You have installed your Exchange 2003 Server. Now what?
Before creating users, there are a number of things that you should do to ensure that the server runs smoothly and is secure.
- Enable Message Tracking.
This shows you what Exchange is doing with messages. More Information.
- Secure the SMTP Relaying Feature
While Exchange is relay secure out of the box, it does allow authenticated relaying to take place. If you are not going to have users relaying email through your server - for example from Outlook Express, or the use is going to be limited, then you should review the relay settings. More Information.
- Setup an Email Admins group
This group should be used for setting any high level permissions on the server - for example as the owner of Public Folders. More Information.
- Setup an "All Staff" group
As well as allowing all of your users to email everyone else, the group can be used to secure other parts of the Exchange email system. More Information.
- Purchase an SSL Certificate.
This doesn't have to be a huge expense, a Certificates for Exchange SSL certificate will be fine. However by using a commercial SSL certificate you will avoid any certificate prompts and can easily deploy features like RPC over HTTPS or Exchange ActiveSync.
- Enable Recipient Filtering to Drop Email for Unknown Users
This will stop your server being used in an NDR relay spam attack. Filter Unknown Users.
- Open the relevant ports on your firewall.
For a secure Exchange server that is accepting email directly by SMTP, you only need two ports to be open - 443 (https) and 25 (smtp). No others need to be opened for Exchange to operate correctly.
- Configure DNS, MX and Server Banner
Not all of these changes will need to take place immediately, but should be addressed. More Information.
- Move the Exchange databases and logs.
If you have configured the server correctly, you will have separate drives for the transaction logs and database. Exchange doesn't use these by default, so you will have to move the databases and transaction logs using the correct procedure as outlined in this article: http://support.microsoft.com/kb/257184
- Configure an SMTP Connector.
While not strictly required for all configurations, an SMTP Connector even configured for DNS delivery is a good thing to have in place. More Information.
What has been skipped from the list above includes...
- Configure backups
- User Creation
- Additional Group Creation
- Updating the server with the latest service packs and updates from Microsoft.
Exchange 2003 Home Page - Site Home Page
Last Page Update: 20/03/2011
| More Content from Sembee Ltd. | ||
| Resources on exchange.sembee.info | Other Sites | Sembee Ltd. |
| Microsoft Exchange 2003 | Command Prompt Getting Started Guide | Microsoft Exchange Consultancy |
| Microsoft Exchange 2007 | Login Scripts | Director's Blog |
| Microsoft Exchange 2010 | MS Exchange Resources | |
| Microsoft Outlook | Knowledge Base search | |
| Exchange Networking Tasks | Recovery of MS Office content from Temp Files | |
| Amazon Store | Troubleshoot the Automatic Updates Client | |
| UK ISP Status Pages | ||
| © Sembee Ltd. 1998 - 2011. | ||
| Reproduction of any content on this web site is prohibited without express written consent. Use of this web site is subject to our terms and conditions. All trademarks and registered trademarks are property of their respective owners. This site is not endorsed or recommended by any company or organisation mentioned within and is to provide guidance only and as such we cannot be held responsible for any consequences of following the advice given.
Sembee Ltd. is registered in England and Wales at 33 Scrivens Mead, Thatcham, Berkshire, RG19 4FQ. | ||