 1: Configuring Message Transport Your organization has deployed Exchange Server 2013 in two of its sites. However, all Internet messages should flow through the main site. As part of your job responsibilities, you need to set up message transport to and from the Internet. You also need to enable one application that is running on the host with IP address to anonymously relay through your Exchange server. Exercise 2: Troubleshooting Message Delivery You have successfully installed Exchange Server 2013 in two sites. You now need to make sure that mail flow is working correctly. Exercise 3: Configuring Transport Rules and Data-Loss Prevention Policies You are testing transport rules and Data-Loss Prevention policies. At first, you will implement a transport rule that appends a disclaimer for every message that is sent from A. Datum organization. In addition, according to the corporate security policy, you should create a data-loss prevention policy that prevents users from sending IP address data in s. Virtual Machines B-LON-DC1 20341B-LON-CAS1 20341B-LON-MBX1 20341B-LON-CL1 User Name Adatum\Administrator Password Pa$$w0rd Logon Information Estimated time: 45 minutes

31 20341B Lab Scenario 8: Planning and Configuring Message Transport You are a messaging administrator in A. Datum Corporation, which is a large multinational organization that has offices in several cities. Your organization has deployed Exchange Server You need to configure Exchange Server to send messages to the Internet and receive messages from the Internet. You also need to ensure that you can troubleshoot message transport, if necessary. At the end, you need to implement some configure message transport rules, according to the corporate security policy.

32 20341B Lab Review 8: Planning and Configuring Message Transport A user reports that she sent a message to a user in another company two hours ago, and the message has not arrived. How would you troubleshoot this? Question What would you need to configure to enable outbound Internet from each A. Datum location? Answer You must ensure that local Internet connectivity is available at every location, and you then need to configure a SMTP send connector at every site. A user reports that she sent a message to a user in another company two hours ago, and the message has not arrived. How would you troubleshoot this? Use Delivery reports to see if the left A. Datum, and then use Queue Viewer to verify that the is not stuck in a queue.

33 Module Review and Takeaways
20341B Module Review and Takeaways 8: Planning and Configuring Message Transport Common Issues and Troubleshooting Tips Review Question Question Where is the Hub Transport functionality from Exchange Server 2007 and Exchange Server 2010 located in Exchange Server 2013? Answer This functionality is now located mostly within the Mailbox server role, in the Hub Transport and Mailbox Transport services. For SMTP outside traffic, transport functionality is now integrated within the Client Access server. Tools Exchange Administration Center Exchange Management Shell Queue Viewer Best Practice Do not modify default message routing flow unless it is absolutely necessary. Use Queue Viewer as the first tool to diagnose message delivery failure. Understand the difference between transport rules and data-loss prevention policies. Common Issues and Troubleshooting Tips Common Issue: Transport rule is not applied to the message Troubleshooting Tip: Ensure that conditions in transport rule are configured correctly Instructor Note: Ensure that you cover the common issues and the corresponding troubleshooting tips listed in this section. Encourage the students to share tips from their own work environments.


Download ppt "Planning and Configuring Message Transport"

Similar presentations


Ads by Google