programming4us
programming4us
SECURITY

Microsoft Exchange Server 2007 : Edge Transport Server Connectors (part 2) - Setting Message Delivery Limits, Configuring Authoritative Domains

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

Setting Message Delivery Limits

One of the most important security measures you can implement on your SMTP connectors is setting message delivery limits. Message delivery limits prevent users from sending large messages through Exchange that can tie up Exchange resources (processing time, queue availability, disk storage, and more). When this occurs, the results can be just as bad as experiencing a DoS attack. Implementing these limits also encourages users to use alternative delivery methods, such as file shares, compression of attachments, and even document management portals.

In previous versions of Exchange, delivery limits were configured within the Exchange System Manager. Now, in Exchange 2007, these limits are set on specific Send and Receive Connectors using the Exchange Management Shell.

To determine the current maximum message size on a particular connector, perform the following procedure. For this example, you will work with a Receive Connector. To perform the same tasks on a Send Connector, replace the receiveconnector command with sendconnector.

1.
Start the Exchange Management Shell.

2.
Get a list of the existing connectors by using the following command:

get-receiveconnector

A list of existing Receive Connectors is returned. For this example, use a connector named “Default VMW-EXCHANGE1.”

3.
To view the configuration of a specific connector, use the following command:

get-receiveconnector "default vmw-exchange1" |format-list

A detailed configuration of the connector is returned, and looks similar to what is shown in Figure 1.

Figure 1. Sample Receive Connector configuration.

By default, the maximum message size is set to 10MB. To change this maximum message size, perform the following procedure:

1.
In the Exchange Management Shell, type the following command:

set-receiveconnector "default vmw-exchange1" -MaxMessageSize 20MB

2.
If you now view the configuration of the specific connector (as shown previously), you will see that the new maxmessagesize limit has been implemented.

Note

Configuring a different sending and receiving message size limit can cause potential problems. For example, if you configured a 5MB limit on sent messages, but a 10MB limit on received messages, a user might receive an email from an external source with a 9MB attachment. They would be able to receive the message, but any attempts to forward it to a co-worker would fail because of the sending restriction. A good best practice is to set these limits to the same size.


Another important message delivery limit that can be used to secure Exchange Server 2007 involves the number of recipients that a message can be sent to at any one time. Limiting the maximum number of recipients limits internal users’ ability to essentially spam the enterprise with large numbers of emails.

Configuring the maximum number of recipients per message is done similiarly to the setting the maximum message size previously. The default setting is 5,000, but you can configure it to whatever number you desire. For this example, you will change this setting to 500 recipients. To do so, perform the following command in the Exchange Management Shell by typing the following command:

set-receiveconnector "default vmw-exchange1" –MaxRecipientsPerMessage 500

The majority of the configuration settings for the Send and Receive Connectors must be configured through the Exchange Management Shell.

Configuring Authoritative Domains

When an Exchange organization is responsible for handling message delivery to recipients in a particular domain, the organization is called authoritative for that domain. Configuring an authoritative domain in Exchange 2007 is a two-step process: First, you create an accepted domain, and second, you set the domain type as authoritative.

An accepted domain is any SMTP namespace that the Edge Transport server(s) in your organization sends messages to or receives messages from. Your organization might have one or more domains, so you might have more than one authoritative domain.

Note

If you have subscribed your Edge Transport server to the Exchange organization using the EdgeSync process, do not perform these procedures directly on the Edge Transport server. Instead, perform the steps on a Hub Transport server and allow it to replicate to the Edge Transport server during the next synchronization.


To create an authoritative domain, perform the following command in the Exchange Management Shell on your Hub Transport server:

New-AcceptedDomain –Name "CompanyABC" –DomainName companyabc.com –DomainType Authoritative


Note

You must be logged on as an account that is a member of the Exchange Organization Administrators group and that is a member of the local Administrators group on the server. Also, replace this name with your own domain name in place of companyabc.com in the example.

Other  
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Exchange Server 2007 SMTP Connectors (part 2) - Hub Transport Server Connectors
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Exchange Server 2007 SMTP Connectors (part 1) - Connector Topology
  •  Microsoft Exchange Server 2007 : Server and Transport-Level Security - Transport-Level Security Defined
  •  Microsoft Exchange Server 2007 : Exchange Server-Level Security Features (part 2) - Protecting Exchange Server 2007 from Viruses
  •  Microsoft Exchange Server 2007 : Exchange Server-Level Security Features (part 1) - Exchange Server 2007 Antispam Measures
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 5) - Using Email Disclaimers
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 4) - Establishing a Corporate Email Policy, Securing Groups
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 3) - Hardening Windows Server 2003 - Running SCW
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 2) - Hardening Windows Server 2003 - Using the Microsoft Baseline Security Analyzer
  •  Microsoft Exchange Server 2007 : Components of a Secure Messaging Environment (part 1) - Hardening Windows Server 2003 - Auditing Policies
  •  
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    - Messages forwarded by Outlook rule go nowhere
    - Create and Deploy Windows 7 Image
    - How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
    - Creating and using an unencrypted cookie in ASP.NET
    - Directories
    - Poor Performance on Sharepoint 2010 Server
    - SBS 2008 ~ The e-mail alias already exists...
    - Public to Private IP - DNS Changes
    - Send Email from Winform application
    - How to create a .mdb file from ms sql server database.......
    programming4us programming4us
    programming4us
     
     
    programming4us