Security & Message Hygiene

Home
- Articles & Tutorials
  - Exchange 2003 Articles
    - Security & Message Hygiene

Security & Message Hygiene categories topic

[	193	]	Exchange 2007 Articles	Last updated: Sep 04, 2008
[	271	]	Exchange 2003 Articles	Last updated: Jun 03, 2008
[	19	]	High Availability & Recovery	Last updated: Feb 07, 2008
[	70	]	Management & Administration	Last updated: May 10, 2007
[	27	]	Migration & Deployment	Last updated: Dec 05, 2006
[	28	]	Mobility & Client Access	Last updated: Jun 27, 2006
[	18	]	Monitoring & Operations	Last updated: Jun 03, 2008
[	30	]	Planning & Architecture	Last updated: Sep 12, 2006
[	46	]	Security & Message Hygiene	Last updated: Dec 07, 2006
[	33	]	Tools	Last updated: Feb 01, 2007
[	71	]	Exchange 2000 Articles	Last updated: Jul 06, 2004
[	12	]	Exchange 5.5 Articles	Last updated: Jan 05, 2005
[	10	]	Product Reviews	Last updated: Mar 01, 2005

Security & Message Hygiene Articles

Hardening an Exchange Server 2003 Environment (Part 4): Date - Dec 07, 2006; Author - Rui Silva; Focusing on the client side of your messaging environment.
Hardening an Exchange Server 2003 Environment (Part 3): Date - Nov 23, 2006; Author - Rui Silva; Techniques to help defend against spam, viruses and general e-mail attacks, or how Microsoft likes to call it, messaging hygiene.
Hardening an Exchange Server 2003 Environment (Part 2): Date - Nov 07, 2006; Author - Rui Silva; This article covers the infrastructure aspects of security, namely what can be done to harden servers in particular and your network in general.
Microsoft Small Business Server 2003 Spam Filtering: Date - Oct 10, 2006; Author - Markus Klein; This article takes an in-depth look at the spam filtering features provided with Microsoft SBS 2003 and how to implement them.
Hardening an Exchange Server 2003 Environment (Part 1): Date - Sep 26, 2006; Author - Rui Silva; This series of 4 articles explains what can be done to make an Exchange Server 2003 environment more secure.
Securing E-Mails with S/MIME and Smartcards in Exchange 2003: Date - Jul 11, 2006; Author - Marc Grote; In this article I will give you a high level overview of the necessary steps to secure E-Mails with Outlook 2003 and Smartcards.
Configuring ISA Server 2004 as an Exchange Frontend Server in the DMZ (Part 2): Date - May 16, 2006; Author - Markus Klein; In this second article I will delve a little deeper into the configuration tasks that need to be done when configuring ISA Server 2004 as a Reverse Proxy Server in your DMZ which is protected by two other Firewalls.
Implementing Captcha Validation with OWA 2003 and Forms-Based Authentication: Date - Apr 27, 2006; Author - Lee Derbyshire; In this article, I will give an example of how Captcha could be added to Outlook Web Access 2003 by modifying the FBA logon.asp file.
Explaining the order in which the Exchange 2003 (SP2) Connection Filters are applied: Date - Apr 11, 2006; Author - Henrik Walther; This article will explain in which order the different connection filters included in Exchange 2003 (SP2) are applied during an SMTP session.
Configuring ISA Server 2004 as an Exchange Frontend Server in the DMZ (Part 1): Date - Mar 07, 2006; Author - Markus Klein; Ever since ISA Server 2004 has been available, there have been quite different opinions on which is the best design strategy for publishing Exchange Server 2003 services securely on the web. Within this drill down we will delve a little bit deeper into the configuration details on how to make your Exchange Server 2003 publishing as secure as possible using ISA Server 2004 taking into consideration the ideas of the Exchange product team.
Rights Management Service and Exchange 2003 (Part 3): Date - Jan 10, 2006; Author - Santhosh Sivarajan; It is time to talk about custom templates since we have discussed built-in Do Not Forward templates in Part 2 of this document. In this part of the article, I will explain the procedure of creating and using custom templates. I will use the following scenario to better explain the use of a custom template.
Intelligent Message Filter version 2 (IMF v2): Date - Jan 05, 2006; Author - Henrik Walther; In this article we’ll have a closer look at the new Intelligent Message Filter (IMF) which comes with Exchange 2003 SP2. Since IMF is included in Exchange 2003 SP2 it’s no longer an add-on as was the case with IMF version 1, but has now become an integrated part of the Exchange Server 2003 product.
Rights Management Service and Exchange 2003 (Part 2): Date - Jan 03, 2006; Author - Santhosh Sivarajan; I hope you enjoyed Part 1 of my RMS document. Thanks to all who sent emails. As I explained in the previous part of the RMS document, my focus was to explain the RMS functionality from an Outlook 2003 client. I received a lot of questions regarding RMS and Exchange integration. RMS is not integrated with Exchange so you don’t need to have Exchange to use RMS. You can use RMS with any RMS aware application but RMS does require Active Directory.
The Importance of Auditing your Exchange 2003 Server(s): Date - Nov 29, 2005; Author - Henrik Walther; As most of you already know, messaging is one of the most mission-critical services in our organizations nowadays. In this article I’ll explain why auditing the Exchange 2003 Server(s) in your messaging environment is crucial.
Rights Management Service and Exchange 2003 (Part 1): Date - Nov 15, 2005; Author - Santhosh Sivarajan; We would like to welcome Santhosh Sivarajan to our team of authors as he presents his first article to MSExchange.org readers. The purpose of this article is to explain the details of Rights Management Service (RMS) technology and how beneficial it is to your organization.
Configuring S/MIME Security with Outlook Web Access 2003: Date - Nov 03, 2005; Author - Markus Klein; Email Security has become increasingly important because of the possibility of man-in-the-middle attacks or the risk of an unknown third person that may sniff your SMTP traffic within the internet or even your intranet. In addition, in some countries there are laws preventing you from sending insecure email. Therefore Microsoft implemented the S/MIME standard in its Exchange Server architecture. The feature to encrypt or sign your emails became a default feature within all messaging and collaboration systems. Within this article we will look at how S/MIME has to be configured and how it works.
Configuring and enabling Sender ID filtering in Exchange 2003 SP2: Date - Nov 01, 2005; Author - Henrik Walther; Now that the wait is over and Exchange 2003 SP2 has been released, I think it’s a good time to take a closer look at some of the new features in the service pack. In this article I’ll explain the purpose and benefits of enabling Sender ID filtering in Exchange 2003 SP2, as well as show you how to configure this feature.
SSL Enabling OWA 2003 Using a Free 3rd Party Certificate: Date - Sep 01, 2005; Author - Henrik Walther; In this article I’ll explain how it’s possible to secure OWA 2003 with a free 3rd party SSL certificate. Yes that’s right, free, like in “permanently free”, not some kind of 30 day trial period.
Windows-based SMTP Tar Pitting Explained: Date - Aug 04, 2005; Author - Henrik Walther; In this article I’ll explain what SMTP Tar Pitting is all about, as well as show you how to implement this relatively new feature (at least for Windows-based servers) in your messaging environment.
Creating A Certificate For Outlook Web Access 2003 Using SelfSSL: Date - Jul 05, 2005; Author - Lee Derbyshire; Issuing certificates has historically been a fairly complicated process requiring the installation of Certificate Services, but a less well-known utility from the IIS6 Resource Kit Tools known as SelfSSL can make the process a lot easier.
Protecting Exchange 2003 Using the Windows Firewall: Date - Apr 19, 2005; Author - Amit Zinman; How to use the Windows 2003 SP1-introduced port and application filtering options to protect your Exchange server.
How to add SPF support to your Exchange Server: Date - Nov 02, 2004; Author - Marc Grote; SPF (Sender Policy Framework) makes it easy to counter most forged "From" addresses in email, and thus helps to counter e-mail spam. GFI is offering an SPF module as freeware. In this article I will give you some information about the newest version of GFI MailEssentials 10.1 and how to setup the software with SPF integration.
How to Properly Configure File System Antivirus Software on Exchange Server: Date - Oct 26, 2004; Author - Dejan Foro; Improperly configured file system antivirus software on Exchange server can cause you serious problems. This article will show you how to properly configure file system antivirus software on Exchange server and avoid most common pitfalls.
Using IIS Lockdown Tool to Secure Exchange Installations: Date - Oct 14, 2004; Author - Amit Zinman; Exchange 2003 when installed on Windows 2003 is secure by default. However, Exchange 2000 and 2003 on Windows 2000 are not very secure because IIS 5, the Windows 2000 built-in web server installed installs some components that are not required for Exchange and can be exploited by hackers. True, Firewalls may protect you, but nowadays sophisticated viruses and Trojans may attack you from inside, catching you unaware. Learn how to secure Windows 2000 IIS for Exchange 2000/3 installations.
Protecting Microsoft Exchange with ISA Server 2004 Firewalls: Date - Oct 11, 2004; Author - Thomas Shinder; Nobody likes to start from scratch. This is especially true if you have a well established network and firewall infrastructure that’s working for you. Why would you want to go and change everything just to add a new application layer intelligent firewall to your setup? Things are working already and you haven’t been successfully attacked for at least 6 weeks. This article shows how you can place an ISA 2004 firewall on your network to protect your Exchange Servers with minimal changes to your current network topology. Check it out!
An Overview of the Sender Policy Framework: Date - Sep 30, 2004; Author - Marc Grote; In this article I will give you some information about SPF – Sender Policy Framework and its implementation. Some statistics state that nearly 75% of all e-mail traffic is Spam, sometimes called UCE (Unsolicited Commercial Email). To help against this threat, several vendors are developing solutions against Spam. One solution is SPF. What is SPF? SPF is a solution to fight against email address forgery. SPF makes it easier to identify spam mails, viruses and worms.
The Hidden Power of Sender and Recipient Filtering: Date - Aug 03, 2004; Author - Amit Zinman; Filtering in Exchange 2003 can be a powerful tool in the right hands. It can help you to protect your mail server, especially in a single server or branch scenario when no mail relay is provided and ease the load off your regular anti virus and anti spam packages if it is used right.
Protecting Exchange against Spam: Date - Jul 20, 2004; Author - Amit Zinman; Unsolicited e-mail, more commonly known as spam is a rising and complex problem. Unlike viruses, spam mail does not have a clear and cut signature. Anyone could send you an e-mail you wouldn't want to receive so determining which e-mail you definitely would not want to accept can be tricky. Various anti-spam packages exist. However, integrating them into your mail systems is not trivial. They have so many options that may help you prevent spam but can also cause a lot trouble and increase "where is my mail" type help desk calls. I hope to cover most aspects of combating spam here to make it easier for you to decide which solution is best for your needs.
Securing SMTP Connections to Specific Servers: Date - Jul 13, 2004; Author - Amit Zinman; SMTP is basically a non-secure protocol. E-mail fraud and spoofing is not difficult to do. This means anyone can send you an e-mail posing as someone else. Moreover, SMTP mail is typically sent in clear text and can be intercepted on the way by anyone using "sniffers", programs that record network activity. In this article you'll learn how to send and receive encrypted mail.
Using Microsoft Exchange Intelligent Message Filter: Date - Jun 16, 2004; Author - Henrik Walther; Finally Microsoft has released the new Exchange Intelligent Message Filter (IMF) - a SmartScreen-based Exchange 2003 add-on specifically developed to help Exchange Admins reduce the amount of unsolicited commercial e-mail (UCE) also known as spam received by their users.
Restricting users from Sending and Receiving Internet Mail in Exchange 2003: Date - May 19, 2004; Author - Mark Fugatt; This article is an update on how to restrict Exchange 2003 users from receiving and sending Internet based email.
Getting Help and Information When You Need It: Date - Apr 26, 2004; Author - Mark Fugatt; Getting help when you need it is not as complicated as you may think, there are many "self service" options available to you in the form of newsgroups, forums, discussion lists, blog and websites. In this article I hope to provide you with some valuable resources that you can use to build your knowledge of Exchange.
SSL Enabling OWA 2003 using your own Certificate Authority: Date - Mar 17, 2004; Author - Henrik Walther; Why spend money on a 3rd party SSL certificate, when you can create your own for free? In this article I will show you step by step how you create your own SSL Certificate, which among other things is needed in order to properly secure Outlook Web Access on your Exchange 2003 Server.
Providing E-Mail Defense in Depth for Microsoft Exchange with the ISA 2004 Firewall SMTP Message Screener: Date - Mar 09, 2004; Author - Thomas Shinder; There’s no doubt that spam is public enemy number one, not only to the e-mail administrator, but also to the firewall admin. Spam clogs Internet connections, wastes corporate bandwidth, reduces employee productivity and consumes valuable Exchange Server software and hardware resources. Spam, together with its evil cousins e-mail worms and viruses, represent the primary threats against corporate networks today. Find out how the ISA 2004 firewall protects your Exchange Server by acting as the first line of defense against spam and viruses.
Implementing System Policies in Exchange Server 2003: Date - Feb 24, 2004; Author - Marc Grote; An Exchange System policy provides a new way to apply common settings to servers, public folder stores and mailbox stores for all or selected objects in an Exchange administrative group. This article explains in detail how to implement a mailbox store policy.
Implementing Email Security with Exchange Server 2003: Date - Feb 11, 2004; Author - Markus Klein; Has anyone ever considered Email Security (S/MIME) within their Exchange Server 2003 network environment? As complex as it was to configure with earlier versions of Exchange Server, now it’s equally easy to implement with Exchange Server 2003. The only requirement is a Windows Server 2003 certificate authority with configured automatic certificate enrollment.
Joining the Branch Office to the Main Office with the Firewall for Microsoft Exchange - ISA 2000 : Connecting to the Main Office Exchange Server from the Branch Office using RPC over HTTP: Date - Feb 06, 2004; Author - Thomas Shinder; The new Outlook and Exchange 2003 RPC over HTTP feature is great for users stuck behind restrictive firewalls. But what if you want to put the RPC over HTTP proxy server on the ISA firewall machine itself? No problem! Check out this article for all the step by step procedures.
Configuring ISA Server 2000 to Support Outlook 2003 RPC over HTTP - Part 1: Preparing the Infrastructure and Configuring the Front-End Exchange Server: Date - Dec 29, 2003; Author - Thomas Shinder; Exchange Server 2003 allows Outlook 2003 clients installed on Windows XP Service Pack 1 and above full MAPI client access to Exchange Server 2003 resources using the new RPC over HTTP protocol. RPC over HTTP allows the RPC commands required for full Outlook 2003 MAPI client access to be wrapped or "encapsulated" in an HTTP header and passed through proxies that allow outbound HTTP/HTTPS (SSL). ISA Server 2000 is the ideal firewall to provide the highest level of protection for your Exchange Servers while at the same time allowing the rich functionality the Outlook RPC over HTTP client provides. Check out part 1 of this series on how to configure the ISA firewall to allow secure RPC over HTTP connections to your Exchange 2003 Server.
Configuring a Spam and Attachment Filtering SMTP Relay on the ISA Server 2000 Firewall - Part 1: Installing and Configuring the SMTP Services and Remote Domains: Date - Dec 01, 2003; Author - Thomas Shinder; Spam is a major threat to the Internet and corporate networks today. Spam clogs Internet routers and gateways, usurps bandwidth on corporate Internet links, and consumes processor cycles and disk space on corporate SMTP relays and mail servers. Criminal spammers are using increasingly sophisticated techniques to circumvent spam filtering applications. The more complex the spammer’s attack methodologies used to avoid detection, the more processor intensive the spam whacking applications must be. These processor cycles are robbed from other applications and services running on the same machine and often require that you dedicate a single box to spam filtering. This two part article shows you with detailed step by step instructions on how to make your ISA Server 2000 firewall into a front-end spam filtering SMTP relay.
Using Mail Relays to Enhance Exchange Security: Date - Nov 19, 2003; Author - Amit Zinman; Virus, Trojan and denial of service attacks are quite common these days and Exchange is a popular target for these attacks due its popularity and inherent vulnerabilities. Mail relays can be used to thwart most attacks. I'm constantly discovering that although the concept of mail relays is not new they can be used against the latest sophisticated attacks, just long as they're not the weakest link in the chain of e-mail delivery.
Introducing the ISA Server 2000 Exchange Server 2000/2003 Deployment Kit - Getting the Most Out of The Firewall for Microsoft Exchange Server: Date - Oct 24, 2003; Author - Thomas Shinder; The ISA Server 2000 Exchange 2000/2003 Deployment Kit is here! Answers to all your questions regarding Exchange Server publishing and remote access to Exchange Server services via ISA Server firewalls are found in the kit. Check out this article for an intro to the kit and download links.
The Firewall for Microsoft Exchange Server - Supporting ISA Server 2000 Publishing of Exchange Server 2000/2003 with SMTP Relays Part 1: What is an SMTP Relay and Why You Should Use One: Date - Oct 16, 2003; Author - Thomas Shinder; SMTP relay issues are very common for Exchange Server administrators who need their mail servers to connect to the Internet. The problem is that there aren’t a lot of good descriptions of what SMTP relay is, how it works, why you want one, and what problems you might encounter with them. This series on SMTP relays will help prevent you from becoming the victim of an RBL'er and improve the performance of your Exchange Servers. Check it out!
Announcing Beta 2 of the ISA Server 2000 Exchange Server 2000/2003 Deployment Kit: Date - Oct 15, 2003; Author - Thomas Shinder; Thanks to everyone who contributed suggestions, recommendations and enhancements to the ISA Server 2000 Exchange Server 2000/2003 Deployment Kit beta 1 release. I’ve been able to incorporate a number of changes and additions to the ISA Server 2000 Exchange Server 2000/2003 Deployment Kit documents based on your suggestions. If you haven’t seen a change based on your suggestion made yet, don’t worry. I’m still trying to catch up with your mail and will make the changes ASAP. I appreciate the input you’ve sent to me a tshinder@tacteam.net and hope to get even more.
Implementing and Configuring Blacklist Support in Exchange Server 2003: Date - Sep 17, 2003; Author - Markus Klein; Spam filtering software based on keywords, etc. is only one brick in the wall guarding against Spam; another one is to implement black- or block-list support within your messaging and collaboration environment. With the new release of Exchange, Microsoft implemented the functionality to filter every incoming email whether the sender is on a blacklist or not. Within this article you will learn how blacklists work and how you can configure support with Exchange Server 2003.
Secure Exchange Server 2003 POP3 Publishing: Date - Aug 26, 2003; Author - Thomas Shinder; Your users can access their corporate email via the POP3 protocol using the Exchange Server 2003 POP3 service. However, in order to secure user credentials and data moving between the email client and server, you have to use SSL/TLS security. Check out this article and find out how to use ISA Server 2000 to provide secure POP3 access.
Publishing Exchange 2003 Outlook Web Access (OWA) with ISA Server 2000 - Part 3: SSL Bridging Drill Down and Requesting a Web Site Certificate: Date - Jul 11, 2003; Author - Thomas Shinder; We continue our series on publishing Exchange 2003 OWA sites with a drill down on SSL to SSL bridging and the importance of Web site certificate configuration. Then the steps by steps for obtaining the Web site certificate and exporting it are discussed. Come on in if your wresting with OWA publishing and certificate assignment!