Last week I have been working on an Exchange 2007 migration. After preparing the server for installation I installed the CAS/hub role. Everything went fine till we wanted to modify the settings of the virusscanner. For some strange reason it was not possible to add some exclusions and it was not possible to remove the virusscanner.

Mail flow issues in coexistence scenario

In a lot of cases Exchange 2007 wil be installed in the current Exchange 2003 environment. During the setup you will have to choose the Exchange 2003 bridgehead server to use for sending mail to the other organization and the internet. After this a routing group connector will be created which will be used to transport mail.

Use Powershell script to disable mailboxes

Why do it the hard way instead of the easy way,  imagine you’ve got several mailboxes which you would like to disable and you’ve got them listed in a CSV file. Why shouldn’t you use Powershell to do this.

Installation of Groupshield changes authentication method

Redirect port 80 to 443 with IIS

I think you may have needed it in the passed, you want to prevent that users can access a website on port 80 but also want to prevent they got an error displayed. The script below is the solution for this issue, it will redirect the user to the https version of the website.

Prepare Windows 2008 for Exchange 2007

Just as like Windows 2003 you need to add some components to Windows 2008 before you can install Exchange 2007. In this tutorial I will explain which need to be installed on which server and made some scripts for it, that’s far more easier then typing the commands one by one ;-).

Why you don’t need to slipstream SP1 for Exchange 2007

Rollup 6 for Exchange 2007 Service Pack 1 released

Microsoft has release Rollup 6 for Exchange 2007 SP1 today. This rollup contains several fixes among which:

Block unknown internal domains with Trend Micro IMSS

Maybe you have seen it mails from unknown domains will be relayed via the internal mailserver or mailserver that is placed in the DMZ. Normally when configuring the mailservers correctly it’s not possibly to send mail from a domain which is not hosted on the internal mailserver. But it can also be that a virus is active on a mailserver which is allowed to relay.</p>

In this tutorial I will explain how you can create a policy in Trend Micro IMSS to prevent this. The way of configuring is not really the way you think you have to do it, but the endresult will work.

First we will create a rule which matches incoming messages.

Select the button add and choose the option other.

Ensure that the this rule will apply to option is set to incoming , we wil change this later to both incoming and outgoing messages. We could not do this right now because the policy will not be created correctly then.

Next select on the link recipients a new window will be opened.

Select the option anyone and select save, the window will close. Next click on senders a new windows will be opened again.


Select the option anyone and select save, the last parameter we need to define in this step is the exceptions.

Add the following exception:

Repeat this for each domain.

When ready click on save to save the changes, you will get the following overview after this.

Click on the next button to continue. In this step we will define the conditions when a mail must be scanned by this policy.

In this case we want to scan all messages so we don't select anything en click on the next button.

You will get a warning that all messages will be scanned if not choosing any condition. Confirm this by clicking on the OK button.

The next step is the action that needs to be executed when a mail meets the conditions. In this case we will delete all messages which meet the conditions. You could choose to quarantine the messages, if you would like to do this change the action.

Next we will define the name and number of the policy. Keep in mind that the policy always needs to be created below the Global Antivirus Rule and Default Spam Rule. You may choose to not activate the policy right now but activate it after the steps below.

When you return to the policy overview you can see that the policy is added.

Now we have added the policy we need to change it. This because it's not possible to add *@* as sender/recipient in this policy when choosing the option to apply this policy on both incoming and outgoing messages.

Click on the policy to view the details

Click on if recipient and senders are

Change the option this rule will apply to to both incoming and outgoing messages. Next we will change the exceptions. This can be done by clicking the link Senders and Recipients after the option exceptions.

Add the following exception:

Add the exception for each domain, when ready click save 4 times to return to the policy overview. If you have not activated the policy activate it.

Use regular expressions in Exchange 2007

In the transport rules from Exchange 2007 you can use regular expressions. This can let you block specific words. But what happens in some cases is that correct words are also blocked because they contain the blocked specified character pattern. You can prevent this by using one or more of the parameters below: