Wednesday 1 April 2015

Setting up message moderation using transport rules

In a typical scenerio you might have a department with four users, three of which are managed by the fourth member.

We can leverage the "Mananger" attribute in Active Directory by going to a users properties in Active Directory Users and Computers under the 'Organization' tab and delegating a "Manager" for the users - who will act as a "Moderator."

There four major roles at play during moderation (as taken from TechNet):
 
Categorizer: The transport categorizer initiates the approval process. When the categorizer detects a moderated recipient while processing a message, it reroutes the message to the arbitration mailbox.

Store driver:The store driver processes the messages that the categorizer marks for moderation. When the store driver encounters such a message, it stores the original message in the arbitration mailbox and sends approval requests to the moderators. When a moderator responds with a decision, the store driver marks that decision on the message that's stored in the arbitration mailbox. If an approved message is submitted again by the Information Assistant, the store driver removes the approval workflow wrappers so the message that's delivered is identical to the original message submitted by the sender.

Information Assistant:The Information Assistant process monitors the arbitration mailbox. The Information Assistant resubmits any approved messages to the submission queue for delivery to the intended recipients, or it deletes rejected messages. The Information Assistant is also responsible for sending rejection notifications to the sender. In addition, it cleans up the arbitration mailbox by deleting any stale or orphaned messages from the arbitration mailbox. For example, if a moderator simply deletes an approval request instead of making a decision, the corresponding message waiting for approval in the arbitration mailbox needs to be removed by the Information Assistant.

Arbitration mailbox: The arbitration mailbox is used to store the original message that's awaiting approval. By default, one arbitration mailbox is created for moderated transport during setup. It's used for all moderated recipients. You can add additional arbitration mailboxes for load balancing purposes. If you're using multiple arbitration mailboxes, you need to specify which mailbox to use for each moderated recipient.


The mail flow of moderated mail is as follows:

1. The sender sends an email to the moderated recipient
2. The categorizer intercepts the message, marks it for moderation then re-routes it to an arbitration mailbox.
3. The store driver stores the message in the arbitration mailbox and sends an approval request to the moderator.
4. The moderator either declines or accepts the approval request (which is sent via email)
5. The store driver then marks the decision of the moderator on the original mail item in the arbitration mailbox.
6. The Information Store Assistant then pickups the newly flagged mail's properties and then processes the email by either delivering it to the recipient (and deleting the email from the arbirtation mailbox) OR rejects the message (deleting it from the arbitration inbox) and then forwarding it on to the original recipient.

To setup message moderation we do the following:
New-TransportRule -Name "Transport Rule 1" -Enabled $true -FromMemberOf "group@domain.com" -SentToMemberOf groupSent@domain.com -ModerateMessageByManager $true

0 comments:

Post a Comment