programming4us
programming4us
SECURITY

Microsoft Exchange Server 2007 : Edge Transport Server Connectors (part 2) - Setting Message Delivery Limits, Configuring Authoritative Domains

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire

Setting Message Delivery Limits

One of the most important security measures you can implement on your SMTP connectors is setting message delivery limits. Message delivery limits prevent users from sending large messages through Exchange that can tie up Exchange resources (processing time, queue availability, disk storage, and more). When this occurs, the results can be just as bad as experiencing a DoS attack. Implementing these limits also encourages users to use alternative delivery methods, such as file shares, compression of attachments, and even document management portals.

In previous versions of Exchange, delivery limits were configured within the Exchange System Manager. Now, in Exchange 2007, these limits are set on specific Send and Receive Connectors using the Exchange Management Shell.

To determine the current maximum message size on a particular connector, perform the following procedure. For this example, you will work with a Receive Connector. To perform the same tasks on a Send Connector, replace the receiveconnector command with sendconnector.

1.
Start the Exchange Management Shell.

2.
Get a list of the existing connectors by using the following command:

get-receiveconnector

A list of existing Receive Connectors is returned. For this example, use a connector named “Default VMW-EXCHANGE1.”

3.
To view the configuration of a specific connector, use the following command:

get-receiveconnector "default vmw-exchange1" |format-list

A detailed configuration of the connector is returned, and looks similar to what is shown in Figure 1.

Figure 1. Sample Receive Connector configuration.

By default, the maximum message size is set to 10MB. To change this maximum message size, perform the following procedure:

1.
In the Exchange Management Shell, type the following command:

set-receiveconnector "default vmw-exchange1" -MaxMessageSize 20MB

2.
If you now view the configuration of the specific connector (as shown previously), you will see that the new maxmessagesize limit has been implemented.

Note

Configuring a different sending and receiving message size limit can cause potential problems. For example, if you configured a 5MB limit on sent messages, but a 10MB limit on received messages, a user might receive an email from an external source with a 9MB attachment. They would be able to receive the message, but any attempts to forward it to a co-worker would fail because of the sending restriction. A good best practice is to set these limits to the same size.


Another important message delivery limit that can be used to secure Exchange Server 2007 involves the number of recipients that a message can be sent to at any one time. Limiting the maximum number of recipients limits internal users’ ability to essentially spam the enterprise with large numbers of emails.

Configuring the maximum number of recipients per message is done similiarly to the setting the maximum message size previously. The default setting is 5,000, but you can configure it to whatever number you desire. For this example, you will change this setting to 500 recipients. To do so, perform the following command in the Exchange Management Shell by typing the following command:

set-receiveconnector "default vmw-exchange1" –MaxRecipientsPerMessage 500

The majority of the configuration settings for the Send and Receive Connectors must be configured through the Exchange Management Shell.

Configuring Authoritative Domains

When an Exchange organization is responsible for handling message delivery to recipients in a particular domain, the organization is called authoritative for that domain. Configuring an authoritative domain in Exchange 2007 is a two-step process: First, you create an accepted domain, and second, you set the domain type as authoritative.

An accepted domain is any SMTP namespace that the Edge Transport server(s) in your organization sends messages to or receives messages from. Your organization might have one or more domains, so you might have more than one authoritative domain.

Note

If you have subscribed your Edge Transport server to the Exchange organization using the EdgeSync process, do not perform these procedures directly on the Edge Transport server. Instead, perform the steps on a Hub Transport server and allow it to replicate to the Edge Transport server during the next synchronization.


To create an authoritative domain, perform the following command in the Exchange Management Shell on your Hub Transport server:

New-AcceptedDomain –Name "CompanyABC" –DomainName companyabc.com –DomainType Authoritative


Note

You must be logged on as an account that is a member of the Exchange Organization Administrators group and that is a member of the local Administrators group on the server. Also, replace this name with your own domain name in place of companyabc.com in the example.

Other  
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Exchange Server 2007 SMTP Connectors (part 2) - Hub Transport Server Connectors
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Exchange Server 2007 SMTP Connectors (part 1) - Connector Topology
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Transport-Level Security Defined
  •  Microsoft Exchange Server 2007 : Exchange Server-Level Security Features (part 2) - Protecting Exchange Server 2007 from Viruses
  •  Microsoft Exchange Server 2007 : Exchange Server-Level Security Features (part 1) - Exchange Server 2007 Antispam Measures
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 5) - Using Email Disclaimers
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 4) - Establishing a Corporate Email Policy, Securing Groups
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 3) - Hardening Windows Server 2003 - Running SCW
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 2) - Hardening Windows Server 2003 - Using the Microsoft Baseline Security Analyzer
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 1) - Hardening Windows Server 2003 - Auditing Policies
  •  
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us
    Celebrity Style, Fashion Trends, Beauty and Makeup Tips.
    programming4us
     
     
    programming4us