microsoft word - configuring exchange server edge server

8/8/2019 Microsoft Word - Configuring Exchange Server Edge Server

1/12

Configuring an Exchange Server 2007Edge Server

Microsoft Virtual Labs


2/12

Configuring an Exchange Server 2007 Edge Server

Table of Contents

Configuring an Exchange Server 2007 Edge Server ................................................................. 1 Exercise 1 Implementing an Edge Server ...................................................................................................................... 2 Exercise 2 Protecting Your Edge Server Using Transport Rules .............. ........... .......... ........... .......... ........... .......... ..... 4 Exercise 3 Propagating an Outlook Safe Sender List Using an Edge Server .............. .......... ........... .......... ........... ........ 6 Exercise 4 Anti-Spam and Anti-Virus Protection in Exchange Server 2007 ......... ........... ........... .......... ........... .......... ... 8


3/12


Page 1 of 10

Configuring an Exchange Server 2007 EdgeServer

Objectives

After completing this lab, you will be better able to:

Create a new Edge Server subscription.

Estimated Time toComplete This Lab

60 Minutes

Computers used in thisLab SMBEX01

EDGE01

CLIENT01IMAIL01


4/12


Page 2 of 10

Exercise 1Implementing an Edge Server

ScenarioIn this exercise, you will use the Microsoft Exchange Management Console to create an Edge Server subscription.You are the Exchange administrator at Northwind Traders. The company recently implemented ExchangeServer 2007, and you would like to take advantage of the security benefits provided by an Exchange Server 2007Edge Server. You have installed the Edge Server role onto a stand-alone server named EDGE01 and now need toperform an Edge Subscription and configure the Edge Role.

Tasks Detailed Steps

Complete the followingtask on:

SMBEX01 1. Add the EDGE01

Server to thenwtraders.com Zonein DNS

Note: Because the EDGE01 server is not a member of the domain and therefore is not automatically registered in Domain Name System (DNS), you need to register the

EDGE01 server in DNS.

a. On the SMBEX01 virtual machine, click Start , click Administrative Tools , andthen click DNS. b. In dnsmgmt , expand SMBEX01 , expand Forward Lookup Zones , and then click

nwtraders.com . c. In dnsmgmt , click Action , and then click New Host (A) . d. In the New Host field, type the name EDGE01 and then in the IP Address field,

type 10.0.0.50 and then click Add Host .


EDGE01

2.

Export the EdgeSubscription File

a. Switch to the EDGE01 virtual machine. b. Click Start , click All Programs , click Microsoft Exchange Server 2007 , and

then click Exchange Management Shell . Note: Wait for the Exchange Management Shell environment to load. This may take a

few moments. c. At the Microsoft Shell (MSH) prompt, type NEW-EdgeSubscription file

c:\EdgeSubscriptionExport.xml and then press ENTER . d. Copy the file to the Hub Transport server for importing. On EDGE01 , open

Microsoft Windows Explorer , navigate to the C:\ folder , right-click theEdgeSubscriptionExport.xml file, and then click Copy .

e. Click Start , click Run , type \\SMBEX01 and then click OK . f. In the \\SMBEX01 folder, double-click the share named edge . g. In the \\SMBEX01\edge folder, right-click in the folder and then click Paste . Note : In the real world, you will probably not have file copying enabled between thesetwo servers because they will be separated by a firewall. Also in the real world, youwill use removable media to transfer this file.


SMBEX01 3. Create an Edge

Subscription

a. Switch to the SMBEX01 virtual machine. b. Click Start , click All Programs , click Microsoft Exchange Server 2007 , and

then click Exchange Management Console . Note: Wait for the Exchange Management Console environment to load.

c. In the navigation tree, expand Organization Configuration , and then click HubTransport .

d. In the Actions Pane, click New Edge Subscription .e. In the New Edge Subscription dialog box, click Browse , browse to the


5/12


Page 3 of 10

Tasks Detailed StepsC:\labs\edge folder, click the EdgeSubscriptionExport.xml file, click Open , andthen click New.

f. Wait for the subscription to complete and then click Finish . g. In the Exchange Management Console, notice how the new Edge Subscription is

displayed on the Edge Subscriptions tab. Click the Send Connectors tab andnotice how a send connector to the edge server has been created.


SMBEX01EDGE01

4. Start EdgeSynchronization

a. Click Start , click All Programs , click Microsoft Exchange Server 2007 , andthen click Exchange Management Shell .

Note: Wait for the Exchange Management Shell environment to load. This may take a few moments.

b. At the MSH prompt, type Start-EdgeSynchronization and then press ENTER . Note: Wait for the command to complete.

c. After the command has completed, switch to the EDGE01 virtual machine. d. Switch to the Exchange Management Shell .e. At the MSH prompt, type Get-AcceptedDomain to confirm that the subscription

was successful. You will see the domain nwtraders.com in the result.


IMAIL01SMBEX01

5. Confirm EmailDelivery

a.

Switch to the IMAIL01 virtual machine. b. Click Start , and then click Outlook Express . Note: Microsoft Office Outlook Express will now load as a user named Steve in theContoso.msft domain.

c. In Outlook Express, click Create Mail , and then in the To box of the newmessage, type [email protected]

d. In the Subject line, type Meeting next week e. In the message body, type Hi Spencer, Is it OK if I bring along my new Sales

Manager to the meeting next week? Regards, Steve f. Click Send . g. Confirm that the message was sent.

h. Switch to the SMBEX01 virtual machine. Note: The following steps will log on to Outlook Web Access as Spencer Low .

i. Click Start , click All Programs , and then click Internet Explorer . j. In Microsoft Internet Explorer, in the Address bar, type

http://SMBEX01 .nwtraders .com/OWA and then press ENTER . k. In the forms based authentication dialog box that appears, click This is a public

computer .l. In the User Name field, type spencer and then in the Password field, type

P@ssw0rd and then click Log On . m. In Spencer Low Outlook Web Access , open the new message from Steve and

then click Reply .

n. In the reply , type Hi Steve, Yes that is fine, please do bring along your newSales Manager, Regards, Spencer o. Click Send . p. Switch to the IMAIL01 virtual machine.q. In Outlook Express, confirm that the reply from Spencer has arrived in Steves

mailbox by clicking Send/Receive .


6/12


Page 4 of 10

Exercise 2Protecting Your Edge Server Using Transport Rules

ScenarioIn this exercise, you will create and use an Edge Server Transport Rule to protect Northwind Traders from apotential new virus.You are the Exchange administrator at Northwind Traders. You have received urgent news that a new e-mail virushas been circulating on the Internet. Because the new virus is only a few hours old, your virus-scanning provider hasnot yet provided you with a new virus signature file to protect against the virus. You know that the virus alwayscomes in an e-mail message with the words I LOVE YOU in the subject line. You need to create a temporaryEdge Server Transport Rule to stop the virus from coming into the organization until you receive the new virussignature file.



EDGE01 1. Create an Edge

Server TransportRule

a. Switch to the EDGE01 virtual machine. b. Start the Exchange Management Console . c. In the Exchange Management Console, in the navigation tree, click Edge

Transport . d. In the Work Pane, click the Transport Rules tab. Note: Notice that currently there are no transport rules.

e. In the Action Pane, click New Transport Rule . f. In New Transport Rule window, in the Name field, type Temporary Rule to

block viruses until we download new signature g. Ensure that the Enable Rule check box is selected and then click Next . h. In the Conditions field , in Step 1 , select when the Subject field contains specific

words , and then in Step 2 , click specific words .i. In the Specify words field, type I LOVE YOU , click Add , and then click OK . j. In the New Transport Rule field, click Next . k. In the Actions field, in Step 1 , select put message in quarantine , and then click

Next .l. In the Exceptions dialog box, click Next .

m. In the New Transport Rule dialog box, click New , and then click Finish .


SMBEX01

EDGE01 2. Configure a Mailbox

to Store QuarantinedMail

a. Switch to SMBEX01 virtual machine. b. Switch to the Exchange Management Console . c. In the Exchange Management Console, expand Recipient Configuration , and

then in the Action Pane, click New Mailbox .

d. In the New Mailbox dialog box, confirm that User Mailbox is selected and thenclick Next .

e. In the User Type field, confirm that New User is selected and then click Next . f. In the Mailbox Information dialog box, in the First Name text box, type

Quarantine Mailbox and then in the User logon name text box, type quarantine g. In the Password and Confirm password text boxes, type P@ssw0rd and then

click Next . h. In the Mailbox Settings dialog box, click Next , click New , and then click Finish .


7/12


Page 5 of 10

Tasks Detailed Stepsi. Switch to EDGE01 virtual machine.

j. Switch to the Exchange Management Shell . k. In the Exchange Management Shell, type the following and then press ENTER :

Get-contentfilterconfig

Note: Notice how the results show that no Quarantine Mailbox is configured.

l. In the Exchange Management Shell, configure the new mailbox as the mailbox inwhich quarantined mail should be stored by typing the following and then pressingENTER :

Set-ContentFilterConfig [email protected]

m. Repeat the command Get-ContentFilterConfig to observe that a mailbox is nowconfigured.

n. Switch to the SMBEX01 virtual machine. o. At the MSH prompt, type Start-EdgeSynchronization and then press ENTER . Note: Wait for the command to complete.


IMAIL01SMBEX01

3. Test the Edge ServerTransport Rule

a. Switch to the IMAIL01 virtual machine. b. Switch to Outlook Express running as Steve in the Contoso.msft domain . c. In Outlook Express, click Create Mail , and then in the To box in the new

message, type [email protected] d. In the Subject line, type I LOVE YOU .e. Click Send .

f. Confirm that the message was sent. g. Switch to the SMBEX01 ,virtual machine. Note: The following steps will log on to Outlook Web Access as Quarantine .

h. Click Start , click All Programs , and then click Internet Explorer .i. In Internet Explorer, in the Address bar, type

http://SMBEX01 .nwtraders .com/OWA and then press ENTER . j. In the forms based authentication dialog box that appears, click This is a public

computer . In the User Name field, type quarantine and then in the Password field, type P@ssw0rd and click Log On and then click OK .

k. In Quarantine Outlook Web Access , confirm that the I LOVE YOU messagehas been quarantined.

Note : In the real world, you would have configured the Edge Transport Rule to dropthese mail items; however, for the purposes of this lab, you configured it to quarantinethe e-mail. If you had configured the rule to drop the mail, the mail would never haveentered your internal environment and would have been dropped at the Edge Server.


8/12


Page 6 of 10

Exercise 3Propagating an Outlook Safe Sender List Using an EdgeServer

ScenarioThis exercise will demonstrate how a safe sender list created in Office Outlook 2007 is propagated to the EdgeServer. You will also verify that the Edge Server acts upon that list.In his job role, Peter Houston regularly communicates with Contoso, Ltd. He has noticed that a number of mailitems from Contoso have not been arriving in his mailbox. He suspects that this is because they are being blockeddue to the message content having a high spam confidence level (SCL). As the Exchange administrator atNorthwind Traders, you suggest to Peter that he should add the domain contoso.msft to his Safe Senders list inOffice Outlook 2007



EDGE01 1. Configure the

Content Filter toReject Spam Mail

a. Switch to the EDGE01 virtual machine. b. Switch to the Exchange Management Console . c. In the Work Pane, on the Anti-spam tab, double click Content Filtering . d. In the Content Filtering Properties dialog box, click the Action tab.e. In the Reject messages that have a SCL rating larger or equal to drop-down

list, select 7. f. Click OK to close Content Filtering Properties.


CLIENT01

2. Add a Domain to anOutlook SafeSenders List

a. Switch to the CLIENT01 virtual machine. b. Click Start , and then click Microsoft Office Outlook . Note: You are now logged on to Peter Houstons mailbox.

c. In Outlook, click Tools , click Options , and then on the Preferences tab, click Junk E-mail .

d. In Junk E-mail Options , click the Safe Senders tab, and then click Add .e. In the Add address or domain field, type @contoso.msft and then click OK

twice to return to Outlook.

f. Close Outlook 2007 .


SMBEX01 3. Propagate an

Outlook Safe

Senders List Usingan Edge Server

a. Switch to the SMBEX01 virtual machine. b. Switch to the Exchange Management Shell . c. At the MSH prompt, type the following and then press ENTER:

Update-safelist identity Peter

d. At the MSH prompt, type the following and then press ENTER:

Start-EdgeSynchronization


IMAIL01 4. Send a Message That

Contains ContentWith a Very High

a. Switch to the IMAIL01 virtual machine. b. Switch to Outlook Express running as Steve in the Contoso.msft domain. c. In Outlook Express, click Create Mail , and then in the To box in the new

message, type the following: [email protected]; [email protected] . d. In the Subject line, type Free Mortgage e. In the message body, type the following:


9/12


Page 7 of 10

Tasks Detailed StepsSCL http://www.contoso.msft

Make $$$$$

f. Click Send . Note : This message will be identified as having a high SCL by the Edge server and will not be delivered to Spencer.

g. Confirm that the message has not arrived.Complete the followingtask on:

SMBEX01 5. Observe the Non-

Delivery/Delivery of Message

a. Switch to the SMBEX01 virtual machine. b. Switch to Outlook Web Access running as Spencer . c. In Spencer Outlook Web Access, confirm that the message has not been

delivered. Press Send/Receive several times to ensure that it has not beendelivered.

d. Start Internet Explorer, in the Address bar, typehttp://SMBEX01.nwtraders.com/OWA and then press ENTER .

e. In the User Name field, type Peter and then in the Password field, type P@ssw0rd and then click Log On .

f. In Peter Outlook Web Access, confirm that the message has been delivered. You

may need to wait for a few seconds and press Send/Receive several times beforeyou see it delivered.

Note : The message has been delivered to Peter as his Safe Senders list is now acted upon by the Edge Server.


10/12


Page 8 of 10

Exercise 4Anti-Spam and Anti-Virus Protection in Exchange Server 2007

ScenarioIn this exercise, you will examine the anti-spam and anti-virus features available on the Edge Server.You are the Exchange administrator at Northwind Traders. You have many users using both Outlook Web Accessand Office Outlook 2007. You want to work out the optimal settings for the Content Filter feature on the EdgeServer. You also want to determine a method for seeing how much spam is entering the organization.


Complete the following2 tasks on:

EDGE01 1. Examine the Edge

Transport Anti-SpamSettings

a. Switch to the EDGE01 virtual machine. b. Switch to the Exchange Management Console . c. In the Exchange Management Console, in the navigation tree, click Edge

Transport . d. In the Results Pane, click the Anti-Spam tab and read through the list of

configurable options possible with the Edge Server anti-spam features.

e. On the Anti-Spam tab, double-click IP Block List . f. In IP Block List Properties , click the Blocked Addresses tab and notice that

there are no blocked addresses by default.

g. Click Cancel to return to the Exchange Management Console. h. On the Anti-Spam tab, double-click Content Filtering .i. In Content Filtering Properties , click the Action tab and notice the SCL rating

settings.

j. In the Reject Messages that have a SCL rating larger or equal to drop-downlist, select 9.

k. Click OK to return to the Exchange Management Console.

2. ConfigurePerformance Monitorto Identify the SCLRatings of IncomingE-mail

a. Click Start , point to Administrative Tools , and then click Performance . b. Below the System Monitor graph, in the counters list, select each default counter

and then press DELETE to remove it from the System Monitor display, until thereare no more counters in the display.

c. In System Monitor , click the Add button. d. In the Add Counters box, in the Performance Object list, select MsExchange

Content Filter .e. Click All counters and then click Add .

f. In the Add Counters box, click Close . g. In System Monitor , click the View Report button to change the view to Report

view.


IMAIL01 3. Send Spam Messages

Using Script

a. Switch to the IMAIL01 virtual machine. b. Open Windows Explorer . c. Navigate to C:\Labs\edge and then double-click the script SendSpam.vbs . This

script will send spam messages to Peter Houston..

d. Click OK in the Messages Sent dialog box.


11/12


Page 9 of 10



SMBEX01 4. Confirm Delivery of

Spam Messages

a. Switch to the SMBEX01 virtual machine. b. Switch to Outlook Web Access running as Peter Houston. c. In Outlook Web Access, click the Send / Receive button. Note : You might need to wait a while for the messages to be processed in this labenvironment.

d. View the messages delivered to the Inbox folder. Notice that unsolicitedcommercial e-mail has been delivered to the Inbox.


EDGE01 5. Configure the

Content Filter toReject Spam Mail

a. Switch to the EDGE01 virtual machine. b. Switch to Performance Monitor and view the SCL ratings assigned to the

messages that were just sent.

c. In the Exchange Management Console , expand Edge Transport , and then in theWork Pane, on the Anti-Spam tab, double-click Content Filtering .

d. In the Content Filtering Properties box, click the Action tab.e. In the Reject Messages that have a SCL rating larger or equal to drop-down

list, select 7. f. Click OK to return to the Exchange Management Console.



Using Script

a. Switch to the IMAIL01 virtual machine. b. Switch to Windows Explorer . c. In Windows Explorer, navigate to C:\Labs\edge and then double-click

SendSpam.vbs .


SMBEX01 7. Confirm Spam

Messages wereRejected

a. Switch to the SMBEX01 virtual machine. b. Switch to Outlook Web Access running as Peter . c. In Outlook Web Access, click the Send / Receive button. d. Confirm that only two items now arrive in Peters Inbox.


EDGE01 8. Configure the Edge

Server to ArchiveSpam Mail

a. Switch to the EDGE01 virtual machine. b. Switch to the Exchange Management Console c. In the Work Pane, on the Anti-spam tab, double click Content Filtering . d. In the Content Filtering Properties dialog box, click the Action tab.e. In the Reject messages that have a SCL rating larger or equal to drop-down

list, select 9.

f. Select the Quarantine messages that have a SCL rating larger or equal to check box, and select 7 in the drop-down list.

g. Click OK to close Content Filtering Properties.



Using Script

a.

Switch to the IMAIL01 virtual machine. b. Switch to Windows Explorer . c. In Windows Explorer, navigate to C:\Labs\edge and then double-click

SendSpam.vbs .


a. Switch to the SMBEX01 machine. b. Switch to Outlook Web Access running as Peter .


12/12


Page 10 of 10

Tasks Detailed StepsSMBEX01CLIENT01

10. Confirm MessagesWere Quarantined

c. In Outlook Web Access, click the Send / Receive button. d. Confirm that only two items arrive in Peters Inbox.e. Click Start , click All Programs , and then click Internet Explorer .

f. In Internet Explorer, in the Address bar, typehttp://SMBEX01 .nwtraders .com/OWA and then press ENTER .

g. In the forms based authentication dialog box that appears, click This is a publiccomputer . h. In the User Name field, type quarantine and then in the Password field, type

P@ssw0rd and then click Log On .i. In Quarantine Outlook Web Access , click Send/Receive and confirm that the

three messages have been quarantined.

j. Switch to the CLIENT01 machine. k. Start Office Outlook 2007 . l. In Inbox Microsoft Office Outlook , click Send/Receive and notice how

Outlook moves some messages to the Junk Mail folder.

microsoft word - configuring exchange server edge server

Documents