Configure Exchange with inbound and outbound delay

I am running SBS 2003 R2 for my home network. I have 5 users (all members of my family). One member of my family is being subjected to cyber bullying through the receipt of inbound malicious E-mails.

I want to be notified about inbound E-mails from any source to my child so that I can view them prior to either relaesing them or preventing their delivery.

I also want to approve any outbound E-mails from my child to any destination so that I can prevent retaliations.

Ideally I would like to create a "white list" of approved outbound destinations so that some messages can be transmitted without my scrutiny.

I am also running ISA Server 2004 and Symantec Exchange 6.0.

How do I configure my system to do this please?

Thanks for your help.
Marcus NTechnical SpecialistAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Wow, you're asking for a lot and only 250 points, this is not fairly straightforward and depending on if you are willing to spend any money on third party products or you want to try and accomplish this all through Exchange?
Exchange has content filtering built in although not as robust as some third party products, but it might help stop a lot of unnecasary email getting in, but probably not anymore that symantec.
The outbound thing could be a bigger issues. Whitelisting is the best way to go but I might use a different approach than you're asking.
What are you currently using symantec exchange for? content, spam, virus? Why isn't it doing the job now?
The other thing I can think of is quarrantine all of his email inbound/outbound in symantec and then review them before deciding what to do. This would be a lot of administrative overhead, but after thinking about it, this would be the quickest and cheapest since you already have symantec in place.
Hope this helps.
Marcus NTechnical SpecialistAuthor Commented:
Hi, thanks for the comments, including the allocation of just 250 points. I just thought that this would be a simple task you see. Something in the Exchange settings that could direct all in- and out-bound E-mail via an approving intermediary. I didn't think I was asking something tricky - but thanks for pointing that out.

I use Symantex Exchange 6.0 to filter spam, and to look for certain content and for virus.

I guess I was hoping to create a "Recipient Policy" to control what came in. Don't know if that's the right thing or even if my thinking is correct.

Had no idea about pausing outbound messages prior to approval.

My ideal solution would be to do this through Exchange as I may, in future, migrate away from Symantec.

Alan HardistyCo-OwnerCommented:
There is nothing built-in to Exchange that can do what you are asking without resorting to 3rd party applications (if they exist).

For incoming, you could divert all incoming mail to another mailbox that you monitor and forward the okay ones on to your child.

Outbound is not something that can be handled in a similar way.

Spam filtering is not necessarily going to work as the messages may appear as genuine, but contain unpleasant words, so content filtering is more likely to work, but I would not rely on it.

Are you aware of who is sending the emails or is that something you want to try to identify?

I'm happy to assist in any way possible with this and am not concerned with the points personally.  You need help, I'm happy to assist in any way I can.

If you have a Mobile Phone you could set it up to sync your child's account to it and just delete the nasty mail before your child sees it and you can then monitor the sent items too without them knowing, or setup their account via Cached Exchange Mode on your PC as well as via a mobile to monitor.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

first of all my first comments were meant to be taken as tonque-in-cheek sorry if didn't come across that way:-)
secondly I wouldn't have responded in the first place if I really thought that:-).
Now, is there any way you would consider moving up to Exchange 2010 it has much better control policies for email moderation and will do pretty much everything you would like to do. In 2003 moderated mail boxes were meant for distribution lists and public folder resources.
Here is a link that will describe the feature in detail:
Hope, this helps and sorry if I offended anyone.
Marcus NTechnical SpecialistAuthor Commented:
Thanks also for your comments.

I want to identify the senders (as far as this is possible) of the malicious E-mails. From what I have seen so far there are several senders so creating a blacklist isn't the answer as new senders may emerge.

I hoped that Exchange Journaling would be the answer but this seems to just create a record after the event.

I am less concerned about outbound messages from my child but want to do something about approving/monitoring those in case retaliation is tempting. I don't want my child to do something in retaliation to an inbound message - that may just make matters worse.

I would like to record all inbound instances in case I need to involve the police in some way at some time.

I am in terested in Cached Exchange Mode. Does that do inbound and outbound control?

Thanks for your help. As you can imagine, this is a great source of stress to my wife and I.
Marcus NTechnical SpecialistAuthor Commented:
No offence taken, Mr. ConchCrawl.

I genuinely meant it about the points - I did think this was going to be a simple thing that I was just too thick to find out about using the Exchange help pages. HAd I known how difficult this was I would have gone for a "custom 999".

I will consider Exchange 2010 but wanted to do that in my own time when properly migrating from SBS 2003R2 to something next generation. I'm not ready for that step just yet. I have a highly stable SBS 2003R2 with ISA 2004 and a well customised set of GPOs and any migration is going to take some serious time for me - I'm just a dad with a small family!

As ever, any help gratefully received. I like light heartedness so keep it coming :-)
Alan HardistyCo-OwnerCommented:
I currently use Vamsoft ORF for anti-spam and the logs are way better than anything that Symantec can produce.  It is also way better at killing spam IMHO than Symantec and I used to be a huge Sumantec fan.

You can trial it for 30 days and see what the logs can do for you.  With the logs, you can sort, filter and export to .csv the filtered logs and mail that makes it through can be clearly identified by subject, so if a mail comes through that you are concerned about, you just find it in the logs, determine the connecting IP address and time / date and that can be used by the Police to obtain a court order for the ISP to advise which of their users had that IP at that particular time / date.
I totally understand about migrating to a newer version of SBS, do it all the time and I do it fulltime and it's never easy. Then at this point, I would recommend looking into some 3rd party add-ons for outlook this would accomplish the same thing but from the outlook side, not exactly the server side you were looking for but still would do the trick. They have 30day trials as well.
Now, as far as the content filtering you should have Intelligent message filtering installed on Exchange if you have SP2 installed as I stated before it will work with exchange directly it is not as robust third party software, but I've used it for clients "on a budget" and it works fine and its free and MS updates automatically updates the definitions.
Here is a link for using IMF 
Hope this helps
oops forgot the link for outlook add-ons 

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Alan HardistyCo-OwnerCommented:
Cached Exchange Mode keeps a local copy of the entire mailbox for the user on your computer so all inbox, sent items, calendar, contacts etc are kept locally. You can configure a separate profile on your computer (assuming you have one, but based on your semi-elaborate home config, that wouldn't surprise me ;) ), or just add permissions on your child's account for you to see their mail from your profile and you can then monitor their items without having to switch Outlook profiles.
Alan HardistyCo-OwnerCommented:
My thoughts regarding trying to filter the messages as spam are as follows:

1. You ideally want to allow them through as evidence for use by the Police later on.
2. The unwanted emails are not technically spam, but are more realistically Junk Mail, so using standard anti-spam methods may not work.
I understand your stress mode, I've raised 6 which now all are grown except 1 and I have to watch him like a hawk. When my daughter was 14, now 22 I even installed a hidden keyboard captuing utility on my computer so I could review chat sessions and anything else she typed as well as screen captures. I even had my own phones tapped. She could never figure out how I knew what was going on, well until of course I gave away too much information :-)). The funny thing is even after she knew I was recording things it didn't stop her, kids you know:-).
Exchange Journaling wouldn't help you much because it is meant for archiving email after the fact.
I will have to think about cached mode, I'm not sure if it's gonna give you the real-time mode you are looking for. I still think at this point the add-on would be much more automated.
Marcus NTechnical SpecialistAuthor Commented:
Thank you both for your thoughts.

This is what I have done so far following your comments.

1) Knowing what's coming in.
For all my children I have;
Server Management -> Users -> Name (right click) -> Properties -> Exchange General -> Delivery Options -> Delivery Options -> Forward To (field = GroupParents)/(checkbox = deliver messages to both...)

This way at least my wife and I see what's coming in without the children knowing that we know.

This isn't a solution but at least we are in the picture.

2) Exchange 2003 Journaling.
I have enabled all mailstore journaling by following the directions at

3) Send If Approved
I have downloaded the 30 day trial and will install it when I get back from work. I will see how effective this add-in is and then report back. If it helps me to manage inbound and outbound messages on the accounts of my children, then I'll buy it.

4) BlackLists
As I discover the sources of the malicious inbound traffic I add them to Symantec as a Blacklist item.  This the will reduce the amount of scrutiny I need to give to inbound and outbound messages.

I still wish there were a way for inbound and outbound messages to be diverted via my account for release, whether I am at my desktop or with my Blackberry.
Alan HardistyCo-OwnerCommented:
6 kids - crikey! - I'm having enough fun with just 2 ; )

Nice Add-on too.

I want to clarify that I wasn't suggesting using content filtering as a way to solve all of the problems, just a way to move from symantec if you chose to, and something that would be free and already available to capture spam content. Not everyone is aware that MS offers this with exchange.
This appears to me to be a multi-pronged approach so several pieces have to be in play to get the total solution you are looking for.
As far as blacklist you could use IMF to setup a blacklist and it would stop the email there at the exchange level.
Once you configure the add-on it should intercept all email and redirect into your mailbox until you approve. If you have your BB synced wirelessly to your outlook then you will get it on your BB. I would just leave my outlook open and lock my screen.
Hope this clarifies
One other thought is that you can get BES Express and it's free from BB. This can be installed on your SBS server and it will automatically sync you mailbox wirelessly. I have this installed for many clients and it works great.
@alan yeah they were hers, mine, and ours if you know what I mean. Luckily they were spread out in two's over a couple of decades, or I might've drank the kool-aide :-).
Yeah that add-on looked to do everything he wanted just on the client side. But the new features in 2010 are even cooler. Just will be a while before we can get everyone to drink more Kool-aide from M$.:-)
Marcus NTechnical SpecialistAuthor Commented:
HI, I've definitely not abandoned this question. I have been away for a few weeks and now that I am back I will try the advice and then report back (and sort out thepoints!).

Sorry for the delay. I will get this done before 00:00 GMT on Sunday.
Marcus NTechnical SpecialistAuthor Commented:
Dear Mr. ConchCrawl and Mr. alanhardisty,

Thank you for your advice. I have looked at the applications and recommendations you have made and am slightly confused still.

I was hoping that I could create some policies in the GPO and apply them to OUs so that I can "moderate" in-bound and out-bound messages. Only when I have approved a moderated message does it then make it to the mailbox of my children.

I found this site and haven't yet understood the article fully but was wondering whether this was helpful in addressing what I am trying to do.

Of have I got it completely wrong; is it not possible to create GPOs that do what I am trying to do?

Kindest regards, Marcus
Alan HardistyCo-OwnerCommented:
There is nothing available in a GPO to allow you to divert mail to yourself and pass it on when approved.  Exchange simply is not designed to do this - it is designed to deliver mail to the intended recipient and that is what it does.
You may find a 3rd party app that can intercept the mail and then do what you want, but I am not aware of anything that can do this I'm afraid.
Marcus NTechnical SpecialistAuthor Commented:
The solutions that were 3rd party add-ons were good but most worked at the client rather than the server levels. I was really hoping for something that could be configured in Exchange and worked with GPOs to achieve what I was trying to do. If I manage to work that out I will post an answer as well.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.