¶ Route By Sender
The CloudPanel Transport Agent will handle routing messages between tenants on your Exchange environment. Exchange by default will not send any emails to the send connector when the domain you are sending to is an accepted domain on the same Exchange environment.
Even though Microsoft released Address Book Policies it doesn’t take care of some things and could still potentially leak information between tenants. For example, internal Out of Office messages will be leaked between tenants because as far as Exchange is concerned the other tenant is on the same environment… which in turn sends the internal out of office message back instead of the external out of office.
There are three things this transport agent will do for you:
- Route all email sent between tenants (I.E. domain1.com sends an email to domain2.com and they are both tenants on your hosted Exchange environment) out a specific send connector which you should have a smart-host set on.
- Determine if internal out of office messages are about to be sent to other tenants and delete them before they reach the other end.
- Route certain sender domains to a specific send connector (route by sender)
¶ Installation
Installing this transport agent is easy but there are some steps you need to follow before you can implement it in your environment:
- Download the zip file and extract it
- Right click on the TransportAgent.dll file, go to properties and make sure it is unblocked.
- Open the dll.config file
Next you will need to copy all the files and the resources folder to each Hub Transport server you have:
Next open Exchange Powershell (be sure to run as administrator) on each hub transport server and:
- Run: Set-ExecutionPolicy –ExecutionPolicy Unrestricted
This will make sure the system has rights to run the CloudPanel Transport Agent scripts. Be sure to change this back to what you want after. - Run: Setup_Eventvwr.ps1
The CloudPanel Transport Agent writes all errors and debug information to a “CloudPanel Transport Agent” event log. This powershell will create the event log for you. - Run: Install.ps1
This will copy the files to the default Exchange 2010 (2013 will be V15 instead of V14) path for transport agents (which should be “C:\Program Files\Microsoft\Exchange Server\V14\Public\”). If your path is different then you can open the Install.ps1 script and change the path. This script does a couple things after:
** Copies the TransportAgent.dll and TransportAgent.dll.config to the correct directory
** Stops the Exchange Transport Service
** Installs the transport agent in Exchange
** Enables the transport agent in Exchange
** Starts the Exchange Transport Service
¶ Configuration File
You will notice there are three options in this configuration file:
<add key=”DebugOn” value=”False” />
If you are having any issues or need support from KnowMoreIT you change the value=”False” to value=”True”. This will generate some messages in the event viewer to assist with troubleshooting. Be sure to always turn this back off because it will cause more of a load and generate additional processing time
<add key=”RoutingDomain” value=”nexthopdomain.com” />
This is the DEFAULT domain that must be on your send connector (see below).
<add key=”BlockInternalOutOfOffice” value=”True”/>
If you choose to not block internal out of office messages between tenants you can change this to False
<add key=”InternalRoutingOn” value=”True”/>
This will enable or disable internal routing for the entire server. What this means is the CloudPanel Transport Agent won’t process any messages UNLESS you add the domain to the list.
<add key=”GlobalRouteSameDomainOn” value=”False”/>
This will force all emails out through the send connector even if they are from and to the same domain.
<add key=”tenantdomain.com” value=”fake-tenantdomain.com;false”/>
If you need to route a specific domain out a certain send connector. This example routes all emails from tenantdomain.com out to a send connector with the address under Address Space fake-tenantdomain.com. This does not process if the email is from and to the same domain. You can add one for each domain you have. If one is not specified then it will route to the value specified for the “RoutingDomain” key.
The value after the semi-colon is used to specify if you are routing emails from and to the same domain outbound. By default this is false. An example would be if this is set to true then emails from knowmoreit.com and to knowmoreit.com would be forced outbound. This is a GREAT way to avoid having to use journaling as long as your archiver supports reading winmail.dat files.
Note
nexthopdomain.com is the default in the TransportAgent.dll.config file. You can change this.