EXCHANGE MAIL

(PRESENTATION 2)
 TOPICS COVERED IN THIS PRESENTATION

 What is Database Availability Group (DAG) ? Slide 3, 4, 5

 Role of Active Manager Slide 6, 7
 Best Copy Selection Process Slide 8
 Data centre Activation Coordination(DAC) Mode Slide 9, 10

 What is Split Brain Syndrome ? Slide 11

 What is an MX Record ? Slide 12

 MRM – Message Records Management Slide 13

 Retention Tags Slide 14

 Remote Domains and Accepted Domains Slide 15

 Accepted Domains Slide 16

 SPF, DKIM and DMARC Slide 17, 18
What is Database Availability Group
• A database availability group (DAG) is a high availability (HA) and data recovery
feature of Exchange Mail 2010.
• There are only up to 16 database copies per DAG.
• Adding Multiple mailbox servers to the DAG and replicating all mailbox databases with
other member servers provides automatic failover recovery at the database level.
• You will need just two Mailbox Server to start with the high-availability features of
Exchange 2010.
• The database switch-over time is less than 30 seconds which will significantly improve
the overall up-time.
• Any server in the DAG can host a copy of a mailbox database from any other server in
the DAG.
 How it Works ?
• In the given illustration on
how DAG can provide High
Availability on the mailbox
database. In this scenario we
have a four member DAG,
each member holding two
database copies from other
member servers.
• Now, assume that there was a
catastrophic hardware failure
on MBX01, now the system will
automatically activate the copy
of DB1 hosted on MBX02. 

• Once all the databases are

healthy, you can switch the
active database as it was earlier.
In this scenario, this DAG will
function with all four online
databases even if are two
servers are offline.
Understanding the Role of Active Manager
• Active manager is a role that runs on a mailbox server.
• Two active manager roles will be in use when the mailbox server is a member of a
DAG; Primary Active Manager (PAM) and Standby Active Manager (SAM). 
• PAM is the Active Manager in a DAG that decides which database copies will be
active and passive.
• PAM is responsible for getting topology change notifications and reacting to
server failures.
• The SAM detects failures of local databases and the local Information Store. 
•  A SAM does not determine the target of failover, nor does it update a database’s
location state in the PAM. 
• All the monitoring of active and passive
databases and coordinating the activation
of database during failover or switch-over
happens automatically. 

• However, admins can have some control

over the Best Copy Selection(BCS) process.

• Administrator can configure a preferred

activation order of database copies using
the Exchange Management Console.
Best Copy
Selection Process
•The Active Manager starts the Best Copy
Selection(BCS) process when a Active
Database is unreachable.
• The BCS process will create a list of
database copies which are best for the
activation according to ten set of criteria.
•In the BCS process, Active manager will
create a list of database copies using the
copy queue length as a Primary Key.
•Active Manager will use the value of
Activation Preference as a Secondary Key for
sorting.
•Lowest Activation Preference means
highest priority.
Data centre Activation Configuration
(DAC) Mode
• Exchange has a special DAG mode called Data centre Activation Coordination
mode.
• DAC adds an additional requirement for DAG members during start-up, being
the ability to communicate with all known DAG members or contact a DAG
member which states it’s OK to mount databases.
• In order to achieve this, a protocol was devised called Data centre Activation
Coordination Protocol (DACP). 
Working Of the DACP protocol
The Split Brain
Syndrome
• Consider your secondary data centre is up and running and
you start recovering the primary data centre.
•You recover the server hosting the File Share Witness and
both servers; network connection is still down.
•So, because they have quorum they are free to mount
databases resulting in divergence from the secondary data
centre, the current state.
• This
situation is called split brain syndrome, because both
DAG members in each data centre can’t communicate with
DAG members in the other data centre.
•Bothgroups of DAG members may determine they have a
majority.
•Splitbrain syndrome can also occur because of network or
power outages, depending on the configuration and how
the failure manifests.
What are MX Records ?
• MX, or Mail Exchange, records are used by
mail servers to determine where to deliver
email.
• MX records must be used in conjunction
with A records.
• The A record will point to the mail server(s).
• When another mail server wants to
communicate with your mail server, it will
look for an MX record.
• That MX record must point to the A record
which points to the mail server’s IP
address. 
MRM – Message Record Management
• Messaging records management (MRM) is the records management technology in Exchange Server
that helps organizations manage email lifecycle and reduce the legal risks associated with email.
• Deploying MRM can help your organization in several ways:
1. Meet business requirements - you may need to retain important email messages for a certain period.
2. Meet legal and regulatory requirements - legal or regulatory requirement to store messages for a
designated period and remove messages older than that period.
3. Increase user productivity
4. Improve storage management
• In Exchange Server, MRM is accomplished through the use of retention tags and retention policies.
• Retention tags are used to apply retention settings to an entire mailbox and default mailbox folders such
as Inbox and Deleted Items.  
• When a message reaches its retention age specified in the applicable retention tag, the Managed Folder
Assistant takes the retention action specified by the tag. 
 Retention Tags And Retention Policies
• Retention tags are used to apply
retention settings to folders and
individual items such as email
messages and voice mail.
• These settings specify how long a
message remains in a mailbox and
the action to take when the message
reaches the specified retention age.
• When a message reaches its
retention age, it's moved to the user's
In-Place Archive or deleted.
Remote Domains And Accepted Domains
REMOTE DOMAINS
• Remote domains are used to control
various aspects of messages sent to
recipients in domains that are
external to the local Exchange
organization.
ACCEPTED DOMAINS
• Exchange  Server introduced new terminology
for describing domain names  that it will
accept email for, and what it will do with that
email.
• This is referred to in Exchange Server 2007 as
Accepted Domain .
• Accepted Domains fall into one of 3
categories – Authoritative, Internal Relay,
and External Relay. 
• Any given namespace that is an Accepted
Domain can be only one of those three types.
Accepted Domains
Authoritativ
e Domain
Authoritative Domains are those
for which an Exchange
organization
hosts mailboxes that have email
addresses that use that domain.
E.g. tcs.com
An organization can have more
than one Authoritative Domain
configured.   corresponding mailbox in the
E.g. tcsservices.com
Internal
Relay
Internal Relay domains are
common when two companies
have merged but
are yet to consolidate their
Exchange environment into a
single
organization.   your exchange environment.
Configuring an Internal Relay
Domain means forwarding all
emails which does not have
exchange organization but the
email address are in the contact
list of exchange. 
External
Relay
The External Relay Domain is
different from the Internal Relay
Domain because when you
configure an external relay
domain messages are relayed to
an email server which is outside
 
External Relay domains are those
for which an Exchange
organization
will accept email, but hosts no
mailboxes for that domain.
What are SPF & DKIM?
DKIM
SPF
• DKIM is a method to validate
the authenticity of email
messages.
• When each email is sent, it is
signed using a private key and
then validated on the receiving
mail server (or ISP) using a
public key that is in DNS.
• This process verifies that the
message was not altered during
transit. 
• SPF is a way for ISPs (like Gmail,
Yahoo, etc) to verify that a mail
server is authorized to send
email for a domain.
• It is a white-list for the services
who are allowed to send email
on your behalf.
• Like DKIM, SPF also works via
DNS. 
What have SPF and DKIM got to do with DMARC ?
• With SPF and DKIM, it is up to the ISP to decide what
to do with the results.
• DMARC takes it a step further and gives you full
control to set a policy to reject or quarantine emails
from sources you do not know or trust, all based on the
results of DKIM and SPF.
• For instance, since PayPal is a huge target for email
fraud, they publish a DMARC record that says if DKIM
or SPF fails, reject the message.
• Participating ISPs will look at this policy and discard
the emails that fail.
• In the 2013, DMARC helped PayPal stop an estimated
25 million attacks according to a report by Agari.
• DMARC lets you tell ISPs how you want them to
behave if SPF and DKIM fail or are not present.
Thank You