Hi,

Is there any way to insert an email item in a mailbox? Suppose I want to insert an email on  a specific date with specific subject.

Is it possible in exchange server?

Thanks a lot.

Hi, 

I am trying to shut a CAS server and need to make sure no one connects to it.  

Would someone take a look at the attached IIS WEB log from the CAS box and advise how the user connects to it (10.1.50.111)?

***********************************************************************************************************************************************

***********************************************************************************************************************************************
Thanks

Hi,

Does ISP block SMTP incoming connection?  Port 25 is also not listening on my exchange server. I can able to send emails outside the network, but can't receive from the internet. what is the reason of this ????????????

thanks,

getting Error
Message could not be sent to the following recipients: (550 - 550-Requested action not taken: mailbox unavailable
550 invalid DNS MX or A/AAAA resource record
)

Any help would be apppreciated

Hi Guys,

I have Exchange 2016 installed and configured correctly , however emails are not going out or coming through, the exchange analyser shows the below that the test is succecefully passed.

any suggestions why ?

thank you

Testing inbound SMTP mail flow for domain 'hassan@attcomputer.com'.   Inbound SMTP mail flow was verified successfully.   Additional Details   Elapsed Time: 10882 ms.   Test Steps   Attempting to retrieve DNS MX records for domain 'attcomputer.com'.   One or more MX records were successfully retrieved from DNS.   Additional Details   MX Records Host mail.attcomputer.com, Preference 10 Elapsed Time: 76 ms. Testing Mail Exchanger mail.attcomputer.com.   This Mail Exchanger was tested successfully.   Additional Details   Elapsed Time: 10806 ms.   Test Steps   Attempting to resolve the host name mail.attcomputer.com in DNS.   The host name resolved successfully.   Additional Details   IP addresses returned: 84.31.53.126 Elapsed Time: 4853 ms. Testing TCP port 25 on host mail.attcomputer.com to ensure it's listening and open.   The port was opened successfully.   Additional Details   Banner received: 220 DC02.attcomputer.com Microsoft ESMTP MAIL Service ready at Sun, 19 Jun 2016 03:13:59 +0200 Elapsed Time: 208 ms. Analyzing SMTP Capabilities for server mail.attcomputer.com:25   SMTP Capabilities were analyzed successfuly.   Additional Details   SMTP Capabilities were analyzed successfuly. 250-DC02.attcomputer.com Hello [40.85.91.8] 250-SIZE 37748736 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-X-ANONYMOUSTLS 250-AUTH NTLM 250-X-EXPS GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250-CHUNKING 250 XRDST Elapsed Time: 135 ms. Attempting to send a test email message to admin@attcomputer.com using MX mail.attcomputer.com.   The test email message was delivered successfully.   Additional Details   Elapsed Time: 537 ms. Testing the MX mail.attcomputer.com for open relay by trying to relay to user Admin@TestExchangeConnectivity.com.   The Open Relay test passed. This MX isn't an open relay.   Additional Details   The open relay test message delivery failed, which is a good thing. The exception detail: Exception details: Message: Mailbox unavailable. The server response was: 5.7.54 SMTP; Unable to relay recipient in non-accepted domain Type: System.Net.Mail.SmtpFailedRecipientException Stack trace: at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception) at System.Net.Mail.SmtpClient.Send(MailMessage message) at Microsoft.Exchange.Tools.ExRca.Tests.SmtpOpenRelayTest.PerformTestReally() Elapsed Time: 5071 ms.

the outgoing mail report is

Checking Block List "SORBS Block List"
	The IP address was found on block list.
	Additional Details   The IP address 84.31.53.126 was found on the block list. Status code: 10 Elapsed Time: 149 ms.

my apologies if this question was asked and answered previously.

we have Exchange 2013 email server. We have been seeing some of the emails are coming from outside but using our own domain name which should not be. any email coming from outside using our domain name must not get processed and rejected at the first place when arrives in our server. I looked into some of the posts and generally found to remove "ms-exch-smtp-accept-authoritative-domain-sender" property of "NT AUTHORITY\Anonymous Logon" security principal from internet receive connector.

This solution was given to below forum:

http://serverfault.com/questions/741501/how-can-i-prevent-spoofed-emails-from-outside-thats-using-my-internal-accepted-d

My question is:

(1) if I remove that permission, do I need to restart my receive connector?

if the above does not work, there is another solution suggested to block own domain and then remove ms-Exch-SMTP-Accept-Any-Sender for anonymous use and then restart receive connector

Powershell

Set-SenderFilterConfig -BlockedDomains mydomain.com

Set-SenderFilterConfig -InternalMailEnabled $true

Get-ReceiveConnector "name of the internet receive connector" | Get-ADPermission -user "NT AUTHORITY\Anonymous Logon" | where {$_.ExtendedRights -like "ms-Exch-SMTP-Accept-Any-Sender"} | Remove-ADPermission

(2) my questions is, if I do this, after restart of receive connector, will this affect our internal applications and devices emails sending which are anonymous like copiers/scanners and other internal applications inside our LAN?

(3) if it does affect and within-LAN anonymous internal emails are stopped, do I need to create a separate receive connector for LAN and allow Anonymous log-on? whats the command or procedure to do that?

(4) How can I simulate the issue (receiving email from outside but with our domain address), so I can be sure the solution is actually working?

Thanks for your replies to help resolving my issue.

hello

i have setup message approval moderation

if i decline  or if i delete message, a message is sent

but 99% of those message which need approval are fake, virus, so domain email does not exist...

and those expiration message are stucked in smtp

i would like to remove notification

thx

OK, so I have some classifications in Exchange 2013. I have exported them using the script to an XML file. I have copied that xml file to my local computer and added the registry key for Outlook defined here:-

https://technet.microsoft.com/en-gb/library/aa998271(v=exchg.141).aspx

Changing to V14 for Outlook 2010 (Also tried V15 for Outlook 2013) However, the client will NOT see the classifications.

I have checked the XML and the classifications are listed fine, OWA shows the classifications fine. Outlook clients will NOT read the xml file and only shows the two standard options (Which I cannot select as it wants to connect to a MS live account)

I have tried this on two base units with two versions of Outlook, same result on both.

Any ideas?

Nik

Not recieving external emails but internal works. Doing MS Remote Connectivity Analyzer fails.

Hi All, hope you are fine and doing well.

I am looking for some help to configure SPF record for our domain. I am using mydomain.com as an example.

We have Exchange server 2013 mail server in our domain.

Current SPF records: we have two SPF records as per mxtoolbox.com.

spf:mydomain.com is "v=spf1 a:mail.mydomain.com a:mailservername.mydomain.com mx:mydomain.com -all"

spf:mail.mydomain.com is "v=spf1 mx –all"

Both of the records are showing “SPF Record Depreciated” in mxtoolbox.com.

v=spf1 include:mydomain.com ~all

Now we are also facing issue with spoofed-domain emails. Emails coming from outside world with our domain address like it came from our own domain, and we want to stop it.

(1) (1) Should we maintain a new SPF record for the domain mydomain.com or mail.mydomain.com or for both?

(2) (2) Do we need to remove current SPF records and add new and correct SPF records?

(3) (3) What is the SPF records we need to create?

Is it "v=spf1 mx a:mail.mydomain.com –all" or "v=spf1 mx a:mydomain.com –all" ?

(4) (4) The one SPF record other domain-support advised “v=spf1 include:mydomain.com ~all”, should we need to add that too? Can we use -all option instead of ~all to reject emails coming from outside world using our domain address (spoofed-domain emails)?

Thanks for your help.

Hi All,

On exchange 2013 I have StartTLS adverstised on our default receive connector and that is working fine, but any other receive connectors I setup never show the StartTLS advertised when a client connects which is shown through protocol logs and using Telnet to the server on a IP that is scoped to the receiver connector with the issue. This frontend receive connector is operating on port 25.

Upon viewing the Get-receiveconnector output the AuthMechanism is set to TLS. I have also tried setting various security options on the connector but none seem to activate 250-StartTLS. Even when I set require Tls to true.

Does anyone know what is happening here, is there something i'm overlooking?

I need to send emails from our web server to external addresses via this receive connector and also need to ensure TLS is encrypting these emails.

Hi , i have a problem with address rewrite on exchange 2013 sp1.

We set a new address rewrite on edge machines with this parameter :

New-AddressRewriteEntry -Name "rewrite all" -InternalAddress test.local  -ExternalAddress  mail.test.com

it's work in inbound message but in outbound message test.local still appeared.

What's we wong ?

Thanks.

Hello All,

We are running 2000 mailboxes in Zimbra and planning to move Emailing-Infrastructure on Microsoft Exchange Servers. 

We have planned to install Exchange 2016 Sp1 Servers and set up co-existence between Zimbra & Exchange.

Please help with following Queries.

1/  Which third-party tool is worthy ( Cheap & Best) for Zimbra to Exchange Migration.

2/  We dont want to move MX record, which is currently Pointed to Zimbra. We will move MX record once all users will migrated to Exchange2016. How can we achieve the mail-flow between Zimbra to Exchange2016 and vise-versa. 

Regards, Rohit

Hello all,

I've issue with mail flow dealy. I setted up EOP recently. So dns mx record is point to EOP and EOP forward emails to MS Exchange 2013 on premise. But there is mail flow delay for some emails. The delay occurs betwen EOP and our internal Exchange server.

When I check mail flow on EOP, there is information: Message sent to our.mail.server at 9:00UTC but email arrived at 9:21UTC. When I check email header I see 21 minutes of delay between EOP and our mail server. There is not antispam on our router.

Where should be an issue? What should I check?

Thank you.

Hi All

I have exchange 2013 with outlook 2010 clients. I need to add in a classification into outlook.I have exported the xml fine using the predefined exchange 2013  (Export-OutlookClassification.ps1). In OWA the classifications show up and work fine with my new transport rules.

FYI I have followed this guide: https://technet.microsoft.com/en-us/library/aa998271(v=exchg.141).aspx

When attempting to add this new classification into outlook 2010 (changing to V14 on the registry keys where appropriate), the outlook client keeps the permission button under email > options tab, greyed out.

Like this: https://drive.google.com/file/d/0B1PpRpwQb8M3S0tLZXo5OFZqZXc/view?usp=sharing

I have tried everything i can think of, I'd really appreciate anyone's help on this.

Hello,

I have applied DLP policy for passport and swiftcode, both rules are working but facing problem with incident report.

According to DLP, when any rule will be detected then a incident report will be generated and moderator will receive one rule detected email against that rule. But in my organization, my moderator is receiving multiple email against one rule. As example, if a user sends an email (DLP policy matched email) to 5 users the moderator gets 5 incident reports instead of one .

Thanks,

Aparna

Hi,

I've installed Edge Role of Exchange 2013 sp1 in Windows server 2012 R2 standard.
I want to use Edge server only to rewriting header.
I want to rewrite sender address from test@mydomain.local to support@mydomain.local.

Receive connector settings:

PS C:\Windows\system32> Get-ReceiveConnector cpacentrale1 |fl
AuthMechanism                           : None
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {0.0.0.0:25}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
ProxyEnabled                            : False
AdvertiseClientSettings                 : False
Fqdn                                    : AppSrv2.mydomain.local
ServiceDiscoveryFqdn                    :
TlsCertificateName                      :
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:05:00
ConnectionInactivityTimeout             : 00:01:00
MessageRateLimit                        : 600
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize                           : 128 KB (131,072 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 35 MB (36,700,160 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : AnonymousUsers, Custom
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : None
RemoteIPRanges                          : {10.3.54.2}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : AppSrv2
TransportRole                           : HubTransport
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : CpaCentrale1
DistinguishedName                       : CN=CpaCentrale1,CN=SMTP Receive Connectors,CN=Protocols,CN=AppSrv2,CN=Servers,CN=Exchange
                                          Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First
                                          Organization,CN=Microsoft
                                          Exchange,CN=Services,CN=Configuration,CN={457EE1D7-B7DB-4232-B725-11273EDECBE4}
Identity                                : AppSrv2\CpaCentrale1
Guid                                    : a3694ca5-179f-4846-aeac-34a13e7cbfb5
ObjectCategory                          : CN=ms-Exch-Smtp-Receive-Connector,CN=Schema,CN=Configuration,CN={457EE1D7-B7DB-4232-B725-11
                                          273EDECBE4}
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 17/06/2016 10:17:34
WhenCreated                             : 15/06/2016 16:32:57
WhenChangedUTC                          : 17/06/2016 08:17:34
WhenCreatedUTC                          : 15/06/2016 14:32:57
OrganizationId                          :
OriginatingServer                       : localhost
IsValid                                 : True
ObjectState                             : Unchanged

Receive connector permissions:

PS C:\Windows\system32> Get-ReceiveConnector cpacentrale1 |Get-ADPermission |select user,extendedrights
User                                                               ExtendedRights
----                                                               --------------
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-SMTP-Accept-Any-Sender}
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-SMTP-Accept-Any-Recipient}
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-Accept-Headers-Routing}
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-SMTP-Submit}
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-SMTP-Accept-Authoritative-Domain-Sender}
NT AUTHORITY\SYSTEM
NT AUTHORITY\NETWORK SERVICE
BUILTIN\Administrators
S-1-527723813-3342083303-519

SendConnector settings (I forward to a simple intranet Microsoft smtp ):

PS C:\Windows\system32> Get-SendConnector|fl
AddressSpaces                : {smtp:*;1}
AuthenticationCredential     :
CloudServicesMailEnabled     : False
Comment                      :
ConnectedDomains             : {}
ConnectionInactivityTimeOut  : 00:10:00
DNSRoutingEnabled            : False
DomainSecureEnabled          : False
Enabled                      : True
ErrorPolicies                : Default
ForceHELO                    : False
Fqdn                         :
FrontendProxyEnabled         : False
HomeMTA                      :
HomeMtaServerId              :
Identity                     : To SmtpCpaCentrale
IgnoreSTARTTLS               : False
IsScopedConnector            : False
IsSmtpConnector              : True
MaxMessageSize               : 35 MB (36,700,160 bytes)
Name                         : To SmtpCpaCentrale
Port                         : 25
ProtocolLoggingLevel         : None
RequireOorg                  : False
RequireTLS                   : False
SmartHostAuthMechanism       : None
SmartHosts                   : {smtpcpacentrale.mydomain.local}
SmartHostsString             : smtpcpacentrale.mydomain.local
SmtpMaxMessagesPerConnection : 20
SourceIPAddress              : 0.0.0.0
SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
SourceTransportServers       : {}
TlsAuthLevel                 :
TlsCertificateName           :
TlsDomain                    :
UseExternalDNSServersEnabled : False

Permission on send connector

PS C:\Windows\system32> Get-sendConnector "to smtpcpacentrale" |Get-ADPermission |select user,extendedrightsUser                                

User                                                               ExtendedRights
----                                                               --------------
NT AUTHORITY\ANONYMOUS LOGON                                       {ms-Exch-Send-Headers-Routing}
MS Exchange\Partner Servers                                        {ms-Exch-Send-Headers-Routing}
MS Exchange\Hub Transport Servers                                  {ms-Exch-Send-Headers-Forest}
MS Exchange\Hub Transport Servers                                  {ms-Exch-Send-Headers-Organization}
MS Exchange\Hub Transport Servers                                  {ms-Exch-SMTP-Send-XShadow}
MS Exchange\Hub Transport Servers                                  {ms-Exch-SMTP-Send-Exch50}
MS Exchange\Hub Transport Servers                                  {ms-Exch-Send-Headers-Routing}
MS Exchange\Edge Transport Servers                                 {ms-Exch-Send-Headers-Forest}
MS Exchange\Edge Transport Servers                                 {ms-Exch-Send-Headers-Routing}
MS Exchange\Edge Transport Servers                                 {ms-Exch-SMTP-Send-XShadow}
MS Exchange\Edge Transport Servers                                 {ms-Exch-Send-Headers-Organization}
MS Exchange\Edge Transport Servers                                 {ms-Exch-SMTP-Send-Exch50}
MS Exchange\Externally Secured Servers                             {ms-Exch-Send-Headers-Routing}
MS Exchange\Externally Secured Servers                             {ms-Exch-SMTP-Send-Exch50}
MS Exchange\Legacy Exchange Servers                                {ms-Exch-SMTP-Send-Exch50}
MS Exchange\Legacy Exchange Servers                                {ms-Exch-Send-Headers-Routing}
BUILTIN\Administrators
S-1-527723813-3342083303-519
NT AUTHORITY\SYSTEM
NT AUTHORITY\NETWORK SERVICE

Address Rewriting Outbound Agent enabled (through Get-Transport cmdlet).
Address rewriting setting:

PS C:\Windows\system32> Get-AddressRewriteEntry test |fl
InternalAddress   : test@mydomain.local
ExternalAddress   : support@mydomain.local
ExceptionList     : {}
OutboundOnly      : True
AdminDisplayName  :
ExchangeVersion   : 0.1 (8.0.535.0)
Name              : test
DistinguishedName : CN=test,CN=Email Entries,CN=Address Rewrite Configuration,OU=MSExchangeGateway
Identity          : CN=test,CN=Email Entries,CN=Address Rewrite Configuration,OU=MSExchangeGateway
Guid              : 7163cb43-3886-479d-9d35-06d198f6d7cd
ObjectCategory    : CN=ms-Exch-Address-Rewrite-Entry,CN=Schema,CN=Configuration,CN={457EE1D7-B7DB-4232-B725-11273EDECBE4}
ObjectClass       : {top, msExchAddressRewriteEntry}
WhenChanged       : 20/06/2016 17:10:16
WhenCreated       : 20/06/2016 15:33:35
WhenChangedUTC    : 20/06/2016 15:10:16
WhenCreatedUTC    : 20/06/2016 13:33:35
OrganizationId    :
OriginatingServer : localhost
IsValid           : True
ObjectState       : Unchanged

When I send an email from telnet or another smtp sender mail flows from edge server to microsoft smpt but no header rewriting occurs.
In c:\inetpub\mailroot\drop of Microsoft SMTP server I see the .eml with the header "From:" unchanged.

Any Ideas?

Hi all!

I installed Exchange 2013 CU1 on Server 2012. I have 2 2012 one for AD and one for Exchange. This is small enviroment, EX2013 has 8GB of RAM and 10 users on it. We recive around 150 mails per day and send about 100 mails per day so this is very low resource usage...

When we were on exchange 2010 SP3, when I sent mail to gmail account which is configured to send mail back to me it all took around 10 seconds tops!

Now it takes waaay more, see attached image....

Any idea why it is so slow?

Regards,

Greg