You’ve probably visited Web sites that feature live chat rooms. Although chat might be a useful tool for your organization, you’ve probably been too intimidated by the thought of going through the process of implementing chat to actually do so. However, you may not realize that it’s very easy to implement a chat room through Microsoft Exchange 2000.

Author’s note

Before I get started, I need to point out that the techniques I’m about to show you are valid only in the Exchange 2000 Server Enterprise Edition. The standard version of Exchange 2000 lacks the necessary chat components. Furthermore, the chat components are optional and aren’t installed by default. Before you can use any of the techniques I’ll describe, you must rerun the Exchange 2000 Setup program and install Chat Services.

Creating your first chat community
You can create a default chat community by using Chat Services. The default chat community may work for your organization, but if you decide you don’t want to use the default settings, or if you want to host multiple chat communities, here’s how to create custom communities.

To create a custom chat community, navigate through the Exchange System Manager to your organization | Administrative Groups | your administrative group | Chat Communities. Now, right-click on the Chat Communities folder and select the New | Chat Community commands from the resulting shortcut menus. When you do, you’ll see the New Properties sheet.

This properties sheet has several options you can configure. The General tab, shown in Figure A, asks for a name for the chat community and lets you specify the maximum number of anonymous connections and total connections to the chat community. There are also options for resolving client DNS names and for accepting new connections.

Figure A
Use the General tab to configure the chat community’s basic options.

Next, select the Channels tab. Each chat community is referred to as a community because it can contain multiple chat rooms. In Exchange 2000, these individual chat rooms are referred to as channels. The General tab allows you to control how many people are in a channel at a time and specify the channel’s official language. You can also use the Channels tab to regulate the creation of dynamic channels. Figure B shows a sample of this tab.

Figure B
The Channels tab lets you manage default and dynamic channels.

Next on the properties sheet is the Messages tab, which lets you specify a greeting that users will see when they attach to the chat community. You can create one greeting for users and a separate greeting for administrators. The greeting can be a welcome message, it can lay out the rules of the chat room, it can contain a legal disclaimer, or it can be whatever you like.

Like most other security tabs in Windows 2000 or Exchange 2000, the Security tab allows you to add users and groups to a list and then assign permissions to them. There are three permissions you can apply—User, Sysop, and Administrator—and each can be applied on either an Allow or Deny basis. If neither Allow nor Deny is assigned, a user’s permissions may be inherited through a group membership.

The final tab on the properties sheet is Authentication, which controls the types of authentication used for the chat community. By default, Anonymous, Basic, and Windows Security Package are all selected.

Enabling a chat community
Once you’ve created a chat community, you must enable it. To do so, open the Exchange System Manager and navigate to your organization | Administrative Groups | your administrative group | Servers | your server | Protocols | IRCX. Right-click on the IRCX container and select the Properties command from the resulting shortcut menu. The IRCX Properties sheet will appear, listing all of the chat communities hosted by the server. By default, the list is empty. You must click the Add button to create a chat community.

After clicking Add, you’ll see a dialog box asking which chat community you want to host on the server. Select the desired chat community from the drop-down list and click OK. You’ll then see a dialog box that contains a few basic options. The dialog box has a check box that you must select before the chat community is enabled. You may also specify the maximum number of chat participants and the IP address that corresponds to the chat community. Click OK twice to close the dialog boxes and return to the main Exchange System Manager screen.

Configuring channels
After you’ve created and enabled a chat community, you’ll probably want to set up some individual channels. If you’ve allowed it, the chat community can handle dynamic chat channels, but it’s nice to have some already established channels. To create a channel, navigate through the Exchange System Manager to your organization | Administrative Groups | your administrative group | Chat Communities | your chat community Channels. Right-click on the Channels container and select the New | Channel commands from the resulting shortcut menus. When you do, you’ll see the New Properties sheet.

As with the screen that you used to initially create the chat community, the properties sheet’s General tab allows you to enter some basic information, such as the channel name, topic, subject, rating, and language. There’s also a check box you must select to automatically create the channel when Chat Services starts.

The main thing you need to know about the General tab is that you must use a specific prefix for channel names. If the channel will be IRC-enabled, you must precede the channel name with # or %. If the channel will use IRCX, you must use %# or %&.

The Access tab, shown in Figure C, allows you to control the channel’s level of visibility: Public, Private, Hidden, or Secret. The Invited Users and the Authenticated Users check boxes let you control who has access to the channel. You can gain more control over the access level through the Security tab.

Another interesting feature on the Access tab is a set of passwords. You can set one password for users, another for the host, and yet another for the owner.

Figure C
The Access tab allows you to set passwords and regulate access to the channel.

Since so much of the New Properties sheet is similar to the properties sheet used for creating the chat community, I won’t cover every single tab. Before I end this section, though, there’s one more tab of interest. The Modes tab lets you specify basic rules for the channel. For example, you could require the channel to be moderated, or you could specify that whispering isn’t allowed. You can see some of the various options in Figure D.

Figure D
In the Modes tab, you can outline the channel’s basic rules.

Setting up classes
Once you’ve set up some channels, you may soon find that it’s open season against your chat rooms. If you’ve never hosted a chat room before, you’ll be amazed at the things users will do to disrupt a chat. For example, a user might hold down [Enter] and scroll all the text off the screen so quickly that no one can read it. Another type of disruption is called a flooding attack.

A flooding attack is where a user copies a large amount of text to the Clipboard and then pastes it into the chat room, over and over. The large bursts of text make it impossible for anyone else to chat. Some administrators have gotten smart and imposed string length limitations. But users have found a way around those limitations by sending a lot of shorter bursts of gibberish rather than huge chunks of text.

Fortunately, there are several ways you can fight back against these types of disruptions. One of the most important steps you can take is to create some classes. Classes are similar to groups in that they lump users together by type. For example, you can create classes by log-on method, IP address, nickname, etc. Once you’ve created some classes, you can regulate them and prevent disruptive behavior.

To create a class, locate the Classes container beneath your chat community, right-click on it, and select Properties from the resulting shortcut menu. Doing so will display a properties sheet you can use to create classes, as shown in Figure E.

Figure E
You can create classes of users to help regulate behavior.

All of the asterisks you see in the figure represent wildcards. For example, if there’s an asterisk in the Nickname field, then anyone with a nickname will be lumped into the class. If, however, you changed the nickname to something like Bogus, then only those with a nickname of Bogus will be included in the class.

Once you’ve established the appropriate class filters, select the Access tab in order to define a few basic parameters of what users in the class can and can’t do. For example, you can require the users in the class to be authenticated and prevent them from creating dynamic channels. Figure F shows this tab.

Figure F
You can define some basic rules via the Access tab.

The Settings tab offers the real benefits to creating classes. Here, you can set the output saturation limit so that users can’t flood the chat room with large bursts of text. The default value is 64 KB, but I would suggest changing it to something much smaller, such as 2 KB

Earlier, I mentioned that someone could disrupt a chat by holding down the [Enter] key. Chat Services implements a 10-second lag to prevent this from happening. There is an option for setting up a message processing delay, but it has a maximum value of 10 seconds. If this time isn’t sufficient, an Administrator can change the lag time through a chat client by issuing the simple command:
/PROP channel_name lag_time

The appropriate values for the lag time are 0, 1, and 2, and are incremental. For example, if you set the message lag time to 10 seconds, and an administrator issued the command with a value of 2, the lag time would change to 12 seconds.

One more thing you need to know about the class configuration is that any rules you establish are applied on a connection basis. Therefore, if a user wanted to flood your chat session, he or she could get around your limits by opening multiple connections and using them simultaneously. This technique is known as a clone attack. You can prevent clone attacks by using the Settings tab to limit the maximum number of IP connections to 1. I would also advise you to disable the option to allow nickname changes. This will help prevent a user from posing as multiple users who carry on a conversation between themselves. Figure G shows this tab.

Figure G
The Settings tab contains lots of hack prevention tools.

Banning users
Sometimes, a user may be so disruptive that you have no choice but to impose a ban. You can ban a user by right-clicking on the Bans container beneath the channel and selecting the New | Ban commands from the resulting shortcut menus. The New Bans properties sheet looks almost identical to the screen shown in Figure E. You can ban a user or group of users by nickname, username, domain, or IP address range. You can even set up time limits for the ban and make note of the reason for it.

Content filtering
Another measure that I highly recommend is content filtering. If you right-click the IRCX container and select the Properties command, you’ll see the IRCX properties sheet. Select the chat community that you enabled earlier and click the Properties button. This will open the Chat Community dialog box. Now, click the Extensions button to open the Extensions dialog box.

The Extensions dialog box allows you to add extensions to the chat community. There are two built-in extensions you can add by clicking the Add button. One is a profanity filter. You may or may not want to use this filter, depending on the nature of the chat room. The other is the TScript filter, which compiles a transcript of all chat dialogue. I strongly recommend using this add-on. Even if you never plan on looking at the transcripts, it’s good to have them as evidence in case someone pursues legal action against you for something said in a chat room.

Configuring the client
There isn’t really anything special about configuring the chat client—just about any IRC or IRCX client will do. Microsoft makes a chat client, Microsoft Chat, that you can download for free.

When using this client to connect to your Exchange Server, just give the server’s IP address in the Server Name field, along with the chat room name (with a pound sign), and you’re in business. The Microsoft Chat client offers a text view of the class or a comic book view.