Exchange Server TechCenter >
Exchange Server Forums
>
Development
>
Internal email with External scanner
Internal email with External scanner
- When users send e-mail to other internal users, Exchange 2007 is taking and delivering the messages directly to that user’s mail store. While right for 99% of most organizations, this is causing us a problem.we need to route it to our external scanner ( Ironport )
Our Ironport device provides two important functions: Self Encryption of e-mail based on HIPAA terminology and high-end AV/virus outbreak filters. Both of which work flawlessly when recipient or sender is outside the network.
What we would like accomplish is when an internal users e-mails another internal users, for that message to be routed out to our Ironport device which would reroute the e-mail back to exchange for delivery. There would need to be a header check to make sure there is not an endless loop or tell which connector the mail is coming from inside or external.
please advice urgent from where this can be done
Transport agent, SMTP , or Routing
All Replies
How many users?
You can use a transport rule to copy the email to an alternate recipient and drop the original, based on header information. The Ironport can add an x-header and re-write the addresses after encryption.
Exchange seems to only want to route by domain, so if you set up contacts that mirror your internal users but in a made up domain, you can send a copy to that contact, drop the original, and the copy will go to the Ironport. You'll need rules there to encrypt and add the x-header so the hub server knows not to send it back.
It's probably only practical if you have a relatively small number of users, because you're going to need a transort rule for each user. It's also going to make message tracking a chore.- On a side note, if you're doing this to insure that all email that contains privileged information is encrypted on your Exchange server, it's not going to work. There will still be an unencrypted copy of those emails in the sender's Sent Items.
- Many thaks for your response ,
Actualy it will be more than 700 User. And actually i am new in Exchange , and i have only the Ironport and want to fix the issue .
Can you please advice in more details how it can be done
Internal emails to be scanned .
Thanks Sir - You probably need to be looking at the native content filtering and email encryption capabilites in Exchange. You'll need to set up an Enterprise CA to manage the certificates.
If that Ironport is one of the POSTX/IEA appliances, you're going to paint yourself into a corner if you use that. The emails will be encrypted in your mail store, and if something happens to it, those emails are, for all practical purposes, gone.
