Immutability, Perry, and Exchange

Immutability is a word that trips elegantly off the tongue. It’s also a word that is used more often to describe an aspect of Exchange that receives increasing attention from the legal eagles (aka the fine, upstanding members of the legal profession who assist technologists to run computer systems in a legally-pleasing manner).

I was reminded of this fact when I viewed a video where Perry Clarke, a Microsoft Distinguished Engineer who has made many contributions to the development of Exchange over the years, explained what immutability means in a practical sense to the contents of user mailboxes. In a nutshell, immutability is the driving factor behind many of the compliance features that Microsoft introduced in Exchange 2010 such as “dumpster 2.0”, retention and litigation hold, and archive mailboxes to create an environment where the system can retain data in an unchangeable form.

The problem that these features seek to address is pretty simple. Up to and including Exchange 2007, it’s possible for users who want to cover their tracks to remove potentially incriminating data from mailboxes. The original dumpster implementation uses a special mailbox view to track soft-deleted items. In this context, “soft-deleted” means an item that a user has deleted from a mailbox folder that is kept in the database until its retention period expires. These items can be restored to the mailbox using the “Recover Deleted Items” function first introduced in Exchange 2000 to prevent the need for administrators to restore databases from backups whenever users deleted items in error.

Mailbox views are an effective method to present information in different ways and are used extensively by Exchange. For example, whenever you use Outlook to sort items in a folder in a different way, Exchange creates a view based on your sort preference. However, because views essentially present the same data in different ways, they have limitations when the need arises to preserve information that might be changed by users such as attempting to delete or update a soft-deleted item. For these reasons it’s not possible to implement features such as litigation hold on top of dumpster 1.0.

Dumpster 2.0 does not use views. Instead, it uses a special folder (Recoverable Items) that holds soft-deleted items and a set of sub-folders that come into play when a user is placed on litigation hold. In these circumstances, Exchange has to retain everything in a mailbox and make sure that the user cannot change an item without that fact being tracked. It is the ability to retain data in a legally compliant manner that allows Exchange to claim that mailbox data is immutable. The complexity is masked from users as they can continue to recover deleted items as before. Indeed, unless an administrator elects to publish a litigation comment – and the user sees the comment in Outlook 2010’s “backstage area”, a user will never be aware that their mailbox is subject to a hold and that Exchange is tracking changes. The same functionality is available through Office 365 for Exchange Online users.

Perry’s blog isn’t a high-volume low-value publication. It’s a destination offering content that provides real insight into the whys and wherefores of Exchange and might just be worth your while to pay a visit. His latest video covers why Exchange implemented the Mailbox Replication Service to handle the challenges of moving gigabytes of mailbox data around behind the scenes. Go listen... and learn.

Follow Tony’s ramblings on Twitter

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish