Monday, May 14, 2007

MSExchangeTransport.exe & No More IIS in exchange 2007

Is Exchange 2007 secure enough to be deployed as SMTP mail gateway in corporate environment? The answer is to this question will be "YES" from my point of view.

If we look at the advantages and new architect in SMTP stack exchange 2007, we will quickly realize the power and stability, and the need for deploying Exchange Edge server into corporate networks. Exchange 2007 has its own SMTP stack, supplied by the service called Microsoft Exchange Transport service (MSExchangeTransport.exe). Previous versions of Exchange (exchange 2000 and 2003) were using the SMTP stack built right into the IIS. The SMTP is the core protocol for Exchange. The SMTP service runs in the Inetinfo process and when extended through Exchange event sinks, processes all inbound and outbound messages. When messages pass through the transport subsystem, SMTP makes heavy use of Internet Information Services (IIS) resources.

In Exchange 2007, the SMTP protocol is provided by the Microsoft Exchange Transport service (MSExchangeTransport.exe). In earlier versions of Exchange, the SMTP protocol service was provided by Internet Information Services (IIS). The SMTP stack is the core infrastructure of Exchange. Without it, you can't send and receive e-mail messages.

Exchange 2007 provides a stable transport that addresses the most common security risks. By rewriting the transport stack in managed code and running as the Network Service account, Microsoft has reduced the risks that are associated with denial of service attacks. This new SMTP transport stack is a required part of Exchange. It eliminates the dependency on IIS and reduces the work that is required to help secure a server for perimeter network (DMZ) deployment.

The Microsoft Exchange Transport service controls every component of message processing, from SMTP IN to SMTP OUT. A series of configurable SMTP Receive agents are triggered at various SMTP events. The Microsoft Exchange Transport service enables these agents to process messages as they pass through SMTP transport, performing anti-spam, antivirus, and other tasks before messages are submitted to the categorizer. During categorization, name resolution, routing resolution, and content conversion occur. Additional agents are triggered at this point of the transport pipeline. These agents provide the Transport Policy and Compliance features that enable an administrator to determine how a message is handled and archived.

Since the risk associated with SMTP is not the biggest concern anymore, deploying Edge transport server into DMZ will be used more and Exchange Transport server will replace many of the hardware third party appliances eventually.

Many third party vendors are charging per mailbox, this becomes a huge budget in the environment of large enterprise for instance (70.000 mail enabled objects).

I am positive exchange 2007 will have a strong place soon in corporate environments, by saving $$$$$ and showing stability

Security Configuration Wizard for Windows Server 2003

SCW policy Guide

Below are the Exchange services.

  

MSExchangeTransport .exe

The Microsoft Exchange Transport service controls every component of message processing, from SMTP IN to SMTP OUT


 

Service Name

Executable

Description

Microsoft Exchange Active Directory Topology Service

MSExchangeADTopologyService.exe

Provides Active Directory topology information to Exchange services. If this service is stopped, most Exchange services are unable to start.

Microsoft Exchange Anti-spam Update

Microsoft.Exchange.AntispamUpdateSvc.exe

 

Microsoft Exchange EdgeSync

Microsoft.Exchange.EdgeSyncSvc.exe

 

Microsoft Exchange File Distribution

MSExchangeFDS.exe

 

Microsoft Exchange IMAP4

Microsoft.Exchange.Imap4Service.exe

 

Microsoft Exchange Information Store

store.exe

Manages the Microsoft Exchange Information Store. This includes mailbox stores and public folder stores. If this service is stopped, mailbox stores and public folder stores on this computer are unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Microsoft Exchange Mail Submission

MSExchangeMailSubmission.exe

Submits messages from the Mailbox server to the Hub Transport servers.

Microsoft Exchange Mailbox Assistants

MSExchangeMailboxAssistants.exe

Performs background processing of mailboxes in the Exchange store.

Microsoft Exchange Monitoring

Microsoft.Exchange.Monitoring.exe

Allows applications to call the Exchange diagnostic cmdlets.

Microsoft Exchange POP3

Microsoft.Exchange.Pop3Service.exe

 

Microsoft Exchange Replication Service

Automatic

The Microsoft Exchange Replication Service provides replication functionality for Mailbox server role databases and is used by local continuous replication and cluster continuous replication.

Microsoft Exchange Search Indexer

Microsoft.Exchange.Search.ExSearch.exe

Drives indexing of mailbox content, which improves the performance of content search.

Microsoft Exchange Service Host

icrosoft.Exchange.ServiceHost.exe

 

Microsoft Exchange System Attendant

Provides monitoring, maintenance, and Active Directory lookup services, for example, monitoring of services and connectors, defragmenting the Exchange store, and forwarding Active Directory lookups to a Global Catalog server. If this service is stopped, monitoring, maintenance, and lookup services are unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

mad.exe

Microsoft Exchange Transport

MSExchangeTransport.exe

The Microsoft Exchange Transport Service

Microsoft Exchange Transport Log Search

MSExchangeTransportLogSearch.exe

Provides remote search capability for Microsoft Exchange Transport log files.

Microsoft Search (Exchange)

Manual

 


 

Deploying a Large Exchange Server 2007 Organization

Best Regards

Oz Ozugurlu

No comments: