Hello Guys,
I need to know how to block spams by subject from Exchange Server 2013's spam/message filter.
In general, I'm using Exchange's spam filter agents and configured spam blocking by domain name.. but I need to filter unnecessary emails by subject name also.
So, if you know how to resolve this issue, please post here the real solution..
Thanks a lot,
Hi,
We have 2 mailbox server DAG and 1 Client access server. today we had VM disk issue and shutdown the one of mail box server and now no email in/out internal and external emails.
Hi Friends,
My exchange server is relaying spam mails, i can confirm that the server is not open relay and i am suspecting that some mailbox password is compromised and currently in bad hands. Is there any way we can track which mailbox/boxes are using for the spamming purpose,so that i can change the password and stop the issue.
Please help.
Hi, I am halfway through migrating a Hybrid deployment from 2010 to 2013. Configuration as below:
Production:
1x 2010 CAS/HT/MBX server
2x 2013 CAS/MBX servers in DAG (EX01 is getting all mail-flow)
It's worth noting that they reversed the sites, the 2010 box is in the same AD site as the 2013 DR server.
DR:
1x 2013 CAS/MBX server in DAG
They also have 365 tenant with Exchange online. Currently all mail flows through 365 to on-premise, all outbound mail flows from on-premise to 365.
I'm about to begin migrating mailboxes over, but with a few test users I've discovered the following issue.
Once a user is migrated to any 2013 box, mail-flow is fine. They can send/receive externally fine. They can send to 2010/2013 mailboxes fine as well. The problem comes when sending from 2010 mailbox to a 2013 mailbox, on the 2010 server the mail just sits in the queue:
Next Hop Domain: DR site
Delivery Type: SMTP Relay to Remote Active Directory Site
Last Error: 451 4.4.0 Primary target IP address responded with: "421 4.3.2 Service not available". Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.
So I did some testing, I am unable to telnet from the 2010 box to any of the 2013 boxes on port 25. So I added the 2010 IP into the 'Default Frontend EXxx' receive connector on each of the 2013 boxes, this resolved the service not available error, but returned a different error:
451 4.4.0 Primary target IP responded with "451 5.7.3 Cannot achieve Exchange Server authentication" etc which makes sense because the 'Default Frontend' connectors don't have exchange server authentication enabled. But I can't simply enable this as other authentication methods are enabled and this is how it came from being installed and I don't want to break mail-flow. My understanding is that 2013 should simply "know" how to route 2010 messages.
David Robertson
I am unable to migrate mailboxes from an on prem (same physical virtual host) to an on prem (same physical virtual host) cross forest.
MRSProxy is enabled on both the target and the source.. and a migration endpoint is enabled on the source. I can succesefuly prepare-moverequest on the target, but when I perform
PS] D:\Exchange\Scripts>New-MoveRequest -Identity migrate1@domain.com -Remote -TargetDatabase "DomainCorp" -RemoteGlobalCatalog
ads-ad-01.domain.local -RemoteCredential $RemoteCredentials -TargetDeliveryDomain "domaincorp.local" -Remote
HostName ads-exch-01domain.local
The call to 'https://ads-exch-01.domain.local/EWS/mrsproxy.svc' failed. Error details: Could not establish trust
relationship for the SSL/TLS secure channel with authority 'ads-exch-01.domain.local'. --> The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel. --> The remote certificate is
invalid according to the validation procedure..
+ CategoryInfo : NotSpecified: (:) [New-MoveRequest], RemoteTransientException
+ FullyQualifiedErrorId : [Server=ADS-EXCHCORP-01,RequestId=3f49d075-8110-48fd-8157-9b4d87921252,TimeStamp=5/1/201
5 4:00:11 PM] [FailureCategory=Cmdlet-RemoteTransientException] EA6D7B2B,Microsoft.Exchange.Management.RecipientTa
sks.NewMoveRequest
+ PSComputerName : ads-exchcorp-01.domaincorp.local
If I change remote hostname to exch.domain.com I get a different error message.
[PS] D:\Exchange\Scripts>New-MoveRequest -Identity migrate1@domain.com -Remote -TargetDatabase "domainCorp" -RemoteGlobalCatalog ads-ad-01.domain.local -RemoteCredential $RemoteCredentials -TargetDeliveryDomain"domaincorp.local" -Remote
HostName exch.domain.com
The call to 'https://exch.domain.com/EWS/mrsproxy.svc' timed out. Error details: The request channel timed out
attempting to send after 00:00:07.9643241. Increase the timeout value passed to the call to Request or increase the
SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. -->
The HTTP request to 'https://exch.domain.com/EWS/mrsproxy.svc' has exceeded the allotted timeout of
00:00:07.9640000. The time allotted to this operation may have been a portion of a longer timeout. --> The operation
has timed out
+ CategoryInfo : NotSpecified: (:) [New-MoveRequest], RemoteTransientException
+ FullyQualifiedErrorId : [Server=ADS-EXCHCORP-01,RequestId=f5807f2d-c8d5-4fb3-86b3-a831cae92626,TimeStamp=5/1/201
5 4:01:10 PM] [FailureCategory=Cmdlet-RemoteTransientException] F2700578,Microsoft.Exchange.Management.RecipientTa
sks.NewMoveRequest
+ PSComputerName : ads-exchcorp-01.domaincorp.local
I feel like I have been hitting my head on the desk for about a week now.
We Also should note that we exported the Wildcard cert from the source server and imported it into the target server.
We have Exchange server 2013 and in our organisations we have more then 15000 applications which sends automated emails. Unfortunately we had to allow anonymous relay in-order to let the applications send emails.
Are there any ticks, methods, etc. where in these applications can send authenticated emails ?
Thanks for your comments.
Gautam.
hello all
i apply disclaimer to my exchange users, its adding small banner to the end of the email message
something like this : <img src="http://xxx.com/banner.jpg">
now i try to prevent it from adding same disclaimer multiple times when forwarding or replying
i try to add an exception in exchange as follow:
the subject or body includes any of this words: banner.jpg
the subject or body includes any of this words: <img src="http://xxx.com/banner.jpg">
subject or body matches these text patterns:<img src="http://xxx.com/banner.jpg">
subject or body matches these text pattrens:banner.jpg
but nothing works, please your advice .
thanks
Hi!
Is it possible for Exchange 2010 Transport Rule to block compressed Executables like Exchange 2013 does? We created rules both in 2010 and 2013 to block executables but only 2013 can block executables even in compressed format like rar.
Thanks.
Mahmoud Hanefy MCITP: Windows Server 2003,2008 Enterprise Administrator | MCSE/MCSA
Is it possible to add digital signature to outgoing messages for all exchange users? Currently we have add digital signature individually using Outlook.
Hi All ,
In my current environment we have one exchange forest with exchange 2013 and another exchange forest with exchange 2010.
Lets say a mailbox user from exchange 2013 forest is sending an mail along with attachment of (1.7 MB) to one of the mailbox user in same exchange 2013 forest and also to one of the mailbox user in exchange 2010 forest .
So on such case the size of the delivered message to the both the mailbox users in the different forest varies.We have found that with the help of message tracking logs in both the forest.
I mean the mailbox user in the same forest (i.e exchange 2013) receives an message with a size around 1.7 MB and the mailbox user in the other exchange forest (i.e exchange 2010) receives an message with the a size around 2.25 MB .
Questions :
We would like to know that how the size of the delivered message varies between the mailbox users in the different exchange forest ?
Is this is the default mail delivery behavior in exchange between two exchange forest ?
Note : On my end i thought that the message from the exchange 2013 forest to exchange 2010 forest was processed two times by the categorizer (one time in exchange 2013 and one time in exchange 2010) because of that size is varied .But i am not sure on my end
.
All of your suggestions are much appreciated .
Thanks & Regards S.Nithyanandham
Hello I'm opening a new thread for this as Ive got stuck again.
I have some users that try to send mails to about 5 domains that wont succeed. 99% of al mail is going out like it should but to these domains all messages get stuck in the queue. The NDR they get is :
Remote server at domain.com (x.x.x.x) returned '400 4.4.7 Message delayed'
Remote server at domain.com (x.x.x.x) returned '441 4.4.1 Error encountered while communicating with primary target IP address: "Failed to connect. Winsock error code: 10060, Win32 error code: 10060."
Attempted failover to alternet host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. the last endpoint attempted was x.x.x.x:25
Most posts regarding this error suggest a DNS issues and it does look like this. but when I do an NS lookup on the server the correct MX records are being returned. I have also tried with the use External DNS option but no luck. other things Ive tried is to use a Send connector with TLS, use different ports but they wont go out. I've contacted the admin of the receiving domain and they say they have not blacklisted our IP's. So I'm really stuck here any input would be very welcome. FYI: I've check the blacklists and we're not on them, I have reverse DNS setup and SPF records and with the mxtoolbox all checks out fine.
Hello, I wanted to share an issue I observed with slow mailflow on our new Exchange 2013 CU8 Hybrid environment. It is my hope that this can help someone out there, that like me, thought moving to Exchange 2013 was a huge mistake.
Brief overview of my mail servers and typical mailflow
Ever since initial setup I experienced delays with mail flow. Email would become queued at our Hybrid Exchange 2013 cu8 server when attempting to send to the exchange online hosted mailboxes, but it would eventually send. I observed several interesting items (below).
Here is what the delayed mail headers would be like (local addresses removed for my benefit)
Initially I thought it could be "the DNS bug" described in the slow-mail-flow thread over here. While I followed the steps and manually specified our DNS settings, we continued to experience the problem.
LOGS and Errors
I enabled verbose logging on the Hybrid on-prem Exchange 2013 connectors
My log file path is:
D:\Exchange2013\TransportRoles\Logs\FrontEnd
D:\Exchange2013\TransportRoles\Logs\HUB
Found errors:
\Logs\Hub\ProtocolLog\SmtpSend errors:
*,,Connector is configured to send mail only over TLS connections and remote doesn't support TLS
\Logs\Hub\Connectivity errors:
*,Session Failover; previous session id = 08D250C62FEB1479; reason = SocketError
Indeed the above errors was related to an invalid TLS certificate setup on our on-prem Exchange 2010 SP3 mailbox server. After fixing the certificate, we still experienced the slow mail queue, but had no more errors in our exchange logs.
The above troubleshooting took about a week to hammer out. During that time I asked our network engineer to take another look at the network config, and he noticed that he had set the Palo Alto firewall to allow port 25 traffic incoming traffic, but hedid not allow port 25 outgoing traffic. After he changed the rule to allow outgoing port 25, our problem was gone. Somehow the firewall ended up being the issue all along, and even though plenty of Microsoft articles start with "check
your firewall", I was assured that our firewall was OK and email even eventually found a way out (I have some thoughts on that - did the messages send when incoming port 25 traffic opened up? your thoughts welcome). Thanks for reading and I hope someone
out there finds this information useful.
Abp
Hello All,
I have an Exchange 2013 environment where I have just enabled message moderation. So far so good. However, I would like to suppress all notifications to the moderated recipients and the sender of messages to this recipient. I have created a transport rule that deletes all emails containing "Your message was rejected by a moderator for these recipients" which is what the system sends when a message is rejected by the moderator. However if the moderator doesn't approve or reject a notitication, another message is sent to the sender (and maybe the moderated receipent). I have found a good bit of MS reference material for the message (If the approver either deletes or ignores the approval message, an expiration message is sent to the sender. This happens after two days in Exchange Online, and after five days in Exchange Server 2013....# 3 in how the approval process workshttps://technet.microsoft.com/en-us/library/dd297936.aspx) I need to know exactly what the message says so I can create the transport rule to delete it and not bounce a message back to the sender.
I basically have 2 questions:
1. Is it possible to configure Exchange so it doesn't generate these notifications to begin with?
2. What are the contents of the various notifications sent by the system when moderating messages? I have one listed above but don't know what else gets sent. I need to create a transport rule to delete/redirect the message so that it's not sent to the sender, moderated recipient, etc.
I have only a few days to figure this out. Please help.
JPC0706
Hi tech,
I have a problem, everytime my clients uses his ip 41.79.10.106 he gets the error message
The mail system
<>: host [65.55.37.88] said: 550 SC-001
(COL004-MC2F14) Unfortunately, messages from 41.79.10.106 weren't sent.
Please contact your Internet service provider since part of their network
is on our block list. You can also refer your provider to
. (in reply to MAIL
FROM command)
Kindly help me delist this from your network.
Mike
Technical Engineer.
Helo Guys,
How can I get / change this settings (X-Auto-Response-Suppress DR, OOF, AutoReply)?
I see this from email header of an email sent to a DL. This setting looks suppressed OOO / auto reply message.
BR,
Uddan
Hi all...
We have an Exchange 2013 environment with an external Mail Security Appliance (FortiMail), because of this our Malware Filter was disabled, but the process ScanningProcess.exe (Microsoft Filtering Server Scanning Process) are still running and sometimes hangs the CPU for several minutes scanning attachments.
Is there a method to disable the process and avoid the CPU high use?
(all servers have Exchange 2013 CU7)
Hi Experts ,
This may sound naïve ,however I am looking for your advise on the below queries.
We have scenario where we want certain emails to be routed to their respective SAP instances/boxes/client from exchange server .
For example ,
xyz @ crm . com to sap 1 system port 25000
abc @ crm .com to sap 2 system port 25001
We have multiple production systems and want emails to be routed as per the mail boxes they are catering to . Is this achievable ?
Also is there a limitation to number of SMTP send connectors that can be created ? My current understanding is every routing to respective sap instance will take one send connector ?
What is the roadmap for SMTP , as we have been informed that way forward is EWS ?
Thanks in advance.