I recently needed to determine which Exchange 2007 users had IMAP4 and POP3 enabled and also review the logs to see which users actually access the server via either protocol. These steps walk through how to determine which users are enabled for either IMAP4 or POP3 in Exchange 2007 and also how to turn on and view protocol logs to determine which users are accessing the server using the protocols.
I used Quest’s Powergui with the Exchange 2007 powerpack to do this – http://www.powergui.org/index.jspa. Its free and a great tool if you don’t have it yet you should look into getting it. Open Powergui, expand Exchange 2007, Client Access, User Configuration. A list of the users will display in the middle, right click on the column header and check off PopEnabled and ImapEnabled. You can now see which users are enabled and disabled. You can also sort by any column by clicking the header.
You can setup a filter that will automatically show you only users that are POP3 enabled or IMAP4 enabled. Click User Configuration then click the Filters button in the middle pane. Click the drop down arrows and set them to Property = ImapEnabled, Operator = Equal, Value = True. You can save the Filter by clicking Save As entering a name and clicking OK. A new script will appear under the User Configuration node which will automatically display only users with IMAP4 enabled. You can do the same for POP3.
Once you determine what users are enabled for IMAP4 or POP3 you’ll want to find out which users are actually accessing the server using the protocols so you can disable any that are not. To enabled IMAP4 or POP3 protocol follow these instructions by Microssoft:
http://technet.microsoft.com/en-us/library/aa997690.aspx
Restart the service after making the change.
Once enabled you can use a tool like Logparser or if you only have a handful of users that are using IMAP/POP like I did just go to the log files and search it for their username. You might want to search the log everyday for a few days before disabling IMAP/POP on the user accounts just to make sure they aren’t using it.
Imap logs are normally located here: C:\Program Files\Microsoft\Exchange Server\Logging\Imap4
You can open with notepad and search for the username.
dmw Exchange 2007 Exchange 2007, IMAP, POP, Powergui
1. Open Exchange Management Console
2. Drill down to Organization Configuration, Hub Transport and click on the Transport Rules tab.
3. Right click and select New Transport Rule…
4. Enter a name for the rule and description if desired and click next.
5. Place a checkmark next to “from people” and “sent to users inside or outside the organization”. On the bottom half of the screen click the people hyperlink, click add, select a person or group from the list and click ok. Next click the “Inside” hyperlink and change the scope to outside. Click next.
6. Select an action you like to take. I selected to bounce the message and notify the sender. Click next.
7. Choose an exception if desired then click next.
8. Click New to create the rule.
You now have a rule that will prevent the selected user or group from sending any email outside your organization. The rule can be enabled or disabled by right clicking it. If a user tries to send an email and this transport rules applies to them they will receive a non-delivery report back in their inbox.
Delivery has failed to these recipients or distribution lists:
‘outsidemail@somedomain.com’
Your message wasn’t delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.
_____
Sent by Microsoft Exchange Server 2007
dmw Exchange 2007 Exchange 2007
I recently had the task of migrating a company into our current Exchange organization. The company had a different domain name and email hosted on a non-exchange environment. The users were currently mail-enabled contacts in the existing Exchange environment. All clients will access the new Exchange server using either OWA or Outlook Anywhere using Outlook 2003 or 2007. The users are not part of any domain.
- Get the current dns info for the domain. Find out where the domain is registered and where the dns records are hosted. Find out what the process is to transfer the domain to another registrar. It is a simple process and while its not necessary to do this I wanted the domain registered with the same registar as the existing domain. Additionally I will change the name servers responsible for hosting the domain to the same servers that host the existing domain.
- Get list of current users that will need accounts on Exchange as well as any distribution list emails that are needed.
- Configure spam/virus filtering application if necessary. In this case setup Postini to handle email for the new domain.
- Remove any domain addresses from current mail enabled contacts in active directory. Set to not auto update based on email address policy. This is done so when the active directory accounts/mailboxes are added later there is not an issue with the email addresses already being used.
- Add dns records (a and mx) for the domain being transferred to the nameservers that will host them.
- Change name servers on old dns provider to point to the new name servers for the domain.
- Setup Exchange to Accept mail for new domain.
Expand Organization Configuration, select Hub Transport, and then in the work pane, click the Accepted Domains tab.
In the action pane, click New Accepted Domain. The New Accepted Domain wizard appears.
On the New Accepted Domain page, enter the name of the new accepted domain. Use this field to identify the accepted domain in the user interface. You can type any name that you want, but you should select a meaningful name that helps you easily identify the purpose of this accepted domain.
Next, enter the Accepted Domain itself. Use this field to identify the SMTP domain name for which the Exchange organization will accept e-mail messages. You can use a wildcard character to accept messages for a domain and all its sub-domains.
Next, select one of the following options to set the accepted domain type: Authoritative Domain, Internal Relay Domain, or External Relay Domain.
Click New then on the Completion page, click Finish.
- Add the new active directory accounts and mailboxes in Exchange.
- Test mail flow to new addresses from internal and external addresses.
- Send users new information to connect to your Exchange server. Clients were a mix of Outlook 2003 and 2007 clients.
- Setup any mobile devices to connect to the new Exchange server.
dmw Exchange 2007 exchange migration
