In my earlier blog posts Building Hosted Exchange Part I (overview), Building Hosted Exchange Part II (Active Directory) and Building Hosted Exchange Part III (Exchange and ABP’s) we’ve created a simple Exchange 2010 organization that’s capable of hosting multiple organizations, separated from each other and each having their own Address Books. But as outlined in the Microsoft guidance document there’s more involved, especially when it comes to global settings that are identical for all users (in all organizations) or global settings that can reveal unwanted information.
Global Exchange configuration
When building a hosted Exchange 2010 SP2 environment a number of Exchange configuration settings have to be taken into account.
There are certain global settings that are valid for the entire organization and are therefore set on an organization level and not on a tenant level. Example of these configurations (this is not a complete list!) are Exchange ActiveSync settings, Exchange Web Services, OWA policies, Throttling policies, anti-virus and anti-spam checking, postmaster settings and the autodiscover settings.
For every configuration setting you have create a global settings and apply these to all users. Of course it is possible to create multiple settings like multiple OWA policies and apply these to various users, but this will become more and more complex rapidly.
Global URL’s and Autodiscover
In a hosting environment customers have to be aware that their mailboxes are on a shared platform, and that services are accessible on a common platform. OWA for example is accessible via https://webmail.provider.com/owa, autodiscover is avaible via https://autodiscover.provider.com and the Exchange Web Services are available via https://webmail.provider.com/ews/exchange.asmx. It is not possible to easily implement multiple URL’s for each customer (i.e. tenant). So all users, in all organizations have to use these settings. Regardless.
For more information regarding the Autodiscover redirect and SRV records (useful for hosters) check the blog post Autodiscover Redirect and SRV option. Each organization should use either the Autodiscover Redirect option or Autodiscover SRV record for the organization’s Autodiscover functionality to function properly.
Anti-virus and Anti-Spam
Anti-virus and anti-spam are a global settings, these are either enabled or disabled. Also the Edge Transport Server plays an important role in a hosted Exchange 2010 SP2 environment. Since SMTP routing between organizations in the Exchange environment can be an issue (Exchange treats them as internal messages but from a tenant point of view these are external messages) a custom solution have to be built.
Exchange also has the ability to set different out-of-messages for internal recipients and external recipients. This is a nice feature, but only available on a global basis. This means that inter-tenant OOF messages (different tenants) are actually internal messages while they should be external messages. I’ll discuss this particular topic in more detail in part V of this series.
Figure 1. User1 get an internal out-of-office from a user in another tenant!
In a hosting environment you have to take care about users consuming too much resources. Throttling policies can be used to prevent this. For example, if you implement a Blackberry solution a throttling policy is implemented by default.
I normally recommend to monitor e-mail usage by customers and only if needed implement a throttling policy.
Exchange Control Panel
The Exchange Control Panel offers some self-service possibilities to users, but the drawback is that ECP gives the possibility to change Group Membership in an unwanted manner. The best option is to disable the Manage My Organization feature in ECP using the OMECPDisabled registry key. Check this TechNet article on how to use this specific key: Disable the Exchange Control Panel.
<update>This TechNet article is not entirely correct. The registry key is ok but needs to be set on the Client Access Server and not on the Mailbox Server. When set perform an IISRESET. No need to restart the Information Store on the Mailbox Server</update>
Mail Tips are a useful feature in an enterprise environment. If an e-mail is created using Outlook 2010 or OWA 2010 some information regarding the message, transport or recipients can be shown before the actual message is sent.
The problem is that this is an Exchange wide setting. Exchange sees all users in the Exchange platform as internal users, even across multiple tenants. Therefore it is possible for a user in customer1.com to see information via Mail Tips from another users in customer2.com. Which of course can be a security breach.
Figure 3. Information via Mail Tips from a user in another tenant!
The only way to avoid this is to turn off Mail Tips entirely.
It is possible to create a multi-tenant Exchange environment manually but it requires quite an amount of work. You have to secure Active Directory, create multiple tenants in Active Directory and secure these as well, create users and groups in each tenants and mailbox enable them.
Furthermore you have to be aware that there are several settings in an Exchange environment that are set on a global level and are identical for each tenant. The last drawback is message routing and OOF message routing that needs to be taken care of to prevent unwanted information exchanged between users in different tenants. This will be the topic of my next blog.