Exchange & Outlook UPDATE, Exchange Edition, March 4, 2004

Commentary

- Get Ready for Exchange Edge Services

Resources

- Featured Thread: In Search of a Client-Side Editing Tool

- Outlook Tip: Preventing Users from Designing Custom Forms New and Improved

- AOL Members: Access POP3 and SMTP Email

~~~~ Sponsor: Commvault Systems ~~~~

Free White Paper – Managing the Infinite Inbox

Today's e-mails and instant messages are critical to business - an awful lot of messages and attachments contain vital company knowledge. So how do you intelligently manage message stores when you can barely keep up with capacity? What's an IT administrator to do? Find out this and more.

http://www.commvault.com/mk/get/infinite_inbox_ad

==== Commentary: Get Ready for Exchange Edge Services ==== by Paul Robichaux, News Editor, [email protected]

Security experts talk a lot about "defense in depth," the concept that you should use multiple, preferably overlapping, security systems so that an attacker has to penetrate several different defenses to reach your systems. Microsoft security guru Steve Riley uses the analogy of a medieval castle, which was protected by moats, traps, poor lighting, clutter, pits, and fat guys with large swords.

For Exchange Server systems, we usually start planning defense in depth at the network perimeter (aka "the edge"). The edge is the best place to filter spam, catch viruses, and enforce email policies. Therefore, in most Exchange deployments, at least one server is exposed to the Internet and given the job of acting as an edge server. However, Microsoft has had a hard time convincing some of its customers to deploy Exchange as an edge server. In the first versions of Exchange, the SMTP service wasn't robust enough or fast enough to let the product act as an edge server. Exchange 2000 Server fixed both problems, and Exchange Server 2003 is an even better product. Unfortunately, Exchange still doesn't do some things as well as competing products. For example, Exchange doesn't offer as much flexibility for address rewriting as UNIX-based products such as sendmail, Postfix, or qmail do. Enter, therefore, a new item from the Exchange product group: Exchange Edge Services, set to be released next year.

The UNIX world has a long tradition of setting up single-function SMTP edge hosts that accept outside email, process it, and deliver it to mail servers on the internal network for delivery to the recipient's mail server. These edge hosts don't store email; they only accept it. Along the way, the hosts might perform tasks such as rewriting sender addresses (for outbound email) or recipient addresses (for inbound email) or scanning inbound email for viruses. Many environments already deploy UNIX-based edge servers that pass email to Exchange servers. Obviously, Microsoft (and probably most Exchange administrators) would rather use Exchange servers for the job, for several reasons. These reasons, which Microsoft has been hearing about from customers, have been driving the Exchange Edge Services development process.

First, you need to manage UNIX servers separately from your Exchange servers, so you lose much of the benefit of Exchange's management and monitoring architecture (including integration with the Microsoft Operations Manager--MOM--and third-party tools such as those from NetIQ and Quest Software). Second, most UNIX-based edge products are quite difficult to configure if you aren't already familiar with them. This difficulty makes it too easy for administrators to accidentally make mistakes that cause lost or misdirected email. And third, although the Exchange event sink architecture permits a high degree of extensibility, it isn't intended to let you string together multiple sets of sinks on one server. In some cases, you can use multiple sinks on the same server, but not all combinations of sinks will work properly all the time.

These points led naturally to the Exchange Edge Services design: a single-function edge server that doesn't use Active Directory (AD) but that acts like, and is managed like, your existing Exchange mailbox and front-end servers. This design is intended to deliver three major functions: SMTP gateways, message hygiene (e.g., spam filtering, antivirus functions, recipient filtering), and routing (including address rewriting, relaying, format conversion, and masquerading). The design likely will let you apply multiple sets of filters or transformations to inbound messages, letting you concentrate all three major functions onto one server or split them apart, depending on your deployment requirements.

Another interesting twist to the Exchange Edge Services story is that Microsoft Chairman and Chief Software Architect Bill Gates has promised that it will incorporate the new Caller ID for E-Mail technology that Microsoft announced last week (and which I'll write more about next week). To get the lowdown on Exchange Edge Services, see Microsoft's Exchange Edge Services Overview at http://www.microsoft.com/exchange/techinfo/security/edgeservices.asp .

On a final note: With spring just around the corner, many of you might be thinking about attending a tradeshow or getting some training. Check out our Events Central Web site, which provides a comprehensive listing of tradeshows, conferences, and Web seminars targeted to the IT user. Whether you're searching by event type or event topic, you'll find a complete one-stop listing of events to fit your needs.

http://www.winnetmag.com/events

~~~~ Sponsor: Security Administrator ~~~~

Try a Sample Issue of Security Administrator!

Security Administrator is the monthly newsletter from Windows & .NET Magazine that shows you how to protect your network from external intruders and control access for internal users. Sign up now to get a 1-month trial issue--you'll feel more secure just knowing you did. Click here!

http://www.secadministrator.com/rd.cfm?code=fsep254xup

==== Announcements ==== (from Windows & .NET Magazine and its partners)

Windows Scripting Solutions for the Systems Administrator

You might not be a programmer, but that doesn't mean you can't easily learn to create and deploy timesaving, problem-solving scripts. Discover Windows Scripting Solutions, the monthly print publication that helps you tackle common problems and automate everyday tasks with simple tools, tricks, and scripts. Try a sample issue today!

http://www.winscriptingsolutions.com/rd.cfm?code=fsep264xup

New eBook--Become a Master in Tools That Ease Computer Management Tasks and Diagnostic Tools

This eBook provides a practical introduction to some of the most important tools in the resource kits and the Support Tools that the Windows 2000 and Windows NT professional editions provide. You'll learn about computer management tasks, desktop production, network management, the browser monitor, and more. Download this free eBook today!

http://www.WindowsITlibrary.com/ebooks/windowsnetworking/index.cfm

~~~~ Hot Release: Aelita Software ~~~~

In this white paper, noted Microsoft Exchange expert Kieran McCorry, from HP's Exchange consulting group, outlines the options for migrating to Exchange Server 2003. The paper discusses inter-org migrations, intra-org migrations and how to benefit from consolidation during deployment. Request this free white paper today.

http://ad.doubleclick.net/clk;6306021;7402808;y?http://www.aelita.com/Reg/Marketing/promos/whitepapers/kmccory/welcome.asp

==== Resources ====

Featured Thread: In Search of a Client-Side Editing Tool

A forum reader is looking for a tool that will let users perform simple edits on the Exchange Server global address book. To offer your advice or join the discussion, go to the following URL:

http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=117654

Outlook Tip: Preventing Users from Designing Custom Forms by Sue Mosher, [email protected]

Q: How can I prevent users from designing custom Outlook 2002 forms?

A: To prevent users from using the Outlook 2002 forms designer, add a REG_DWORD registry entry named NoOutlookFormsDesigner to the HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook registry subkey. Set the entry's value to 1 to disable the form designer or to 0 to enable it.

Note that you can make a similar registry edit to the HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook subkey for Outlook 2000, but the change won't migrate when you upgrade from Outlook 2000 to Outlook 2002. For more information about this issue and the registry edits, see the Microsoft article "OL2002: Users Can Design Custom Outlook Forms After Upgrade from Outlook 2000" ( http://support.microsoft.com/?kbid=280926 ).

See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips.

http://www.winnetmag.com/microsoftexchangeoutlook

==== Events Central ==== (A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

New Web Seminar--Realizing the Return on Active Directory

Join Mark Minasi and Indy Chakrabarti for a free Web seminar and discover how to maximize the return on your Active Directory investments and cut the cost of security exposures with secure task delegation, centralized auditing, and Group Policy management. Register now and receive NetIQ's free "Securing Access to Active Directory-A Layered Security Approach" white paper.

http://www.winnetmag.com/seminars/activedirectoryroi

==== New and Improved ==== by Carolyn Mader, [email protected]

AOL Members: Access POP3 and SMTP Email

PorkChup Solutions released eMail2Pop, a solution for AOL members who also want to have POP3 and SMTP email access. eMail2Pop bridges AOL with the standard POP3 and SMTP email protocols so that users can use Outlook and Eudora, instead of the email software provided by AOL, to manage AOL email. The software's integrated spam filter uses a three-step filtering process. The product screens email messages through pattern-based matching and validates messages against Internet blacklists. Pricing starts at $25.76 for a single license.

http://www.email2pop.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.winnetmag.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring UPDATE -- [email protected]