Friday, October 07, 2011

Exchange Server 2003 Mailflow (Part 1)


This is part one of a two part article. Part one deals with the basics of message delivery and transmitting from Outlook to Exchange and between Exchange Servers. Part two of the article will try to help you troubleshoot e-mail delivery and message flow.

Let’s begin

There are several components that are involved in the Mail delivery process.
Information Store (Store.exe)
The Microsoft Exchange Server Information Store (Store.exe) is the end point for e-mails sent to users on this server. It is also the start point for e-mails which are sent by MAPI clients, like Microsoft Outlook 2003, which directly connect to the MSExchangeIS.

Figure 1: MSExchangeIS
Exchange InterProcess Communication (EXIPC)
EXIPC is responsible for Data Transfer between Internet Information Server 6.0 (IIS) and the Microsoft Exchange Server Information Store (MSExchangeIS). EXIPC provides a layered service between both components to achieve the best possible performance between IIS dependant components and the Exchange databases. As you might know, all Internet Client Access Protocols like HTTP/S, SMTP, POP3 and IMAP4 are configured and managed by IIS with some exceptions.

Figure 2: EXIPC Layer
This interaction allows Exchange to be in a FrontEnd, and BackEnd, Server scenario.
Through Virtual Servers, multiple configurations of the same protocol can exist on a single Exchange Server.
Advanced Queuing Engine (AQE)
The Advanced Queuing Engine (AQE) is responsible for creating and managing message queues for e-mail delivery. When AQE receives a Simple Mail Transfer Protocol (SMTP) mailmsg object, this object will be forwarded to the Message Categorizer. The Advanced Queuing Engine then queues the Mailmsg object for message delivery based on the Routing information provided by the Routing Engine process of Exchange Server 2003.
The Message Categorizer is part of the Advanced Queuing Engine and is responsible for address resolution on every Mailmsg object that flows through the AQE. The Message Categorizer is implemented as an Event Sink. The Message Categorizer is also responsible for splitting messages into RTF or MAPI.
Routing Engine
The Exchange Routing Engine uses Link State information for e-mail routing. The Routing Engine will forward this information to the Advanced Queuing Engine.
Please note:
The SMTP Stack from Windows Server 2003 will be extended through the Exchange Server installation process with several enhancements. One of these enhancements is the implementation of the XLINKSTATE protocol.
The Routing Engine creates and maintains the Link State information for every Exchange Server and is also responsible for routing the messages to inbound or outbound destinations.
SMTP Service
The SMTP Service processes incoming traffic from any SMTP host. SMTP is also used in most communications between Exchange Servers (except Exchange 5.x Servers which use RPC for message transferring). SMTP is also responsible for some advanced Exchange Server functions like Message Journaling. During the Exchange installation, the built in SMTP Serivce from Windows Server 2003 will be extended with several new functions. Some of the Enhancements are:
  • Moving the Message Queue Directories to the Exchange installation Directory
  • Providing support for the LSA (Link State Algorithm) in SMTP
  • Moving SMTP Messaging from IIS to the Exchange System Manager

Message Flow

Because understanding the e-mail message flow is important, I will list some high level steps in the message flow:
  • MAPI client sends a message to a remote recipient
  • Information Store (Store.exe) receives the message
  • The created MailMsg object is forwarded to the Advanced Queue Engine (AQE)
  • The Message Categorizer from the AQE processes the MailMsg object and splits it into MIME or RTF as necessary
  • The Message Categorizer expands groups and checks defined Message limits on Exchange
  • The MailMsg object is then transferred to the Remote Destination Domain within the AQE
  • The AQE passes the destination address to the Exchange Routing Engine
  • SMTP initiates an SMTP session with the remote SMTP host
  • After the SMTP session with the remote host has been established, the information store retrieves the body of the message and converts the message as necessary
  • SMTP sends the Message from the Queue to the Remote Host
The following Exchange Features require the use of SMTP:
  • Intra Server Message Delivery
  • Inter Server Message Delivery
  • Message Delivery to the Internet
  • Exchange of Routing Information
Intra Server Message Delivery
SMTP will be used for Intra Server Message Delivery for several components like Message Journaling and Message categorization. Exchange Servers in the same Routing Group use SMTP to communicate with each other.
Message delivery to the Internet
SMTP is often used to deliver e-mail to other exchange organizations or other messaging systems. Exchange Server 2003 can use the Virtual SMTP Server to deliver messages, or one or more Exchange SMTP Connectors or Routing Group Connectors.
Exchange of Routing Information
SMTP is also used to exchange Link State information between routing groups.

MX Record

A Mail Exchanger Record (MX Record) is a special DNS record specifying how e-mail should be routed. When a message should be sent to that domain, a DNS lookup into the destination DNS domain occurs and will look for an MX record and a responding A Record. The E-Mail will then be sent to the specified Exchange FrontEnd or BackEnd Server for message delivery.

Figure 3: MX Record in NSLOOKUP

Relaying

SMTP Relaying occurs when one SMTP host forwards e-mail to another SMTP host. Open SMTP relaying occurs when the SMTP host accepts messages from recipients outside the organization and forwards the messages to other recipients that are also outside the organization.

Figure 4: Relaying
If the Exchange Server allows everyone without authentication to deliver messages, the server is called an Open Relay. Open Relays can be used to send UCE (Unsolicited Commercial E-Mail). By default Exchange Server 200x is not an open relay.
The following steps describe the process:
  • The unauthorized user sends an e-mail message to the SMTP Server and addresses multiple recipients in the message. The recipients in the e-mail are in domains external to the Exchange Server's Messaging Organization.
  • The Exchange Server accepts the Message.
  • After Exchange has accepted the message, Exchange delivers this message to an outside SMTP host because there is no match in the recipient policies in the exchange organization.

Routing Groups

Exchange Server 2003 supports the concept of routing groups to control the message flow between Exchange Servers. Routing groups are groups of servers running Exchange Server 2003 that are connected over permanent highspeed network links. Within routing groups, Exchange Server always transfers messages over SMTP.
There is one special Server called the Routing Group Master which is responsible for tracking and maintaining the routing information which is necessary for determining the best path for message delivery. The default Routing Group Master is the first server in the routing group. If you wish to transfer the Routing Group Master role you must do so manually in the Exchange System Manager.

Figure 5: Routing Groups
If your organization has more than one routing group, you must install a connector between the two or more routing groups. The preferred connector is the Routing Group Connector but you can also use a SMTP, or X.400, Connector.
By default, all exchange server organizations include only a single routing group called First Routing Group. All servers in the organization are members of the First Routing Group, unless routing membership is modified by you as an exchange server administrator.
You should plan to implement multiple routing groups when one or more of the following conditions occur:
  • Network connections are slow or not permanent
  • The network is unreliable or unstable
  • Message transmission is complex and indirect, requiring multiple physical network hops
  • Message transmission must be scheduled between different locations
  • The routing group structure is created to prevent users from accessing public folder replicas

Link State Algorithm (LSA)

Exchange Server 2003 determines the route that an e-mail must take based on the status and availability of connectors between different routing groups and to external messaging systems through an SMTP connector or other connectors.
Every exchange server stores its status information in a Link State Table (LST). The Link State Table is a small table which requires about 32 bytes per entry which is held in the Exchange Servers' RAM.
All information will be collected by the Routing Group Master (RGM) of the routing group. The Routing Group Master uses TCP Port 691 to talk with other exchange servers in the routing group and is responsible for generating / updating the LST and for the distribution of the LST to each exchange server in the routing group.
The updated LST is propagated to other routing groups through Bridgehead Servers. The Routing Group Master (RGM) then sends the updated information to the Bridgehead Server, and then the Bridgehead Server sends the information to Bridgehead Servers in other Routing Groups over TCP Port 25.

Figure 6: Link State Table
The Link State Table lists all connectors, and their status, in an Exchange Server 2003 organization. The following information is included in the LST:
Link status
There are only two states for any given link: up or down. For this reason, connection information, such as whether a link is active or in a retry state, is not propagated between servers running Exchange Server 2003, and it is only available on the server involved in the message transfer. Exchange Server 2003 only considers routing messages by using connectors with a link status of up.
Link cost
The Link State Table stores costs for each connector. Exchange Server 2003 uses the cost values stored in the link state table to select the least cost route for a message. Costs are configured on each connector, and Exchange Server 2003 records them in the Link State Table.

No comments:

Explaining DNS Concepts - DNS Servers-DNS Queries-DNS Records

3 types of DNS queries— recursive, iterative, and non-recursive 3 types of DNS servers— DNS Resolver, DNS Root Server and Authoritative Name...