Exchange 2013 migration options are opening soon and ORF 5.1 with support for the next-generation Exchange platform will arrive just in time to fill in your need for spam protection.
In our three-part series, we talk about the changes the new Exchange version brings to ORF.
This first article in the series discusses a few important changes introduced by Exchange 2013 from ORF’s pespective.
The Exchange team has significantly reduced the number of roles in Exchange 2013: in the preceeding two Exchange versions, you had Edge Transport, Hub Transport, Mailbox, Client Access and Unified Messaging roles. What you get now are Client Access Server and Mailbox Server (with Edge Transport to be introduced later). A great introduction to the new roles is available in the Exchange Team Blog.
A few things to note:
- In Exchange 2013, Internet email is processed by Client Access Server (CAS). In fact, all client communications have been delegated to CAS, from SMTP to Outlook connectivity.
- Mailbox Servers never talk to clients directly, so any Exchange 2013 organization will have both CAS and Mailbox Servers.
- The new roles may be deployed on different servers, but they can also co-exist on a single server (we guess this will be a common setup for SMB deployments).
- Mailbox and CAS must reside in the same Active Directory site.
- If your current Exchange setup involves Edge Transport servers, you may wonder what should be deployed in the DMZ. The answer is “Your current Edge Transport server”, because Exchange 2007/2010 Edge Transport will happily work with Exchange 2013. However, emails will have to be routed to Exchange 2013 Mailbox directly, bypassing CAS entirely.
Transport Agent changes
Along with the new roles, significant changes were introduced to the transport pipeline and the Transport Agents technology. ORF relies on this latter to hook into specific email delivery events of Exchange.
The Exchange 2013 Client Access Server – unlike the previous Hub Transport or Edge Transport roles – now offers only a reduced set of delivery events. In ORF terms, this means that only the Before Arrival filtering point is available under this role. On Arrival email filtering and monitoring outbound emails for the Auto Sender Whitelist are no longer available.
Mailbox Server does not impose such limits and all events that were hookable in previous Exchange versions can be still hooked. Alas, Mailbox Server is not suitable for Before Arrival filtering, because emails are always received via Client Access Server (or other front-end) and thus would be whitelisted by ORF.
One particular aspect of Exchange 2013 Managed Availability that affects ORF is the introduction of Health Monitoring services, now built right into Exchange without SCOM or third-party monitoring solutions.
Health Monitoring means that Exchange will now frequently send email probes to check the health of the components. These emails would be normally “seen” by the ORF, so 5.1 will do everything to “unsee” them, so as to prevent clogging the logs with these internal emails.
Other notable changes
- Transport Agents now run under different services under different roles: CAS loads agents into MSExchangeFrontendTransport and Mailbox uses the MSExchangeTransport service (which may be familiar to you from earlier Exchange versions). This means different services will have to be restarted to apply any agent configuration changes.
- Using the Exchange PowerShell Transport Agent management cmdlets is a bit trickier now. You may need these e.g. for adjusting the priority of the ORF Transport Agents. You will need to specify the -TransportService switch with Set-TransportAgent and under CAS, you will not be able to use the Exchange Management Shell (see the “TransportAgent cmdlets on Client Access servers require local Windows PowerShell” section in the Exchange 2013 Release Notes).
- The Client Access Server role is now a lightweight, stateless proxy component that does not do email queuing. Due to this, the Replay Directory is no longer available under this role. ORF relies on this feature in a number of situations, so we will employ SMTP as fallback for CAS.
- Exchange 2013 Administration Shell now runs on PowerShell 3.0, which is .NET 4.0-based. For legacy reasons, ORF 5.1 will provide both NET 2.0 and 4.0 versions of the Agent Installer (orfainst.exe).
- Transport Agents are also .NET 4.0 now, so we will ship different transport agent binaries for legacy Exchange versions and Exchange 2013.
- The native Edge Transport of Exchange 2013 (when released) will likely lack sufficient event support to run ORF.
Stay tuned for our next article about Exchange 2013 and ORF deployment scenarios.