You are on page 1of 13

Installing Exchange Server 2003

1) Install the Windows 2003 Server Support Tools.


2) Download the latest Exchange Server Exchange Deployment tools, run exdeploy.hta.
3) Set Messenger service to automatic startup.
4) Follow the Checklist for New Exchange Installation
5) Install Exchange to C:\exchsrvr, Create a new Exchange Organization
6) Download and install Exchanger Server 2003 SP-2
7) Switch from Mixed Mode to Native Mode. (Active Directory and Exchange)
8) Use Internet Mail Wizard to setup mail domains and connectors
Outlook Web Access Administration
Download and install Microsoft Exchange Server Outlook Web Access Web Administration
http://www.microsoft.com/downloads/details.aspx?familyid=4BBE7065-A04E-43CA-8220-
859212411E10&displaylang=en

Exchange Server 2003 Mailflow (Part 1)


This is part one of a two part article. Part one deals with the basics of message delivery and transmitting
from Outlook to Exchange and between Exchange Servers. Part two of the article will try to help you
troubleshoot e-mail delivery and message flow.
Let’s begin
There are several components that are involved in the Mail delivery process.
Information Store (Store.exe)
The Microsoft Exchange Server Information Store (Store.exe) is the end point for e-mails sent to users on
this server. It is also the start point for e-mails which are sent by MAPI clients, like Microsoft Outlook
2003, which directly connect to the MSExchangeIS.

Figure 1: MSExchangeIS

Exchange Server 2003 Database Technology


Exchange uses Extensible Storage Engine (ESE) to maintain transaction-based databases, and uses write-
ahead transaction log files to ensure that Exchange data is efficiently processed. The transaction-oriented
Exchange store provides for maximum recoverability. A transaction can include multiple actions, but for
the transaction to be committed, all actions must complete successfully. If one part of the transaction
cannot be completed, the entire transaction is rolled back and not committed to the database.

Page 1 of 13 Revised: 2/21/2008


Exchange Storage Architecture
Exchange servers store data in two files: an .edb file and an .stm file. Together, the .edb file and the .stm
file form an Exchange store repository. For example, the default mailbox store on an Exchange server
uses files named Priv1.edb and Priv1.stm. The default public folder store uses the files Pub1.edb and
Pub1.stm. The .edb file contains many tables that hold metadata for all e-mail messages and other items
in the Exchange store, in addition to the contents of MAPI messages. The .edb file is an ESE database,
and because it is used primarily to store MAPI messages and attachments, it is also referred to as the
MAPI-based database. The .stm file, in contrast, stores native Internet content. Because Internet content is
written in native format, there is no need to convert messages and other items to Exchange format (as in
Exchange 5.5 and earlier). The .stm file is also an ESE database, referred to as the streaming database.
The .edb and .stm files function as a pair, and the database signature (a 32-bit random number combined
with the time that the database was created) is stored as a header in both files. The internal schema for the
.stm pages is stored in the .edb file.
Exchange Server 2003 uses transactions to control changes in storage groups. These transactions are
recorded in a transaction log, similar to the way transactions are stored in traditional databases. Changes
are committed or rolled back based on the success of the transaction. If there is a failure, you use
transaction logs (together with the database files and, in some cases, the checkpoint file) to restore a
database. The facility that manages transactions is the Microsoft Exchange Information Store service
(Store.exe). Any uncommitted transaction log entries are also considered part of a current Exchange
database, as illustrated in the following figure.
Current Exchange Server 2003 database

The following two types of databases are available in Exchange Server 2003:

• Private store databases These databases store mailboxes and message queues for MAPI-
based messaging connectors.

• Public store databases These databases store public folder hierarchies and public folder
contents.

Exchange InterProcess Communication (EXIPC)


EXIPC is responsible for Data Transfer between Internet Information Server 6.0 (IIS) and the Microsoft
Exchange Server Information Store (MSExchangeIS). EXIPC provides a layered service between both
components to achieve the best possible performance between IIS dependant components and the
Exchange databases. All Internet Client Access Protocols like HTTP/S, SMTP, POP3 and IMAP4 are
configured and managed by IIS with some exceptions.

Page 2 of 13 Revised: 2/21/2008


Figure 2: EXIPC Layer

Through Virtual Servers, multiple configurations of the same protocol can exist on a single Exchange
Server.
Advanced Queuing Engine (AQE)
The Advanced Queuing Engine (AQE) is responsible for creating and managing message queues for e-
mail delivery. When AQE receives a Simple Mail Transfer Protocol (SMTP) mailmsg object, this object
will be forwarded to the Message Categorizer. The Advanced Queuing Engine then queues the Mailmsg
object for message delivery based on the Routing information provided by the Routing Engine process of
Exchange Server 2003.
The Message Categorizer is part of the Advanced Queuing Engine and is responsible for address
resolution on every Mailmsg object that flows through the AQE. The Message Categorizer is
implemented as an Event Sink. The Message Categorizer is also responsible for splitting messages into
RTF or MAPI.
Routing Engine
The Exchange Routing Engine uses Link State information for e-mail routing. The Routing Engine will
forward this information to the Advanced Queuing Engine.
Please note:
The SMTP Stack from Windows Server 2003 will be extended through the Exchange Server installation

Page 3 of 13 Revised: 2/21/2008


process with several enhancements. One of these enhancements is the implementation of the
XLINKSTATE protocol.
The Routing Engine creates and maintains the Link State information for every Exchange Server and is
also responsible for routing the messages to inbound or outbound destinations.
SMTP Service
The SMTP Service processes incoming traffic from any SMTP host. SMTP is also used in most
communications between Exchange Servers (except Exchange 5.x Servers which use RPC for message
transferring). SMTP is also responsible for some advanced Exchange Server functions like Message
Journaling. During the Exchange installation, the built in SMTP Service from Windows Server 2003 will
be extended with several new functions. Some of the Enhancements are:
• Moving the Message Queue Directories to the Exchange installation Directory
• Providing support for the LSA (Link State Algorithm) in SMTP
• Moving SMTP Messaging from IIS to the Exchange System Manager
Message Flow
• MAPI client sends a message to a remote recipient
• Information Store (Store.exe) receives the message
• The created MailMsg object is forwarded to the Advanced Queue Engine (AQE)
• The Message Categorizer from the AQE processes the MailMsg object and splits it into MIME or
RTF as necessary
• The Message Categorizer expands groups and checks defined Message limits on Exchange
• The MailMsg object is then transferred to the Remote Destination Domain within the AQE
• The AQE passes the destination address to the Exchange Routing Engine
• SMTP initiates an SMTP session with the remote SMTP host
• After the SMTP session with the remote host has been established, the information store retrieves
the body of the message and converts the message as necessary
• SMTP sends the Message from the Queue to the Remote Host
The following Exchange Features require the use of SMTP:
• Intra Server Message Delivery
• Inter Server Message Delivery
• Message Delivery to the Internet
• Exchange of Routing Information
Intra Server Message Delivery
SMTP will be used for Intra Server Message Delivery for several components like Message Journaling
and Message categorization. Exchange Servers in the same Routing Group use SMTP to communicate
with each other.
Message delivery to the Internet
SMTP is often used to deliver e-mail to other exchange organizations or other messaging systems.
Exchange Server 2003 can use the Virtual SMTP Server to deliver messages, or one or more Exchange
SMTP Connectors or Routing Group Connectors.
MX Record
A Mail Exchanger Record (MX Record) is a special DNS record specifying how e-mail should be routed.
When a message should be sent to that domain, a DNS lookup into the destination DNS domain occurs

Page 4 of 13 Revised: 2/21/2008


and will look for an MX record and a responding A Record. The E-Mail will then be sent to the specified
Exchange FrontEnd or BackEnd Server for message delivery.

Figure 3: MX Record in NSLOOKUP

Relaying
SMTP Relaying occurs when one SMTP host forwards e-mail to another SMTP host. Open SMTP
relaying occurs when the SMTP host accepts messages from recipients outside the organization and
forwards the messages to other recipients that are also outside the organization.

Figure 4: Relaying

If the Exchange Server allows everyone without authentication to deliver messages, the server is called an
Open Relay. Open Relays can be used to send UCE (Unsolicited Commercial E-Mail). By default
Exchange Server 200x is not an open relay.
The following steps describe the process:
• The unauthorized user sends an e-mail message to the SMTP Server and addresses multiple
recipients in the message. The recipients in the e-mail are in domains external to the Exchange
Server's Messaging Organization.
• The Exchange Server accepts the Message.

Page 5 of 13 Revised: 2/21/2008


• After Exchange has accepted the message, Exchange delivers this message to an outside SMTP
host because there is no match in the recipient policies in the exchange organization.

Exchange Server 2003 Mailflow (Part 2) - Troubleshooting


There are several places and tools which can help you find the reason for failed or delayed message
delivery.
Queues
If you are looking for e-mail messages which were not delivered to their recipients, one of the first places
to look to see where the Message has gone is the Queue Viewer. You can find the Queue Viewer in the
Exchange System Manager directly under the Server Node.
There are several Queues of interest and you should have a look at the state of the Queues and the number
of messages in the Queue. If there are any messages in the Queue, you can select the Queue and you will
see more information about possible problems in the info pane. If you right click the Queue you can force
a connection if the problem is only temporarily.
Explanation of Queue Types
DSN messages pending submission
This folder contains Delivery Status Notifications awaiting delivery. Its primarily used for NDR’s – Non
Delivery Reports.
Failed message retry queue
Contains outbound messages which couldn’t be delivered to their destination but will be given another
attempt.
Local delivery
Contains inbound messages for delivery to mailboxes on the Exchange server.
Messages awaiting directory lookup
Contains inbound messages awaiting recipient lookup in Active Directory.
Messages pending submission
Contains messages accepted by the SMTP virtual server, but haven’t yet been processed.
Messages queued for deferred delivery
Contains messages queued for deferred delivery (later time).
Messages waiting to be routed
Contains outbound SMTP/X400 messages still waiting to be routed to their destination server, when it has
been determined the message will be sent.

Figure 1: Queue Viewer

Page 6 of 13 Revised: 2/21/2008


For Troubleshooting reasons it is also possible to Stop all Outbound Mail if you click the Symbol in the
Queue viewer. Please note that in the picture above Outgoing Mail has already been stopped. Outbound e-
mail delivery was stopped for the purposes of this article so that some Messages in the Queues can be
easily shown.

Message Tracking
One of the fundamental settings that every Exchange Server should have enabled is the Message Tracking
option. The Message Tracking option enables the logging of every e-mail message and, if enabled, for the
message subject. You should enable message subject tracking only on low utilized Servers.

Figure 2: Enabling Message Tracking

After the Message Tracking feature has been enabled, the Message Tracking Feature can be used in the
Exchange System Manager to find messages sent to recipients.

Figure 3: Message Tracking Center

If an e-mail message is selected, the message can be clicked in order to see the message delivery status
details.

Page 7 of 13 Revised: 2/21/2008


Figure 4: Message History

As can be seen in the picture above, the message was Submitted from Store, delivered to the AQE,
submitted to the Categorizer, Queued for Routing and Queued for Remote Delivery.
SMTP Logging
With Exchange Server 2003 it is possible to use extended SMTP Logging for troubleshooting purposes. If
SMTP Logging is enabled, Exchange will write every outgoing mail through SMTP in a special logfile
located by default in \Windows\System32\Logfiles\SMTPSVC1 where SVC1 is the first Virtual SMTP
Server. You must enable this feature in the Exchange System Manager under the protocol container from
the Exchange Server object. Enable all options in W3c Extended Log File Format.

Figure 5: SMTP Logging

After enabling this feature, the generated logfile can be opened and the detailed steps are shown in the
SMTP connection process.
For better viewing and analyzing, it is possible to export the logfile into Microsoft Excel. With Microsoft
Excel the logfile can be formatted so that it is easier to analyze its content.

Page 8 of 13 Revised: 2/21/2008


Figure 6: SMTP Logfile

Diagnostic Logging
One other troubleshooting helper is the Diagnostic Logging of Exchange Server 2003. Diagnostic
Logging sets the details that are logged in the Event Viewer for specific Exchange components to a higher
level, so more information will be logged in the Event Viewer Application Log .
Diagnostic Logging should only be enabled when troubleshooting specific problems because Diagnostic
Logging quickly fills the Event Log. The Logging Level can be set from None to Maximum in the GUI
but there is also a Registry Key for setting the Logging Level to Level 7 for SMTP Logging purposes.
Diagnostic Logging must be enabled in the Exchange System Manager under the Exchange Server object.
After enabling the Diagnostic Logging feature the Event Viewer can be analyzed for specific problems.

Figure 7: Diagnostic Logging

Page 9 of 13 Revised: 2/21/2008


Some basic information about POP3 and SMTP
POP3
Short for Post Office Protocol, a protocol used to retrieve e-mail from a mail server. Most e-mail
applications (sometimes called an e-mail client) use the POP protocol, although some can use the newer
IMAP (Internet Message Access Protocol).
There are two versions of POP. The first, called POP2, became a standard in the mid-80's and requires
SMTP to send messages. The newer version, POP3, can be used with or without SMTP.
Beginning with Exchange 2003 we have to activate POP3 support after the Exchange installation, because
Microsoft has disabled some services for security reasons (POP3 communication is unencrypted per
Default – but you can use TLS to ensure security).
SMTP
Short for Simple Mail Transfer Protocol, a protocol for sending e-mail messages between servers. Most e-
mail systems that send mail over the Internet use SMTP to send messages from one server to another; the
messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is
generally used to send messages from a mail client to a mail server. This is why you need to specify both
the POP or IMAP server and the SMTP server when you configure your e-mail application.
Connecting to POP3
Open Telnet (Start – Run – CMD – Telnet) and write the following line:
TELNET Servername.Domain.TLD 110 (in our example TELNET London.nwtraders.msft 110).
What do we see here?
+OK - The Exchange Server accepts Connection to Port 110
Exchange Server 2003 POP3 - It is a Exchange 2003 Server
Version 6.5.7226.0 - The Exchange Version Number
London.nwtraders.msft - The FQDN of the Exchange Server
USER MSEXchangeORG - The name of the user to connect to the mailbox
PASS Fake001 - The password of the user (transmitted unencrypted over the network)
LIST - Lists all E-Mails in the mailbox
RETR 1 - Display the selected E-Mail
A very interesting part is the displayed body of the E-Mail. You can see the encapsulation of the E-Mail,
MIME type, Message ID and much more helpful information.
POP commands
USER The User you would like to connect to
PASS The password of the user (transmitted unencrypted over the network)
STAT Overview over the POP3 mailbox
LIST Displays every message in listform
RETR Displays selected message (RETR 1)
DELE Deletes selected message (DELE 1)
NOOP NO Operation
RSET Undo DELE function
QUIT End POP3 Session

Connecting to SMTP
Open Telnet (Start – Run – CMD – Telnet) and write the following line:
TELNET Servername.Domain.TLD 25 (in our example TELNET London.nwtraders.msft 25).

Page 10 of 13 Revised: 2/21/2008


Figure 3: EHLO commands

SMTP supports two verbs: HELO and EHLO


The HELO or EHLO verbs in SMTP are how the client identifies itself to the server. Clients that use
single-label domain names, or domain names that the server cannot look up in the DNS database, are
broken or misconfigured.
EHLO is the successor of the HELO verb and supports many more commands. The supported EHLO
verbs are different from Mailserver to Mailserver. Exchange 2003 supports the EHLO verbs displayed in
(Figure 3).
A very important EHLO verb is AUTH. AUTH lists the supported authentication methods for connecting
to the SMTP Server. Exchange 2003 supports GSSAPI, NTLM and LOGIN.
Some ISP SMTP servers doesn’t support AUTH. They use SMTP after POP. SMTP after POP
authenticates a user through a successful POP3 connection and lets him use the SMTP protocol with the
applied credentials through the POP3 connect.
In our example we use the basic HELO command to connect.

Figure 4: Write a e-mail through telnet

What do we see here?


220 London.nwtraders.msft - the Server listens on the given SMTP port
Microsoft ESMTP Mail Service - This Server supports Extended SMTP
Version: 6.0.3790.0 ready - This SMTP Service is hosted by Windows 2003
HELO - Initiates connection (requires domain name by most SMTP servers)
250 London.nwtraders.msft - Server accepts connections on IP address 192.9.200.116
MAIL FROM: Name@domain.tld - The Sender of the Message
RCPT TO: Name@domain.tld - The Recipient of the Message
DATA: - Input e-mail data for subject and body
SUBJECT: - the subject line of the message

Page 11 of 13 Revised: 2/21/2008


Enter the data for the message body. At the end of the message type <CRLF> “.” <CRLF>
The message will be transmitted through the destination address through Exchange.
SMTP commands
HELO Identifies the Client
MAIL Specifies Mail Sender
RCPT The Recipient of the message
DATA The Data part of the message
RSET Resets message transmitting
VRFY Verifies e-mail address
EXPN Expand a mailing list
DSN Delivery Status Notification
HELP Displays help
NOOP NO Operation
TURN Mail TURN
ETRN Extended TURN
VERB Verbose Mode
QUIT End SMTP Session

SMTPDIAG
SMTPDIAG is a simple Tool for testing the SMTP Message flow from Exchange Servers to outside
SMTP or Exchange Servers.
SMTPDIAG can be downloaded from the Microsoft Exchange 2003 Tools Website.
http://www.microsoft.com/downloads/details.aspx?familyid=BC1881C7-925D-4A29-BD42-
71E8563C80A9&displaylang=en After downloading and extracting the SMTPDIAG Tool, open a
command prompt and start SMTPDIAG.
SMTPDIAG administrator@mwtraders.msft grotem@it-training-grote.de starts the SMTPDIAG process.
SMTPDIAG now checks DNS settings and initiates an SMTP connection to the destination system
without sending mail.
SMTPDIAG has only two options.
• /V = enables Verbose Mode and shows some more details which are hidden in Standard Mode.
• [-d target DNS] = This parameter is optional. The IP address of the target DNS server can be
specified in order to look up remote MX records. This is often configured as an external DNS
server in Exchange. An external DNS can be configured at the Exchange virtual server level but
not for the Internet Information Services SMTP service.

Page 12 of 13 Revised: 2/21/2008


Page 13 of 13 Revised: 2/21/2008

You might also like