locked
Microsoft Best Practices RRS feed

  • Question

  • Are there any microsoft developed best practice recommendations when it comes to exchange 2003 on:

    • mailbox retention/management
    • public folder security/management
    • delegate/send as rights/management

    I want to check we are doing things in line with MS best practice. Aside from the above 3 topics, what other key areas outside of virus/spam should be included in a comprehensive email/exchange audit, in your view?

    Tuesday, May 10, 2011 11:32 AM

Answers

  • 1. Run the ExBPA, this is what it is designed for too.

    2. Exchange security model, i.e who are your Exch admins are and what access do they have etc....

    3. Ensure your logging is setup correctly to include MT, applications, security, smtp, across your servers and is consistent.

    4. I know you mentioned AV, but dont forget your exceptions at the file level.

    5. Monitoring of your servers, proactive monitoring in plae if oyu can, dont have to spends money, use sme basic scripts to monitor core servcices, startup type, disk space etc..

    6.

    Exchange Server 2003 Security Hardening Guide

    http://go.microsoft.com/fwlink/?linkid=47578

    http://go.microsoft.com/fwlink/?linkid=45208

    7. Certficates and Exchange infrastucture documentation, keep it updated, if it exists :-)

    8. General pacthing is up to date for OS and Exchange etc...

    9. Mailbox and Public folder limits, max number of messages per folder ideally should be 10,000, Sub-folders of a folder should ideally be 250.

    10. Regular backups.  Check yur daily reports.  Test your backups!.

    • Marked as answer by cf090 Tuesday, May 10, 2011 1:21 PM
    Tuesday, May 10, 2011 1:14 PM

All replies

  • 1. Depends on your env, and your requirements. 2. Engage MS PFE for a Exhchange health check (exchRAP). May not be avaliable to you if you're not a premier customer, but confirm. They will check your Exchange Env and provide you with a detailed report of best practises and misconfigurations. Sukh
    Tuesday, May 10, 2011 12:34 PM
  • 1. Depends on your env, and your requirements. 2. Engage MS PFE for a Exhchange health check (exchRAP). May not be avaliable to you if you're not a premier customer, but confirm. They will check your Exchange Env and provide you with a detailed report of best practises and misconfigurations. Sukh

    Wasnt really what I was after, it was best practices to check key issues ourselves, not pay a fortune for someone to do it on our behalf
    Tuesday, May 10, 2011 12:46 PM
  • 1. Depends on your env,and your requirements

    I was after some insipration on issues to include in the scope

    Just general brain storming

    Tuesday, May 10, 2011 12:47 PM
  • 1. Run the ExBPA, this is what it is designed for too.

    2. Exchange security model, i.e who are your Exch admins are and what access do they have etc....

    3. Ensure your logging is setup correctly to include MT, applications, security, smtp, across your servers and is consistent.

    4. I know you mentioned AV, but dont forget your exceptions at the file level.

    5. Monitoring of your servers, proactive monitoring in plae if oyu can, dont have to spends money, use sme basic scripts to monitor core servcices, startup type, disk space etc..

    6.

    Exchange Server 2003 Security Hardening Guide

    http://go.microsoft.com/fwlink/?linkid=47578

    http://go.microsoft.com/fwlink/?linkid=45208

    7. Certficates and Exchange infrastucture documentation, keep it updated, if it exists :-)

    8. General pacthing is up to date for OS and Exchange etc...

    9. Mailbox and Public folder limits, max number of messages per folder ideally should be 10,000, Sub-folders of a folder should ideally be 250.

    10. Regular backups.  Check yur daily reports.  Test your backups!.

    • Marked as answer by cf090 Tuesday, May 10, 2011 1:21 PM
    Tuesday, May 10, 2011 1:14 PM