Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

certificate issues

December 21, 2015, 8:26 am
$
0
0

I am trying to remove a self-signed certificate so we can be certain we are only using the one we got from a trusted 3rd-party CA.  When I try to remove the self-signed one, I get this error below.

A special Rpc error occurs on server MAIL14: The internal transport certificate cannot be removed because that would
cause the Microsoft Exchange Transport service to stop. To replace the internal transport certificate, create a new
certificate. The new certificate will automatically become the internal transport certificate. You can then remove the
existing certificate.

But if I create a new self-signed certificate, just to remove the old one, then I am not getting anywhere - is there any way to change the "internal transport certificate" to use the one we got from the 3rd-party CA?  I already have the new certificate installed and I would rather not try to go through the process of generating a new cert request and all that.  But if that is the only way to fix these issues, then I suppose that is what I must do.

Many thanks,

Sam

Search

Bad Glue Detected

December 22, 2015, 2:13 am
$
0
0

Hello,

i did test for domain i found 2 warning in DNS as below:

1-Bad Glue Detected

2-SOA Expire Value out of recommended range

Do I need to solve this problem or leave it as it is. please advise me 

thanks.

New connector to internal Sharepoint server

December 22, 2015, 2:25 pm
$
0
0

Good afternoon, all!

I'm having some inconsistencies in sending mail to a list on an internal SharePoint 2013 server.  It seems that the mail flows from my Mailbox/CAS servers out to the Edge Transport servers, then the mail hangs there.  However, I have had one internal mail to this SharePoint list work.  I don't know precisely how the mail was received by the SharePoint server, but my theory is that the mail went over the LAN to the MB/CAS server at the datacenter where SharePoint lives, and was successfully delivered.

My question is about short-circuiting this by applying a new send connector.  This would be configured as a Custom connector with a mail domain of sharepoint.contoso.com and point directly to  the IP address of the SharePoint server.  The object of the game is to have any mail going to this SharePoint server sent directly to the IP address of that server.

Yes?  or is there a better/easier/more reliable way to handle this?  Or am I barking up the entirely wrong tree?

Thanks to all for looking!

Gregg

DL is not receiving emails from external address.

December 23, 2015, 5:03 am
$
0
0

Hi Team,

We have one particular DL not receiving email from external addresses.Internal emails are getting delivered.

we are getting this error when checked from Connectivity analyser.

_______________________________________

Attempting to send a test email message to informatica@xyz.test using MX mx record name.
 Delivery of the test email message failed.
 
Additional Details
 
The server returned status code 451 - Error in processing. The server response was: 4.7.1 Service unavailable - try again later
Exception details:
Message: Error in processing. The server response was: 4.7.1 Service unavailable - try again later
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.RecipientCommand.CheckResponse(SmtpStatusCode statusCode, String response)
at System.Net.Mail.RecipientCommand.Send(SmtpConnection conn, String to, String& response)
at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 766 ms.

______________________________

we are getting this error when checked fromGmail.

________________________________

The error that the other server returned was:
550 5.2.0 mailbox unavailable.

_____________________________

we have checked all settings for this DL, external delivery is also enabled.

Please assist.

Thanks

Abhishek Saxena

Messsage Rate Limit on Receive Connector VS. Message Rate Limit on Mailbox (Throttling Policy)

December 24, 2015, 8:55 am
$
0
0

Hello,

Looking for clarification on Message Rate Limits.

If I have a Message Rate Limit of 50 on a Receive Connector.

Then I have a throttling policy applied to a mailbox\user with a Message Rate Limit of Unlimited.

Does the Message Rate Limit of the Receive Connector still apply?

How to delay user not found messages

December 29, 2015, 8:24 am
$
0
0

Hello,

I need to delay exchange 2013 messages that can't find the user.  We are a 2013/10  hybrid with 365.  It takes time for our identity management system to create an AD account and then DirSync it to 365 and then create the mailbox.  But we want messages to those 'almost valid' email addresses to be queued during the time the mailbox is being provisioned.

Is there any way to do this?

Thanks,

Peter

The administrative limit for this request was exceeded.

December 29, 2015, 6:04 am
$
0
0

Hi All

I have an EDGE Servers on E2013 CU10

BypassedSenderDomain contains ~450 records for now

When i trying to add BypassedSenderDomain i get an Error:

Set-ContentFilterConfig : The administrative limit for this request was exceeded.
At line:1 char:1
+ Set-ContentFilterConfig -BypassedSenderDomains @{add='domain.com'}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Set-ContentFilterConfig], AdminLimitExceededException
    + FullyQualifiedErrorId : [Server=server,RequestId=8511a38c-ea36-4eb4-adfc-15c73e4d0c45,TimeStamp=12/29/2015 12:30:10 PM] [FailureCategory=Cmdlet
   -AdminLimitExceededException] 5260967B,Microsoft.Exchange.Management.SystemConfigurationTasks.SetContentFilterConfig

How to fix this?? It is very urgent!!!!!

Best Wishes, Andrew Golubenkoff



Exchange 2010

December 28, 2015, 11:09 am
$
0
0

Hi -

We have an Exchange 2010 Organization called ABC

ABC.COM is our internal domain

our external domain is XYZEXTERNAL.COM

We have 2 cas/hub and 2 mailbox servers.

We have one linux SMTP Server running on a VM.

I need to  forward email for the user: daemon@xyzexternal.com to the mail server running on the servervm.ABC.com

How can I Set this up?

Thank you!

Search

Recieve Connector question (EDGE 2013) - unable to relay 550 5.7.1

December 29, 2015, 12:14 am
$
0
0

Hi guys.
In EX2010-EDGE we had default RECIEVE connector which worked fine after we had added AnonymousUsers.
Now in EX2013-EDGE default RECIEVE connector is not working ok after we had added AnonymousUsers permission.

Are there any differences in default recieve connectors on EDGE2010 and EDGE2013?
We recieve error unable to relay 550 5.7.1).

Do you need to create "another" recieve connector on EDGE2013, and you didn't need to do this step on EDGE2010?

With best regards

bostjanc


deny neutral spf status on exchange edge 2013

December 30, 2015, 11:30 am
$
0
0

How do you deny neutral SPF status on exchange edge 2013?

We already did "Set-SenderIDConfig -SpoofedDomainAction Reject"

How do you deny neutral SPF status?

bostjanc

Tweak spam filter on EXCHANGE 2013 EDGE

December 30, 2015, 1:21 am
$
0
0

Hi guys.

What are the best practices for tweaking mail filter on Exchange 2013 EDGE?

In past we used Exchange 2010 EDGE with forefront, now we are upgradin it to EDGE2013.

We ran command:

Add-IPBlockListProvider-Name zen.spamhaus.org -LookupDomainzen.spamhaus.org -AnyMatch$true-Enabled$true

Do you recommend anything else to tweak on EXCHANGE EDGE2013?

FYI: We Will not use EOP, so we would like to get the most of the edge as spam filter as possible.

bostjanc

FROM field is being changed to the recipients email address on a REPLY

December 30, 2015, 7:59 am
$
0
0

Question:

User A replies to an Email from User B. 

User A gets the email rejected and the error message

"You can't send a message on behalf of this user unless you have permission to do so."

The FORM field has been changed to User B and thus rejected.

I have examined the transaction logs and all appears that user A is trying to send an email on an account that he does not have sufficient rights. Next I check the message itself and sure enough the sender is User. Exchange appears to be behaving normally.

Users both are using Outlook 2010.

What could cause Outlook to change the field? Could it be an issue with the X400LegacyExchangeDN settings for the users?

Cache has been cleared and problem is intermittent. Not all emails replied to from A to B are rejected. Most go through. User doesn't have issue with other users.

Turning off cache resolves issue.

Outgoing e-mails are stuck in queue.

December 30, 2015, 4:14 am
$
0
0

we are using exchange server 2013 and our exchange server receive and send email properly on local network, and receiving incoming emails from outside network but Outgoing e-mails stuck in queue with error {LED=441 4.4.1 error encountered while communicating with primary target IP Address:"421 4.4.2 connection dropped due to SocketError." attempted failover to alternate host, but that did not succeed. Either there are no alternate host.

Also created new send connector and did telnet to port 25 and uninstall Antivirus as well.

 

Unable to get TLS working on Exchange 2013 Receive Connector

December 31, 2015, 10:35 am
$
0
0
I just finished setting up and implementing a new Exchange 2013 server.  It was a migration from SBS 2008.  Email works beautifully along with activesync and outlook anywhere.  The only problem I'm having is TLS will not work on the Internet facing receive connector and I cannot figure out why.  I use the AD CA to sign certificates and then distribute the root certificate to computers outside the domain.  The CA was migrated from SBS to a new DC with a different hostname, but I kept the CA name the same.  I can issue new certificates without error, and the CRL distribution points appear to be working.  I have confirmed the desired certificate is assigned to SMTP, and that the receive connector is set to use TLS.  Where can I look to figure out why Exchange is not offering TLS?

Exchange 2013 - RBL not working

December 31, 2015, 5:33 am
$
0
0

Hi guys.

We are dealing with RBL not working.

We have zen.spamhaus.org as one of the RBL's (priority 1).

This IP is reported as spam/blacklisted

http://mxtoolbox.com/SuperToolX.aspx?action=blacklist%3a38.68.18.194&run=toolpage

Is this result ok or not?

we also take a look that we don't have any DNS issues. We had exactly the same behavior as on this post "https://social.technet.microsoft.com/Forums/office/en-US/1252eb3d-949c-4cc3-a1d7-dc08f0bdd372/rbl-not-working-on-exchange-2013-edge-transport" but we have resolved this by changing forwarders on DNS and now it resolves just fine.

After that we have restarted transport service on Exchange 2013 EDGE.

Edge is on CU11.

Any other hints to check why RBL is not working ok?

With best regards

bostjanc


Search

Temporarily Suspend Delivery to Mailboxes

December 31, 2015, 7:19 am
$
0
0

Hello,

I am relatively new to exchange, so bear with me here.  I need to temporarily suspend delivery of email to mailboxes while I update Symantec Mail Security on Exchange 2013 cu1.  Would it be easiest to just suspend my mailbox database in Queue Viewer?

Thanks,

Josh

Exchange edge 2013 spam problem

December 31, 2015, 1:33 am
$
0
0

We are constantly spammed by multiple and non-repeatable domains that all implement a generic SPF record as follows "v=spf1 a mx ptr ~all".

We would like to fail all SPF records that include the ~all prefix.

How could we enable this?

bostjanc

Where to get addresses of RBL's

January 1, 2016, 10:16 am

Mail stuck in Queued mail for delivery 250 2.6.0 for receiving e-mail Exchange 2013

December 18, 2015, 1:33 am
$
0
0

Hi all,

We have a big problem. Some e-mail's from external company's are getting stuck in the exchange server and won't be delivered to the client mailbox. Below the tracking logfile:

RunspaceId             : 534e619f-4a2f-4921-904b-e7edf15e5473

Timestamp              : 18-12-2015 10:20:30

ClientIp               :  client ip

ClientHostname         : Name mailserver

ServerIp               : internal ip exchange server

ServerHostname         :

SourceContext          : Sender Id Agent

ConnectorId            : internalhostname\Default hostname

Source                 : SMTP

EventId                : FAIL

InternalMessageId      : 55834574848

MessageId              : <20151218092207.34C3C3A05B@*****.nl>

Recipients             : {name@domain.com}

RecipientStatus        : {[{LRT=};{LED=250 2.6.0 <20151218092207.60C3B4A05B@*****.nl> Queued mail for delivery};{FQ

                         DN=};{IP=}]}

TotalBytes             : 0

RecipientCount         : 1

RelatedRecipientAddress :

Reference              :

MessageSubject         : subject

Sender                 : sender@***.nl

ReturnPath             : sender@***.nl

Directionality         : Incoming

TenantId               :

OriginalClientIp       :

MessageInfo            :

MessageLatency         :

MessageLatencyType     : None

EventData              : {[DeliveryPriority, Normal]}

I've tried to disable the contentfilterconfig but with no succes. Does someone can help me with the problem? We run Exchange 2013.

Thank you

The SMTP availability of the Receive connector smtp inbound was low (38 percent) in the last 15 minutes.

December 15, 2015, 4:13 pm
$
0
0

We are using splunk to monitor exchange 2013. We keep getting these alerts "The SMTP availability of the Receive connector smtp inbound was low (38 percent) in the last 15 minutes."

I was wondering do these monitoring thresholds need to be modified within exchange? I don't want to turn the monitor off. I just need to tweak it so that it alerts when there is a real issue. And not a false positive. 

Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>