New Messaging Policy and Compliance Features
Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2006-11-13
Organizations need an application-specific approach to coping with a growing number of legal, regulatory, and internal policy and compliance requirements. Administrators must filter, process, and store e-mail that flows between users in the organization, to or from the Internet, or between partner organizations. Microsoft Exchange Server 2007 provides a broad set of e-mail policy and compliance features to address this increasing requirement to protect and control the flow of information.
You can use the policy and compliance features of Exchange 2007 to apply rules to messages in transport and to enforce retention requirements for stored data. Transport-based policies are configured on computers that have the Hub Transport server role installed and on computers that have the Edge Transport server role installed. A collection of transport agents lets you configure rules and settings that are applied as messages enter and leave the transport components. You can create policy and rule settings that address the regulations that apply to your organization and that can easily be changed to adapt to your organization's requirements. The Journaling agent acts on messages in transit to enforce retention of messages that meet specified criteria. Messaging records management (MRM) policies are applied to managed folders in users' Inboxes to automate and simplify message retention management. Configuration of storage features help organizations more easily comply with these legal, regulatory, and internal requirements by providing an efficient system of retention and disposal according to organization policy.
Use the features that are described in this topic to support your organization's requirement to comply with legal, regulatory, and internal policies. Transport rules and journaling are triggered after message categorization and use information about the messages, the sender's identity, and the recipient's identity to determine which policies to apply. Features that run inside the Exchange organization are configured by an Exchange Organization Administrator. The configuration information is stored in the Active Directory directory service. Storing data in Active Directory makes the policy setting available to every internal Exchange server role. This lets you configure the policy one time, and the policy will be applied throughout the whole organization consistently and continually.
- Address rewriting You configure the Address Rewriting agent on the Edge Transport server role to enable the modification of the Simple Mail Transfer Protocol (SMTP) addresses on inbound and outbound messages. Address rewriting is especially useful when an organization that has several domains wants to present a consistent appearance of e-mail addresses to external recipients of messages from the Exchange 2007 organization. For more information, see Planning for Address Rewriting.
- Edge transport rules You configure the Edge Rules agent on the Edge Transport server role to create rules that control the flow of messages that are sent to or received from the Internet. The Edge Transport rules help protect corporate network resources and data by applying an action to messages that meet specified conditions. These rules are configured for each server. Edge Transport rule conditions are based on data, such as specific words or text patterns in the message subject, body, header, or From address, the spam confidence level (SCL), or attachment type. Actions determine how the message is processed when a specified condition is true. Possible actions include quarantine of a message, dropping or rejecting a message, appending additional recipients, or logging an event. Optional exceptions exempt particular messages from having an action applied.
The Edge Rules agent processes messages that are sent to or received from the Internet. To apply rules to messages that are sent between users in the same organization, you must configure the Transport Rules agent. For more information, see Overview of Transport Rules.
- Hub transport rules You configure the Transport Rules agent on the Hub Transport server role to create rules that are applied to messages that are sent to or from users in the organization. The Hub Transport rules help control communications that are affected by regulatory compliance and corporate policy requirements. These rules are stored in the Active Directory directory service and are available to, and are applied by, all Hub Transport servers. Hub Transport rules support an extended set of conditions, letting you control message flow based on distribution groups, internal or external recipients, message classifications, and message importance. Actions determine how the message is processed when a specified condition is true. Possible actions include applying a message classification, appending disclaimer text, redirecting the message to an address, removing the message header, or logging an event. Optional exceptions exempt particular messages from having an action applied.
By using Hub Transport rules, you can create regulatory ethical walls to limit communications between internal departments where conflicts of interest may exist, and you can protect your company and clients against privacy invasion. For more information, see Overview of Transport Rules.
- Disclaimers You can also configure transport rules to add disclaimer text to the start or end of the message body. The Exchange Organization Administrator customizes disclaimers to meet your organization's requirements. These disclaimers may contain text that refers to accidental disclosure of the message contents, or proprietary or confidential information. For more information, see Overview of Disclaimers.
- Journaling You configure journal rules on the Hub Transport server. Transport-based journaling gives you more flexibility than the store-based configuration of Exchange Server 2003 and reduces duplication of journal reports. Communications are journaled according to the distribution scope of the message, and the conditions that trigger the journaling action are refined by specifying an individual user or the sender's or recipient's distribution list membership as criteria. Journal reports can be delivered to an Exchange mailbox or to any valid SMTP address. This flexibility lets you journal to an archive or hosted service. For more information, see Overview of Journaling.
- Messaging records management Administrators can use the MRM features in Exchange 2007 to help users and the organization retain the messages that they need for business or legal reasons and delete message that they don’t need. You do this by configuring managed folders, which are Inbox folders to which retention policies are applied.
Retention policies can be applied to folders that are created by the administrator and to default mailbox folders, such as the Inbox or Sent Items folder. The administrator or the user puts these managed folders in the user’s Inbox. Then, the user sorts messages into the managed folders according to organization policy. These folders can be deployed to user mailboxes per user.
Exchange also has Web services that enable customers or third-party vendors to build a Web page that provides a "self-service" interface where users can select their own managed folders. Messages that are put in these managed folders are periodically processed according to the retention policies. When a message reaches a retention limit, it can be archived, deleted, flagged for user attention, or logged. For more information, see Managing Messaging Records Management.
For more information about how you can configure Exchange 2007 to meet your organization's requirements for central management of e-mail communications and information life cycles, see the following topics: