PDF Cya Securing Exchange Server 2003 & Outlook Web Access

Free download. Book file PDF easily for everyone and every device. You can download and read online Cya Securing Exchange Server 2003 & Outlook Web Access file PDF Book only if you are registered here. And also you can download or read online all Book PDF file that related with Cya Securing Exchange Server 2003 & Outlook Web Access book. Happy reading Cya Securing Exchange Server 2003 & Outlook Web Access Bookeveryone. Download file Free Book PDF Cya Securing Exchange Server 2003 & Outlook Web Access at Complete PDF Library. This Book have some digital formats such us :paperbook, ebook, kindle, epub, fb2 and another formats. Here is The CompletePDF Book Library. It's free to register here to get Book file PDF Cya Securing Exchange Server 2003 & Outlook Web Access Pocket Guide.

Web addresses will be hyperlinked :. CYA Securing Exchange Server and Outlook Web Access by Henrik Walther and Patrick Santry Download Book Respecting the intellectual property of others is utmost important to us, we make every effort to make sure we only link to legitimate sites, such as those sites owned by authors and publishers. If you have any questions about these links, please contact us. The book is organized around the 11 "MMCs" Microsoft Management Consoles that contain the configuration menus for the essential features.

The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. These are books with a clear message that will be heard above the noise level of the typical computer book shelf. And sexy reporter Mark Anderson has As UNIX becomes the premier operating system for multi-user and multitasking environments, this text is becoming one of the leading references. Includes Version 4. Ultimate insider Robert Cringely, who was there at the beginning in Palo Alto's Homebrew Computer Club, steps back to relate the whole story of junkfood genius, nerdy naivete, and pencil-necks triumphant.

Offering gory details of fortunes won and lost, Every day and everywhere, everyone can live a powerful life of Kingdom impact. Using real-life, riveting stories and a contemporary scriptural lens, Load balancing improves network performance by distributing traffic efficiently so that individual servers are not overwhelmed by sudden fluctuations in activity.

Server Load Balancing is a guide to this critical component of high availability, clustering Get your mission-critical messaging and collaboration systems up and running quickly with the essential guide to deploying and managing Exchange Server HTML5 in easy steps instructs you how to employ the latest development for web page E il contrario di tutto.

Fin qui molte parole, un circo di voci e opinioni, di ipotesi e di anticipazioni che di volta in volta fanno pensare all'utente di Internet come studioso o chiacchierone salottiero, come navigatore Pages: Size: Kb. ESP uses IP protocol To allow IPSec communication across your intranet firewall, depending on which protocols you use, you need to open the ports listed in Table 6. With URLScan you can improve security on any FE server s located in the perimeter network DMZ by specifying specific rules and filter requests based on their length, character set, content, and several other factors.

You can download a copy of URLScan from www. Front-End Servers on the Internal Network We typically have two scenarios when dealing with an FE server located on the internal network. Figures 6. The scenario in Figure 6. Other benefits of this scenario are the cost savings of not having to maintain a perimeter network DMZ. But if you can, you should generally avoid this scenario.

This is probably the most secure scenario available today. Instead of just doing basic forwarding of mail protocol ports the way most traditional firewalls do , ISA Server has the ability to inspect and evaluate the communications going on between the e-mail clients and the Exchange Server s. This is done through a process known as application layer filtering, which involves examining the content of each packet moving between the e-mail clients and the servers. Other security-related benefits of this scenario are protection against unauthorized access and the possibility of configuring alerting of administrators, should an attack occur.

You can also restrict access by allowing specific users, groups, application types, time of day, content type, and destination sets. Other good books have been written on this subject, such as Dr. However, we felt it was a good idea to make you aware of the possibilities offered by deploying an ISA Server in your Exchange environment.

ISA Server is an advanced firewall that controls Internet traffic entering your internal network and outbound communication from your messaging environment. ISA Server is an advanced filtering firewall that can be used in many different ways see Figure 6. The filter accepts the traffic, inspects it, and passes it on only if the rules allow it. The SMTP filter can filter incoming mail based on source user or domain and can generate an alert if mail is received from specific users.

The SMTP filter can filter messages based on recipient. The filter maintains a list of rejected users from whom mail messages are not accepted. Message Screener If you enable the SMTP filter, you can go even further and install what is known as a message screener. If you install the message screener, you can even configure the SMTP filter to check for specific attachments or keywords. You can go so far as to specify the size, name, or type of content that should be held, deleted, or forwarded to the administrator. You can also specify that one of those three actions be taken if a keyword is found.

In addition, the SMTP filter can check for buffer overrun attacks. A buffer overrun occurs when an SMTP command is specified with a line length exceeding a specific value. The SMTP filter can be configured to generate an alert when a buffer overrun attack is attempted. You should also be sure to visit www. One of the regular contributors to the site is Dr. OWA has come a long way since its predecessors. By the time you reach the end of this chapter, you will have a basic understanding of each new or enhanced security feature included in the OWA client. In the Options page under E-mail Security, click Download.

You will be presented with a few Security Warning boxes see Figure 7. Figure 7. This is done by single-clicking the two buttons to the left of Options… before sending the e-mail message see Figure 7. If not, you will receive an error message similar to the one in Figure 7. The new OWA junk e-mail filter is quite basic and very similar to the one included in the full Outlook client. All e-mail filtered by the e-mail junk filter will be moved to a special junk mail folder.

A nice benefit of the OWA junk e-mail filter is that it shares its lists with Outlook , so you only have to maintain one junk e-mail filter, even though you use both OWA and Outlook to access your mailbox. Follow these steps to manage the OWA junk e-mail filter: 1. In the OWA navigation pane, click the Options button in the lower-left corner refer back to Figure 7.

Check the Junk E-mail folder regularly to ensure that you do not miss messages that you want to receive see Figure 7. This choice presents us with the Manage Junk E-mail Lists screen. Notice the View or Modify list drop-down box shown in Figure 7. E-mail addresses and domains on the Safe Senders list will never be treated as junk e-mail. You can also add individual email addresses to your Safe Recipients list. For example, you might want to allow messages that are not only sent to you but also to a particular person. Messages received from any e-mail address or domain on your Blocked Senders list are sent directly to your junk e-mail folder.

For example, suppose that the domain syngresspublishing. An efficient way to fight spam is to configure an SMTP gateway and then install an antispam software package on it. If you work for a small organization, you could, as a second option, install the antispam software directly on the Exchange server. Server-side antispam solutions are covered in depth in Chapter 9. Web Beacon Blocking OWA makes it more difficult for spammers sending out junk email to use Web beacons to retrieve valid e-mail addresses. Most spam today is sent out as HTML messages containing one or more embedded beacons. The beacon is often a transparent.

The Web beaconblocking feature is enabled by default, just as in the full Outlook client. These steps will show you how to enable and disable the OWA Web beacon-blocking feature: 1. Scroll down to Privacy and Junk E-mail Prevention. As you can see in the header, the e-mail newsletter contained one or more embedded Web beacons, which the screen shows were blocked.

The Web beaconblocking feature is a client-side configuration option, but should you need to customize it even further, this would have to be done through a few registry settings on the Exchange server. Of course, you should teach your users not to open suspicious e-mail attachments, but as many of us know, no matter how hard you try, there will always be a few users who cannot resist the temptation. Level1 attachments contain file extensions that are not accessible by OWA. Table 7. Even craftier, it makes it possible to allow all attachments when OWA accesses the Exchange server on the internal network and to block them if the OWA session is established through a front-end server see Table 7.

With the number of e-mail worms containing malicious code that are spreading around the Internet these days, you have no valid reason to disable the enhanced attachment-blocking feature. However, depending on your specific Exchange environment, you might want to adjust the settings for this tool. Forms-Based Authentication We finish this chapter by taking an in-depth look at the new and exciting forms-based authentication feature introduced in Exchange To take advantage of forms-based authentication, you must already have implemented SSL on your OWA virtual directories.

When an OWA user opens a session to the Exchange server, a special session cookie is created and cached in the browser during the entire OWA session. When the OWA user logs off, the cookie is deleted, which means that we finally have a more secure logoff. Another nifty thing about forms-based authentication is that if an OWA session has been left in an inactive state for a certain amount of time, the session is automatically disconnected.

Right-click the Exchange Virtual Server and click Properties. Select the Settings tab. Put a check mark in the box next to Enable Forms Based Authentication. See Figure 7. You might wonder what compression has to do with forms-based authentication; the answer is relatively short—nothing. The reason that the compression option is located under the Settings tab is that to work, it requires that forms-based authentication is enabled. Note that the compression feature uses Gzip encoding and therefore works only with Internet Explorer 6.

We have now enabled forms-based authentication and are ready to take a closer look at this exciting feature. You are presented with the new forms-based authentication logon screen, shown in Figure 7. In earlier versions of Exchange, these were known as the rich client and the reach client. The concept is still the same, though; the Premium client provides a more feature-rich user interface it looks and acts very similar to the full Outlook client than the Basic client.

The difference between the two types of options is the inactivity period before the OWA session with the Exchange server times out. The data values are in minutes. The minimum value is 1 minute and the max value is 30 days. It's worth noting the Forms-based Authentication timeout values aren't as precise as you might expect. The timeout will always occur between the specified value and 1.

This means that if you set the timeout to occur after 60 minutes, for example, it will actually happen somewhere between 60 and 90 minutes. As mentioned previously, this is also the case for the default Basic and Premium timeout values set to 15 minutes and 24 hours, respectively.

So, in the real world, the timeout for the Basic client will happen between minutes and the timeout for the premium client between hours. But keep in mind Microsoft suggests that you upgrade all front-end and back-end servers to Exchange before using this feature. Notes from the Underground… Why It Might Not Always Be a Good Idea to Enable Forms-Based Authentication If your organization uses front-end server s placed directly in a perimeter network also known as a demilitarized zone, or DMZ , it might not always be a good idea to deploy the formsbased authentication feature.

This feature can encrypt the SMTP traffic between the clients and the server. The degree of difficulty that an intruder encounters when analyzing e-mail traffic depends on the type of client being used. Only the more elite intruders would be able to use this encoded information. Select the Access tab see Figure 8. Figure 8.

  • Historical Capitalism with Capitalist Civilization?
  • The Dunfield Terror;
  • Integrating ISA Server with Microsoft Exchange .
  • Browse more videos.

Because we are creating a new certificate, select Create a new certificate see Figure 8. Because we have an internal online CA available, select Send the request immediately to an online certification authority see Figure 8. Give the certificate a name see Figure 8. Specify your organization and organizational unit see Figure 8. This name should be the external FQDN of the server. By external we mean as it appears on the Internet.

This server internal FQDN is, for example, tests When you have specified a name, click Next. We need to select the online CA we want to use see Figure 8. We now see a summary of the information specified through the wizard see Figure 8. This is your final chance to jump back, if you need to make any corrections. Otherwise, click Next, then click Finish. In Figure 8. So be very careful with this setting. Click the Communications button. We get the screen shown in Figure 8. Enable both Require secure channel and Require bit encryption, then click OK. Do you want a slow Exchange server with tight security or a less secure Exchange server that performs well?

The decision is yours. Click the Delivery tab, then click the Outbound Security button see Figure 8. On the Outbound Security screen see Figure 8. Although IPSec is a great way to protect the traffic between your SMTP servers, you should be aware that the method tends to create quite a lot of overhead. Although the option of leaving mail on the server is available, mail is typically downloaded and then deleted. Click the Access tab see Figure 8. It is decrypted only when the intended recipient opens the message. Bear in mind, setting up your own CA typically depends on the size of your organization.

Both are available from the Security section of the Exchange Technical Documentation Library, which can be found at www. Therefore, do the following: 1. In Outlook, click Tools Options in the menu. Select the Security tab. You will be presented with the screen shown in Figure 8. If you click the Settings button under Default Setting, which brings us the screen shown in Figure 8. Read more on how to get this free certificate at www.

Read the following requirements carefully. In addition, you need an SSL certificate on the Exchange server typically on your front-end server. For details on how to configure an ISA server to publish the various Exchange protocols, we suggest you check out some of the articles written by the ISA server guru himself, Dr. Thomas Shinder, which can be found at www. Log on to the server that is going to be the RPC proxy server. This can be any Windows server, but in this example we use the front end shown in Figure 8.

Windows will now start copying the necessary files. When this process is completed, click Finish and exit Add or Remove Programs. Right-click the RPC virtual directory, then select Properties. Click the Directory Security tab see Figure 8. Remove the check mark in Enable anonymous access, then instead enable Basic authentication see Figure 8. Read the security warning message shown in Figure 8. You have now configured the RPC virtual directory to use basic authentication. Even if you think you have enabled SSL on the default Web site, you should double-check just in case.

Technical Editor - Integrating ISA Server with Microsoft Exchange [Book]

So do the following: 1. If not, enable both options, then click OK. Table 8. Log on to the Global Catalog Server. Name it NSPI interface protocol sequences. You now need to reboot the Global Catalog server for the changes to take effect. To do this, log on to your favorite Windows XP client machine and do the following: 1. Because we want to configure a new profile, select Show Profiles, then click Add see Figure 8. Make sure that Add a new e-mail account is selected, then click Next. Instead, click More Settings see Figure 8. After a few seconds, you will probably be asked to validate to the Exchange server.

Enter a valid username and password, then click OK see Figure 8. Click the Connection tab see Figure 8. The screen shown in Figure 8. First we need to specify the URL to the RPC proxy server, and because this, in this example, is our front-end server, we enter mail. As you can see in Figure 8. Here you should select Basic authentication in the drop-down text box. When you have done so, click OK and exit any open window.

Now, execute Outlook. You will be prompted for a username and password. Obviously, many Exchange admins can have a difficult time getting this feature to work. Simply click Start Run and type Outlook. Another thing to try is to access the RPC virtual directory through your Web browser. You should get an error message Chapter 9 Combating Spam In this Chapter By now our Exchange messaging environment should be in a state that we can call fairly secure, but to have an ideal setup, we still have a few important tasks to complete. One of these tasks is to set up a properly configured antispam system to protect our messaging environment against spam and other unsolicited e-mail messages.

Spam is an ever-growing problem that causes companies around the world to lose enormous amounts of money each year. Microsoft has included some new features in Outlook and Exchange that will help us to combat spam. Outlook includes new and improved functionality that specifically addresses spam. The most notable of the new antispam features included in Outlook is definitely the new junk e-mail filter based on the Microsoft SmartScreen technology, which is also used with MSN and Hotmail. The new SmartScreen-based junk e-mail filter helps prevent spam and other unsolicited messages from reaching users, improving on earlier versions of Outlook.

The junk e-mail filter uses a comprehensive approach to help protect against spam by combining list-based approaches with machine learning technology. Microsoft is committed to sharing this intelligence with updates to the junk e-mail filter at the Office Update Web site, and the company has already provided one update since the product release. To get started, we need to do the following: 1.

Launch Outlook In the menu, click Tools Options. On the Preferences tab, click the Junk E-mail button see Figure 9. Figure 9. If you receive a large volume of junk e-mail messages, select this option. But make it a habit to periodically review the messages moved to your Junk E-mail folder, because some wanted messages could be moved there as well. Any e-mail messages sent from someone not on your Safe Senders list or sent to a mailing list not on the Safe Recipients list will be treated as junk e-mail. In the very bottom of the Options tab in Figure 9. The Safe Senders List see Figure 9.

But if you look closer, you can see that we have a few more options available when accessing the list through Outlook As shown in Figure 9. This is a nice feature if as an Exchange Admin, for example, you have created a list you want to share with your users. As you might already have guessed, checking this option will make Outlook trust all addresses contained in your Contacts folder.

Now click the Safe Recipients tab. Safe Recipients Safe Recipients are distribution or mailing lists of which you are a member and from which you want to receive e-mail messages see Figure 9. You can also add individual e-mail addresses to your Safe Recipients list. For example, you might want to allow messages that are sent to not only you but also to a particular person. Now click the Blocked Senders tab. Messages received from any email address or domain on your Blocked Senders list are sent directly to your Junk E-mail folder.

Suppose that the domain syngresspublishing. As was the case on the Safe Senders and Safe Recipients lists, we can import or export from a. We can even specify whether downloads in e-mail messages from the Safe Senders and Safe Recipients lists used by the Junk E-mail folder should be permitted or not. For a good list containing client-based antispam software, check out the following link at Slipstick: www. But be aware that this could end up as a rather expensive solution if you have several thousand seats. This is much more than its predecessor Exchange offered, but we still miss some important features such as Bayesian filtering and heuristics-based analysis.

We will talk more about IMF later in this chapter. With the recipient filtering feature, you can block mail that is send to invalid recipients. The recipient filter feature blocks mail to invalid recipients by filtering inbound mail based on Active Directory lookups. The sender filtering feature is used to block messages that were sent by particular users. We start with configuring the Connection Filtering feature. To get to the Connection Filtering tab, we need to perform the following steps: 1.

Logon to the Exchange server. Start the Exchange System Manager. Expand Global Settings see Figure 9. Right-click Message Delivery and select Properties. Click the Connection Filtering tab see Figure 9. The two terms will be used interchangeably throughout the chapter. A blacklist is a list containing entries of known spammers and servers that acts as open relays, which spammers can hijack when they want to use innocent servers to sent spam messages.

By checking all inbound messages against one or more blacklists, you can get rid of a rather big percentage of the spam your organization receives. Note that you always should test a blacklist before introducing it to your production environment, because some blacklists might be too effective, meaning that they will filter e-mails your users actually want to receive. Click the Add button shown in Figure 9. Display Name In the Display Name field, you should type the connection-filtering rule name that you want displayed on the list on the Connection Filtering tab.

This name could be anything, but a good rule of thumb is to use the name of the Black List provider. In Table 9. You can add multiple blacklists to your Exchange server. If you look back at Figure 9. One of the ORDB largest databases, used widely for open relay filtering. Has complex rules to decide whether a host is a spam carrier or not.

China: DNS result Korea: DNS result Anyone sending mail to one of these addresses is a spammer. Lists dialup networking pools that are never a legitimate source to directly contact a remote mail server. Usually you should leave this field blank to use the default error message. Table 9. The block list provider. Return Status Code This option is used to configure the return status code against which you want to filter.

You should select this option to match all return codes with the filter rule. If an IP address is found on any list, the blacklist provider service sends a positive return code, and the filter rule will block the IP address. For example, you can use this option if you want to check the status codes returned when an IP address is on the list of known sources of unsolicited commercial e-mail or on the dialup user list.

This check box is simply used to disable a created rule. Notes from the Underground… Information About Block List Service Providers and Status Codes When we specify a Block List aka Real-time Black List provider, each time an e-mail message arrives at the Exchange server, the server performs a lookup of the source IP address of sending mail server in the specified blacklist.

If the IP address is present, the blacklist service returns a status code, with an indication of the reason that the IP address is listed.

  • Ubuy Vietnam Online Shopping For cya in Affordable Prices.!
  • Art of Subversion in Inquisitional Spain (Purdue Studies in Romance Literatures).
  • Hong Kongs Tortuous Democratization: A Comparative Analysis (Routledge Contemporary China Series);
  • Education Outreach and Public Engagement!
  • Hinari - Trier les ressources par sujet.
  • Adipose Tissue and Adipokines in Health and Disease (Nutrition & Health).
  • See a Problem?;

The following is a list of the most common RLB status codes. Click the Exception button shown in Figure 9. We are now presented with the screen shown in Figure 9. All SMTP addresses on this list will not be filtered by the blacklist rules. Exchange checks the global Accept and Deny lists before checking the connection filter rules. If an IP address is found on the global Accept list, the Exchange server automatically accepts the message without checking the connection filter rules. When creating a Connection, Recipient, and Sender filtering rule and then clicking Apply, we receive the warning box shown in Figure 9.

Under General, click the Advanced button. We can now move on to the Recipient Filtering tab. We can filter recipients using several formats. But the feature also has its drawbacks: Enabling it could potentially allow spammers to discover valid e-mail addresses in your organization because during the SMTP session, the SMTP virtual server sends different responses for valid and invalid recipients.

Depending on the amount of filtered e-mail, the archive can become very large. If you enable this check box, all received e-mail messages with a blank From line will be filtered. This is quite a nice feature because, to deliver even more spam, the spammer needs to reconnect to your SMTP server. If your organization receives a large amount of filtered e-mail, enabling this check box can drastically improve server and network performance. This basically means you have a multiple defense layer system, which includes firewalls, content-filtering servers, SMTP relay servers also known as SMTP gateways , and the like.

The Intelligent Message Filter The built-in antispam features of Outlook and Exchange may be enough for some organizations, but many would say they are too basic for their Exchange environment. The SmartScreen technology makes it possible for IMF to distinguish between legitimate e-mail and unsolicited e-mail or other junk e-mail. Because of all the MSN Hotmail tracked email characteristics, IMF can help determine whether each incoming e-mail message is likely to be spam.

1st Edition

The rating is then stored in a database together with the message and contains a message property called a spam confidence level. This is done by setting either a gateway threshold or a mailbox store threshold, both of which are based on the spam confidence level ratings. If the message has a higher rating than the gateway threshold allows, IMF will take the action specified at the Exchange gateway server level.

For more information about Exchange Edge services, visit www. Instead, they will have to invest in one of the third-party antispam products on the market. Chapter 10 Protecting Against Viruses In this Chapter An essential part of protecting your Exchange environment is planning and deploying an appropriate virus defense system. Gone are the days when it was sufficient to install a single-layer system. Depending on the size of your Exchange environment, you should strive to scan for viruses in the perimeter network the DMZ , typically by using SMTP gateways, at each Exchange server level, as well as the client level.

Another important task is to educate your users so that they have a proper understanding of suspicious e-mail messages and therefore know how to deal with incoming e-mail, especially those including attachments. Later you will learn some tips on how to educate your users to protect themselves against viruses. In minutes an e-mail—borne virus can infect an entire organization. Depending on its effect, this can cost the organization millions of dollars in productivity loss and cleanup expenses. Today computer viruses can spread quickly and are often difficult to eradicate.

They can attach themselves to all types of files. A Trojan horse is a malicious program that pretends to be an application. A Trojan is usually intended to do something the user does not expect, such as running some form of destructive code when a user executes a safe program such as Microsoft Word. Worms often send copies of themselves to other computers, often through e-mail.

The first spectacular e-mail virus appeared in and was named Melissa. The Melissa virus hid in an attached Microsoft Word document. Being unaware the Word document contained a malicious macro virus, a large number of the newsgroup readers started to download and open the document, thereby triggering the virus. This resulted in Melissa being the fastest-spreading e-mail virus ever, causing e-mail users, especially midsize to large organizations, to shut down their messaging systems. A little more than a year later, the ILoveYou virus was unleashed.

ILoveYou was even simpler than the Melissa variant; it was nothing more than a script attached to an e-mail message. Since then we have been overwhelmed with many new kinds of viruses. The newest ones at the time of this writing are variants of Bagle, Nachi, and Netsky. The latest variant of Bagle Bagle. K is so mean that it hides itself in a password-protected. The password for the. Because the Bagle. K virus travels in a passwordprotected. The new. So far, many thousands of variants have been identified, and according to researchers, more than new ones are created each month.

No person using a computer is immune from viruses. Server-Side Protection You can use several approaches to protect your organization against viruses. The most efficient way is to put up a multilayered defense system, which scans for viruses at several levels in the organization. In this section we look at the options available for the server side. If this system is configured properly, you can catch between 95 and 99 percent of all e-mail—borne viruses.

Using a combination is, of course, the most efficient and secure solution. An Exchange-aware virus scanner typically needs to be installed on each Exchange server in the organization, since each Exchange server has its own set of mailbox and public folder stores. You can use one of three approaches to scan the content of the Information store.

All MAPI-based antivirus products use an asynchronous hook to log on to each mailbox and public folder after having received a so-called MAPI alert indicating a new message or file has been stored in a mailbox or public folder.

Attacking Exchange/OWA to Gain Access to AD Accounts - Tradecraft Security Weekly #3

MAPI-based scanners need to log on to any given mailbox in order to scan its content; for this reason, there could be situations in which the user gets to a virus infected e-mail message first. Furthermore, they cannot scan outgoing e-mail messages. As you can see, the list of drawbacks in using a MAPIbased scanner is lengthy, so you should avoid installing MAPIbased antivirus software on your Exchange server s. The antivirus vendors accomplished this improvement by momentarily swapping out the ESE. DLL so that the Information Store initialization could continue.

Among the vendors using this approach are Trend Micro and Sybari. VSAPI 2. You might wonder if you should run a file-level virus-scanner on your Exchange server. The answer is, it depends. This behavior may cause a severe failure in Exchange and may also generate errors. If you decide to install a file-level virus scanner on your Exchange server s , please be aware that you must exclude certain folders. Failing to do so will most likely result in corrupt databases. The purpose of these SMTP gateways is to scan all incoming email messages for viruses before they reach your Exchange server s on the internal network see Figure The primary benefit of using SMTP gateways is that e-mail—borne viruses are detected and removed before they reach the mission-critical Exchange server s.

Figure Today you can get many Exchange-aware antivirus products and products specifically designed to be installed on a SMTP gateway. Table Because antivirus software has become one of the most critical components in protecting our network from security threats, you must carefully plan, test, and then implement the antivirus solution you have chosen. This new version includes several new security enhancements that limit the possibilities that a client machine will be affected by a malicious virus. In particular, the Outlook attachment-blocking features enhance security on the client side.

Educate Your Users One of the best weapons against e-mail—borne viruses is educating your users. Your users should know how to react when dealing with e-mail messages, especially those including attachments. If you send too many virus warnings to your users, they tend to take them less seriously.

But did you know that Microsoft also has an antivirus-related site?

Review: Best Damn Windows Server 2003 Book Period

Check it out at www. Not only is this site updated with new antivirus information, it also announces new initiatives such as the Antivirus Reward Program. This process can be done by your antivirus product, depending on your antivirus vendor. For a thorough list, visit the Slipstick Systems site: www.

ExMerge comes to the rescue. You probably know ExMerge as a utility to export and import mailboxes to or from. ExMerge is designed to copy mailbox data into a personal folder file.