Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2006-11-27

This topic explains how Microsoft Exchange Server 2007 associates a delivery status notification (DSN) code and message to the RejectMessage transport rule action on a computer that has the Hub Transport server role installed.

Among the actions that transport rules that run on Exchange 2007 Hub Transport servers help you perform is the rejection of messages that meet configured conditions. When a message is rejected, a non-delivery report (NDR) is returned to the sender and the original message is deleted. For more information about transport rules, see Overview of Transport Rules.

Exchange 2007 lets you customize the contents of the NDR that is returned to the sender by creating a customized DSN message. The customized content can contain information that you want to send to the recipient of the NDR, such as policy information and specific troubleshooting or contact information. For more information about how to customize DSN messages, see Managing Delivery Status Notifications.

Note:
This topic refers to the RejectMessage transport rule action. RejectMessage is the identifier that is used in the Exchange Management Shell to select the transport rule action that sends an NDR message to the sender and deletes the original message. You can select the same transport rule action in the Exchange Management Console by selecting the send bounce message to sender with enhanced status code transport rule action.

The RejectMessage Transport Rule Action

To associate a DSN message with a transport rule, you must create a transport rule with the RejectMessage transport rule action on a Hub Transport server. The RejectMessage transport rule action lets you specify the following properties:

  • Reject Reason   The text that is specified with this property is displayed in the Diagnostic information for administrators section of the NDR.

  • Enhanced Status Code   The enhanced status code is another way to refer to the DSN code. The enhanced status code that is specified with this property associates the RejectMessage transport rule action with the DSN message that you want to display in the user information section of the NDR. The value that is specified with this property can be 5.7.1, or any value from 5.7.10 through 5.7.999, inclusively.

When you create a new transport rule with the RejectMessage transport rule action, Exchange 2007 searches the DSN message list for a DSN code that matches the value that is specified by the RejectMessage property of the enhanced status code. If a matching DSN code is found, Exchange 2007 automatically associates that DSN message with the transport rule action. If no matching DSN code is found, Exchange 2007 displays the following warning when you create the transport rule: No customized DSN text is configured for the enhanced status code '5.7.xxx'. You can use New-SystemMessage to configure DSN customization.

Note:
If you specify a DSN code other than 5.7.1, you must create a customized DSN message to associate with that DSN code. If a matching DSN code doesn't exist, Exchange 2007 uses the 5.7.0 DSN code.

Figure 1 shows how you use the Edit Transport Rule interface in the Exchange Management Console to configure a transport rule to enforce an ethical wall. You configure the RejectMessage transport rule action by completing the following steps:

  1. Select the between member of distribution group and distribution group condition and then select the distribution groups that you want the transport rule to be applied to. For example, Figure 1 shows the Sales Group distribution group and Brokerage Group distribution group have been selected for use with the condition.

  2. Select the send bounce message to sender with enhanced status code action, and then enter the text that you want to display for the reject reason. If you want to provide a specific DSN message in the user information section of the NDR, change the DSN code. For example, Figure 1 shows that the text, Text to display in the "Diagnostic information for administrator" section, has been entered for the reject reason and the DSN code has been changed to 5.7.228. The DSN code will be associated with a new customized DSN message that is created by the command that is shown in Figure 2 later in this topic.


Create Ethical Wall Using Transport Rule Wizard

For more information about how to create transport rules and how to configure an ethical wall, see the following topics:

DSN Message Association

You use the New-SystemMessage cmdlet to create a customized DSN message that is based on a DSN code. After the customized DSN message is created, Exchange 2007 automatically associates the DSN message with the transport rule by using its DSN code. The DSN code for the customized DSN message must match the DSN code that is specified in the RejectMessage transport rule action. If you add the RejectMessage transport rule action with the same customized DSN code to multiple transport rule actions, the same DSN message is displayed in the NDRs that are generated by those transport rules.

Note:
If you want to change the default text that is associated with the 5.7.1 DSN code, you must create a new customized DSN message by using the New-SystemMessage cmdlet. However, if you change the default text that is associated with the 5.7.1 DSN code, the new text will be displayed any time that the 5.7.1 DSN code is used. Therefore, we recommend that you create new DSN code for specific transport rule actions.

Figure 2 shows the result of entering the following command in the Exchange Management Shell.

Copy Code
New-SystemMessage -DsnCode 5.7.228 -Language En -Internal $True -Text 'Sending messages between the Sales and Brokerage groups is prohibited by policy #123. For more information, see <a href="http://intranet.contoso.com/policy.html#123">Compliance Policy 123</a>.'

The New-SystemMessage command shown in this example creates a new customized DSN message for use with the transport rule that was configured to enforce an ethical wall as shown in Figure 1 earlier in this topic.


Create DSN message using Exchange Management Shell
Note:
The DSN message in Figure 2 was created in English. However, you can create customized DSN messages in additional languages or omit English completely. For more information about the languages that you can use with DSN messages, see Supported Locales for Use with System Messages.

For more information about how to create customized DSN messages, see Managing Delivery Status Notifications.

Example of an NDR with a Customized DSN Message

After you've created a transport rule and created a new customized DSN message that has a DSN code that matches the value that you specified in the RejectMessage transport rule action, Exchange 2007 can send NDRs to senders whose messages are blocked by that transport rule.

Figure 3 shows such an NDR that was sent to Kim Akers who is a member of the Brokerage Group. She received the NDR because she tried to send a message to David Simpson who is a member of the Sales Group. A transport rule was created to enforce an ethical wall between the Brokerage Group and Sales Group. This transport rule prevents members of these groups from sending messages to each other.

The configuration of this transport rule is shown in Figure 1.

The command that was used to create the customized DSN message that has the DSN code 5.7.228 and information about why Kim received the NDR is shown in Figure 2.

The DSN message in Figure 3 also shows the link to the relevant corporate compliance policy. By clicking this link, Kim can read the policy that prohibits communication between the two groups.


NDR generated by Ethical Wall

For More Information



Figure 3   NDR generated by a transport rule that enforces an ethical wall
Figure 2   Customized DSN message for use with an ethical wall
Figure 1   Ethical wall created by using transport rules on a Hub Transport server