You might want to take more sweeping enforcement action to limit mailbox sizes. If users can't do their own archiving and cleanup, you can do it for them. The Mailbox Management service cleans out old messages by either deleting them completely or moving them to a cleanup folder for eventual deletion.
- You are reading tip #10 from "15 tips in 15 minutes: Managing recipients and distribution lists," excerpted from Chapter 5 of the book Learning Exchange Server 2003, published by Addison-Wesley Professional.
The decision whether to impose automated mailbox management depends a lot on money and corporate culture. If you are an administrator in a small company where everyone likes to function with as few rules as possible, and you can convince management to buy as much storage (and backup capacity) as necessary to accommodate the users' needs, then you don't need to control mailbox size. But if you work in a company where you have to fight for every nickel to buy storage, and your backup window is stretched to the limit and you can't convince your users that messages they received during the halftime of Superbowl XX can be safely deleted, then automated mailbox management starts to look pretty good.
Mailbox Manager Recipient policies
A Mailbox Manager Recipient policy controls the selection of items that the Mailbox Management service deletes or archives. To create a Mailbox Manager policy, open ESM and drill down to the Recipients container. Right-click the Recipient Policies folder and select New -> Recipient Policy from the flyout menu. This opens a New Policy window as shown in Figure 5.45
Select the Mailbox Manager Settings option and click OK to open the Properties window for the new policy. Give the policy a name, such as Mailbox Manager Policy. Figure 5.46 shows an example of the default settings. The policy allows a user to keep all messages received in the last 30 days and to keep older messages if less than 1MB in size.
The When Processing a Mailbox dropdown box defines the following actions:
Generate report only. The Mailbox Management service evaluates the content of a user's mailbox against the policy settings and emails a report to the user and to an administrator. It does not take any actions to move or delete the messages.
Move to Deleted Items folder. The Mailbox Management service takes each item that exceeds the policy settings and moves it to the Deleted Items folder in the user's mailbox. Users must purge their Deleted Items folders occasionally for this option to have an impact on mailbox size.
Move to System Cleanup folders. If you select this option, items identified by the Mailbox Management service get moved into a new folder called System Cleanup. The folder structure under System Cleanup mimics the folder structure in the user's Inbox so users can find a message quickly if they need to retrieve it. You can create another policy targeted at the System Cleanup folder with a slightly longer interval that deletes the contents.
- Delete immediately. The Mailbox Management service removes the item entirely. This will get your user's attention, I guarantee.
Informing users of automated mailbox actions
When you enforce mailbox limits, be sure to configure the Mailbox Manager recipient policy to inform the user what happened. Select the Send Notification Mail to User after Processing option and modify the message to tell your users the purpose of the scan and the actions they should take.
If you decide to forego playing Mr. or Ms. Nice Guy, you can elect to move the items to a cleanup folder and tell the users where to look for their mail. Figure 5.47 shows an example message.
Targeting Mailbox Manager policies
You can have separate Mailbox Manager recipient policies for different types of users. For example, you can choose to simply notify some users, to move items into the System Cleanup folders for the majority of users, and to delete items completely for those users singled out as email storage abusers.
To do this kind of targeting, you need to have a way to identify the recipients by a unique attribute that they share in common. The Mailbox Manager recipient policy uses an LDAP filter to identify target users, and you can use the LDAP query builder in the policy to help you create a filter.
Applying Mailbox Manager policies
The settings you select in a Mailbox Manager policy get applied to a user's mailbox in two stages:
- In the first stage, the RUS finds users who meet the filter rule in the policy. When the RUS fires, it performs an LDAP search using the Filter Rules in the Mailbox Manager recipient policy. If it finds a user who matches the search criteria in the filter rules, it marks the user's Active Directory object with an attribute called MsExchPoliciesIncluded. This attribute contains the Globally Unique Identifier of the Mailbox Manager recipient policy. In other words, RUS acts a little like a county code inspector who determines that a building does not comply with some statute and places a big red tag on the front door.
- In the second stage, the Mailbox Management service goes through each mailbox in a mailbox store, finds the associated user object for each mailbox, determines if RUS has flagged it with a Mailbox Manager recipient policy, and then takes the action defined by the policy.
The next section describes how to configure when the Mailbox Management service runs and where to send a summary report.
Configuring the Mailbox Management service
The Mailbox Management service runs periodically on each Exchange server with a schedule that you can configure via the Properties window for the server object in ESM. Select the Mailbox Management tab, as shown in Figure 5.48.
The default setting tells the Mailbox Management service not to not run at all. The Start Mailbox Management Process dropdown list has two primary options: run each Saturday at Midnight or each Sunday at Midnight. You can establish a custom schedule if those times interfere with other processes running on the server.
In the Reporting dropdown list, you can choose to send a report to a selected administrator. You have the option of a Summary or Detailed report. Figure 5.49 shows an example of a summary report. Choose the detailed report option only if you want lots and lots of data.
Manually initiating Mailbox Management
If you want to test a new set of mailbox management policies, start by right-clicking the new Mailbox Management recipient policy and selecting Apply This Policy Now from the flyout menu. Then right-click the Recipient Update Service instance for that domain, select Update Now, and then do it again and select Rebuild. This primes the Recipient Update Service with the new policy and then applies the policy to existing objects that meet the search criteria.
Once you've flagged the user objects in Active Directory using RUS, you can run the Mailbox Management service manually on a server using ESM. Right-click the server icon and select the Start Mailbox Management Process option, as shown in Figure 5.50.
The system does not give you any progress bars or any other indication that the Mailbox Management process has completed. Instead, look for a summary report in your inbox. For troubleshooting, you can increase the diagnostics logging for the Mailbox Management item under MSExchangeSA in the properties window of an Exchange server in ESM.
15 tips in 15 minutes: Managing recipients and distribution lists
Tip 1: Exchange security groups
Tip 2: Group membership expansion
Tip 3: Managing Exchange group email properties
Tip 4: Exchange 2003 Query-Based Distribution Groups
Tip 5: DSAccess for Exchange
Tip 6: DSProxy for Exchange
Tip 7: Managing Exchange recipient policies
Tip 8: Exchange Recipient Update Service and proxy addresses
Tip 9: Restricting mail storage on an Exchange server
Tip 10: The Exchange server mailbox management service
Tip 11: Blocking a user's email access
Tip 12: Accessing another user's mailbox in Outlook
Tip 13: Exchange mail retention
Tip 14: Managing recipients with system policies
Tip 15: Managing recipients with Global Settings
This chapter excerpt from Learning Exchange Server 2003 by William Boswell is printed with permission from Addison-Wesley Professional, Copyright 2004. Click here for the chapter download or to purchase the book.