Exchange Server 2010 : Implementing Compliance (part 3) - Using MailTips

3. Using MailTips

Exchange Server 2010 introduces the MailTips feature. MailTips gives your Outlook 2010 and OWA users information about their messages and recipients before they send them. For example, if a recipient has enabled an out-of-office reply, a user can use the automatic replies MailTip to read this reply before sending the message. If the recipient is on vacation for an extended period, the sender can decide whether to send the message now or wait for the recipient’s return. MailTips also warn the sender if a recipient’s mailbox is full or if the message that is about to be sent is large enough to fill it. The oversized message MailTip warns a sender if a message exceeds organizational size limits.

A MailTip can also warn you (and your users) whether a message is being sent to a large number of recipients. It is a common error, made even by experienced users, to reply to an email message that has been sent to a large number of recipients and to send the reply to all these recipients when it should go only to the original sender. Another situation that can occur is when a user has received a message on Bcc and replies to all, thus revealing that he or she was on the Bcc list. MailTips warn a sender if a message is being sent as reply-all-on-Bcc.

Sometimes, for various reasons, a message should be sent only to internal recipients. MailTips (by default) warn if a message is being sent to an external recipient or to a distribution group that contains external recipients. In the latter case, MailTips informs the sender how many internal recipients there are but does not identify them.

The moderated transport feature, new to Exchange Server 2010, can require that all email messages sent to specific recipients are approved by moderators. All messages sent to those recipients go through an approval process. The most common scenario is when messages are sent to large distribution groups. MailTips can warn users that they are sending emails to a moderated group. In this case, messages would be delayed pending moderator approval. MailTips can also warn users if they do not have permission to send to a mailbox or distribution group.

If someone leaves an organization, their email address might remain in the autocomplete list of Outlook users. MailTips can warn a sender that he or she is sending to a recipient that no longer exists. Prior to MailTips, the message would have bounced.

You can configure custom MailTips. These replace messages that might otherwise be sent as an automatic response, such as “This mailbox is not monitored” or “You will receive a response within 48 hours.” Custom MailTips can be localized so that users can see them in their own language.

Some client configuration of the MailTips feature is possible in Outlook 2010 or OWA. For example, an OWA user can turn the external recipient MailTips on or off by opening or closing the MailTips bar (click on the anchor icon). However, this lesson concentrates on server-side configuration implemented by an Exchange organization’s administrator.

You can use the EMS but not the EMC to implement the following configurations:

• Enable or disable MailTips

• Configure the large audience size for your organization

• Enable or disable the external recipients MailTips

• Enable or disable MailTips that rely on mailbox data

• Enable or disable MailTips that rely on group metrics data

MailTips are enabled by default. The following command disables MailTips for an Exchange Server 2010 organization:

Set-OrganizationConfig -MailTipsAllTipsEnabled $false

The following command enables MailTips for an Exchange Server 2010 organization if the feature has previously been disabled:

Set-OrganizationConfig -MailTipsAllTipsEnabled $true

When senders address messages to more recipients than the number you specify, they are shown the large audience size MailTips. The large audience size is set to 25 by default. The following command configures the large audience size to 100:

Set-OrganizationConfig -MailTipsLargeAudienceThreshold 100

When the external recipients MailTips is enabled, senders are notified that the recipients of a message include one or more external recipient or a distribution group that contains external recipients. By default, the external recipients MailTips is disabled. The following command enables the external recipients MailTips:

Set-OrganizationConfig -MailTipsExternalRecipientsTipsEnabled $true

Note:

EXTERNAL RECIPIENTS AND GROUP METRICS

The external recipients MailTips relies on group metrics data. Therefore, if you enable the external recipients MailTips, you also need to ensure that MailTips that rely on group metrics data (as described later in this section) are enabled. These MailTips are enabled by default.

Mailbox data includes Out of Office and Mailbox Full information. By default, MailTips that rely on mailbox data are enabled. The following command disables MailTips that rely on mailbox data:

Set-OrganizationConfig -MailTipsMailboxSourcedTipsEnabled $false

Group metrics data consists of the membership count and external members count for all distribution groups and dynamic distribution groups. MailTips such as large audience size and external recipients rely on this data. By default, these MailTips are enabled. The following command disables MailTips that rely on group metrics data:

Set-OrganizationConfig -MailTipsGroupMetricsEnabled $false

Before you can use custom MailTips, you need to ensure that MailTips are enabled in your Exchange Server 2010 organization. Custom MailTips can include HTML links (hyperlinks), but scripts are not permitted. The length of a custom MailTips cannot exceed 250 characters. You can use the EMS but not the EMC to configure custom MailTips for recipients based on the following EMS cmdlets:

• Set-Mailbox

• Set-MailContact

• Set-MailUser

• Set-DistributionGroup

• Set-DynamicDistributionGroup

• Set-MailPublicFolder

Suppose, for example, that the response time service-level agreement (SLA) for your Help Desk is three hours and that the Help Desk mailbox is called CorporateAssistance. The following configures a custom MailTip for that mailbox to inform senders that they will receive a response within three hours:

Set-Mailbox -Identity "CorporateAssistance" -MailTip "A Corporate Assistance
representative will contact you within 3 hours."

					  

Custom MailTips are also useful for recipients, such as distribution groups, whose display name could be misinterpreted. For example, assume that you have a distribution group called Marketing that is used for intradepartmental communications. The following command configures a MailTip that informs senders what the distribution group is used for and directs them to the correct address if they have a question or comment to submit to the Marketing Department:

Set-DistributionGroup -Identity Marketing -MailTip "This distribution group is used
for Marketing intra-departmental communications. If you want to contact a Marketing
representative, please e-mail [email protected]."

					  

3.3. Using Message Classifications

Message classifications are a feature of Exchange Server 2010, Office Outlook 2007, Outlook 2010, and OWA designed to help organizations comply with email policies and regulatory responsibilities. A classified message contains specific metadata that describes its intended use or audience of the message. An Outlook or OWA client can use this metadata to display a user-friendly description of the classification to senders and receivers of a classified message. In Exchange Server 2010, the Exchange Transport service acts on the metadata if a transport rule exists that meets criteria you have configured.

You can set the following Message classification fields:

• Display name This appears in the Permission menu in Outlook and OWA and is used by Outlook and OWA users to select the appropriate message classification before a message is sent. The display name is also displayed in the recipient description that appears in the InfoBar in an Outlook message.

• Sender description This explains to the sender what the message classification is intended to achieve. OWA and Outlook users use the sender description to select the appropriate message classification before a message is sent.

• Recipient description This explains to a recipient what the message classification is intended to achieve. OWA and Outlook users view the sender description when they receive a message that has this message classification.

• Locale This specifies a culture code to create a locale-specific version of the message classification.

After Outlook is enabled to accept the default message classifications, users can apply message classification to messages that they send. Senders see the sender description in the InfoBar in Outlook. You can use the EMS to customize the sender description for each message classification and locale.

The following message classifications are enabled by default in Exchange Server 2010—users cannot add these classifications to messages:

• Attachment Removed This notifies recipients when attachments have been removed from the message.

• Originator Requested Alternate Recipient Mail This notifies recipients that the message has been redirected.

• Partner Mail This notifies recipients that the message was encrypted and delivered through a secure connector.

By default, all message classifications are informational only and are not associated with any transport protection rules. They provide additional information about a message to message recipients, but the Microsoft Exchange Transport service does not take any special action on the message.

You can, however, create transport rules associated with message classifications. For example, you can configure a transport rule that checks all incoming messages for a specific message classification and direct that these messages be delivered to a designated recipient. You can also use the New-TransportRule EMS cmdlet or the New Transport Rule Wizard in the EMC to create a transport rule that is associated with a message classification.

Message classifications can be separated into two classes based on how they are attached to a specific message:

• Manually added in Outlook or OWA by the sender of a message before the message is sent.

• Added as the result of a transport rule. For example, when the Attachment Filter agent removes an attachment from a message, the Attachment Removed message classification (ExAttachmentRemoved) is attached to the message.

3.4. Creating a Message Classification

You can use the New-MessageClassification EMS cmdlet to create a message classification. For example, the following command creates a message classification named SampleMessageClassification with the display name Sample Message Classification and the sender description “This is a sample message classification.”:

New-MessageClassification -Name SampleMessageClassification -DisplayName "Sample Message
Classification" -SenderDescription "This is a sample message classification."

					  

Figure2 shows the output from this command.

After you create a new message classification, you can specify it as a transport rule predicate. Before Outlook and OWA users can apply the message classification to messages, you need to update the end-user systems with the message classification Extensible Markup Language (XML) file created by the Export-OutlookClassification.ps1 script file, which is located by default in the C:\Program Files\Microsoft\Exchange Server\Scripts directory.

3.5. Localizing Message Classifications

By default, a message classification is used for all locales. You can add new locales of the message classification by running the New-MessageClassification cmdlet and by specifying the default message classification identity that you want to localize. Sometimes, for example, you might need to use several different languages for message classifications. After you create the default message classification instance, you can create more message classification instances for different languages.

Each localized version of a specific message classification is implemented by a new message classification instance. The Locale parameter defines the locale for a particular message classification instance, such as es-ES (Spanish—Spain). The following command creates a locale-specific version of the existing message classification SampleMessageClassification:

New-MessageClassification -Identity SampleMessageClassification -Locale es-ES -DisplayName
"En Espanol" -SenderDescription "Esta es una clasificacion de mensajes muestra."

					  

Figure 3 shows the locale-specific version of the message classification SampleMessageClassification.

You can also use a message classification instance to change the content of the sender description and recipient description to reflect differences in regulatory requirements for different jurisdictions. For example, health care–related companies that operate in the United States and in Europe may have to comply with Health Insurance Portability and Accountability Act (HIPAA) regulations in the United States but not in Europe. Therefore, the display of message classifications that are HIPAA specific should be enabled only for employees operating in the United States. You can set Read permission on classifications so that only appropriate users can view specific message classifications.

Note:

ACKNOWLEDGEMENT OF SOURCE

The example above was taken from Technet. It is an excellent example, and I cannot think of one nearly as good.

3.6. Configuring Message Classification Priority and Retention

Each message classification can be assigned a priority relative to other message classifications. This sets the precedence on a classification and determines how it is displayed to the recipient. The message classification with the highest precedence is shown first, and subsequent classifications with lesser precedence are displayed in order after it.

You set precedence by using the DisplayPrecedence parameter of the Set-MessageClassification EMS cmdlet. Valid input for the DisplayPrecedence parameter is Highest, Higher, High, MediumHigh, Medium (the default), MediumLow, Low, Lower, and Lowest.

You can also specify whether the message classification is retained when a recipient replies to or forwards the message by setting the RetainClassificationEnabled parameter of the Set-MessageClassification cmdlet to $true or $false. The following command changes the display precedence of the message classification SampleMessageClassification to MediumLow and specifies that the message classification should be retained if the message is forwarded or replied to:

Set-MessageClassification -Identity SampleMessageClassification -DisplayPrecedence
MediumLow -RetainClassificationEnabled $true

					  

You can use the Get-MessageClassification EMS cmdlet to view the configuration of a message classification, such as follows:

Get-MessageClassification -Identity SampleMessageClassification | FL

Figure 4 shows the output from this command.

If you are using a default message classification and want to change one of its parameters, you can pipe the output of the Get-MessageClassification cmdlet into a Set-MessageClassification cmdlet. For example, the following command changes the priority of the default Attachment Removed message classification to Highest:

Get-MessageClassification -Identity ExAttachmentRemoved | Set-MessageClassification
-DisplayPrecedence Highest

					  

You can also use the New Transport Rule Wizard in the EMC to reconfigure a default message classification.

3.7. Configuring Read Access to Message Classifications

When you create a message classification and enable it on the computer on which Outlook or OWA runs, the new message classification will be present in the Permission menu of the client software. You can control read access for message classifications by configuring the Read permission on the message classifications that you export into the Classifications.xml file. By default, all message classifications are created with Read permission for any authenticated user.

In situations that require more restrictive access for message classifications, such as if a message is relevant to recipients in one locale but not another, the Read permission can be removed from a message classification object. You first use the Get-MessageClassification EMS cmdlet to access the message classification and then remove the AdPermission setting. For example, the following command removes Read access from a message classification instance named SampleMessageClassification for the user Kim Akers:

Get-MessageClassification -Identity SampleMessageClassification | -Remove AdPermission
-User "Kim Akers" -AccessRights GenericRead

					  

The following command removes Read access from a message classification instance named SampleMessageClassification for a universal distribution group named Marketing:

Get-MessageClassification -Identity "SampleMessageClassification" | -Remove AdPermission
-User Marketing -AccessRights GenericRead

					  

After you create a message classification instance, you can associate a transport rule with the message classification. You use the New-TransportRule EMS cmdlet to create a transport rule and add the message classification as a condition. You can also use the EMC New Transport Rule Wizard to create a transport protection rule.

New-TransportRule -Name ClassificationTest -From "Kim Akers" -SentTo "Don Hall"
-ApplyClassification Default\SampleMessageClassification

					  

Figure 5 shows the output of this command.

The HasClassification parameter specifies a message classification and enables you to create a transport rule that carries out a specified action only if a particular message classification is applied to the message. The ExceptIfHasClassification parameter also specifies a message classification, but in this case the action defined by the transport rule takes place if the classification is not applied to the message.

For example, the following command creates a transport rule that blocks messages between members of the Marketing distribution group and Finance distribution group that are not classified as Interdepartmental:

New-TransportRule BlockMessagesBetweenMarketingAndFinance -BetweenMemberOf1 Marketing
-BetweenMemberOf2 Finance -ExceptIfHasClassification Default\
Interdepartmental -RejectMessageReasonText "E-mail messages sent between the Marketing
department and the Finance department must be classified as Interdepartmental."

					  

Figure 6 shows the output of this command. Note that for the above command to work, the Marketing and Finance distribution groups and the default instance of the Interdepartmental message classification must exist.

The New-TransportRule cmdlet also supports two Boolean parameters—that is, parameters that can take only the values $true or $false. The HasNoClassification parameter enables you to specify that a transport rule is applied to any message that has no message classification. Microsoft recommends that if you use this parameter, its argument should be $true. The ExceptIfHasNoClassification parameter enables you to specify that a transport rule is applied to any message that has any message classification. Table 3 summarizes the message classification parameters that the New-TransportRule EMS cmdlet supports.

Note:

Take note of which of the parameters in Table 11-3 are Boolean and which take the name of a message classification as their argument.