FS
Documentation

Email Scout

From Documentation

(Difference between revisions)
Jump to: navigation, search
Revision as of 02:02, 6 December 2006
Daniels (Talk | contribs)
(Set Up Server)
← Previous diff
Revision as of 02:03, 6 December 2006
Daniels (Talk | contribs)
(Email Round Trip Monitoring for Exchange)
Next diff →
Line 77: Line 77:
---- ----
-In order to monitor Round Trip email in Exchange, we need to set up a user and simply add a script to that users inbox that will send back the email. +Service Account Setup
-The steps to do this are outlined below.+The following steps detail how to create a service account which executes event service scripts...
-You will need:+
-* access to an account that has Exchange Administrator Privileges+
-* access to the Exchange System Manager console+
-* access to the Active Directory Users and Computers Console+
-* an installed copy of Outlook 2003. Outlook Express will not be sufficient for this purpose.+
-=== Set Up a New User Account ===+ 1. In Active Directory Users and Computers (U&C): create a new account, specify a password, mark it to never expire and user cannot change, create a mailbox
 + 2. In U&C: add this account to the local “Administrators” group. Do not add it to the “Domain Administrators” group, this will enact specific denials on the mailbox store and elevate the permissions unnecessarily within the domain.
 + 3. In Exchange System Manager (ESM): right click on the organization group, select “Delegate Control…” and add the service account as an “Exchange View Only Administrator”. For more information see the following article…
-Under the Active Directory Users and Computers Console (ADUCC) create a new user.+23018 Overview of Exchange administrative role permissions in Exchange 2003
-#Create your user name+
-#Give the user a password. +
-#* Ensure that the password is set to never expire+
-#* This will warn you that the user cannot change their password on first login+
-#Create the Exchange Mailbox for the new User+
-#Click finish to create the User and Mailbox+
-#Right Click on the created User name and select "Add to a Group"+
-#Make this user a member of the Administrators Group+
-#'''DO NOT''' make the user a member of the Domain Administrators Group, as this will break needed permissions elsewhere+
-=== Set Up Server ===+http://support.microsoft.com/default.aspx?scid=kb;EN-US;823018
-In the Exchange System Manager (ESM) console:+ 4. In U&C: Give the service “Full Mailbox Access” to any script author accounts by right clicking the author’s account, selecting properties, selecting the “Exchange Advanced” tab, and clicking the “Mailbox Rights” button. You may have many authors or want to enable everyone to author scripts potentially. Instead of applying permissions on a mailbox basis, in ESM you can give “Receive As” permissions to a mailbox store, administrative group, or organization.
- + 5. In ESM: Give “Owner” permissions to any public folders that will have events setup on them. If events will be setup on mailboxes, the service account must of “Full Mailbox Access” on the mailboxes.
-#Browse to the required Administrative Group+ 6. In ESM: Select the “Public Folders” node under the “Folders” node of the Administrative Group, right click and select “View System Folders”. Expand the “Events Root” folder and give “Owner” permissions to the service account on the "EventConfig_<exchange server name>" folder.This folder may not exist if you haven’t tried to start the Exchange Event Service before. Just start the service to create the folder.
-#Right click and go to "Delegate Control"+ 7. At this point you either have to wait for these permissions to replicate which could take up to 2 hours or you can restart the Exchange Information Store service.
-#Follow the steps in the Wizard to add the new user as a controller.+ 8. In the Services management console, change the Exchange Event Service to “Logon As” the service account and specify the “Startup Type” as “Automatic”. Then start the Exchange Event Service.
-#Ensure that the Role is set to "Exchange View Only Administrator"+
- +
-Then:+
- +
-#+
---- ----

Revision as of 02:03, 6 December 2006

Contents

How we monitor Email

Functional Software ensures that the mail server processes are running on your mail server machine. We currently offer checks for pop3, smtp and imap services.

We also offer a "round-trip" email monitoring service. This tests that your mail server is effectively communicating with the rest of the world.

In all instances, a remote testing email address is required for returning our test email. We suggest that this be a specially set up email, so that the return of constant emails does not conflict with day-to-day usage of a "real" email account

Email Round Trip Monitoring for Unix/Linux

The round-trip email monitor is set up under Linux/Unix using the .forward feature of your mail system. The Functional Monitoring server sends a specifically constructed email to an address that the end-user has created for the purpose of monitoring. We recommend using a name that is easily remembered, such as webscout@company.com or something similar.

The mail server machine that is being monitored does not need to have Functional Software's COSmanager suite installed on it, but a service contract for email monitoring is required. Also, at this time, the email monitoring service does not cover IP Address based email systems.

When editing the .forward file of the chosen email user, you will need to add the line below:

|/<path_to_script>/email_return

This will run the script, but not retain the original message. This ensures that your users mailbox is not filled with unnecessary messages. If you would like to retain the messages, the .forward file becomes:

\username|/<path_to_script>/email_return

This script email_return verifies that the email is originating from Functional Software. If it does come from our monitoring service, it adds a system timestamp to the Subject line of the email, and returns it to the email monitor address. The timestamp is called in UTC format. It is not, however, used in the monitoring metrics, as there is no guarantee that the time on your remote server and the time on our monitoring server will be in synch.

Once the remote email address is set up, we can start monitoring almost immediately.

When the returned email is received by our monitoring email account, another script builds the information required to measure the round-trip email time, and reports that to the sentinel3G Agent.

Email Round Trip Monitoring for Imail

Many thanks to John Treen from Canning College for this workaround for Windows Imail

The following instruction will guide you through the installation and setup of the Imail Email Return Application for use with our Email Round Trip Monitoring Service

  1. Place Imail Email Return.exe somewhere on your hard disk
  2. Copy vbSendMail.dll to your System32 folder
  3. Load a Command Prompt Window (cmd) and run:
    • regsvr32 %SYSTEMROOT\System32\vbSendMail.dll
  4. Load the Imail Administrator
  5. Expand the folders and navigate to your server name
  6. Right click on the Aliases folder and click Add Alias
  7. At the New Alias ID screen enter your desired monitoring email address (for the rest of the example we will assume you used webscout)
  8. At the Type of Alias screen select Program and click Next
  9. At the Program Alias screen enter the Program name and Arguments like:
    • <Path_to_Application>\IMail Email Return.exe <MAIL_SERVER_ADDRESS> <FROM_ADDRESS>
    • For Example:
      • C:\Imail\Imail Email Return.exe localhost support@fs.com.au
  10. At the Create New Alias Screen click the Finish Button
  11. The address should be set up and ready to go.

Notes

The Imail Email Return.exe program can take up to three command line parameters

The filename and path is automatically appended to the end of the arguments list by Imail when it calls the application. You can also leave the IP/Host and E-Mail address parameters blank and they will be populated with the default values, but it is recommended that you provide them.

The executable can be called in the following three ways:



Note
The vbSendMail program is NOT developed or supported by Functional Software
For more information about the vbSendMail program, please visit vbSendMail at www.freevbcode.com

Email Round Trip Monitoring for Exchange

Steps to Set Up new Email Monitor


Note
At the moment, the Functional Email Round Trip monitor supports only Exchange Server 2003

Service Account Setup

The following steps detail how to create a service account which executes event service scripts...


  1. In Active Directory Users and Computers (U&C): create a new account, specify a password, mark it to never expire and user cannot change, create a mailbox
  2. In U&C: add this account to the local “Administrators” group.  Do not add it to the “Domain Administrators” group, this will enact specific denials on the mailbox store and elevate the permissions unnecessarily within the domain.
  3. In Exchange System Manager (ESM): right click on the organization group, select “Delegate Control…” and add the service account as an “Exchange View Only Administrator”.  For more information see the following article…

23018 Overview of Exchange administrative role permissions in Exchange 2003

http://support.microsoft.com/default.aspx?scid=kb;EN-US;823018

  4. In U&C: Give the service “Full Mailbox Access” to any script author accounts by right clicking the author’s account, selecting properties, selecting the “Exchange Advanced” tab, and clicking the “Mailbox Rights” button.  You may have many authors or want to enable everyone to author scripts potentially.  Instead of applying permissions on a mailbox basis, in ESM you can give “Receive As” permissions to a mailbox store, administrative group, or organization.
  5. In ESM: Give “Owner” permissions to any public folders that will have events setup on them.  If events will be setup on mailboxes, the service account must of “Full Mailbox Access” on the mailboxes.
  6. In ESM: Select the “Public Folders” node under the “Folders” node of the Administrative Group, right click and select “View System Folders”.  Expand the “Events Root” folder and give “Owner” permissions to the service account on the "EventConfig_<exchange server name>" folder.This folder may not exist if you haven’t tried to start the Exchange Event Service before.  Just start the service to create the folder.
  7. At this point you either have to wait for these permissions to replicate which could take up to 2 hours or you can restart the Exchange Information Store service.
  8. In the Services management console, change the Exchange Event Service to “Logon As” the service account and specify the “Startup Type” as “Automatic”.  Then start the Exchange Event Service.

Note
Due to the nature of the Exchange Agent setup, sometimes it can take as long as a minute (60 seconds) to return a result to our monitoring email. This delay should be taken into consideration when looking at your Round Trip metrics.
We have no way of knowing how long it actually takes between the arrival of the email and the running of the agent.

Information we Require

Once you have entered into an email monitoring service agreement with Functional Software, we will ask you to provide us several pieces of information:


* Please note that notification and escalation details are dependent upon the level of contract you undertake.