Providing Web-Based Mail Through Exchange Server
Sean McCormick |
Download the code (1,019KB)
Looking for a way to drive traffic at your new Web site? You can offer users email and build the system with ASP, Site Server, and Microsoft Exchange. |
It happens time and time again. You invest hundreds of thousands of dollars to build a state-of-the-art Web site and no one visits it. "Build it and they will come" does not apply to Web sites. Simply registering your URL with the big search engines does not cut it these days. So what does it take to make people visit your site? How do you get them to return on a regular basis to view your updates? How do you create a site that generates enough traffic to sell advertising space to recoup your costs and even make a profit, so you can look that pompous corporate accountant, Mr. "I don't think a Web site is a sound investment" in the face and let him have it? Do I sound bitter? Many Web sites, portals, and online commerce providers have overcome this perplexing problem by offering free email. Users with Internet access get the benefits of changing where they live, where they work, and which ISP they use and still keep the same email address, personal address book, and appointment calendar. Plus, it is very easy to check email while they travel because all they need is a Web browser and access to the Internet. By integrating the email interface with your Web site, users will visit your site not just once, but many times in the same day! This concept is bound to work much better than your Joke du Jour idea or your Webmaster's Zany Links page. Let's discuss a method for offering free email on your Web site using three Microsoft® technologies: Site Server, Microsoft Exchange Server, and ASP. You'll see how I developed a free email system using these tools. You can download the code to my sample site from the link at the top of this article. This archive contains a whitepaper describing the design of the sample site in detail, how to install the sample site, and all of the source code. Please note that this article is meant as a demonstration of the extensibility of the Exchange platform. Before you decide to implement a solution like the one shown here, you must ensure that you've purchased the appropriate number of licenses for all potential clients. You can check out licensing policies and pricing at http://www.microsoft.com/exchange/55/gen/pricing.htm. Overview
This design will create a Web-based email system similar to Outlook® Web Access using Microsoft Exchange. It uses Site Server 3.0 Personalization and Membership instead of the Windows NT® user database. After users are authenticated by Site Server, they can access their mailboxes. The sample Web application based on this design includes these features:
The free email Web site interface uses ASP pages calling MTS components to do all mailbox manipulation work against Exchange mailboxes. All mail, calendar, and contact data is stored in Exchange Server, so the backup, virus protection, and storage quota tasks are based around an industry-standard application, for which there is a plethora of third-party tools. Since the user database is based on Site Server Personalization and Membership, this system can handle millions of accounts per server. Also, the ASP pages leave the interface wide open for customization, allowing you to create the appearance you want. Why would you want to do this when there is Outlook Web Access? A traditional Exchange Server installation has a unique Windows NT account associated with each Exchange mailbox. Windows NT can support only 40,000 accounts per domain without having to cross domains and manage domain trusts. This makes it hard to create a free email system for millions of users. If you use the traditional method for a large email site, you are responsible for distributing a domain name with every account, managing domain trusts, and the overhead of managing a large, multidomain structure. By tying a Site Server Personalization and Membership user database to Exchange Server, you can easily create a free email system on a single server with millions of email accounts. Of course, you would need to have a big honkin' server to handle this kind of usage. Also, this design works faster than Outlook Web Access by combining all mailbox work into multithreaded MTS COM components. This increases response time when accessing mailboxes, in contrast to the way Outlook Web Access directly accesses Exchange from ASP pages. Finally, unlike Outlook Web Access, Webmasters can configure this system to support any of the features Exchange offers: mail, calendar, contacts, journal entries, public folders, and so on. How Does It Work?
This sample has two types of ASP pages. One set is public, and is readable by the entire Internet; the other set is private, and is readable only after a user has been authenticated by Site Server. The public set allows anonymous access and advertises the Web site, updates readers of public news and events, offers automated setup of new email accounts, and whatever other content you want to support. The private set of ASP pages, protected by Site Server Personalization and Membership, will read a user's mailbox and display the contents. They can also create and send new email, create and
delete calendar events, and create and delete contacts. |
Figure 1: Email Account Architecture |
Once the user has been authenticated by Site Server, the private ASP pages can identify this user and what mailbox they have rights to access. These ASP pages call MTS COM components that run under the permission of the Exchange Administrator. These components act on behalf of the user to send and receive email from their mailbox, create and delete contacts, and create and delete calendar appointments. Features and Benefits
A free email system based on Exchange and Site Server provides a solution with easy-to-manage components. If you are familiar with Exchange, you know that administrators have access to control every aspect of the email system. Training, documentation, 24/7 Microsoft technical support, and third-party applications for backup and virus protection are among the many benefits you can gain from using these
two technologies. Plus, if you already use Exchange as your corporate email system, then you have the staff to administer the system. Finally, if your goal is to sell target-marketed Web advertising space, Site Server Ad Manager can handle this duty. Components
Microsoft Exchange Server acts as the data warehouse for all of the mailbox data. Exchange also provides the functionality for sending and receiving Internet-bound email. Since the capabilities of Exchange Server go well beyond this example, you can improve upon the sample site by offering journal entries, email forwarding, Usenet groups, and so on. Public and Private Pages
As mentioned, there are both publicly accessible and
private pages in the sample site. These Web pages provide the front end to the free email site. They can include news, notice of events, and press releases that everyone on the
Internet can read, whether or not they have an email account with you. Code Samples
Here are some code snippets taken from the sample site. In the site, I used an account creation page to create a Site Server account and then the Exchange mailbox. Figure 2 shows how to create the Site Server account. |
'Create an AUO object
Set oAUO=Server.CreateObject("Membership.UserObjects")
if Err.number <>0 Then
Response.Write "Unable to create AUO object"
Response.End
End If
'Retrieve the value of CN which happens to be the mailbox name within
'exchange
fUserID = oAUO.Get("cn")
'Retrieve the value of userComment which we used to hold the name of the
'Exchange server the mailbox resides on
fServerName = oAUO.Get("userComment")
After creating the AUO object, the code sets the user's properties to ASP variables. The sample site uses the Site Server Personalization and Membership properties of cn (canonical name) and userComment (user comments) to hold the values of the Exchange mailbox name and Exchange server name, respectively. The ASP variables of fUserID and fServerName are then set to the values of these properties. Every MTS COM object has methods that are called from ASP. Each one of those methods has the required parameters of mailbox name and Exchange server name. The ASP page uses the values of fUserID and fServerName when calling the MTS COM objects to fill these parameters. Here's how an ASP page calls one of the MTS COM objects to access and manipulate an Exchange mailbox: |
Set Foo = Server.CreateObject("Sendmail.ExchangeEmail")
Foo.GetEmail(CStr(fUserID),CStr(fServerName),CStr(MessageID), _
"INBOX",False,"")
Within every MTS COM object, the values of fUserID and fServerName are used to create a dynamic, Outlook-type CDO profile and log in as that user to access their mailbox. Since these components run under the Exchange Administrator account, they can access every mailbox in Exchange. Here is a code snippet from the CreateEmail method of the Sendmail.ExchangeEmail interface. It shows how to create an on-the-fly Outlook-type CDO profile and log into that profile: |
Set CDOSession = CreateObject("MAPI.Session")
CDOSession.Logon , , , , , , fServerName & vbLf & fUserID
This creates a dynamic profile that logs into the Exchange server named by fServerName and accesses the mailbox named by fUserID. Once the profile is created and the CDO session is logged on, you can manipulate the mailbox using any of the CDO objects and methods available. Here is a code snippet from the CreateEmail method of the Sendmail.ExchangeEmail interface that creates an outgoing email after the CDO session is created and logged on: |
Set oFolder = CDOSession.Outbox
Set oMessages = oFolder.Messages
Set oMsg = oMessages.Add
oMsg.Subject = "test Subject"
oMsg.Text = "test Msg" & vbCRLF & "" & vbCRLF & "Test Advertisement"
Set oRcpt = oMsg.Recipients
oRcpt.Add , "SMTP:mccormick@home.com"
oRcpt.Resolve
oMsg.Send False
CDOSession.Logoff
This creates a new message in the user's outbox. This message has the subject, body text, and recipients set before it calls the send method to deliver the message. It then logs out of the CDO session. After the CDO session is logged out, the Outlook-type CDO profile is removed from the computer automatically. Security and Scalability Tips
Before taking the site live, I must tell you about some security issues that exist in this design. Scalability Planning
The scalability of Site Server is well documented. Many high-traffic sites use Site Server as their Web platform. If you plan on having a high-traffic site with millions of email accounts, I recommend using SQL Server for your Site Server Personalization and Membership user database. Microsoft Access will work to a certain extent, but it does not scale very well. If your site will host millions of accounts, use SQL Server from the beginning and plan your SQL Server design appropriately. This includes partitioning the databases properly to allow for scalability in the future. For more information, see the Site Server documentation about setting up a Site Server/SQL Server Personalization and Membership user database for hundreds of thousands of users. Final Thoughts
This system design will allow you to offer any of the services provided by Exchange in your free email site. My sample site only shows how to provide email, a calendar, and contacts. I haven't even tapped into such abilities as storing tasks, notes, and journal entries. Also, you could include the sharing of Exchange public folders that contain forum-type information or usenet news groups via your Web site. |
http://msdn.microsoft.com/workshop/server/nextgen/perstutor.asp |
From the December 1999 issue of Microsoft Internet Developer.