Defining policies and security procedures
Questions derived from the 70-237 – Pro: Designing Messaging Solutions with Microsoft Exchange Server 2007 Microsoft Self-Test Software Practice Test.
Objective: Defining policies and security procedures
SubObjective: Design procedures for message-content filtering
Item Number: 70-188.8.131.52
Single Answer, Multiple Choice
You are the messaging engineer for Verigon Corp. You have deployed Exchange Server 2007 in your organization. Your Exchange Server 2007 messaging system has the following servers: VerigonServ1, VerigonServ2, VerigonServ3 and VerigonServ4.
- VerigonServ1 hosts the Edge Transport server role.
- VerigonServ2 hosts the Hub Transport server role and Mailbox server role.
- VerigonServ3 hosts the Client Access server role.
- VerigonServ4 hosts the Unified Messaging server role.
You need to provide a messaging solution to ensure an e-mail message originates from the same Internet domain from which the message claims to have originated.
What should you do to achieve the objective?
- Configure the Sender ID agent on VerigonServ1
- Configure the Recipient Filter agent on VerigonServ2
- Configure the Connection Filter agent on VerigonServ3
- Configure the Sender Filter agent on VerigonServ4
A. Configure the Sender ID agent on VerigonServ1
You should configure the Sender ID agent on VerigonServ1 to ensure an e-mail message originates from the same Internet domain from which the message claims to have originated. The Sender ID agent will verify the Sender ID of an e-mail message. VerigonServ1 hosts the Edge Transport server role, which is deployed in the perimeter network and outside the Active Directory forest to provide protection against spam and viruses for Internet-facing mail flow. The Edge Transport server includes a variety of anti-spam and anti-virus features designed to reduce the spam that enters your organization. A Sender ID agent is an anti-spam agent that verifies each e-mail message actually has originated from the Internet domain that it claims to originate from. This agent examines the IP address of the sender’s e-mail address and compares it to the sending ID record in the originator’s public Domain Name System (DNS) server. Sender ID agent is one of the anti-spam agents available on Edge Transport Server.
You should not configure the Recipient Filter agent on VerigonServ2 to achieve the objective in this scenario. VerigonServ2 is configured as a Hub Transport Server in this scenario and you will have to use the Install-Antispamagents.ps1 script to install and enable anti-spam features on the Hub Transport Server. By default, anti-spam features are not enabled on the Hub Transport Server. The Recipient Filter agent performs recipient lookups for inbound messages and blocks e-mail messages sent to nonexistent users. The Recipient Filter agent cannot be used to verify the Sender ID of an e-mail message. In this scenario, you should configure the Sender ID agent on the VerigonServ1 to achieve the objective.
You cannot configure the Connection Filter agent on VerigonServ3 to achieve the objective in this scenario. VerigonServ3 hosts the Client Access server role, and you cannot enable anti-spam features on this server role. The Client Access server role manages client access to your Exchange 2007 server using various clients such as Post Office Protocol version 3 (POP3), Internet Message Access Protocol version 4 (IMAP4), Microsoft Outlook Anywhere, ActiveSync and Outlook Web Access. Connection Filter agent prevents spam from entering your Exchange organization by blocking or allowing e-mail messages from specific networks, IP addresses and IP ranges. It cannot be used to verify the Sender ID of an e-mail message, however.
You cannot configure the Sender Filter agent on VerigonServ4 to achieve the objective in this scenario. VerigonServ4 hosts the Unified Messaging server role, which provides support for voice mail, e-mail and fax messages in the Exchange Server 2007 organization. The Sender Filter agent blocks e-mail messages from specific e-mail addresses, domains and subdomains but cannot be used to verify the Sender ID of an e-mail message.