Skip to main content

From Address Rewriting in a Transport Agent for a Exchange 2007 Hub Server

The ability to rewrite the from address of emails can be exceedingly useful if you are working with consolidating or migrating email systems especially if you have two (or more) companies merging or you're trying to consolidate disparate email system across orgs. Exchange 2007 has a great address rewriting agent that runs on a Edge server which is explained in http://technet.microsoft.com/en-us/library/aa996806.aspx. If you aren't implementing an Edge server as part of your Exchange org then unfortunately you cant use this agent on a Hub server. One solution to this is that you write your own agent to do this which is what this post is about. Now that link I just pointed to has some very important information about the fields you should and shouldn't rewrite in an address rewriting Agent and the reason you shouldn't rewrite particular fields. The Return-Path is probably the one of most note and maybe the one people will tend to want to rewrite because of the visibility of the original address in the header and possible SPAM detection issues where the return-path will be different to the From address etc. But it is probably best to leave it as someone has probably done a lot more testing then you at this and it best not to rewrite it the longer story I'm sure is a lot more complicated.

Envelope From (MAIL FROM)


This field can be known more commonly as one of the P1 headers and is available in a Transport event as the mailitem.FromAddress property. To rewrite this address you need to use the RoutingAddress type e.g

e.MailItem.FromAddress = new RoutingAddress("localPart", "newFromDomain");

Body From and Sender

These fields are part of the P2 headers and are exposed via the EmailMessageClass accessable via the MailItem.Message property. Eg to rewrite these properties

e.MailItem.Message.From.SmtpAddress = localPart + "@" + newFromDomain;
e.MailItem.Message.Sender.SmtpAddress = localPart + "@" + newFromDomain;


Body Reply-To

Because there can be more then one address within the Reply-To property you need some code that will loop through the recipients collection and re-map address's as nessasary. e.g

foreach (EmailRecipient rpReplyTo in e.MailItem.Message.ReplyTo) {
if (rpReplyTo.SmtpAddress != null)
{
String rtSourceAddress = rpReplyTo.SmtpAddress.ToString();
String[] rtSourceArray = rtSourceAddress.Split('@');
if (rtSourceArray[1].ToString().ToLower() == oldFromDomain) {
rpReplyTo.SmtpAddress = rtSourceArray[0].ToString() + "@" + newFromDomain;
}
}

Disposition-Notification-To and Return-Receipt-To

These two properties represent Read Recipient address's the reason there are two is a little complicated and has a little to do with history but the one that relates to the RFC and is the standard property is Disposition-Notification-To which is what is exposed by the EmailMessageClass and can be rewritten with something like.


EmailRecipient dnDispNotice = e.MailItem.Message.DispositionNotificationTo;
String dnSourceAddress = dnDispNotice.SmtpAddress.ToString();
String[] dnSourceArray = dnSourceAddress.Split('@');
if (dnSourceArray[1].ToString().ToLower() == oldFromDomain)
{
dnDispNotice.SmtpAddress = dnSourceArray[0].ToString() + "@" + newFromDomain;
}

The second header Return-Receipt-To which is non standard is a little trickier this isn't exposed as a property by the EmailMessageClass but can be accessed as an AddressHeader when looping through the MIME headers. Rewriting this field is difficult in a Transport agent and the only method I've found that works is to use the MIME writer. To simplify my transport agent i took what might prove to be the wrong approach of just deleting this header. I took the view point that its a redundant header anyway and any compliant client should support the standard DispositionNotificationTo header. To delete the header you can use code like.


HeaderList hlHeaderlist = e.MailItem.Message.RootPart.Headers;
AddressHeader mhRrecp = (AddressHeader)hlHeaderlist.FindFirst("Return-Receipt-To");
hlHeaderlist.RemoveChild(mhRrecp);

If you are looking for some code to read an AddressHeader Email value which you wont be able to do by just looping through the headerlist like normal Text headers you need to use some code that looks like.

Stream messageStream = e.MailItem.GetMimeReadStream();
MimeReader mrMimeReader = new MimeReader(e.MailItem.GetMimeReadStream());
mrMimeReader.ReadFirstChildPart();
mrMimeReader.EnableReadingUnparsedHeaders();
while (mrMimeReader.HeaderReader.ReadNextHeader()) {
if (mrMimeReader.HeaderReader.Name.ToString() == "Return-Receipt-To") {
MimeAddressReader reRecp = mrMimeReader.HeaderReader.AddressReader;

};
}

Im nore sure if this is the best method but the documentation for the MIMEReader class is very limited.

Thats it while its not 100% hopefully it will help if your trying to write your own address rewriting Transport Agent.

Popular posts from this blog

Testing and Sending email via SMTP using Opportunistic TLS and oAuth in Office365 with PowerShell

As well as EWS and Remote PowerShell (RPS) other mail protocols POP3, IMAP and SMTP have had OAuth authentication enabled in Exchange Online (Official announcement here ). A while ago I created  this script that used Opportunistic TLS to perform a Telnet style test against a SMTP server using SMTP AUTH. Now that oAuth authentication has been enabled in office365 I've updated this script to be able to use oAuth instead of SMTP Auth to test against Office365. I've also included a function to actually send a Message. Token Acquisition  To Send a Mail using oAuth you first need to get an Access token from Azure AD there are plenty of ways of doing this in PowerShell. You could use a library like MSAL or ADAL (just google your favoured method) or use a library less approach which I've included with this script . Whatever way you do this you need to make sure that your application registration  https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-

How to test SMTP using Opportunistic TLS with Powershell and grab the public certificate a SMTP server is using

Most email services these day employ Opportunistic TLS when trying to send Messages which means that wherever possible the Messages will be encrypted rather then the plain text legacy of SMTP.  This method was defined in RFC 3207 "SMTP Service Extension for Secure SMTP over Transport Layer Security" and  there's a quite a good explanation of Opportunistic TLS on Wikipedia  https://en.wikipedia.org/wiki/Opportunistic_TLS .  This is used for both Server to Server (eg MTA to MTA) and Client to server (Eg a Message client like Outlook which acts as a MSA) the later being generally Authenticated. Basically it allows you to have a normal plain text SMTP conversation that is then upgraded to TLS using the STARTTLS verb. Not all servers will support this verb so if its not supported then a message is just sent as Plain text. TLS relies on PKI certificates and the administrative issue s that come around certificate management like expired certificates which is why I wrote th

The MailboxConcurrency limit and using Batching in the Microsoft Graph API

If your getting an error such as Application is over its MailboxConcurrency limit while using the Microsoft Graph API this post may help you understand why. Background   The Mailbox  concurrency limit when your using the Graph API is 4 as per https://docs.microsoft.com/en-us/graph/throttling#outlook-service-limits . This is evaluated for each app ID and mailbox combination so this means you can have different apps running under the same credentials and the poor behavior of one won't cause the other to be throttled. If you compared that to EWS you could have up to 27 concurrent connections but they are shared across all apps on a first come first served basis. Batching Batching in the Graph API is a way of combining multiple requests into a single HTTP request. Batching in the Exchange Mail API's EWS and MAPI has been around for a long time and its common, for email Apps to process large numbers of smaller items for a variety of reasons.  Batching in the Graph is limited to a m
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.