Microsoft Forefront Security for Exchange Server integrates multiple scan engines from industry-leading security firms into a comprehensive, layered solution, helping businesses protect their Microsoft Exchange Server messaging environments from viruses, worms, spam, and inappropriate content. In this post i documented the installation of Microsoft Forefront Security for Exchange 2007 in the form of a tutorial.
Yep, today is a geeky freaky day. I’ll install an Exchange 2007 SP1 on a Microsoft Windows Server 2008 x64 Datacenter. Unfortunately the whole Microsoft Exchange Server will be installed on one single server.
From the security perspective this setup is not recommended, anyway, that’s the way to go..
Starting position is: a Server with Microsoft Windows 2008 x64 Datacenter Edition (Installing it on a Standard and Enterprise Edition does not make a difference)..
First Step is, join a the Server to an existing Domain. Exchange Server Setup won’t let you install Exchange Server on a Machine which is not member of a domain.
Whenever you start Setup.exe run it elevated (Run as administrator)
Spam filtering involves analyzing various pieces of information. The email itself is of course one full bag. The SMTP command parameters and DNS also contribute their share. Today we look at just one piece of the puzzle, the language used to author an email or more precisely the character set.
Before moving further, I will cover some basics. In simple terms a character set is a collection of characters allowing us to express ourselves in one or more languages. A single character sets is often able to cover a number of languages having small variations across them. For example Windows-1252 caters for English and various Western European languages.
more about CharacterSet on Wikipedia
Character Sets in SMTP Emails
SMTP as defined in RFC2821, only allow the use of 7-bit ASCII characters. This is a very small set that is unable to go much beyond the English language. Thus it was necessary to enable SMTP emails to somehow convey texts from other languages. The MIME standard provided a solution, defining methods for encoding non-ASCII text.
The basic idea is that of encoding character sequences from other sets using exclusively the 7-bit ASCII repertoire. MIME provides two solutions, one for email bodies and the other for headers such as the Subject, From and To.
MIME breaks emails into parts, packaging together blocks of content and headers. An email body is contained within a MIME part whose headers identify the character set and encoding type. In this manner an email exposes the character set used on authoring the content and specifies the encoding used to package it in 7-bit ASCII. This is enough for the receiving end to retrieve the body as originally intended.
Here is a snippet showing a body in ISO-2022-JP character set, widely used for the Cyrillic Language.
Adding koi8-r to your Microsoft Exchange Content Filter, for example, will flag or rate all emails using this charset as junk / spam.
A self-signed Microsoft Exchange 2007 Security Certificate is valid for a period of one year. After this period you’re required to re-issue a new certificate. This can be done using EMS (Exchange Management Shell) and the New-ExchangeCertificate CommandLet (cmdlet).
If you do not update / reissue the certificate, Outlook will complain about this issue displaying a Security Warning on the users display (this one’s in German).
Step-by-step (quick tutorial):