It is observed that only a set of users are unable to recieve emails and their outlook status shows disconnected . Other users in the same office are able to send/recieve fine . The exchange database is mounted and is working fine. What could be the possible
troubleshooting steps to rectify these ?
↧
Set of users unable to recieve emails
↧
Microsoft Filtering Management Service service can't start with error 0x80004005: Unspecified error
Hi Microsoft and experts in the form,
My two Exchange 2013 CU8 server Exchange transport service failed to start due to the dependency Microsoft Filtering Management Service stopped. The error message is listed below. I have tried all resolutions in the post but issue not fixed.
Log Name: System
Source: Service Control Manager
Date: 1/27/2016 5:25:14 PM
Event ID: 7023
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: Exch02.testoml.com
Description:
The Microsoft Filtering Management Service service terminated with the following error:
Unspecified error
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 1/27/2016 11:53:40 AM
Event ID: 10001
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: Exch02.testoml.com
Description:
Unable to start a DCOM Server: {2DC947D7-A2DC-4276-A554-891346CE2032} as NT AUTHORITY/NetworkService. The error:
"5"
Happened while starting this command:
"D:\Exchange2013\FIP-FS\Bin\FSCConfigurationServer.exe" -Embedding
For Filtering Management Service failed due to dcom error 10001. I already tried to give the full permission to on CLSID.
Any suggestions would be highly appreciated.
Best regards,
Robert Li
Partner Online Technical Community
-----------------------------------------------------------------------------------------
We hope you get value from our new forums platform! Tell us what you think:
http://social.microsoft.com/Forums/en-US/partnerfdbk/threads
------------------------------------------------------------------------------------------
This posting is provided "AS IS" with no warranties, and confers no rights.
↧
↧
441 4.4.1 Error encountered when sending email from Exchange 2013 to Sharepoint 2010
I have just started working at a new location. A predecessor has created a send connector from our Exchange 2013 to an internal SharePoint 2010 site.
The sharepoint server is running smtp and can receive mail if I telnet to the from the local host to itself on port 25. Hence an .eml message arrives inC:\inetpub\mailroot\Drop on the SharePoint box.
However, when ever I try to send a message to the SharePoint server from exchange, the message is queued for delivery, but the message gets stuck in the mail queue.
Delayed message from Exchange:
Remote Server at sharepointsvr.domain.com (xxx.xxx.xxx.xxx) returned '400 4.4.7 Message delayed'
3/11/2016 3:07:21 AM - Remote Server at sharepointsvr.domain.com
(xxx.xxx.xxx.xxx) returned '441 4.4.1 Error encountered while communicating with primary target IP address: "421 4.4.2 Connection dropped due to SocketError." Attempted failover to alternate host, but that did not succeed. Either there are no alternate
hosts, or delivery failed to all alternate hosts. The last endpoint attempted was xxx.xxx.xxx.xxx:25'
Does anyone have any suggestions?
You will receive much praise!
↧
Messages can be delivered to a certain domain
Dear all,
Since this morning it seems that we are not able to send any messages to a certain domian. We receive such e-mail every time when we are trying to send it:
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept
email from certain senders, or another restriction may be preventing delivery.<o:p></o:p>
The following organization rejected your message: cluster-a.mailcontrol.com.
Could you please help me to resolve this problem
Thank you in advance<o:p></o:p>
↧
Massive SPAM and Virus Sending
Dear NC,
i have lots of SPAM which is relayed through one of my Exchange 2013 Servers. Sending Mails via SMTP is allowed for Exchange Users to let them send with Clients like Thunderbird. I have allready enabled verbose logging but i am not able to identify from which
IP or even better Useraccount the SPAM is send. For me it looks like (not for sure of course), that someone uses one of the AD Accounts to send SPAM because of a weak Username/Password combination directly via SMTP through the Exchange Server.
How can i identify the Sending Useraccount. I cannot find anyting about that in the Frontend SMTP Receive Logs or Event Logs? The OriginalClientIp ist allways empty.
Does anybody have a good howto for me....this would be very kind.
Thanks a lot, Bernd
↧
↧
Incoming mail getting stuck on Edge Server with 451 4.4.0
451 4.4.0 smtpsend.suspiciousremoteservererror; remote server disconnected abruptly
Tried every solution possible but still getting this error. The mail flow has been working fine for a few months.
↧
Multiple IPs for Single MX record
Hi all,
is it possible to assign multiple IP address (belongs different ISP ips) to single MX record ?
for Example
mail1.yourdomain.com 10.0.0.1,172.31.255.254,10.255.255.254,64.233.189.204
10.0.0.1: AT&T
172.31.255.254: Charter
10.255.255.254: CableOne
64.233.189.204: Reliance
if AT&T link goes down then emails should work from other working ISP ips.
What wish to achieve is , I don't want to create multiple MX records for each ip.
regards
Atul A
is it possible to assign multiple IP address (belongs different ISP ips) to single MX record ?
for Example
mail1.yourdomain.com 10.0.0.1,172.31.255.254,10.255.255.254,64.233.189.204
10.0.0.1: AT&T
172.31.255.254: Charter
10.255.255.254: CableOne
64.233.189.204: Reliance
if AT&T link goes down then emails should work from other working ISP ips.
What wish to achieve is , I don't want to create multiple MX records for each ip.
regards
Atul A
TheAtulA
↧
Exchange 2010 Mail Loop
A local loop was detected in Exchange server 2010. Edge Server reports this error some times until I restart the transport service. What could be the problem ?
↧
SMTP AUTH: Does Exchange offer MTA-level authentication as well as user-level authentication?
We have an MTA that needs to relay inbound mail to an Exchange server. I found that when the MAIL FROM address matches the username in the AUTH credentials, Exchange accepts the email. However, when they don't match, Exchange rejects the email with an error like this:
550 5.7.1 Client does not have permissions to send as this sender
Our MTA only allows us to specify one set of credentials; all emails, regardless of the sender, must be relayed to the Exchange server using the same set of authentication (AUTH) credentials.
Is this possible? I hope it is, because this requirement is coming from my Director.
↧
↧
After Upgrade to CU9 is impossible to allow Authenticated Email from FSRM and WSUS
Hello,
the problem happens after you update to CU9 from CU8: authenticated emails from computer running WSUS and File Server Resource Manager (that autenticate using the computer account) are not running anymore. Before they was running.
This is the debug of the SMTP conversation AT THE CU8 -- RUNNING
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,0,10.0.0.2:25,10.0.0.1:51258,+,,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,1,10.0.0.2:25,10.0.0.1:51258,*,None,Set Session Permissions
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,2,10.0.0.2:25,10.0.0.1:51258,>,"220 ITMILEX999.contoso.com Microsoft ESMTP MAIL Service ready at Tue, 23 Jun 2015 08:11:38 +0200",
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,3,10.0.0.2:25,10.0.0.1:51258,<,EHLO ITMILDC999,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,4,10.0.0.2:25,10.0.0.1:51258,*,None,Set Session Permissions
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,5,10.0.0.2:25,10.0.0.1:51258,>,250-ITMILEX999.contoso.com Hello [10.0.0.1],
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,6,10.0.0.2:25,10.0.0.1:51258,>,250-SIZE,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,7,10.0.0.2:25,10.0.0.1:51258,>,250-PIPELINING,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,8,10.0.0.2:25,10.0.0.1:51258,>,250-DSN,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,9,10.0.0.2:25,10.0.0.1:51258,>,250-ENHANCEDSTATUSCODES,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,10,10.0.0.2:25,10.0.0.1:51258,>,250-AUTH NTLM,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,11,10.0.0.2:25,10.0.0.1:51258,>,250-8BITMIME,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,12,10.0.0.2:25,10.0.0.1:51258,>,250-BINARYMIME,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,13,10.0.0.2:25,10.0.0.1:51258,>,250 CHUNKING,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,14,10.0.0.2:25,10.0.0.1:51258,<,AUTH ntlm,
2015-06-23T06:11:39.435Z,ITMILEX999\Internal,08D27B82C2B20D7C,15,10.0.0.2:25,10.0.0.1:51258,>,334 <authentication response>,
2015-06-23T06:11:39.481Z,ITMILEX999\Internal,08D27B82C2B20D7C,16,10.0.0.2:25,10.0.0.1:51258,*,SMTPSubmit SMTPAcceptAnyRecipient BypassAntiSpam AcceptRoutingHeaders,Set Session Permissions
2015-06-23T06:11:39.481Z,ITMILEX999\Internal,08D27B82C2B20D7C,17,10.0.0.2:25,10.0.0.1:51258,*,CONTOSO\ITMILDC999$,authenticated
2015-06-23T06:11:39.513Z,ITMILEX999\Internal,08D27B82C2B20D7C,18,10.0.0.2:25,10.0.0.1:51258,*,,Proxy session was successfully set up. Outbound session will now be proxied
2015-06-23T06:11:39.513Z,ITMILEX999\Internal,08D27B82C2B20D7C,19,10.0.0.2:25,10.0.0.1:51258,>,235 2.7.0 Authentication successful,
2015-06-23T06:11:39.763Z,ITMILEX999\Internal,08D27B82C2B20D7C,20,10.0.0.2:25,10.0.0.1:51258,-,,Local
This is the debug after upgrading to CU9 -- BROKEN
2015-06-23T07:34:12.165Z,ITMILEX999\Internal,08D27B9E1BAF1B57,0,10.0.0.2:25,10.0.0.1:51489,+,,
2015-06-23T07:34:12.165Z,ITMILEX999\Internal,08D27B9E1BAF1B57,1,10.0.0.2:25,10.0.0.1:51489,*,None,Set Session Permissions
2015-06-23T07:34:12.196Z,ITMILEX999\Internal,08D27B9E1BAF1B57,2,10.0.0.2:25,10.0.0.1:51489,>,"220 ITMILEX999.contoso.com Microsoft ESMTP MAIL Service ready at Tue, 23 Jun 2015 09:34:11 +0200",
2015-06-23T07:34:12.462Z,ITMILEX999\Internal,08D27B9E1BAF1B57,3,10.0.0.2:25,10.0.0.1:51489,<,EHLO ITMILDC999,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,4,10.0.0.2:25,10.0.0.1:51489,*,None,Set Session Permissions
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,5,10.0.0.2:25,10.0.0.1:51489,>,250-ITMILEX999.contoso.com Hello [10.0.0.1],
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,6,10.0.0.2:25,10.0.0.1:51489,>,250-SIZE,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,7,10.0.0.2:25,10.0.0.1:51489,>,250-PIPELINING,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,8,10.0.0.2:25,10.0.0.1:51489,>,250-DSN,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,9,10.0.0.2:25,10.0.0.1:51489,>,250-ENHANCEDSTATUSCODES,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,10,10.0.0.2:25,10.0.0.1:51489,>,250-AUTH NTLM,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,11,10.0.0.2:25,10.0.0.1:51489,>,250-8BITMIME,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,12,10.0.0.2:25,10.0.0.1:51489,>,250-BINARYMIME,
2015-06-23T07:34:12.619Z,ITMILEX999\Internal,08D27B9E1BAF1B57,13,10.0.0.2:25,10.0.0.1:51489,>,250 CHUNKING,
2015-06-23T07:34:12.744Z,ITMILEX999\Internal,08D27B9E1BAF1B57,14,10.0.0.2:25,10.0.0.1:51489,<,AUTH ntlm,
2015-06-23T07:34:12.791Z,ITMILEX999\Internal,08D27B9E1BAF1B57,15,10.0.0.2:25,10.0.0.1:51489,>,334 <authentication response>,
2015-06-23T07:34:13.682Z,ITMILEX999\Internal,08D27B9E1BAF1B57,16,10.0.0.2:25,10.0.0.1:51489,*,SMTPSubmit SMTPAcceptAnyRecipient BypassAntiSpam AcceptRoutingHeaders,Set Session Permissions
2015-06-23T07:34:13.682Z,ITMILEX999\Internal,08D27B9E1BAF1B57,17,10.0.0.2:25,10.0.0.1:51489,*,CONTOSO\ITMILDC999$,authenticated
2015-06-23T07:34:26.949Z,ITMILEX999\Internal,08D27B9E1BAF1B57,18,10.0.0.2:25,10.0.0.1:51489,*,,Setting up client proxy session failed with error: 535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve
the user
2015-06-23T07:34:26.949Z,ITMILEX999\Internal,08D27B9E1BAF1B57,19,10.0.0.2:25,10.0.0.1:51489,*,,"Setting up client proxy session failed with error: 451 4.4.0 Primary target IP address responded with: ""535 5.7.3 Unable to proxy authenticated session
because either the backend does not support it or failed to resolve the user."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted
was 10.0.0.2:465"
2015-06-23T07:34:26.949Z,ITMILEX999\Internal,08D27B9E1BAF1B57,20,10.0.0.2:25,10.0.0.1:51489,*,None,Set Session Permissions
2015-06-23T07:34:26.965Z,ITMILEX999\Internal,08D27B9E1BAF1B57,21,10.0.0.2:25,10.0.0.1:51489,*,Tarpit for '0.00:00:05' due to '535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user',
2015-06-23T07:34:32.282Z,ITMILEX999\Internal,08D27B9E1BAF1B57,22,10.0.0.2:25,10.0.0.1:51489,>,535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user,
2015-06-23T07:34:32.314Z,ITMILEX999\Internal,08D27B9E1BAF1B57,23,10.0.0.2:25,10.0.0.1:51489,<MAIL FROM:<FSRM @ contoso.com>,
2015-06-23T07:34:32.314Z,ITMILEX999\Internal,08D27B9E1BAF1B57,24,10.0.0.2:25,10.0.0.1:51489,*,Tarpit for '0.00:00:05' due to '530 5.7.1 Client was not authenticated',
2015-06-23T07:34:37.334Z,ITMILEX999\Internal,08D27B9E1BAF1B57,25,10.0.0.2:25,10.0.0.1:51489,>,530 5.7.1 Client was not authenticated,
2015-06-23T07:34:37.334Z,ITMILEX999\Internal,08D27B9E1BAF1B57,26,10.0.0.2:25,10.0.0.1:51489,-,,Local
Ciao,
Luca
↧
Mail Spoofing altough SPF / DMARC are deployed
Greetings,
Please your support with this. We have a current mail spoofing attack. Some from an external IP is using our mail relays to send inbound spoofed messages.
Ill copy the header and I dont understand why Exchange let them in altough we have Sender ID / SPF / DMARC
Received: from xxx.xxxxx.xxx (Internal IP adress) by xxxx.xxxxx.xxx
(Internal IP adress ) with Microsoft SMTP Server (TLS) id xx.x.xxx.x; Wed, 16 Mar
2016 11:43:13 -0500
Received: from [178.175.49.131] (178.175.49.131) by xxx.xxxxx.xxx
(Internal IP adress) with Microsoft SMTP Server id xx.x.xxx.x; Wed, 16 Mar 2016
11:43:08 -0500
From: <Organization email>
To: <organization email>
Subject: Document2
Thread-Topic: Document2
Thread-Index: AdF+sJZYKtxaTvOhSFC+rMKD/CUwyg==
Date: Wed, 16 Mar 2016 17:43:09 +0200
Message-ID: <71C97C63C7AD64656424264EC@BORO-SBS.boro.local>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.x.xx]
Content-Type: multipart/mixed;
boundary="_004_300621BC94B77642BC430B054CFFEC9C4A08FF5DBOROSBSboroloca_"
MIME-Version: 1.0
Return-Path: Organization email
X-MS-Exchange-Organization-PRD: myexchange
Received-SPF: Fail (xxx.xxxxxxxx.xxx: domain of xxxx@xxxxx.xxx
does not designate 178.175.49.131 as permitted sender)
receiver=xxx.xxxxxx.xxx; client-ip=178.175.49.131; helo=[178.175.49.131];
X-KSE-ServerInfo: xxxxx.xxx, 9
X-KSE-AntiSpam-Interceptor-Info: scan successful
X-KSE-AntiSpam-Version: 5.5.9, Database issued on: 03/16/2016 16:28:08
X-KSE-AntiSpam-Status: KAS_STATUS_NOT_DETECTED
X-KSE-AntiSpam-Method: none
X-KSE-AntiSpam-Rate: 55
X-KSE-AntiSpam-Info: Lua profiles 93080 [Mar 16 2016]
X-KSE-AntiSpam-Info: LuaCore: 415 415
56d27afa4611b5fc17406ce7708f83a66d615280
X-KSE-AntiSpam-Info: Version: 5.5.9.3
X-KSE-AntiSpam-Info: Envelope from: xxxxx@xxxxx.xxx.xxxx
X-KSE-AntiSpam-Info: {relay has no DNS name}
X-KSE-AntiSpam-Info: 127.0.0.200:7.1.3;domain:7.1.1;127.0.0.199:7.1.2;d41d8cd98f00b204e9800998ecf8427e.com:7.1.1;178.175.49.131:7.3.4
X-KSE-AntiSpam-Info: Auth:dmarc=fail header.from=domain
policy=reject;spf=fail smtp.mailfrom=domain;dkim=none
X-KSE-AntiSpam-Info: {rdns complete}
X-KSE-AntiSpam-Info: dmarc_local_policy_1
X-KSE-AntiSpam-Info: Rate: 55
X-KSE-AntiSpam-Info: Status: not_detected
X-KSE-AntiSpam-Info: Method: none
X-KSE-AntiSpam-Info: Moebius-Timestamps: 4015174, 4015198, 0
X-KSE-Antiphishing-Info: Clean
X-KSE-Antiphishing-Method: None
X-KSE-Antiphishing-Bases: 03/16/2016 16:32:00
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.5705.600;SID:SenderIDStatus Fail;OrigIP:178.175.49.131
X-MS-Exchange-Organization-AVStamp-Mailbox: KasprLab;28094;0;0
X-KSE-Antivirus-Interceptor-Info: scan successful
X-KSE-Antivirus-Info: Clean
X-MS-Exchange-Organization-SCL: 0
X-MS-Exchange-Organization-SenderIdResult: FAIL
X-MS-Exchange-Organization-AuthSource: xxx.domain
X-MS-Exchange-Organization-AuthAs: Anonymous
X-Auto-Response-Suppress: DR, OOF, AutoReply
Deal
↧
Do I need Enterprise user CAL for setting up corporate disclaimer
We are currently using Exchange 2013 Standard server with Standard exchange user CAL.
I would like to set up both corporate disclaimer for internal and outgoing mail using the rule under the Mail flow of the Exchange server.
Can I legal do it with the Exchange 2013 standard user CAL, or do I require the Exchange 2013 Enterprise CAL?
Thanks for your response!
↧
DefaultDomain setting in 2013 receive connector VS 2010
I have a receive connector in Exchange 2010 that will allow an anonymous relay from a device. The device will only pass the UPN name i.e. device1 and the 2010 connector will append the defaultdomain setting for both the mail from: and recpt to:
In 2013 with the exact same defaultdomain setting it will not append the the default domain that is configured. Running Exchange 2013 SP1 Cu11
Anyone else run across this ? very easy to repro
↧
↧
Journaling and BCC
Hello,
In Exchange 2010, BCC recipient information was limited to the journal report and expunged from the attached email's header by Exchange if EWS was used for message retrieval.
Apparently, this has changed with recent versions of Exchange 2013 and Exchange 2016. Now, not only the journal report but also the attached email's header contains the full BCC recipient list. This is true for standard (database) journaling as well as for
journaling rules.
If this change is intentional, it would render the journaling report pretty much obsolete because the full sender and recipient information is already part of the attached "original" email itself. But worse, it could pose a security threat for any archiving solution that use the information in the journal report to get senders and recipients and then archive the attached email as is. BCC information would be disclosed to recipients of Exchange-internal mails that way.
Any thoughts? Thanks!
Björn
↧
Exchange 2013 CU 10 does not obey "ms-exch-smtp-accept-authoritative-domain-sender" setting
My customer is running a single (multirole) Exchange 2013 server, patched to CU 10 (build 15.1130.7), with 1 Internet-facing receive connector. We are having a spam issue where outside (Internet) senders are sending messages to our internal users
as themselves, eg jsmith@domain.com receives a spam message from jsmith@domain.com. Domain.com is one of our accepted domains.
To prevent this, we used ADSI Edit to remove the "ms-exch-smtp-accept-authoritative-domain-sender" permission for anonymous logons on the Internet-facing receive connector:
-->ADSI Edit-->Configuration-->Services-->Microsoft Exchange-->Administrative Groups-->Exchange Administrative Group-->Servers-->[server name]-->Protocols-->SMTP Receive Connetors-->[Internet-facing Receive Connector]-->right
click, view properties, go to security, select anonymous logon, uncheck "Accept Authoritative Domain Sender".
When this is done, the only 3 remaining "Allow" checkmarks for anonymous logon are: "Submit Messages to Server", "Accept Routing Headers", and "Accept Any Sender".
When this change is made in Exchange 2010 (we have a lab server with 2010), when we tested by sending a message using telnet from jsmith@domain.com to somebodyelse@domain.com, it works correctly and the message is refused as expected. When we do the same thing on the Exchange 2013, the message is delivered, even if we set an explicit "deny" on "Accept Authoritative Domain Sender" instead of just unchecking it.
At least one other company has reported this issue:
https://social.technet.microsoft.com/Forums/office/en-US/18d8e518-92ff-4d5d-b6fd-3852b87c9d1b/exchange-server-2013-and-msexchsmtpacceptauthoritativedomainsender?forum=exchangesvrsecuremessaging
The suggested work-around is to use Exchange's antispam filter to block anything coming from domain.com:
https://social.technet.microsoft.com/Forums/office/en-US/0fdf213c-02e3-4ea1-9e6d-242abf9559b8/prevent-own-domain-spoofed-spam?forum=exchangesvrsecuremessaging
but this is awkward to set up and administer.
Why doesn't 2013 obey the "ms-exch-smtp-accept-authoritative-domain-sender" permissions setting? Would it help to update to CU 11? How can we fix this without using a antispam filtering workaround?
To prevent this, we used ADSI Edit to remove the "ms-exch-smtp-accept-autho
-->ADSI Edit-->Configuration-->Ser
When this is done, the only 3 remaining "Allow" checkmarks for anonymous logon are: "Submit Messages to Server", "Accept Routing Headers", and "Accept Any Sender".
When this change is made in Exchange 2010 (we have a lab server with 2010), when we tested by sending a message using telnet from jsmith@domain.com to somebodyelse@domain.com, it works correctly and the message is refused as expected. When we do the same thing on the Exchange 2013, the message is delivered, even if we set an explicit "deny" on "Accept Authoritative Domain Sender" instead of just unchecking it.
At least one other company has reported this issue:
https://social.technet.mic
The suggested work-around is to use Exchange's antispam filter to block anything coming from domain.com:
https://social.technet.mic
but this is awkward to set up and administer.
Why doesn't 2013 obey the "ms-exch-smtp-accept-autho
↧
Email Address Policy Erase Everything after
Hi, I want to have a email address Policy that only take on surname.
Example
Display name: Marc Felix Martinez
Surname: Felix Martinez
Given name: Marc
the email address need to be: Marc.Felix@midomain.com
How i can do this?
↧
Exchange 2013 Hybrid Server patching best practices
Hi
We have Exchange 2010 with Hybrid setup to Office 365. The on-premise servers are with Exchange 2010 and two Exchange 2013 Hybrid servers are there and we have few users moved to Office 365 and everything working fine,
Now we would like to install latest CU for Exchange 2013 servers. What would be the impact while installing CU on Hybrid servers?
Will there by any impact to cloud users, mail flow, free busy, mailtips and etc?
↧
↧
Exchange 2010 with multiple domains and disabling autodiscover for one of them
Hello - I'm an Exchnage newbie and have the following issue - we have an Exchange 2010 server accepting mail for multiple domains and want to migrate one of them to O365. I found that if you:
Set-ClientAccessServer –Identity “CASxx” –AutoDiscoverServiceInternalUri
$NULL
you're essentially removing the on-premises information with regard to Autodiscover; thus eliminating the conflict that your end users are experiencing between the O365 autodiscover and the on-premises one.
Does this ps command disable AutoDiscover for ALL the domains?
How would you remove AutoDiscover for just 1 of them?
I do have a CNAME record pointing to autodiscover.outlook.com in DNS for this domain.
↧
Unable to send emails from Relay Connector
Hello Team,
We deployed an new Exchange 2013 server CU8 , On the CAS Server Created an receive connector for Relay and enabled anonymous only and also added the AD permission for the receive connector "Ms-Exch-SMTP-Accept-Any-Recipient", Still I am unable to send emails from the application , We can able to telnet but Emails getting failed when sending from application, Below is the collected information from the receiver Connector logs "504 5.7.4 unrecognized authentication type"
Receive connector settings - On the security enabled TLS and anonymous
Regards
Mohammed Eliyas
↧
How do i get a detailed report on a message
So one user started to received spam including zip files containing malware.
The email now says that the email came from herself... such a@a.com sent to a@a.com
It is very unlikely that she or a malware on her computer is creating those emails
And for some reason, even though much of the spam gets scan and delete by the anti-virus ....this one gets through
On Exchange 2010 I could use the Message Tracking tool that would allow to see pretty much anything about the email...from what I remember
The Message Tracking tool isn't anymore on Exchange 2013 (pretty stupid) and using the || Get-MessageTrackingLog -Start "2016-03-18 11:25:00" -End "2016-03-18 11:45:00" | Out-GridView || isn't giving me anymore information that was I was able to see in the email
The source code of that email isn't saying anything within the mailbox of that user
So how do I get to know where this email came from...?
Thank you
↧