Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

Sender Based Routing 554 5.4.4 SMTPSEND.DNS.NonExistentDomain

October 26, 2016, 1:48 pm
$
0
0

Hi,

I am configuring Sender Based Routing following this Article (http://www.tuescher.net/Exchange-Sender-Based-Routing/e13.html#chapter6 ), but what i see that is happening is that when i configure to reroute all mails from ms_admin@domain.com.uy to domain.sbr, it looks like is using domain.sbr domain to do the dns checking and of course it does not exist, so i get a undeliverable message in return.

If i try sending an email from any other user that will use the regular Send Connector it will work perfectly. Even if i change the configuration file to another user, the user with the dns problem, will start using the "Default" send connector and will work fine.

How can i configure it so it will not do the dns cheking with the Changed domain.

Delivery has failed to these recipients or groups:

testmail@gmail.com (testmail@gmail.com)
The domain name in the email address is incorrect. Check the address.






This is the email that is getting bouced:


Diagnostic information for administrators:

Generating server: EXCH2013.domain.com


testmail@gmail.com
 Remote Server returned '554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain'


Original message headers:
Received: from EXCH2013.domain.com.uy (2002:900:f9::900:f9) by
 EXCH2013.domain.com.uy (2002:900:f9::900:f9) with Microsoft SMTP Server (TLS)
 id 15.0.1210.3; Wed, 26 Oct 2016 17:32:44 -0300
Received: from EXCH2013.domain.com.uy ([fe80::54e:cad4:d1ff:a8da]) by
 EXCH2013.domain.com.uy ([fe80::54e:cad4:d1ff:a8da%12]) with mapi id
 15.00.1210.000; Wed, 26 Oct 2016 17:32:44 -0300
From: Name Lastname <ms_admin@domain.com.uy>
To: "testmail@gmail.com" <testmail@gmail.com>
Subject: prueba con ABP
Thread-Topic: prueba con ABP
Thread-Index: AQHSL8gatvRIUOVqj06h8wCfqoMLsQ==
Date: Wed, 26 Oct 2016 20:32:43 +0000
Message-ID: <1477513963759.71004@domain.com.uy>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [::1]
Content-Type: multipart/alternative;
      boundary="_000_147751396375971004domaincomuy_"
MIME-Version: 1.0

Any Ideas?

Thanks in advanced !!

MS

Search

Add X-Forwarded-For to Email Header

September 22, 2016, 11:16 pm
$
0
0

Hi,

I managed to forward client IP using X-Forwarded-For HTTP header from Citrix NetScaler LB to Exchange.

Is there a way for Exchange MBX+CAS to take this info and add it to the message header? I found ways to add it to IIS log. But that's not sufficient to trace back the message to the source client IP.

I'm running Exchange 2013 on Windows Server 2012 R2 (IIS 8.5). The X-Originating-IP is showing the LB IP.

TIA.



Question about SPF (Sender Id Agent)

October 27, 2016, 10:08 am
$
0
0

Hello everyone.

Messages from sender user@gup.energy.crimea.ru are rejected by Sender Id Agent. Reason is "MissingPRA". Sender IP address is:178.34.185.158. 

But according to mxtoolbox.com and nslookup SPF-record for this domain is correct and IP address mentioned below is permitted to send messages for this domain.

May be there is something not-obvious in Sender Id Agent altorithm?

Details (Get-AgentLog):

Timestamp       : 26.10.2016 11:31:25
SessionId       : 08D3F9E31C32B3F5
IPAddress       : 178.34.185.158
MessageId       : 
P1FromAddress   : user@gup.energy.crimea.ru
P2FromAddresses : {user@gup.energy.crimea.ru}
Recipients      : {user@domain.ru}
Agent           : Sender Id Agent
Event           : OnEndOfHeaders
Action          : RejectMessage
SmtpResponse    : 550 5.7.1 Missing purported responsible address
Reason          : MissingPRA
ReasonData      : No valid PRA
Diagnostics     : 
NetworkMsgID    : 00000000-0000-0000-0000-000000000000
TenantID        : 00000000-0000-0000-0000-000000000000


SenderIDStatus SoftFail

October 27, 2016, 1:00 pm
$
0
0

Hello,

I have an exchange 20013 standalone.

I have setup senderid filtering, but I was wondering if there is a way to reject or quarantine an e-mail that has a softfail status. 

Thanks. 

Hybrid Exchange MX records

October 19, 2016, 10:22 pm
$
0
0
Would like to know where does the MX records point to ..in an hybrid exchange deployment.

Messages disappearing from postmaster

October 28, 2016, 1:33 pm
$
0
0

We currently have an Exchange 2013 server that hosts all roles for mail in our environment. In front of it we use a product called Modusgate to do our spam/virus filtering. 

Lately (at least the last week), the quarantine report that gets generated by modusgate hasn't made it to the users mailbox. If i go into their software and manually generate it , it comes through no issue. I figured it was an issue with them so i overrode the settings and had it send me the report at the same time as the original user. However the next day when i should have gotten it, i couldn't find it and the user didn't get it either. I manually kicked it off and recieved it right away. 

So here is the odd part I'm struggling with. The support on the spam filter was able to see in the logs where the message that was scheduled was said to be handed off to our mail server. However if i use the EAC and do delivery reports, any message from postmaster doesn't show up at all so i can't tell where these messages went. 

I've checked both the junk mail/quarantine folders in Outlook just in case but no where to be found. I would still think it would show up as delivered in the EAC report. 

Any ideas ? 



exchange 2010 5.7.3 authentication unsuccessful

October 31, 2016, 11:44 pm
$
0
0

hello everybody,

our customer has a web server hosted outside our organization and on-promise exchange 2010 server,

they have a "donation" website, any external user can receive a bank account number in his email by typing his email and then " submit.

but they receive this error message 

An error has occured while sending the email:
535 5.7.3 Authentication unsuccessful"

how to deal with this issue? please help

Mohammad Naji senior exchange administartor

Migrating a E2K13 server in one domain to a E2K10 setup in another domain

November 1, 2016, 1:00 am
$
0
0

Hi All,

Due to the fact that we bought a new company we need to migrate the E2K13 Exchange setup (The mailboxes) to our main E2K10 setup.

Now the migration of the mailboxes are easy. But due to the fact that we can't migrate all mailboxes at once we need to keep the mail flow running. And the E2K13 Exchange server will be receiving the mail from the Internet. So the question is how to be able to deliver the mail to the mailboxes that we already moved to the E2K10 enviroment in the other domain (the migrated users will still have their SMTP domain attached to them) and also ensure that the users can send mails to all users in both enviroments ??

/Strunk

Search

A Bit Confused on Security Certificates for Client Front End Receive Connectors

November 1, 2016, 12:32 pm
$
0
0

Hey guys. In my environment I encourage anything that needs to use authenticated relay to hit my mail servers over port 587 on the client front end receive connectors. With these clients, I always have them specify the option to use SSL/TLS and everything always goes through fine. Up to this point I have always assumed that these connectors were using the default SMTP certificate to encrypt any communications between clients and the connectors (I can also say I made the same assumption about how the default connectors on port 25 do this)

I stumbled across this article:

http://exchangeserverpro.com/configuring-the-tls-certificate-name-for-exchange-server-receive-connectors/

Which implies that you actually have to set the certificate for each receive connector. When I do a Get-ReceiveConnector it shows the TLSCertificateName as blank (which could very well mean to just use the default certificate).

Could somebody please clarify, are my receive connectors using my default certificate (which I have replaced with a comercial, public CA provided certificate) or are my clients just sending unencrypted traffic? I would find it hard to believe that they are sending unencrypted because I never get any errors when I specify that they need to use encryption, and I am presented with a starttls option when I telnet to my servers over port 587. But all that being said, I would like to get a second opinion. Thanks all

Hybrid Exchange change SMTP issues

November 1, 2016, 6:43 am
$
0
0

Hi Gents,

Is it possible to change a user account in a Hybrid Exchange?
User married and wants a name change.

I've tried to replicate the situation with a test account.

AD User -> Exchange Mailbox -> Move towards Exchange Online.

Set-MsolUserPrincipalName –UserPrincipalName tests@domain.com -NewUserPrincipalName testm@domain.com

Changed the following :

- Targetaddress towards new UPN
- Proxyaddress add the new UPN as SMTP
- AD Attribute Mail

I'm able to relay mail towards the new UPN and back, but still shows the old Displayname and SMTP address.
Also im afraid this impacts the users SSO experiance alot.

Could you please advise?

Thank you for taking my question into concideration.

Mark

New Office365 Setup and Old Mail Server/Domains

November 2, 2016, 9:45 am
$
0
0

We've recently moved our company onto the Office365 platform and this is our first foray into using Exchange.  For the most part everything is set up and functioning properly with our main company domain.

However, for a variety of reasons, we have kept our old mail server running as we need it for sending automated emails from our many legacy domain names.  (Moving these domains to Office365 was not an option due to sending limits and services like MailGun and MailChimp haven't worked out for us)

An issue is we have many clients and old newsletter subscriptions that still send mail to our old legacy domains which end up on our old server.  For now, we have all these old accounts simply forwarding to their appropriate Office365 account.  This is working but we have to check multiple spam filters and other aggravations have arisen.  We're wondering if there's a better way to set this up?

So, what we need is the old server to stay running with legacy domains for our automated processes to use to send.  But, we want incoming mail for legacy domains to route to Office365.

Thanks for any suggestions.


Missing internal emails

October 18, 2016, 1:19 pm
$
0
0

I just encountered an odd issue. I one of my users emailed two emails to another internal user, and the recipient didn’t get either of the emails. I went through the logs, and I was able to track the messages through the mail server. I even saw an indication that the email had been delivered. However, the user who was sent the email reports that he never saw the email. I have looked through his mailbox and did not see the email. He has not emptied his deleted items, and I don’t think he would go through the process of deleting one email.

 

Does anyone have any thoughts on what could have happened or ideas of where else I can look?

 

Thank you,

 

Andy

Andy Richards

migration Lotus Notes to Exchange, how to migrate confidential emails (in LN encrypted)

December 5, 2014, 1:50 am
$
0
0

Hi,

we're investigating a migration of Lotus Notes to Exchange. One issue is the migration of encrypted mail. How to keep them confidential in Exchange?

We have users like a secretary that has read/write access to a mailbox of a manager. If another user mails the manager with confidential information, he encrypts it in LN before sending it, so only the mailbox owner can open the message. Is this possible in Exchange 2013 and in Exchange online? Heard that you can set things via IRM, but that with Outlook web access the secretary can set the manager's mailbox as primary and than will be able to open the confidential email....

best regards,

Hans

Configure Mail Flow from Exchange 2013 to Exchange Online

November 4, 2016, 1:42 am
$
0
0

Microsoft Office 365 Hybrid Configuration Wizard

Selecting "Configure my Edge Transport servers for secure mail transport" option.

The wizard finished with the following:

Your Exchange Hybrid Configuration has completed but a few items need to be addressed or potentially configured manually. Please see the details below.

Configure Mail Flow

HCW8056 - Receive connector on the following Edge Transport servers need to be manually configured: EdgeServer.

Set-ReceiveConnector -Identity <Name of internet-facing connector> -TlsDomainCapabilities mail.protection.outlook.com.AcceptOorgProtocol -Fqdn CASserver

When I run the comdlet, I received this error:

Cannot process argument transformation on parameter 'TlsDomainCapabilities'. Cannot convert value
"mail.protection.outlook.com.AcceptOorgProtocol" to type
"Microsoft.Exchange.Data.MultiValuedProperty`1[Microsoft.Exchange.Data.SmtpReceiveDomainCapabilities]". Error: "Failed to convert mail.protection.outlook.com.AcceptOorgProtocol from System.String to
Microsoft.Exchange.Data.SmtpReceiveDomainCapabilities. Error: Error while converting string
'mail.protection.outlook.com.AcceptOorgProtocol' to result type Microsoft.Exchange.Data.SmtpReceiveDomainCapabilities:
"mail.protection.outlook.com.AcceptOorgProtocol" isn't a valid list of SMTP Receive domain capabilities."
    + CategoryInfo          : InvalidData: (:) [Set-ReceiveConnector], ParameterBindin...mationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-ReceiveConnector
    + PSComputerName        : casServer

Please help.

TIA

Out of Office Replies are not being generated

November 4, 2016, 2:14 pm
$
0
0
We have an exchange 2013 server that is on the latest update. Right now anyone on the exchange server the out of office reply is not working externally. I have tried from several different accounts. the Alloweed OOFType is enabled and everything looks to be working but it doesnt look like it is being generated. We have the server connected to a fortimail smarthost but it doesnt look like the message is even getting to that part.
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/1/16 20:4610.1.1.1710.1.1.17;250 2.0.0 OK;ClientSubmitTime:Intra-Organization SMTP Send ConnectorSEND7.84605E+13<CABWzOn-g4FSBim7a2n44VEyiUzkHPmwCFFM-4a6iCKqMXFPedw@mail.gmail.com>System.String[]System.String[]71731Re: testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming2016-11-02T02:46:02.085Z;LSRV=MSS-EXCH01.mss84.com.local:TOTAL-HUB=0.78100:01.0LocalServerSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 12:14No suitable shadow serversHAREDIRECTFAIL7.87353E+13<CABWzOn8yo0eaW69gNKAiYRrvDPiZi8TouzokR7t2vLdj7rY9Kw@mail.gmail.com>System.String[]System.String[]37461testingtraviss1989@gmail.comtraviss1989@gmail.comIncomingNoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 12:1410.1.1.1710.1.1.1708D3FD4CC73566B3;2016-11-04T18:11:07.607Z;0MSS-EXCH01\Default MSS-EXCH01RECEIVE7.87353E+13<CABWzOn8yo0eaW69gNKAiYRrvDPiZi8TouzokR7t2vLdj7rY9Kw@mail.gmail.com>System.String[]System.String[]37461testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming208.97.48.410cA: NoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 12:14AGENTINFO7.87353E+13<CABWzOn8yo0eaW69gNKAiYRrvDPiZi8TouzokR7t2vLdj7rY9Kw@mail.gmail.com>System.String[]System.String[]56621testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming208.97.48.41NoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 12:1410.1.1.1710.1.1.17;250 2.0.0 OK;ClientSubmitTime:Intra-Organization SMTP Send ConnectorSEND7.87353E+13<CABWzOn8yo0eaW69gNKAiYRrvDPiZi8TouzokR7t2vLdj7rY9Kw@mail.gmail.com>System.String[]System.String[]57321testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming2016-11-04T18:14:48.951Z;LSRV=MSS-EXCH01.mss84.com.local:TOTAL-HUB=0.74900:00.8LocalServerSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 14:26No suitable shadow serversHAREDIRECTFAIL7.87439E+13<CABWzOn-s5WZ8HZ16PTqWPnup1vM9VP2Z8CguRFDOevx3QeQkjg@mail.gmail.com>System.String[]System.String[]37571testingtraviss1989@gmail.comtraviss1989@gmail.comIncomingNoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 14:2610.1.1.1710.1.1.1708D3FD4CC73568B8;2016-11-04T20:19:25.848Z;0MSS-EXCH01\Default MSS-EXCH01RECEIVE7.87439E+13<CABWzOn-s5WZ8HZ16PTqWPnup1vM9VP2Z8CguRFDOevx3QeQkjg@mail.gmail.com>System.String[]System.String[]37571testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming208.97.48.410cA: NoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 14:26AGENTINFO7.87439E+13<CABWzOn-s5WZ8HZ16PTqWPnup1vM9VP2Z8CguRFDOevx3QeQkjg@mail.gmail.com>System.String[]System.String[]57771testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming208.97.48.41NoneSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
mss-exch01.mss84.com.local2412ed1b-0fed-478f-af51-82f5c20ac871FALSE11/4/16 14:2610.1.1.1710.1.1.17

;250 2.0.0 OK;ClientSubmitTime:

Intra-Organization SMTP Send ConnectorSEND7.87439E+13<CABWzOn-s5WZ8HZ16PTqWPnup1vM9VP2Z8CguRFDOevx3QeQkjg@mail.gmail.com>System.String[]System.String[]58471testingtraviss1989@gmail.comtraviss1989@gmail.comIncoming2016-11-04T20:26:31.396Z;LSRV=MSS-EXCH01.mss84.com.local:TOTAL-HUB=0.40600:00.5LocalServerSystem.Collections.Generic.KeyValuePair`2[System.String,System.Object][]
Search

exchange2013 IMAP SEARCH can support any other charset?

November 5, 2016, 2:25 am
$
0
0

I executed the command to exchange2013 imap service :

A2 SEARCH CHARSET UTF-8 SUBJECT "something"

server response :

NO [BADCHARSET (US-ASCII)] The specified charset is not supported.

ExhangeIMAP SEARCH can support any other charset?

how can I configure exchange to support UTF-8 or GBK?

Prevent disclaimers from collating at bottom of email chain

May 5, 2014, 1:19 pm
$
0
0

Looking to append each reply with disclaimer vs. all at the bottom.

Thanks.

 

From: user1 (Mars)
Sent: Monday, May 05, 2014 1:20 PM
To: user2 (Earth)
Subject: All at the bottom disclaimers

 

Example


User1 (Mars)
Helpdesk1


User2 (Earth)
Helpdesk2


User1 (Mars)
Helpdesk1


List of who received a message to a dynamic distribution group?

June 1, 2016, 8:48 am
$
0
0

I just created a dynamic distribution group in Exchange 2013.  When I run:

$FTE = Get-DynamicDistributionGroup "groupname"

And then run this:

Get-Recipient -RecipientPreviewFilter $FTE.RecipientFilter | out-file c:\group.txt

It returns the correct mailboxes as members of the group, however at least 1 user did not get the first email that was sent to the group. I have no idea who else did not get it.

How can I figure out who actually got the message?

I have tried get-messagetrackinglog using the messageID, but that did not show the recipients.

I also tried Delivery Reports tab in ECP, it returned nothing at all from the sender.

I ran this:

Get-ExchangeServer | Get-MessageTrackingLog -ResultSize unlimited  -Start “5/31/2016 13:30:00” -End “5/31/2016 14:00:00” -Sender “mysender@mydomain.com” | format-table -wrap -autosize | out-file c:\track.csv

I got some results with that, but it’s a mess to read & still does not give me a simple list of those who actually got the message.

Any other suggestions?

Thx

Receive connector - Allow only one account

November 7, 2016, 10:12 am
$
0
0

I need to create a recieve connector which only allows one domain account the ability to relay externally. The account will authenticate from many different IP's

I created the connector. If I allow "Exchange Users" in the Permissions Group I am able to relay as that account, including other domain accounts (as expected).

I tried setting security on the connector Get-ReceiveConnector "EX13CA\External-Relay" | Add-ADPermission -User "DOMAIN\AllowRelayAccount" -ExtenddRights "ms-Exch-SMTP-Accept-Any-Recipient". I then removed the group permission for "Exchange Users". I tried sending mail as AllowRelayAccount and I get  "The Server Response was not available".

How can I restrict this connector to just a single account?

Thanks

How to Block Some Users from External URL and Allow Managers only.

November 7, 2016, 3:33 am
$
0
0

Hi Floks,

I have a scenario where i have to block OWA/ActiveSync/OutlookAnyWhere access to all Users except Managers. Only Managers can access email from outside of the Org rest of people will access only from office.Looking for any advise from experts.

regards.

Shakir

Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>