jjoz
asked on
Deploying Edge transport server using Hypervisor or VMWare
Hi All,
I'm just wondering if this solution is feasible for Exchange Server 2007.
I'd like to implement Edge transport server in a virtualized environment so that when disaster strikes, I could just delete the image and load the clean image straight away.
at the moment my configuration is:
Single server consisting of HT, MBX, CAS directly connected to the gateway/router.
any idea and suggestion would be greatly appreciated.
thanks.
I'm just wondering if this solution is feasible for Exchange Server 2007.
I'd like to implement Edge transport server in a virtualized environment so that when disaster strikes, I could just delete the image and load the clean image straight away.
at the moment my configuration is:
Single server consisting of HT, MBX, CAS directly connected to the gateway/router.
any idea and suggestion would be greatly appreciated.
thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes i did Lim,
All of the anti spam script has been executed
as for the RBL i use zen.spamhaus.org and Spamcop
but when i execute the script get-AntispamTopRBLProvider s.ps1 i didn't get anything ?
but thanks anyway to reply and giving your opinion.
All of the anti spam script has been executed
as for the RBL i use zen.spamhaus.org and Spamcop
but when i execute the script get-AntispamTopRBLProvider
but thanks anyway to reply and giving your opinion.
get-AntispamTopRBLProviders.ps1
http://forums.msexchange.org/m_1800489046/tm.htm
http://www.msexchange.org/articles_tutorials/exchange-server-2007/tools/using-exchange-server-2007-built-in-scripts-part2.html
that can be odd.. usually it should appear ...
try to restart your exchange services after hour and see whether it has put in ...
How you add your RBL?
http://www.msexchange.org/articles_tutorials/exchange-server-2007/tools/using-exchange-server-2007-built-in-scripts-part2.html
that can be odd.. usually it should appear ...
try to restart your exchange services after hour and see whether it has put in ...
How you add your RBL?
ASKER
Lim,
i add them manually from EMC (not through powershell) the server has been restarted several times since i add the RBL.
any idea of how to make it hapens ?
because at the moment my Exc Server is "white listing" the smarthost or the SOLARIS box that act as the gateway to my network.
i add them manually from EMC (not through powershell) the server has been restarted several times since i add the RBL.
any idea of how to make it hapens ?
because at the moment my Exc Server is "white listing" the smarthost or the SOLARIS box that act as the gateway to my network.
you have enabled them?
go through this document again...
http://technet.microsoft.com/en-us/library/bb123943.aspx
go through this document again...
http://technet.microsoft.com/en-us/library/bb123943.aspx
ASKER
OK Lim,
now i learnt something.
from the URL that you 've sent to me, I've enabled all of the Anti spam defense using powershell and by manual entry from EMC, after a careful look into the
.\get-AntispamTopBlockedSe nderDomain s.ps1 p1 the result was my own domain got the highest value of 189
and the .\Get-AntispamTopBlockedSe nderIPs.ps 1 top 20 i got my SOLARIS smarthost or the gateway IP address of 7492.
i can conclude that the RBL can only functioning effectively on ET server.
please correct me if I'm wrong.
now i learnt something.
from the URL that you 've sent to me, I've enabled all of the Anti spam defense using powershell and by manual entry from EMC, after a careful look into the
.\get-AntispamTopBlockedSe
and the .\Get-AntispamTopBlockedSe
i can conclude that the RBL can only functioning effectively on ET server.
please correct me if I'm wrong.
I still don't see why RBL won't work ...
it should work regardless how many smarthost you set ...
it will do the last check with RBL before you accept the emails ...
anyway, how about SCL ?
you can set it to a lower number as well...
Let me t hink about it and get back to you..
it should work regardless how many smarthost you set ...
it will do the last check with RBL before you accept the emails ...
anyway, how about SCL ?
you can set it to a lower number as well...
Let me t hink about it and get back to you..
ASKER
yeah, me too :-|
I've set Sender Reputation Level block threshold to 8
and as for the content filtering i make it like the following:
Delete message that have a SCL rating greater than or equal to 9
Reject message that have a SCL rating greater than or equal to 6
Quarantine message that have a SCL rating greater than or equal to 5
thanks for your willingness to help Lim,
I've set Sender Reputation Level block threshold to 8
and as for the content filtering i make it like the following:
Delete message that have a SCL rating greater than or equal to 9
Reject message that have a SCL rating greater than or equal to 6
Quarantine message that have a SCL rating greater than or equal to 5
thanks for your willingness to help Lim,
if you run get-ipblocklistprovider and it is there, it is there.
Another way it can be tested is to put in services like www.mailguard.com.au
it give you 14 days free trial.
and it able to block alot of spam .. and you can see how it comes in from....
Another way it can be tested is to put in services like www.mailguard.com.au
it give you 14 days free trial.
and it able to block alot of spam .. and you can see how it comes in from....
ASKER
Lim,
here's the result of those two cmdlets.
i couldn't find any error on it.
thanks again for your fast reply.
here's the result of those two cmdlets.
i couldn't find any error on it.
thanks again for your fast reply.
/* Get IP Block List Config */
Name : IPBlockListConfig
MachineEntryRejectionResponse : External client with IP address {0} does not have permissions to submit to this server. Visit
http://support.microsoft.com/kb/928123 for more information.
StaticEntryRejectionResponse : External client with IP address {0} does not have permissions to submit to this server.
Enabled : True
ExternalMailEnabled : True
InternalMailEnabled : False
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
DistinguishedName : CN=IPBlockListConfig,CN=Message Hygiene,CN=Transport Settings,CN=Itree Software,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOmain,DC=com
Identity : IPBlockListConfig
Guid : 59ac67d8-00e2-468b-ae67-bffc697e382c
ObjectCategory : domain.com/Configuration/Schema/ms-Exch-Message-Hygiene-IP-Block-List-Config
ObjectClass : {top, msExchAgent, msExchMessageHygieneIPBlockListConfig}
WhenChanged : 27/02/2008 9:23:01 PM
WhenCreated : 27/02/2008 9:23:00 PM
OriginatingServer : ExcServer.domain.com
IsValid : True
/********************************************************************/
/* Get IP Block list Provider */
RejectionResponse :
LookupDomain : zen.spamhaus.org
Enabled : True
AnyMatch : True
BitmaskMatch :
IPAddressesMatch : {}
Priority : 1
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Spamhaus
DistinguishedName : CN=Spamhaus,CN=IPBlockListProviderConfig,CN=Message Hygiene,CN=Transport Settings,CN=Itree Software,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOmain,DC=com
Identity : Spamhaus
Guid : 964e32ea-6b79-4e0f-a3b0-ae2c4955428b
ObjectCategory : domain.com/Configuration/Schema/ms-Exch-Message-Hygiene-IP-Block-List-Provider
ObjectClass : {top, msExchMessageHygieneIPBlockListProvider}
WhenChanged : 10/06/2008 3:56:25 PM
WhenCreated : 10/06/2008 3:59:34 PM
OriginatingServer : ExcServer.domain.com
IsValid : True
RejectionResponse :
LookupDomain : bl.spamcop.net
Enabled : True
AnyMatch : True
BitmaskMatch :
IPAddressesMatch : {}
Priority : 2
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : Spamcop
DistinguishedName : CN=Spamcop,CN=IPBlockListProviderConfig,CN=Message Hygiene,CN=Transport Settings,CN=Itree Software,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=itree,DC=com
Identity : Spamcop
Guid : 5fcbc3ac-d00e-4671-923f-40a48754c386
ObjectCategory : domain.com/Configuration/Schema/ms-Exch-Message-Hygiene-IP-Block-List-Provider
ObjectClass : {top, msExchMessageHygieneIPBlockListProvider}
WhenChanged : 27/08/2008 11:40:58 AM
WhenCreated : 27/08/2008 11:41:47 AM
OriginatingServer : ExcServer.domain.com
IsValid : True
ASKER
Get-IPBlockListProvider
Name LookupDomain Priority
---- ------------ --------
Spamhaus zen.spamhaus.org 1
Spamcop bl.spamcop.net 2
ASKER
of course i don't block my own IP address :-0
but the result from get-antispamschhistogram returns these result attached :-|
but the result from get-antispamschhistogram returns these result attached :-|
Name : not available: policy is disabled.
Value : 8837
Name : not available: content filtering was bypassed.
Value : 19671
have you actually enable all your policy?
ASKER
yes i did from the cmdlets previously
and I got the Anti Spam tab enabled in my EMC with everything "Enabled"
and I got the Anti Spam tab enabled in my EMC with everything "Enabled"
ASKER
Thanks for your time to help me Lim.
ASKER
I just want to reduce SPAM in my company, eventhough I already use Forefront security for MS Exc. and enabling all of the anti-spam features, i still get SPAM varying from 10 to 1 per day.
I'm just wondering if i can further reduce the spam by using ET server.
do you mean that ET server using VMWare ESX v 3.5 would be slow ?