When Microsoft completes development of Exchange 2003 next week it will not only be the end of a three-year effort but the beginning of a real-world gauntlet to test Microsoft’s promise to develop more secure code.

The company next week is releasing Exchange 2003 to manufacturing, which means CDs will be burned and made available to customers in the coming months. Microsoft also will announce pricing and licensing.

The software is only the second major server behind the April release of Windows 2003 that Microsoft has developed under the Trustworthy Computing banner, which chief software architect Bill Gates hung out in January 2002.

Gates vowed to make security a top priority when developing code, trumping Microsoft’s infatuation with feature bloat. After Gates’s declaration, Microsoft developers set aside work for two months to learn what it takes to write secure code.

While the move was well hyped, the proof is in the software and Exchange 2003 is the test case scenario.

While the Exchange server hasn’t been a high profile target, its Outlook client has been a hacker’s playground. New server features, however, such as allowing direct client connections to the server over HTTP, could potentially open up avenues for malicious activity and the Exchange team is bent on closing holes.

"How we know quality is there is very subjective, part of it is your gut," says Betsy Speare, Exchange 2003 release manager, who oversaw daily staff meetings and code builds. "The question is what are your development motivators. If they are around ship dates you won’t make the same decisions compared to your responsibility being the quality of the software."

The beginning Speare’s gut feeling began in March 2002, when the 450-strong Exchange team, including 175 developers and 175 testers, took eight weeks off for its Trustworthy Computing lesson. Once back to business, the focus was on code reviews, which are done for every new feature added, and threat analysis on such Exchange components as the message store, transport, and Active Directory integration, according to Simon Attwell, Exchange security program manager. The Exchange team used tools developed by Microsoft Research to automatically check code for known vulnerabilities such as buffer overflows. The tools churned through the code at each "build" and updated an issue tracking system. Attwell says the process was a welcomed change to the manual one used during the development of Exchange 2000.