Edge Transport server role

This server role is for perimeter network deployment. It supports Simple Mail Transfer Protocol (SMTP) routing, provides anti-spam filtering technologies and support for antivirus extensibility. The Edge Transport server should be isolated from the Active Directory directory services, but can still leverage Active Directory for recipient filtering by using Active Directory Application Mode (ADAM). EdgeSync in Exchange Server 2007 publishes pertinent organization information, encrypted, to the Edge Transport server for use in robust recipient filtering and respects Microsoft Outlook safe sender lists on the Edge. Communications between the Edge Transport server and the internal network in an Exchange Server 2007 organization are encrypted by default.

Edge Transport includes anti-spam technologies that protect at many layers.

Anti-spam: Sender and Recipient Filtering

Sender reputation is dynamically analyzed and updated. When the Edge Transport server spots specific trends from a given domain, it can impose certain actions to either quarantine or reject incoming messages. Sender ID is also used to verify that each e-mail message originates from the Internet domain from which it claims to come from based on the sender's SMTP server IP address. Once a Sender ID record has been verified, the results can be cross-referenced to past traffic patterns and sender reputation, creating an associate weight into the domain reputation. Finally, recipients are validated, and administrators have the ability to block messages sent to non-existent user accounts or internal-only distribution lists

Anti-spam: Sender ID

Exchange Server 2007 embeds support for Sender ID, an e-mail industry initiative designed to verify that each e-mail message originates from the Internet domain from which it claims to come based on the sender's SMTP server IP address. Sender ID helps prevent domain spoofing and protect legitimate senders’ domain names and reputation and helps recipients more effectively identify and filter junk e-mail and phishing scams.

Anti-spam: Outlook E-Mail Postmark

Exchange 2007 verifies Outlook E-mail Postmarks attached to messages sent from Outlook 2007. The Outlook E-mail Postmark can reduce false positives for messages from legitimate senders that have little to no reputation.

Anti-spam: Service Resilience

The Edge Transport server role controls the inbound SMTP message receipt rate for increased availability. This control, coupled with the ability to detect open proxy machines, can aid in preventing denial of service attacks. Tar pitting is supported to slow the server response for certain SMTP communication patterns, minimizing exposure to directory harvest attacks.

Anti-spam: Two-Tiered Spam Quarantine

The Exchange Server 2007 environment enables two-tiered spam quarantine. First, administrators have access to a Spam Quarantine housed in the perimeter network. Using Outlook, administrators can access the Spam Quarantine to search for messages, release to the recipient, or reject and delete. Messages with borderline SCL ratings (borderline definition configured by the administrator) may be released to the end user's junk mail folder in Outlook, and are converted to plain text for further protection.

Antivirus Extensibility:Attachment Filtering

To effectively protect against worms delivered via e-mail, the administrator can strip attachments based on their size, content or file type. Zip file manifests can be examined as well for offending file types.

Antivirus Extensibility: Antivirus Stamp

Messages scanned in the Exchange environment can be assigned an antivirus stamp. This stamp identifies which engine did the scanning, which signature was used, and when the message was last scanned.

Hosted Filtering Integration

Exchange Server 2007 provides integration with Exchange Hosted Services, offering off-site protection against spam and viruses.

Intra-Org Encryption

All mail traveling within an Exchange Server 2007 organization is encrypted by default. Transport Layer Security (TLS) is used for server-to-server traffic, Remote Procedure Call (RPC) is used for Outlook connections, and Secure Socket Layers (SSL) is used for Client Access traffic (Outlook Web Access, Exchange ActiveSync, and Web Services). This prevents spoofing and provides confidentiality messages in transit.

Opportunistic TLS Encryption

If the destination SMTP server supports TLS (via the “STARTTLS” SMTP command) when sending outbound e-mail from Exchange Server 2007, Exchange Server will automatically encrypt the outbound content using TLS. In addition, inbound e-mail sent to Exchange Server 2007 from the internet will be encrypted if the sending server supports TLS (Exchange Server 2007 automatically installs SSL certificates).

Transport Rules

SP1

Exchange Server 2007 includes a policy engine based on rules that execute on Hub Transport servers. With Transport Rules, administrators and compliance officers can establish and enforce regulatory or corporate policies on internal or outbound e-mail, voice mail, or fax. For example, using a wizard in the Exchange Management Console or the command line in Exchange Management Shell, rules can be written that would prohibit communication between members of distinct distribution lists, append a disclaimer to any message being sent externally, or BCC the compliance officer anytime a specific phrase appears in the subject or content of a message.

Flexible Journaling

Journaling is flexible in Exchange Server 2007. Journaling can be triggered per database, per distribution list, or per user. All messages can be journaled, or just those sent internally or externally.

Archive Integration

Journaled messages can be archived to any SMTP address, including an Exchange mailbox or Windows SharePoint Services site.

Local Continuous Replication

Availability can be increased using continuous replication of data across multiple disks on a single server. This establishes a second copy of the production database on the local server that is kept up-to-date automatically. In the event of a disk failure or data corruption, switching over to the copy database provides a less costly and less complex recovery solution for the administrator.

Standby Continuous Replication

Availability can be increased using replication between geographically dispersed data centers in combination with LCR and CCR. Data recorded on the source server node is copied to a destination server node (the standby server) and multiple destination servers can be created for a single source server. In the event of a disk failure, data corruption, or complete site failure, the administrator can switch to the standby server preventing data loss and enabling a seamless transition for users, providing a less costly and less complex recovery solution for the administrator.

Database Portability

In the case of a complete server failure, an empty dial tone mailbox database can be created on a new server, enabling users to send and receive e-mail while recovery is underway. A backup of the mailbox database can then be recovered into the dial tone database even though the original database in the backup was created on a different server.

Calendar Attendant

The Calendar Attendant reduces scheduling conflicts by limiting calendar items (request, declines, accepts) in the inbox to the latest version. The Calendar Attendant also marks meeting requests as tentative on recipient calendars until users can act on the request and relies on the Exchange Server 2007 free/busy Web service for always up-to-date availability information.

Scheduling Assistant

The Scheduling Assistant helps users efficiently schedule meetings by providing visual guidance on the best and worst dates and times to meet based on meeting invitees and required resources.

Search

Information can be quickly found from a mobile device using the search capability of Exchange ActiveSync. When executing a search from a mobile device, both the local device store and the user’s entire Exchange mailbox are queried. Results found through the over-the-air search of the Exchange mailbox can be rapidly retrieved to the device. This capability enables access to information sent or received days, weeks, or even months before, regardless of the storage limitations of the mobile device.

Rich Experience on a Breadth of Devices

Users can get a familiar experience on a range of mobile devices without requiring the organization to deploy expensive third-party software or services. The Exchange Server 2007 ActiveSync protocol is licensed for use by Windows Mobile, Nokia, Symbian, Motorola, Sony Ericsson, Palm, and DataViz. Given the breadth of partners, device choice continues to expand.

LinkAccess

When a user receives a link to a Windows SharePoint Services site or file share while using a mobile device, Exchange Server 2007 uses LinkAccess to retrieve and display the document, no VPN or tunnel required.

Outlook 2007 Experience

SP1

Outlook Web Access, an AJAX application since its first release with Exchange Server 5.5, provides a rich, Outlook like experience in a browser. New features in Outlook Web Access 2007 enable users to:

Self-Service Support

SP1

The Outlook Web Access 2007 Options menu allows users to quickly and easily resolve many of the most common sources of helpdesk calls on their own. OWA users can request a Unified Messaging voice mail PIN reset, issue a remote wipe request to their mobile device should it be lost or stolen, and add senders to their safe or block list all within Outlook Web Access. Service Pack 1 (SP1) includes a confirmation from Exchange when the remote wipe request is successfully completed.

Search

Exchange Server 2007 mailboxes are fully indexed by default, allowing users to quickly search for information from Outlook Web Access. Re-indexing is significantly faster than Exchange Server 2003, and search spans both content within the e-mail itself and data contained in attachments.

Remote Document Access: WebReady Document Viewing

SP1

Outlook Web Access 2007 can transcode a variety of document types – including Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and PDF files – from their native format into HTML so that they can be viewed in a client browser even if the application that created the document is not installed on the client. This allows users to be productive from almost any machine and keeps viewed documents safe, even on kiosk machines, since HTML documents are purged by Outlook Web Access at logoff or session timeout. Service Pack 1 (SP1) includes support for Microsoft Office 2007 file formats.

Voice Messaging System

Voice mail can now be stored in the mailbox and accessed from a unified inbox in Outlook, Outlook Web Access, on a mobile device, or from a standard telephone. This unification improves employee productivity by simplifying access to the most common types of communications. It also dramatically reduces cost by removing the need for a standalone voice mail system and by taking advantage of any existing investments in Active Directory. Exchange Server 2007 Unified Messaging can be connected with a legacy private branch exchange (PBX) infrastructure through an IP gateway, or can be directly connected with certain IP PBX installations.

Speech-Enabled Automated Attendant

The Attendant answers calls using an automated operator, with customizable menus (e.g. “press 1 for sales”), and global address list directory lookups (e.g. “who would you like to contact?”). Callers can interact with the Automated Attendant through touch tone menus or their voice using speech recognition.

Outlook Voice Access

Users can access their Exchange mailbox using a standard telephone, available anywhere. Through touch tone or speech-enabled menus, they can hear and act on their calendar, listen to e-mail messages (translated from text to speech), listen to voice mail messages, call their contacts, or call users listed in the directory.

New Voice Mail Alerts

SP1

When combined with Office Communication Server 2007 (OCS), users can get an indicator on their Office Communicator client or OC-enabled desktop phone that a new voice mail message is in their inbox.

Exchange Management Console

SP1/SP2

Improves the graphical user interface for management. Management actions are easily discovered through the action pane, and the navigation tree is simplified to three levels deep. Exchange management and troubleshooting tools are integrated in the toolbox. The Exchange Management Console is built upon the Exchange Management Shell; actions taken in the Console are also available, and visible, through the command line shell. SP2 adds a new user interface for easy configuration and manage of diagnostic logging.

Exchange Management Shell

SP1

The Exchange Management Shell, based on Microsoft Windows PowerShell, is a highly extensible and flexible management environment that complements the graphical interface available through the Exchange Management Console. It enables rapid management through a scriptable command line for automation, batching, and reporting and integrates with Active Directory. To help administrators quickly learn the syntax of the Exchange Management Shell and build custom scripts, wizards in the graphical Exchange Management Console display the command line syntax for each action the administrator has specified via the wizard. This text can be cut and pasted directly into the Exchange Management Shell or into a script file.

Exchange Backup Functionality

SP2

A new Volume Shadow Copy Service (VSS) plug-in for Windows Server Backup to support Exchange backups. Windows Server Backup can now be used to back up and restore Exchange Server 2007 SP2 databases. This plug-in is automatically installed by SP2 on all Exchange Server 2007 Mailbox servers.

Exchange Troubleshooting Tools

In addition to the deep integration of Exchange Best Practices Analyzer, Exchange Server 2007 provides several troubleshooting tools within the toolbox in the Exchange Management Console. These tools are kept up-to-date with the latest information and capabilities through integration with Microsoft Update. Included in the toolbox are the Exchange Mail Flow Troubleshooter, Exchange Database Troubleshooter, and the Exchange Performance Troubleshooter. The Exchange Mail Flow Troubleshooter can diagnose and help remediate inbound and outbound e-mail failures. The Exchange Database Troubleshooter isolates database mounting failures, is used to manage recovery storage groups, and walks the administrator through dial tone recovery. Finally, the Exchange Performance Troubleshooter identifies the cause of Outlook or Exchange performance problems and advises on remediation.

Public Folder Quota Management

SP2

Provides a more efficient way to manage Public Folder quotas by improving the current cmdlets and removing the dependency on the Public Folder Distributed Authoring and Versioning Administration to perform management tasks.

Automatic Server Updates

Automates Exchange Server updating and patching using either Microsoft Update on the Web, Windows Update Server on-site, or Microsoft Systems Management Server, soon to be released as System Center Configuration Manager.

Server Roles

Exchange Server 2007 is a modular system of five server roles–Edge Transport, Hub Transport, Mailbox, Client Access, and Unified Messaging – that reduces the time required for installation; minimizes manual, post-install configuration by the administrator; and limits the surface area available for attack to increase security. Administrators also gain the flexibility to deploy only the features and services necessary on a given server and manage accordingly. All server roles, with the exception of Edge Transport, can be deployed on a single server, and only the Hub Transport and Mailbox server roles are required for Exchange Server 2007 installation.

Exchange Best Practices Analyzer

Embedded in the Exchange Server 2007 setup process and available through the Exchange Management Console toolbox, the Exchange Best Practices Analyzer can be used to proactively examine the topology and individual servers for configuration discrepancies that may lead to service outages and reliability problems in the future. The Analyzer surfaces warnings or error messages to the administrator and information on how to address the warning or error. It is recommended that the Exchange Best Practice Analyzer be run periodically against an Exchange environment to ensure optimal configuration.

Single Migration Engine

Exchange Server 2007 provides a single, comprehensive tool for administrators to perform intra or inter-organizational migrations, minimizing migration complexity.

Exchange Server 2010 Co-existence

SP2

Service Pack 2 adds the necessary elements to the Active Directory (AD) schema that enable the co-existence with the next release of Exchange Server.

Native x64

As a native 64-bit application, Exchange can access more memory, ensuring high performance and reliability as mailbox sizes and the number of user accounts per server increase.

Storage Optimization

With reduced input/output (I/O) requirements (up to 75 percent reduction in I/O per second) enabled by the larger memory caches available on x64 systems, Exchange Server 2007 makes better use of existing storage systems and also allows administrators to use low-cost options like Direct Attached Storage, even in demanding, enterprise environments.

Simplified Routing and Optimized Bandwidth

Message routing is automatically determined, and mail is delivered using the most direct route by default. Administrators can also configure schedule and priority to optimize bandwidth usage.

Web Services Application Programming Interface (API)

SP1

Developers now have a simple way to embed information from the Exchange Server 2007 mailbox or calendar within line-of-business or other custom applications. The Exchange Web Services API provides a single, documented, standards-based API to be called from any client, language, or platform.

Free/Busy Web Service

The Free/Busy Web Service offers a flexible, extensible way to access free/busy information in Exchange Server 2007. Used by clients such as Outlook, Outlook Web Access, and mobile devices based on Exchange ActiveSync, the Free/Busy Web Service allows developers to embed free/busy information in line-of-business or custom applications