Infrastructure of DynamicSignature Transport Agent

 

DynamicSignature Transport Agent (DSTA) is a solution that can provide signatures for handheld and mobile devices.

 

The problem these devices has in common is that they are not members of any domain like a Windows machine and therefore is not under any administrative context. They cannot process login scripts and group policies. And they do not have access to Active Directory.

So; they cannot be reache with a classic signature generating client to add signatures to the email client they have installed.

 

The solution to this is to have an agent installed on the Exchange mail server that can pickup on traffic from these devices and add signatures to mail flowing through the system.

 

On Exchange 2007 & 2010 Microsoft offered methods for interfacing with the mail flow, and it was called an Event Sinc'. On Exchange 2013 & 2016 the architecture has been revised and is now called a Transport Agent.

 

DSTA uses the Managed Methods provided by Microsoft and hooks into the Categorizer to listen to all mail going in and out, looking for signs of handheld device communication. (In green)

 

Most of these device however does not signal their device type or version in a clear way in the mail headers. So the general method used for filtering is to look for generic device signatures like "sent from my iPhone".

 

 

DSTA Process

Exchange notifies DSTA on the arrival of mail in the transport stack.

The Signature Factory determines from the mapper if the email is qualified to get a signature. If so it requests a signature from the Signature Generator.

The Signature Generator looks up the mail address in AD and fetches required data about the user and makes a signature.

The newly minted signature is then added to the mail.

 

 

You can see installed agents by using the Exchange console. (This output from Exchange 2013)