TechNet Magazine – September 2007

The latest issue of TechNet Magazine, September 2007, is out.

This time the main topic is Windows Vista deployment with BDD 2007. I recently had some experience with BDD 2007, deploying Windows Vista + Office 2007 and also for Windows XP + Office 2003. It really rocks!

As usual, the magazine is also available to download as a standalone HTML Help file (.chm).


But since this is an Exchange related blog, I would like to highlight the most relevant articles:

Update Rollup 4 for Exchange Server 2007 (KB940006)

Microsoft has released Update Rollup 4 for Microsoft Exchange Server 2007.

Update Rollup 4 for Exchange Server 2007 resolves issues that were found in Exchange Server 2007 since the software was released. This update rollup is highly recommended for all Exchange Server 2007 customers.
For a list of changes included in this update rollup see KB940006.

This is a cumulative update rollup and replaces the following:

  • KB930809 Update Rollup 1 for Exchange Server 2007 (KB930809)
  • KB935490 Update Rollup 2 for Exchange Server 2007 (KB935490)
  • KB935999 Update Rollup 3 for Exchange Server 2007 (KB935999)

Issues that the update rollup fixes
Update Rollup 4 for Exchange 2007 fixes the issues that are described in the following articles in the Microsoft Knowledge Base:

  • 930463 You receive NDR messages for some recipients when you send e-mail messages on an Exchange 2007-based server
  • 937656 You experience problems in Outlook Web Access for Exchange 2007 after daylight saving time (DST) starts in New Zealand in 2007
  • 936300 A mailbox move operation stops responding when you move a mailbox from an Exchange 2003 mailbox store or from an Exchange 2007 mailbox store to another Exchange 2007 mailbox store
  • 932561 Appointments that are sent from one Exchange organization to another by using Exchange 2007 may be incorrect by one hour if one organization is in the Western Australia time zone
  • 937861 You receive a non-delivery report (NDR) message when you try to send an e-mail message to a third-party connector address by using a third-party connector on an Exchange 2007-based computer
  • 938359 The Microsoft Exchange Information Store service stops responding in Exchange 2007 after you enable the Standard Response option on a moderated public folder
  • 940052 Error message when you use the Exchange Management Console to try to reconnect a mailbox to a user account: “The specified mailbox is not unique on database”
  • 933314 Mobile devices cannot send e-mail by using the AirSync feature in an Exchange Server 2007 organization that has more than one thousand accepted domains
  • 939560 Users cannot download offline address books in Exchange 2007 when you use Microsoft Solution for Hosted Messaging and Collaboration version 4.0

Edge Server: to ISA or not to ISA

From Edge Transport Server Role – Overview:
In Exchange 2007, the Edge Transport server role is deployed in your organization’s perimeter network as a stand-alone server. Designed to minimize the attack surface, the Edge Transport server handles all Internet-facing mail flow, which provides Simple Mail Transfer Protocol (SMTP) relay and smart host services for the Exchange organization.

One of the many questions I get asked is wether we should use ISA Server to publish an Exchange 2007 Edge Server. There’s not much prescriptive guidance from Microsoft about this subject, they just say to put Edge Server on the DMZ.

Well, the answer is: Yes and No!

Let’s use the following picture to help with the answer:


  • YES – If you use ISA Server as your perimeter firewall (FW1), then just open port 25 (SMTP), so that mail can flow from/to the Internet.
  • NO – If you already have your perimeter network in place with 3rd party firewalls, just drop the Edge Server on the DMZ, there’s no need to provide that “extra protection”, placing it behind an ISA Server.

The picture depicts an ISA Server on the Perimeter Network. This server is used for publishing other Exchange Services, such as OWA, Outlook Anywhere and ActiveSync.

If the Perimeter Firewall (FW1) is Microsoft ISA Server, then you should not use any application filtering when publishing Edge Server. ISA Server 2006 discontinued SMTP Message Screener, but there’s still SMTP Filter. You can check this on the properties of the SMTP Server protocol, as seen on the following picture:


What you can (and should) do is to define a new SMTP Server custom protocol and not use any application filter, if you ever need to place an Edge Server behind an ISA Server.


E2K7 SP1 Beta 2 Released

Starting today, Microsoft is making Beta 2 of Exchange Server Service Pack 1 available to the general public.

REDMOND, Wash. — Aug. 13, 2007 —Microsoft Corp. today announced Exchange Server 2007 Service Pack 1 (SP1) and opened a technology preview for the software. Exchange Server 2007 SP1 features enhancements such as support for Windows Server® 2008, enhanced integration with Microsoft® Office Communications Server 2007, and improved mobile device management and advanced security technology.

Here’s a list of the latest features available with Beta 2:

  • SCR ready for Production use.
  • OWA
    • New OWA themes (X-Box, Zune)
    • Supporting digital signatures with certificate that do not have email addresses in them for S/MIME
  • S/MIME features which were not complete in Beta 1:
    • HTML filtering (now S/MIME message reading and editing is full fidelity)
    • OWA Printing
    • Admin settings
    • Both the new task and the updated MOM pack have been checked into the Beta 2 branch.
    • Integration with anti-junk/phishing mail features
    • Many bug fixes (in all features, not just S/MIME)
    • Exchange Web Services HTTP Proxy and new Web Services ID’s.
  • New EMC features for Beta 2:
    • Full Access permission management for mailboxes and mail-enabled public folders
    • Preview of AL/EAP/DL with custom filter
    • More ActiveSync policy settings
  • Other
    • Both the new task and the updated MOM pack have been checked into the Beta 2 branch.
    • Inter-Site Message Size Restrictions feature enable.
    • Test-ReplicationHealth is a new task that MOM pack uses to monitor HA replication.
    • MRM now supports policies on the message type “e-mail” in addition to other types of items (calendar, notes, etc).

Read the full Press Release: Microsoft Unveils Exchange Server 2007 Service Pack 1 in Technology Preview Tags: exchange 2007, sp1

Technorati Tags: exchange 2007, sp1

Forefront Server Security for Exchange Management Pack

Microsoft released Forefront Server Security for Exchange 10.0 Management Pack for Operations Manager 2007.

Brief Description
The Microsoft Forefront Security for Exchange Management Pack monitors Exchange Servers for virus and worm activity.

Quick Details
File Name: Microsoft Forefront Security for Exchange System Center Operations Manager 2007 MP.msi
Version: 6.0.5000.0
Date Published: 8/6/2007
Language: English
Download Size: 483 KB

The Microsoft Forefront Security for Exchange Management Pack for Operations Manager 2007 supports the 10.0 version of Microsoft Forefront Security for Exchange Server. The MP supplies critical events and alerts on virus and worm activity to Operations Manager 2007, and also monitors the health and availability of these products.
Requires OpsMgr 2007 MOM 2005 Backward Compatibility MP Update) 6.0.5000.12 (or higher)

System Requirements

  • Supported Operating Systems: Windows Server 2003; Windows Server 2003 x64 editions
  • Required Software: System Center Operations Manager 2007, Microsoft Forefront Security for Exchange Server
    OpsMgr 2007 MOM 2005 Backward Compatibility MP Update) 6.0.5000.12 (or higher)

Week(end) reading

Exchange updated tools

…And after the documents, Microsoft updated also some tools for Exchange Server 2003/2007:

Exchange 2007 documentation updates

Microsoft updated recently some of its technical documentation for Exchange Server 2007: