Table of Contents
- About Exchange 2013 transport agents
- What you need to configure in Exchange 2013
- Installing Binary
- Configuring SBR Transport Agent
- Enabling Event Logging
- Installing SBR Transport Agent on Exchange 2013
- Installing ABP Routing Agent on Exchange 2013
- Enabling SBR Transport Agent on Exchange 2013
- Enabling ABP Routing Agent on Exchange 2013
- Uninstalling SBR Transport Agent
- Uninstalling Event Logging
About Exchange 2013 transport agents
According to this article How to write an Exchange 2013 transport agent from the Exchange Team Blog, this agent only runs on Mailbox role (Transport Service type "Hub").
The Front End Transport service (Transport Service type "FrontEnd") running on CAS role only supports the SmtpReceiveAgent class, we are using RoutingAgent here.
Transport service: This service runs on all Mailbox servers and is virtually identical to the Hub Transport server role in previous versions of Exchange. Unlike previous versions of Exchange, the Transport service never communicates directly with the mailbox store. That task is now handled by the Mailbox Transport service. The Transport service routes messages between the Mailbox Transport service, the Transport service, and the Front End Transport service.
The Transport service fully supports all the predefined classes in Exchange 2010, which means that any transport agents written for Hub Transport server role in Exchange 2010 should work in the Transport service in Exchange 2013.
I tested this agent on a box with both roles, and in environments where CAS and MBX is separated. Then the agent needs to be implemented on the MBX server as said above.
What you need to configure in Exchange 2013
For every configured re-routing domain or specific sender email address, you need to have a corresponding Send Connector (that preferrably has a cost below the default Send Connector for "*").
E.g. if you configure sender domain mydomain.com or sender email address john.doe@mydomain.com to override routing to mydomain.sbr (the rerouting domains do not need to have a valid tld, I chose .sbr), you need to configure a Send Connector to route mails to mydomain.sbr to your mailgateway of choice.
Remember, it does not rewrite the recipient, just uses the re-routing domain to route the mail to the configured Send Connector.
Installing Binary
Create directory:
%ExchangeInstallPath%\TransportRoles\agents\Custom
• Copy Microsoft.Exchange.SBR.dll or your own compiled dll to this directory
To compile yourself, see How to compile it with your own Exchange version dlls.
• Precompiled Microsoft.Exchange.SBR.dll binaries:
Exchange 2013 CU23, dll file versions 15.0.1497.6, with Sec. Upd. KB4509409, KB4523171, KB4536988 installed, compiled with .NET Target Framework 4.8
Exchange 2013 CU13, dll file versions 15.0.1210.3
Exchange 2013 CU10, dll file versions 15.0.1130.7
Exchange 2013 CU9, dll file versions 15.0.1104.5
Exchange 2013 SP1, dll file versions 15.0.847.31 (Common) & 15.0.847.30 (Transport)
Exchange 2013 CU2, dll file versions 15.0.712.0
Exchange 2013 RTM, dll file versions 15.0.516.30 (Common) & 15.0.516.26 (Transport)
(Unblock the dll in its file properties once extracted from the ZIP file)
Configuring SBR Transport Agent
Create OverrideSettings Config
Create Microsoft.Exchange.SBR.OverrideSettings.config in
%ExchangeInstallPath%\TransportRoles\agents\Custom:
#Line Format: [original_internal_domain_or_individualsender];[re-routing_domain]
mydomain.com;mydomain.sbr
john.doe@myotherdomain.com;myotherdomain.sbr
#notused.com;notused.sbr
• Empty lines and commented lines (with preceding #) are allowed
Create InternalDomains Config
Create Microsoft.Exchange.SBR.InternalDomains.config in
%ExchangeInstallPath%\TransportRoles\agents\Custom:
#Line Format: [internal_domain]
mydomain.com
myotherdomain.com
#notused.com
• Create this file even if it remains empty!
• If it remains empty, each mail of every configured re-routing domain or specific sender email address is sent to the appropriate mailgateway, even if the recipient is from the same (or any other) internal domain. Maybe this is even a wanted behaviour.
• Otherwise list every internal recipient domain the agent should know about to be able to send fully resolvable Exchange objects between them (using the ABP Routing Agent).
• Empty lines and commented lines (with preceding #) are allowed
Create IgnoreAuthAs Config
Create Microsoft.Exchange.SBR.IgnoreAuthAs.config in
%ExchangeInstallPath%\TransportRoles\agents\Custom:
#Line Format: [Ignore_AuthAs_Header]
Anonymous
External
Partner
• If not at least Anonymous is in this list, loops will be created for internal sender/recipient combinations that have not an equal GroupID
• Internal should never be in this list, these mails are to be evaluated in the first place
• Internal are sent from withing Exchange org, e.g. Outlook/OWA/ActiveSync etc. Anonymous come from Outside. I'm honestly not 100% sure yet about External and Partner, haven't seen those values yet.
• Agent checks X-MS-Exchange-Organization-AuthAs header value against this list and ignores message if value is in list
• See list of Exchange organization X-headers at Understanding Header Firewall
• Empty lines and commented lines (with preceding #) are allowed
Enabling Event Logging
How to enable this agent for Event Logging
• Open command prompt, navigate to the following location (or equivalent based on your .NET installation):
%windir%\Microsoft.NET\Framework64\v4.0.30319
(if not sure, check where the InstallUtil.exe and EventLogMessages.dll files are)
• Execute:
InstallUtil.exe "C:\Program Files\Microsoft\Exchange Server\v15\Transport Roles\agents\Custom\Microsoft.Exchange.SBR.dll"
(This step only needs to be done once)
• Set event logging level in Registry at:
HKLM\SYSTEM\CurrentControlSet\services\MSExchangeSbrAgent\Diagnostics
DWORD "General"
• Logging Levels (each level includes messages from lower levels):
0: Default: No logging
1: For each rerouted message, log for how many recipients it was rerouted
2: For each rerouted message, log the individual recipients for whom it was rerouted
3: For each rerouted message, log sender domain or email address found in rerouting table;
Log exception information on agent error
4: Log start message handling;
Log end message handling when nothing to do;
Log exit message handling
5: Log X-MS-Exchange-Organization-AuthAs header value (Internal/Anonymous)
6: Show event logging level on each started instance of agent
>=7: (not used)
• All event log entries include the Message ID and the subject.
Installing SBR Transport Agent on Exchange 2013
How to install this custom transport agent
• Open Exchange Management Shell
• Execute:Install-TransportAgent "Sender Based Routing" -TransportAgentFactory "Microsoft.Exchange.SBR.SbrRoutingAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\Custom\Microsoft.Exchange.SBR.dll" -TransportService Hub
• Restart Exchange Management Shell
• Execute: Restart-Service MSExchangeTransport
Installing ABP Routing Agent on Exchange 2013
How to install included transport agent
This new ABP Routing Agent ships with Exchange 2013 CU1. It solves the problem for fully resolvable Exchange objects if members of different ABPs sent mails to eachother.
Microsoft:
Address Book Policies, Jamba Jokes and Secret Agents
So what we have done is create an agent, which when enabled, and I’m explaining this at a very high level, examines each message submitted by a user, and looks up the ABPs of any recipients it finds, and buckets or groups the message by ABP, and then performs recipient resolution on them using the GAL specified within the ABP, not the entire directory, before it delivers the message.
How to install this included transport agent:
• Open Exchange Management Shell
• Execute:Install-TransportAgent -Name "ABP Routing Agent" -TransportAgentFactory "Microsoft.Exchange.Transport.Agent.AddressBookPolicyRoutingAgent.AddressBookPolicyRoutingAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\AddressBookPolicyRoutingAgent\Microsoft.Exchange.Transport.Agent.
AddressBookPolicyRoutingAgent.dll"
• Restart Exchange Management Shell
• Execute: Restart-Service MSExchangeTransport
Enabling SBR Transport Agent on Exchange 2013
How to enable this custom transport agent
• Open Exchange Management Shell
• Execute: Enable-TransportAgent "Sender Based Routing" -TransportService Hub
• Execute: Restart-Service MSExchangeTransport
• Check Transport Agents: Get-TransportAgent
Enabling ABP Routing Agent on Exchange 2013
How to enable included transport agent
• Open Exchange Management Shell
• Execute: Enable-TransportAgent "ABP Routing Agent"
• Execute: Restart-Service MSExchangeTransport
• Execute: Set-TransportConfig –AddressBookPolicyRoutingEnabled $True
• Check Transport Agents: Get-TransportAgent
Uninstalling SBR Transport Agent
How to disable/uninstall this custom transport agent
• Open Exchange Management Shell
• Execute: Disable-TransportAgent "Sender Based Routing" -TransportService Hub -Confirm:$false
• Execute: Restart-Service MSExchangeTransport
• To be able to replace the dll with a new version, sometimes I have to execute an iisreset now.
• Execute: Uninstall-TransportAgent "Sender Based Routing" -TransportService Hub -Confirm:$false
• Execute: Restart-Service MSExchangeTransport
• Check Transport Agents: Get-TransportAgent
• To be able to delete the dll, execute an iisreset
Uninstalling Event Logging
How to disable/uninstall event logging
To revert the changes made for event logging, just delete these two keys:
HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeSbrAgent
HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Microsoft.Exchange.SBR