If you would like to read the next part in this article series please go to Understanding Transport Agents (Part 2).
Overview
The Transport Agent is found in the Edge Transport and Hub Transport roles, and has fundamental importance in the message security, regulation and hygienic process of Exchange Server 2007.
The Exchange Server 2007 transport architecture allows all the flow of messages that pass through the transport pipeline to be processed by Transport Agents. The Transport Agent uses APIs that are available to vendors and the same APIs were used by Microsoft to deliver the standard Transport Agent which comes with Exchange 2007.
The SMTP Events
While Exchange Server 2003 used to have SMTP Event sinks, this functionality is no longer available in Exchange Server 2007. Exchange Server 2007 has a completely new SMTP protocol and transport stack.
Instead, in Exchange Server 2007 we use Transport agents. When a message arrives in an Exchange Server organization, it is moved through the transport pipeline SMTP (Figure 01) and each SMTP Event may have Transport agents that access the messages during this process and may perform some actions.
Figure 01: The SMTP Events. The execution process is from left to right
All of the above SMTP events happen when a determined action occurs. In the table below, we can review the SMTP Events, its sequence and what kind of SMTP verb or operation verb is used in each one.
|
Sequence |
SMTP event |
Occurs when… |
|
1 |
OnConnectEvent |
An initial connection occurs from a remote SMTP host. |
|
2 |
OnHeloCommand |
the HELO SMTP verb is issued |
|
3 |
OnEhloCommand |
the EHLO SMTP verb is issued |
|
4 |
OnAuthCommand |
the AUTH SMTP verb is issued |
|
5 |
OnEndOfAuthentication |
The complete authentication was completed |
|
6 |
OnMailCommand |
the MAIL FROM SMTP verb is issued |
|
7 |
OnRcptCommand |
the RCPT TO SMTP verb is issued |
|
8 |
OnDataCommand |
the DATA SMTP verb is issued |
|
9 |
OnEndOfHeaders |
The message headers were completely submitted |
|
10 |
OnEndOfData |
The remote SMTP host issues <CRLF>.<CRLF>, which indicates the end of data. |
|
** |
OnHelpCommand |
The HELP SMTP verb may be issued at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event. |
|
** |
OnNoopCommand |
The NOOP SMTP verb may be issued at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event. |
|
** |
OnReject |
The receiving SMTP host issues a status notification (DSN) code to the sending SMTP host. This event can occur at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event. |
|
** |
OnRsetCommand |
This event is triggered when the RSET SMTP verb is issued by the sending SMTP host. This event can occur at any time after the OnConnectEvent SMTP event and before the OnDisconnectEvent SMTP event. |
|
11 |
OnDisconnectEvent |
This event is triggered upon disconnection of the SMTP conversation by either a receiving or sending SMTP host. |
|
12 |
OnSubmittedMessage |
This event is triggered upon submission of a message into the Submission queues on the receiving SMTP host. All messages encounter this event whether they arrived via SMTP submission, MAPI submission, or the Pickup or Replay directories. |
|
13 |
OnRoutedMessage |
After messages have been categorized, distribution lists have been expanded, and recipients have been resolved. |
Table 1
The table above can be found in Exchange 2007 documentation or in the TechNet Exchange 2007 site (http://technet.microsoft.com/en-us/library/aa996847.aspx).
Transport Agents and the Exchange Transport Roles
The Transport Agents are used within Exchange Transport Service and the only two roles where this service is available are Edge Transport and Hub Transport roles. We are going to summarize all the built-in transport agents role by role, its priority and the SMTP Events associated an each Transport Agent. These standard Transport Agents were developed using the same APIs that can be used by 3rd party vendors.
Hub Transport role (2 transports agents):
|
Agent Name |
Priority |
SMTP events |
|
Transport Rule agent |
1 |
OnRoutedMessage |
|
Journaling agent |
2 |
OnSubmittedMessage, OnRoutedMessage |
Table 2
An important feature in the Hub Transport role is that the standard Transport agents are found at categorizer level, after the Receive SMTP Agents (as Edge Transport server) as shown in Figure 02.
Figure 02: The transport agents in the Hub Transport role
Edge Transport Role (10 transport agents):
|
Agent name |
Priority |
SMTP events |
|
Connection Filtering agent |
1 |
OnConnectEvent, OnMailCommand, OnRcptComand, OnEndOfHeaders |
|
Address Rewriting Inbound agent |
2 |
OnRcptCommand, OnEndOfHeaders |
|
Edge Rule agent |
3 |
OnEndOfData |
|
Content Filter agent |
4 |
OnEndOfData |
|
Sender ID agent |
5 |
OnEndOfHeaders |
|
Sender Filter agent |
6 |
OnMailCommand, OnEndOfHeaders |
|
Recipient Filter agent |
7 |
OnRcptCommand |
|
Protocol Analysis agent |
8 |
OnEndOfHeaders, OnEndOfData, OnReject, OnRsetCommand, OnDisconnectEvent |
|
Attachment Filtering agent |
9 |
OnEndOfData |
|
Address Rewriting Outbound agent |
10 |
OnRcptCommand, OnEndOfHeaders |
Table 3
You can see the Edge transport rules in Figure 03. Each Transport Agent uses the specified SMTP Event shown in Figure 03.
Figure 03: The Transport Agents and SMTP Events together in the Edge Transport role
Note: To see the entire picture of Hub Transport and Edge Transport Architecture, you can download the pdf files located in the More Information section of this article.
Installing Anti-Spam agents in the Hub Transport role
We can get a good example of the usefulness of Transport Agents when we have a single machine containing the three roles (Mailbox, Hub Transport and Client Access) and that machine is responsible for all the Internet message traffic. In this case, the Transport Agents are responsible for the clean-up process (such as Anti-spam, content filter and so on). They are very useful in the Hub Transport role.
Although the Hub Transport role has only two Transport Agents by default, we can use the script Install-AntiSpamAgents.ps1 which allows us to install some Anti-Spam agents, such as Connection Filtering, Content Filter agent, Sender ID agent, Sender Filter agent, Recipient Filter agent, and Protocol Analysis. By default, they are found only on the Edge Transport Role.
To install anti-spam agents in the Hub Transport role, we must follow these steps:
-
Log on to the Hub Transport Server
-
Open the Exchange Management Shell
-
Run the script called Install-AntispamAgents.ps1 that can be found under Scripts folder of the Exchange Server Installation. (Figure 04)
Figure 04: Installing the Anti-Spam agents in the Hub Transport role
After that, we have to restart the Exchange Transport service to use the new Transport Agents and we can see a new tab in the Exchange Management Console under Organization Configuration (Figure 05). Now, these new agents are running in the Transport SMTP Receive Agents and the default Transport agents are still running in the Categorizer.
Figure 05: The new tab Anti-spam in the Hub Transport role
Conclusion
We have reviewed SMTP Events, Transport Agents and how to add several standard Transport agents to the Hub Transport role.
More Information:
Exchange 2007 Architectural Guides
If you would like to read the next part in this article series please go to Understanding Transport Agents (Part 2).
