| Have your Exchange server installed, maintained or upgraded by Amset IT Solutions. Exchange 2000, 2003, 2003 SBS, 2007 More Information (UK only) |
Broadband - Exchange
Login Scripts - Net Admin
Outlook - Windows Mobile
Windows
Exchange and a
Dynamic IP Address
Global Mailbox Folder
Permissions from Server
Internal Email Address
for External People
Options when a Staff Member
Leaves
Prerequisites for Exchange
System Tools
Switching From POP3
to SMTP Delivery
| ||||||||||||
Author: Simon Butler, Exchange MVP, MCSE
Last Page Review: 12/03/2007
You have installed your Exchange Server. Now what?
Before creating users, there are a number of things that you should do to ensure that the server runs smoothly and is secure.
- Enable Message Tracking.
This shows you what Exchange is doing with messages. More Information.
- Secure the SMTP Relaying Feature
While Exchange is relay secure out of the box, it does allow authenticated relaying to take place. If you are not going to have users relaying email through your server - for example from Outlook Express, or the use is going to be limited, then you should review the relay settings. More Information.
- Setup an Email Admins group
This group should be used for setting any high level permissions on the server - for example as the owner of Public Folders. More Information.
- Setup an "All Staff" group
As well as allowing all of your users to email everyone else, the group can be used to secure other parts of the Exchange email system. More Information.
- Purchase an SSL Certificate.
This doesn't have to be a huge expense, either RapidSSL or Certificates for Exchange SSL certificates will be fine. However by using a commercial SSL certificate you will avoid any certificate prompts and can easily deploy features like RPC over HTTPS or Exchange Mobile Sync.
- Enable Recipient Filtering to Drop Email for Unknown Users
This will stop your server being used in an NDR relay spam attack. (Windows 2003/Exchange 2003 only). More Information.
- Open the relevant ports on your firewall.
For a secure Exchange server that is accepting email directly by SMTP, you only need two ports to be open - 443 (https) and 25 (smtp). No others need to be opened for Exchange to operate correctly.
- Configure DNS, MX and Server Banner
Not all of these changes will take place immediately, but should be addressed. More Information.
- Move the Exchange databases and logs.
If you have configured the server correctly, you will have separate drives for the transaction logs and database. Exchange doesn't use these by default, so you will have to move the databases and transaction logs using the correct procedure as outlined in this article: http://support.microsoft.com/default.aspx?kbid=257184
- Configure an SMTP Connector.
While not strictly required for all configurations, an SMTP Connector even configured for DNS delivery is a good thing to have in place.More Information.
What has been skipped from the list above includes...
- Configure backups
- User Creation
- Additional Group Creation
- Updating the server with the latest service packs and updates from Microsoft.
12/03/2007
Back to the Top
Contact Us - Advertise on amset.info
Exchange Index - Home Page
Broadband - Exchange - Login Scripts - Network Admin - Outlook - Windows Mobile - Windows
© Amset IT Solutions Ltd. 1998 - 2008. All rights reserved. Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned on this site. This site is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.