Understanding Transport Agents (Part 1)

If you would like to read the next part in this article series please go to Understanding Transport Agents (Part 2).

 

Overview

 

The Transport Agent is found in the Edge Transport and Hub Transport roles, and has fundamental importance in the message security, regulation and hygienic process of Exchange Server 2007.

 

The Exchange Server 2007 transport architecture allows all the flow of messages that pass through the transport pipeline to be processed by Transport Agents. The Transport Agent uses APIs that are available to vendors and the same APIs were used by Microsoft to deliver the standard Transport Agent which comes with Exchange 2007.

 

The SMTP Events

 

While Exchange Server 2003 used to have SMTP Event sinks, this functionality is no longer available in Exchange Server 2007. Exchange Server 2007 has a completely new SMTP protocol and transport stack.

 

Instead, in Exchange Server 2007 we use Transport agents. When a message arrives in an Exchange Server organization, it is moved through the transport pipeline SMTP (Figure 01) and each SMTP Event may have Transport agents that access the messages during this process and may perform some actions.

 


Figure 01: The SMTP Events. The execution process is from left to right

 

All of the above SMTP events happen when a determined action occurs. In the table below, we can review the SMTP Events, its sequence and what kind of SMTP verb or operation verb is used in each one.

 

 

 

 

Sequence

 

SMTP event

 

Occurs when…

 

1

 

OnConnectEvent

 

An initial connection occurs from a remote SMTP host.

 

2

 

OnHeloCommand

 

the HELO SMTP verb is issued

 

3

 

OnEhloCommand

 

the EHLO SMTP verb is issued

 

4

 

OnAuthCommand

 

the AUTH SMTP verb is issued

 

5

 

OnEndOfAuthentication

 

The complete authentication was completed

 

6

 

OnMailCommand

 

the MAIL FROM SMTP verb is issued

 

7

 

OnRcptCommand

 

the RCPT TO SMTP verb is issued

 

8

 

OnDataCommand

 

the DATA SMTP verb is issued

 

9

 

OnEndOfHeaders

 

The message headers were completely submitted

 

10

 

OnEndOfData

 

The remote SMTP host issues <CRLF>.<CRLF>, which indicates the end of data.

 

**

 

OnHelpCommand

 

The HELP SMTP verb may be issued at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event.

 

**

 

OnNoopCommand

 

The NOOP SMTP verb may be issued at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event.

 

**

 

OnReject

 

The receiving SMTP host issues a status notification (DSN) code to the sending SMTP host. This event can occur at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event.

 

**

 

OnRsetCommand

 

This event is triggered when the RSET SMTP verb is issued by the sending SMTP host. This event can occur at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event.

 

11

 

OnDisconnectEvent

 

This event is triggered upon disconnection of the SMTP conversation by either a receiving or sending SMTP host.

 

12

 

OnSubmittedMessage

 

This event is triggered upon submission of a message into the Submission queues on the receiving SMTP host. All messages encounter this event whether they arrived via SMTP submission, MAPI submission, or the Pickup or Replay directories.

 

13

 

OnRoutedMessage

 

After messages have been categorized, distribution lists have been expanded, and recipients have been resolved.

 

Table 1

 

The table above can be found in Exchange 2007 documentation or in the TechNet Exchange 2007 site (http://technet.microsoft.com/en-us/library/aa996847.aspx).

 

Transport Agents and the Exchange Transport Roles

 

The Transport Agents are used within Exchange Transport Service and the only two roles where this service is available are Edge Transport and Hub Transport roles. We are going to summarize all the built-in transport agents role by role, its priority and the SMTP Events associated an each Transport Agent. These standard Transport Agents were developed using the same APIs that can be used by 3rd party vendors.

 

Hub Transport role (2 transports agents):

 

 

 

 

Agent Name

 

Priority

 

SMTP events

 

Transport Rule agent

 

1

 

OnRoutedMessage

 

Journaling agent

 

2

 

OnSubmittedMessage, OnRoutedMessage

 

Table 2

 

An important feature in the Hub Transport role is that the standard Transport agents are found at categorizer level, after the Receive SMTP Agents (as Edge Transport server) as shown in Figure 02.

 


Figure 02: The transport agents in the Hub Transport role

 

Edge Transport Role (10 transport agents):

 

 

 

 

Agent name

 

Priority

 

SMTP events

 

Connection Filtering agent

 

1

 

OnConnectEvent, OnMailCommand, OnRcptComand, OnEndOfHeaders

 

Address Rewriting Inbound agent

 

2

 

OnRcptCommand, OnEndOfHeaders

 

Edge Rule agent

 

3

 

OnEndOfData

 

Content Filter agent

 

4

 

OnEndOfData

 

Sender ID agent

 

5

 

OnEndOfHeaders

 

Sender Filter agent

 

6

 

OnMailCommand, OnEndOfHeaders

 

Recipient Filter agent

 

7

 

OnRcptCommand

 

Protocol Analysis agent

 

8

 

OnEndOfHeaders, OnEndOfData, OnReject, OnRsetCommand, OnDisconnectEvent

 

Attachment Filtering agent

 

9

 

OnEndOfData

 

Address Rewriting Outbound agent

 

10

 

OnRcptCommand, OnEndOfHeaders

 

Table 3

 

You can see the Edge transport rules in Figure 03. Each Transport Agent uses the specified SMTP Event shown in Figure 03.

 


Figure 03: The Transport Agents and SMTP Events together in the Edge Transport role

 

Note: To see the entire picture of Hub Transport and Edge Transport Architecture, you can download the pdf files located in the More Information section of this article.

 

Installing Anti-Spam agents in the Hub Transport role

 

We can get a good example of the usefulness of Transport Agents when we have a single machine containing the three roles (Mailbox, Hub Transport and Client Access) and that machine is responsible for all the Internet message traffic. In this case, the Transport Agents are responsible for the clean-up process (such as Anti-spam, content filter and so on). They are very useful in the Hub Transport role.

 

Although the Hub Transport role has only two Transport Agents by default, we can use the script Install-AntiSpamAgents.ps1 which allows us to install some Anti-Spam agents, such as Connection Filtering, Content Filter agent, Sender ID agent, Sender Filter agent, Recipient Filter agent, and Protocol Analysis. By default, they are found only on the Edge Transport Role.

 

To install anti-spam agents in the Hub Transport role, we must follow these steps:

 

 

  • Log on to the Hub Transport Server

     

  • Open the Exchange Management Shell

     

  • Run the script called Install-AntispamAgents.ps1 that can be found under Scripts folder of the Exchange Server Installation. (Figure 04)

 


Figure 04: Installing the Anti-Spam agents in the Hub Transport role

 

After that, we have to restart the Exchange Transport service to use the new Transport Agents and we can see a new tab in the Exchange Management Console under Organization Configuration (Figure 05). Now, these new agents are running in the Transport SMTP Receive Agents and the default Transport agents are still running in the Categorizer.

 


Figure 05: The new tab Anti-spam in the Hub Transport role

 

Conclusion

 

We have reviewed SMTP Events, Transport Agents and how to add several standard Transport agents to the Hub Transport role.

 

More Information:

 

Exchange 2007 Architectural Guides

 

If you would like to read the next part in this article series please go to Understanding Transport Agents (Part 2).

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top