Professional Documents
Culture Documents
Exchange2007 Part3
Exchange2007 Part3
com
Exchange 2007
Internet Protocol
I. Mc ch: Trin khai cc Internet Protocol : SMTP, POP3, IMAP, HTTP, RPC over HTTPs cho cc client khng s dng MAPI II. Cc bc chun b: My ci Exchange 2007 v Outlook 2007 - To user hpbao v User u1 v cho group Users logon locally - To alias name : mail c IP tr n chnh my exchange III. Thc hin: 1. SMTP v POP3 a. Cu hnh Service POP3 chng thc ch plain text: G vo lnh sau : Set-PopSettings LoginType PlainTextLogin
Kim tra kt qu
Exchange 2007
Vo Run : services.msc Tm n Microsoft Exchange POP3 service start service ln chn Startup Type : Automatic v
c. Cu hnh SMTP chng thc theo c ch Basic M Exchange Management Console Server Configuration Hub Transport phi chut trn Default PCxx (PCxx l computer name) properties
Chn tab Authentication, b chn Offer Basic authentication only after starting TLS chn tab Permission Groups
Trang 82
Exchange 2007
M Exchange Management Console Server Configuration Hub Transport phi chut trn Client PCxx (PCxx l computer name) properties
Trang 83
Exchange 2007
Chn tab Authentication, b chn Offer Basic authentication only after starting TLS chn tab Permission Groups
Trang 84
Exchange 2007
o Incomming server : POP3 o Incoming mail & Outgoing mail : localhost o Trong Server Properties chn My server require authenticate. Sau gi th mail ni b ri gi th mail ra ngoi Khai bo li Outlook Express chy SMTP port 587
2. SMTPS v POP3S : Khai bo li cu hnh OE chy SSL Outgoing mail : chn This server requires a secure connection. Incomming mail : chn This server requires a secure connection.
3. SMTP v IMAP a. G vo lnh sau : Set-ImapSettings LoginType PlaintextLogin V sau , kim tra li bng lnh : Get-ImapSettings
Trang 85
Exchange 2007
c. To thm 1 account mi theo thng s sau : Display name : User u1 User/PW : u1/123 Incomming server : IMAP4
Trang 86
Exchange 2007
Incoming mail & Outgoing mail : localhost Trong Server Properties chn My server require authentication = Yes Chn cc folder mun hin th. So snh s khc bit gia POP3 v IMAP4
4. Outlook Web Access: Cu hnh IIS HTTP v HTTPs (Default : Exchange 2007 ch h tr HTTPS)
Trang 87
Exchange 2007
a. Vo IIS Web Site nhn phi chut trn Default Web Site Properties tab Directory Security. Trong Secure Communicati on Edit
Trang 88
Exchange 2007
5. RPC over HTTPs : a. Vo Add/Remove Windows Components Networking Services nh du chn vo RPC over HTTP proxy OK
Trang 89
Exchange 2007
b. M Exchange Management Console Server Configuration phi chut trn Server Enable Outlook Anywhere
Client Access
nhn
d. Khi ng my Exchange Server 2007 li. e. Logon vo user hpbao. Gi Control + Click phi chut vo biu tng Outlook gc di phi mn hnh Connection Status quan st ct Conn : TCP/IP f. ng MS.Outlook. Cp nht Root CA cho user hpbao. M IE. http://localhost/certsrv ==> Download a CA certificate, certificate chain or CRL Download CA Certificate Lu li thnh file .cer trn desktop user ca hpbao Vo mmc g. Vo Control Panel More Settings Add Snap-in Certificate Mail Show Profile Import root vo Properties Email accounts Change
Trang 90
Exchange 2007
h. Trong tab Connection chn Connect to Microsoft Exchange using HTTP click Exchange Proxy Settings
Trang 91
Exchange 2007
i. Trong Connection settings, nhp vo mails.vsiclab.net. nh du chn vo On fast networks, connect using . Trong Use this authentication when chn Basic Authentication OK
j. Logon bng user hpbao m MS. Outlook Gi Control + Click phi chut vo Connection Status quan st ct biu tng Outlook gc di phi mn hnh Conn : HTTPS
Trang 92
Exchange 2007
SMTP
I. Mc ch: Tm hiu c ch hot ng ca SMTP II. Cc bc chun b: My ci Exchange 2007 v Outlook 2007 - To user hpbao v cu hnh OE user check mail bng POP3 III. Thc hin: 1. Dng SMTP command gi mail trc tip a. Dng nslookup tm MX record ca mail server cn gi
Vo yahoo kim tra xem coi c nhn c email khng? VSIC Education Corporation
Trang 93
Exchange 2007
2. Gi mail trc tip bng Outlook Express - Khai bo Outlook Express theo cc thng s sau : o Display name : Hoang Phung Bao o Email address : hpbao@vsiclab.net o Incomming mail : localhost o Outgoing mail : 209.191.118.103 (1 trong cc MX record ca yahoo) - Sau gi mail vo yahoo gi c. - Mun gi mail n account trn server khc (VD : hotmail.com) th cc bc lm cng tng t. 3. Outlook Express relay mail vo Exchange Server Xa account mail trong OE - Khai bo account mi trong Outlook Express theo cc thng s sau : o Display name : Hoang Phung Bao o Email address : hpbao@vsiclab.net o Incomming mail : IP ca Exchange server o Outgoing mail : IP ca Exchange server o Check vo My Server Require Authentication Gi mail th ra ngoi v i n bt k account no gi c. 4. Exchange server relay mail vo Exchange server khc : VD : Mail server domain vsiclab.net replay vo mail server domain vsicopenlab.com a. Ti domain vsicopenlab.com to 1 mailbox c tn RelayAccount b. Gn cho account va to quyn relay: Add-ADPermission Identity Default Ex-server2K7 User RelayAccount ExtendedRights ms-exch-smtp-accept-any-sender Lu : lnh trn c vit trn cng 1 dng c. Ti domain vsiclab.net to ra 1 Send connector lc ra nhng mail gi ra yahoo.com v relay sang vsicopenlab.com M Exchange Management Console Connectors New Send Connector Organization Configuration Hub Transport Send
Trang 94
Exchange 2007 Khai bo nh hnh minh ha d. Trong mn hnh Address space click Add, khai bo domain name: *.yahoo.com Next Next
e. Trong mn hnh Network settings: chn Route mail through the following smart host click Add khai bo tn mail server y ca domain vsicopenlab.com next f. Trong mn hnh Configure smart host , khai bo UN/PW to domain vsicopenlab.com Next Finish
g. Restart Microsoft Exchange Transport service h. T mail server vsiclab.net gi mail th ra yahoo i. Ti domain vsicopenlab.com Queue Viewer thy mail ang ch gi ra yahoo
Trang 95
Exchange 2007
Anti Spam
I. Mc ch: Trin khai chc nng Anti Spam trn Exchange II. Cc bc chun b: - 2 My ci Exchange 2007 v Outlook 2007 - 2 domain gi mail qua li c vi nhau - Mn hnh trc khi install Anti Spam
C:\Program Files\Microsoft\ExchangeServer\Scripts\install-AntispamAgents.ps1
Sau restart Microsoft Exchange Transport service Mn hnh sau khi install Anti Spam
Trang 96
Exchange 2007
III. Thc hin: 1. Cu hnh IP Block list: Khng nhn email t nhng server c IP c lit ke trong Block List. Trc ht, t domain vsicopenlab.com gi mail qua domain vsiclab.net tt a. Ti domain vsiclab.net IP Block List Properties
Trang 97
Exchange 2007 b. Trong Blocked Addresses click Add nhp vo IP ca domain vsicopenlab.com OK
c. T domain vsicopenlab.com gi th mail sang domain vsiclab.net nhn c thng bo li tr v c thng bo li c. Tr v domain vsiclab.net disable chc nng IP Block List vsicopenlab.com s gi mail qua li c.
ch 1 pht s lc ny bn domain
2. Cu hnh IP Block List Provider: Thay v t to 1 danh sch cc IP trong Block List, vsiclab.net s khai thc danh sch ny t mt Provider a. Properties trn IP Block List Providers
b. Click Add
Trang 98
Trang 99
Exchange 2007 f. To hostname l IP ca Mail server thuc domain vsicopenlab.com vit theo th t ngc Add host
g. Mn hnh kt qu nh sau
h. Kim tra : T domain vsicopenlab.com th gi mail sang domain vsiclab.net nhn c mail bo li tr v c thng bo li
ch 1 pht s
i. Tr v domain vsicopenlab.net disable chc nng IP Block List Provider. Sau cho domain vsicopenlab.com gi mail li gi c 3. Cu hnh Sender ID : chng gi mo Mail a. T domain vsicopenlab.com gi mail gi mo n domain vsiclab.net From : ctloc@vsiclab.net To : hpbao@vsiclab.net
Trang 100
Exchange 2007
b. Ti domain vsiclab.net user hpbao check mail s nhn c email gi mo ny c. Khai bo IP ca cc my c php gi mail mang tn domain vsiclab.net bng cch to 1 TXT record trong DNS ca domain vsiclab.net v=spf1 ip4:192.168.2.200 M dnsmgmt.msc Forward Lookup Zone phi chut trn zone name New Other record Text (TXT) Create Record
Trang 101
Exchange 2007 d. Trong Record name, khng khai bo g c Trong Text : nhp vo v=spf1 ip4:192.168.2.200 all OK
e. Bt ch t chi nhn mail khi IP ca ngi gi mail khng nm trong danh sch SPF nhn phi chut trn Sender ID Properties
chn Apply
g. Ti domain vsicopenlab.com thc hin li thao tc gi mo, quan st kt qu: 550 5.7.1 Sender ID (PRA) Not Permitted VSIC Education Corporation Trang 102
Exchange 2007
h. Tr v domain vsiclab.net disable chc nng Sender ID vsicopenlab.com s gi mail sang domain vsiclab.net c. 4. Cu hnh Content Filter : Lc mail theo t kha
khi bn domain
Trang 103
Exchange 2007
7. IP Allow List: danh sch nhng IP c php gi mail vo domain hin hnh k c trng hp nm trong Block List
8. IP Allow List Provider: Tng t IP Block List Provider nhng theo ngha ngc li
Trang 104