Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

Spam and antimalware

December 20, 2016, 11:21 pm
$
0
0

I am managing an Exchange Server 2013 with out any 3rd party spam- and malware software and I am receiving alot of spam, between 20 and 30 emails very day.

I have configured antispam and antimalware on my Exchanger server by following guides like

http://www.msexchange.org/articles-tutorials/exchange-server-2013/security-message-hygiene/anti-spam-and-anti-malware-protection-exchange-2013-part1.html

and

https://technet.microsoft.com/en-us/library/bb201691(v=exchg.160).aspx

Most messages have the same subject text and some are different. Most messages come from different email addresses.

Most of the messages also have a .zip, .doc or .jpg file attached. I have configured malware agent to reject such files, to scan inside the files but they still end up in the mailboxes.

Any cloes to stop the spam and malware?

Search

Receive connector sending bulk emails having issue

December 12, 2016, 2:41 am
$
0
0

Hi All,<o:p></o:p>

We have an Oracle ERP application which sends out bulk emails, I have created a separate receive connector for this , this application sends our bulk notification to all users, but we have found out after sending 10 to 20 emails it stops sending emails and throws our error<o:p></o:p>

On the oracle application this is the error which shows on logs <o:p></o:p>

SMTP transient error: 421 Service not available<o:p></o:p>

i am really confused of where to start from, is the problem from Oracle side or Exchange side? ,i feel it’s from the exchange side because the same application was working fine when we were in exchange 2010 now we have migrated to exchange 2013.<o:p></o:p>


TechGUy,System Administrator.

Opportunic TLS does not work

December 21, 2016, 7:08 am
$
0
0

Hello community,

 

our Exchange2013-server can not handle opportunistic TLS and I really don’t know why…everything I’ve found so far seems to be fine. Please help…thank you very much!

 

 

Exchange Version: 15.0 Build 1210.3

 

Our Firewall is configured as the Mailgateway.

 

Get-SendConnector * | Ft Identity,IgnoreSTARTTLS

gives one SendConnector back listed with FALSE.

 

Get-ExchangeCertificate | ft subject,services

Gives back two certificates for SMTP. One internal and our public wildcard-certificate – is it a problem that two certificates are enabled for SMTP?

 

The TLSCertificateName attribute was empty on Sendconnectors. I’ve changed this to the thumbprint of our public certificate - but no change.

 

C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpSend:

 ...

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,10,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-STARTTLS,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,11,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-X-ANONYMOUSTLS,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,12,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-AUTH
NTLM,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,13,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-X-EXPS
GSSAPI NTLM,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send Connector,08D4143AB830A2B0,14,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-8BITMIME,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,15,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-BINARYMIME,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send Connector,08D4143AB830A2B0,16,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-CHUNKING,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,17,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-XEXCH50,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,18,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-XRDST,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,19,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250
XSHADOWREQUEST,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,20,*InternalExchIP*:26966,*InternalExchIP*:2525,>,X-ANONYMOUSTLS,

2016-12-21T00:00:08.487Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,21,*InternalExchIP*:26966,*InternalExchIP*:2525,<,220
2.0.0 SMTP server ready,

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,22,*InternalExchIP*:26966,*InternalExchIP*:2525,*,,Remote
certificate

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,23,*InternalExchIP*:26966,*InternalExchIP*:2525,*,"CN=*.company.xx,
O=company AG, OU=IT, L=nirvana, S=neverland, C=xx",Certificate subject

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,24,*InternalExchIP*:26966,*InternalExchIP*:2525,*,"CN=XXX
CA - SHA256 - G2, O=CertAuth nv-sa, C=BE",Certificate issuer name

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,25,*InternalExchIP*:26966,*InternalExchIP*:2525,*,179765A42F6A43A80097A459,Certificate
serial number

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,26,*InternalExchIP*:26966,*InternalExchIP*:2525,*,2DBA3C3C149C146A6DXXXXXXXX92187A0954,Certificate
thumbprint

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,27,*InternalExchIP*:26966,*InternalExchIP*:2525,*,*.company.xx;autodiscover.company.xx;mail.company.xx;owa.company.xx;company.xx,Certificate
alternate names

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,28,*InternalExchIP*:26966,*InternalExchIP*:2525,*,,"TLS
protocol SP_PROT_TLS1_2_CLIENT negotiation succeeded using bulk encryption
algorithm CALG_AES_256 with strength 256 bits, MAC hash algorithm CALG_SHA_384
with strength 384 bits and key exchange algorithm CALG_ECDHE with strength 384
bits"

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,29,*InternalExchIP*:26966,*InternalExchIP*:2525,*,,Received
certificate

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,30,*InternalExchIP*:26966,*InternalExchIP*:2525,*,2DBA3C3C149C146A6DXXXXXXXX92187A0954,Certificate
thumbprint

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,31,*InternalExchIP*:26966,*InternalExchIP*:2525,>,EHLO
*internalExchDNS*,

2016-12-21T00:00:08.518Z,Inbound Proxy Internal Send
Connector,08D4143AB830A2B0,32,*InternalExchIP*:26966,*InternalExchIP*:2525,<,250-*internalExchDNS*
Hello [*InternalExchIP*],....

The Output of "Get-AuthConfig | Format-List " gives me a "CurrentCertificateThumbprint" I can't identify,
so I guess it does not exist anymore.
I was not able to change it to the current internal certificate as it is said:
"has a private key that is not exporable". -not sure if this is a problem.
Maybe I did more I can't remember right now...but I think this is all mentionable so far.

 

New send connector to partner (TLS) not working

December 21, 2016, 8:05 am

Edge server 2010 _ single user is not able to receive email from external domains

December 13, 2016, 1:58 am
$
0
0

Hi There,

We have Exchange 2010 Edge server and only one single user "username@domain.com" not able to receive email from external domains.

Error message copied from Event log:
recipient with routing address "username@domain.com" from the Active Directory failed with data validation error. The detail of the error is Microsoft.Exchange.Data.Directory.Recipient.NonUniqueProxyAddressError

Test-EdgeSynchronization -VerifyRecipient "Username@domain.com"
SyncStatus : Inconclusive
RecipientStatus : NotSynchronized - More than one recipient found in target Edge Server and may cause NDR on Edge server. RecipientStatus.ConflictO

1. We have used LPD.exe tool and did not find any duplicate email address in AD.
2. Also checked in through adsiedit.msc and found no duplicate email address.

After we modified the email address of that user "username1@domain.com"  that works fine, but if I modify it back to old email address issues again reoccur.

guys please help, I believe there is a stale entry in Edge server which is creating the issue, but we are unable to locate it and remove that.


Mail flow issue from On-prem to Office 365 urgent.

July 19, 2016, 2:22 am
$
0
0
In our Exchange 2013 Environment having two CAS & MBX servers: CAS: CAS01, CAS002
                                                  MBX:MBX01, MBX02
 
In MBX01 mails flowing to all recipient working properly.
 

From MBX02 the mails going only to office 365 migrated users from on prem getting stagged in queue and after bouncing back to the sender. other mails flowing through MBX02 is working properly.

I am to able to telnet MBX02 25,465

I checked the MBX02 Queue viewer logs it showing :

2016-07-16T00:03:09.644Z,1,QUEUE,MBX02\4104,Retry,DnsConnectorDelivery,domaingbl.mail.onmicrosoft.com,(domaingbl.mail.onmicrosoft.com)::1:1:57f5de:0::0:0:;,379,0,0,0,0,0,External,Normal,0,57f5deaa-339f-4a2f-9fde-65303ff1de99,,"451 4.4.0 Primary target IP address responded with: ""421 4.4.1 Connection timed out."" Attempted fail",,
2016-07-16T00:03:09.644Z,,SUMMARY,,,,,,,,,,,,,,,,,,TotalMessageCount = 379; PoisonMessageCount = 0,

 

Time being I am redirecting the mails from MBX02 to MBX01 using this shell command; Redirect-Message -Server MBX02 -Target MBX01.contoso.local

Please help me to resolve..

Sabarish B


Disclaimer and Outlook Stationery Issue

December 17, 2013, 12:12 pm
$
0
0
We have the disclaimer rule issue that is explained in kb2896304.  With the disclaimer rule enabled (and no matter how it is configured, how the text is formatted, etc.), when someone sends an email from Outlook and they have some stationery theme (background image) configured, a square picture of the background is inserted at the beginning of the email and everything winds up pushed down below it when the recipient reads the email.  So it initially appears to be a blank email but if you scroll down you can then see the text (followed by the appended disclaimer).  The above kb article describes it perfectly but refers to this as being a problem in Exchange 2010 and is addressed (fixed) in RU3 for Exchange 2010 SP3.  The problem for me is that I am experiencing the exact same issue but I have Exchange 2013 with CU2.  CU3 is out for Exchange 2013 and so just in case this was fixed in CU3 for Exchange 2013 but they just didn't mention it, I did install CU3 on my Exchange server (in a VM test sandbox) but the problem still exists.  Nothing in the kb article nor anything I found elsewhere describes the root cause of this problem so I'm at a loss as to what to do at this point.  This is obviously not too big of a deal since it only happens when people use some Outlook theme.  But the cause is not apparent to the users and they would never suspect that it has to do with the disclaimer statement.  Also, the sender would never know that it is happening since it is only a problem seen by the recipient (after the disclaimer rule has manipulated the email).  Has anyone seen this issue in their 2013 environment as well?  If so, have you found any workaround or any more information about it?

Accept com and co.uk emails to same server

December 23, 2016, 1:20 am
$
0
0

Hi All

Our email addresses are currently all .co.uk to match our web domain.

However, we have now acquired the .com domain also and I was wondering if it was possible to route mail to our server and somehow accept the mail substituting the suffix .com with .co.uk

I am guessing I can add aliases to each mailbox but wondered if I could somehow apply a global rule?

Thanks

Search

Message Tracking Log shows a calendar event is process instead of deliver

December 22, 2016, 11:30 pm
$
0
0

User sent a calendar event to 5 recipients in the same Exchange organization. 1 of the recipients says he didn't receive the event. Message tracking log shows 4 of them with last event "DELIVER". But 1 one didn't receive the event has last event "PROCESS".

What is PROCESS means?

Sendconnector changing port not working

December 19, 2016, 2:47 am
$
0
0

Hi,

I have changed my sendconnector port to xx. and i have also changed receive connector port to anonymous inbound connection, and now it works perfectly. But when i change sendconnector/smtp to another port, then won't working (It's work perfectly by default). What to do I have changed sendconnector with this cmd, and firewall also is ok.

Set-SendConnector -Identity "XXXXXX" -Port XXXXX

regards 

Zlatan

How to check Load Balacer IP address in Exchange

December 26, 2016, 1:55 am
$
0
0

Hi All,

We are using Exchange 2013 servers as 2 mailbox server's and 2 CAS servers.

We are using F5 load balancing for exchange, My security team introduced new F5 for F5 failover purpose.

My security Team configured new F5 with existing active F5 settings.

We are testing F5 IP address using client host file for outlook and owa connectivity

My question is How to check F5 IP or client IP address in exchange to confirm New F5 functioning properly.

I have checked IIS logs under path C:\inetpub\logs\LogFiles\W3SVC1 but there is not showing New F5 or client IP address.

Please help out on this.

Thanks & Regards, Kumar N

Emails from Exchange 2010 to Exchange 2013 showing in Unreachable Queue

November 21, 2016, 3:34 am
$
0
0

I have installed Exchange 2013 in the Exchange 2010 environment and created some test users and didn't notice any issues.

After initial testing I have moved some of the production mailboxes from Exchange 2010 to Exchange 2013, intermittently i see that emails from Exchange 2010 users for Exchange 2013 users are stuck on Exchange 2010 HUB servers in a Unreachable Queue.

Initially it was showing DNS error , SMTP SEND error in the Last Error, but now it doesn't show anything and the emails sit in Unreachable Domain.

I checked different DNS options etc, it only works when I bounce the AD Topology Service on the HUB Server.

After bouncing the service if i check, then i can see the "Hub Version 15" queue showing and the emails are delivered to the Exchange 2013 mailboxes.

Not sure what is causing the problem as I checked both the Exchange 2010 and Exchange 2013 servers are in the same subnet and also they are in Same AD Site.

Can anyone helpme with this, i cannot proceed with the migration before I resolve this issue.

mdimthyas

TLS Function

December 27, 2016, 11:54 pm
$
0
0

Could you please help to understand the TLS Function is Send/Receive connector in exchange

and what would be the impact if enable in our organization exchange

Exchange 2013 quit receiving in the mailbox after new ssl certificate

December 28, 2016, 5:06 pm
$
0
0

Exchange 2013 quit receiving in the mailbox after new ssl certificate. The emails get to the server as they are logged but are never seen by the user both on the owa or outlook. All the test were performed using the microsoft analyzer and all is good.

The users can send but when someone sends emails to them it bounces with the following:

me@domain.com
Remote Server at db01 (10.100.195.14) returned '400 4.4.7 Message delayed'
12/29/2016 12:45:21 AM - Remote Server at db01 (10.100.195.14) returned '441 4.4.1 Error encountered while communicating with primary target IP address:"Failed to connect. Winsock error code: 10061, Win32 error code: 10061." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 10.100.195.14:475'

Any help on this? I've been trying and cannot find any issue... for sure I'm missing something!

Help!

Email stuck in inbound Queue Exchange 2013

April 11, 2013, 12:36 pm
$
0
0

I am so close I can taste it! Argh.

I just built a new 2013 server, I can send outbound to domains fine, but when I try and reply I'm seeing the email stuck in the queue.  I'm running this on a server 2012 box.  all the BPA's seem to be checking out fine.

I'm new at this, sorry and thank you for those who assist!

Jeff

Search

How a single exchange on a domain can be use by other domains

December 29, 2016, 12:51 am
$
0
0

Subject: How a single exchange on a domain can be use by other domains ?

Dear all,

first of all thanks a lot for visiting for this question.

firstly I present current layout.

1) I have a domain .  e.g.,      

      domain name: domainA.B.C  ,  

     Exchange Server 2013 FQDN:     EXS.domainA.B.C  (192.168.1.5)

     domain controller is   :     DC.domainA.B.C     (192.168.1.1)

     IP range:     192.168.1.0/24

    users examples:       Umer@domainA.B.C,  Ali@domainA.B.C  

2) I have other 10+ independent sites  with different domain and different IP range. 

all sites connected though VPN. and can ping each other.

 

sites configuration example.

2.1) site1 

          domain name :     domainE.F

          Domain controller name:     DC.domainE.F  (192.168.2.1)

         IP range :   192.168.2.0/24

         user example:    Ahmed@domainE.F ,    Fahad@domainE.F , ....




now situation is that

my Main Office has only exchange server 2013 installed and all users and department on main office have their emails.

Q1: I want other sites use this exchange server (MXS.domainA.B.C) .

Q2: what are possible methods can be ?

Q3:  can I use single Exchange server (MXS.domainA.B.C) to store mailboxes of other sites and other sites use this Exchange server with their user names.

    Ahmed@domainE.F ,    Fahad@domainE.F   but in  MXS

what I tried :

I added "accepted domain" as "domainF.E"

I added emails policy and add email address format  "smtp@domainF.E" and applied

but I could not find way to add mailbox Ahmed@domainE.F ,    Fahad@domainE.F 

and what else I need to do and why i don't find domain: "domainE.F" in "MXS.domainA.B.C" mailbox ?

Thanks a lot in advance for helping me.



note: 

1) all networks (192.168.1.0/24, 192.168.2.0/24, ..... ) can ping each others.
2) all domains are separate. does not belong to single forest.  in other words there were separete sites and now connected thorugh VPN and can ping back and forth.




550 5.1.1 User unknown

December 29, 2016, 1:59 am
$
0
0

Hello,
I have received "550 5.1.1 User unknown" error when I send mail from external mail (such as gmail) to my one of users. (user1@contoso.com)

This problem exists only in one user. Everything is okay with other users.

After uncheck "Block messages sent to recipients that do not exist in the directory" on Recipient Filtering on the "Edge Transport Server" my problem is solved.

My Question is:
if the user (user1@contoso.com) exists in my AD then why I received "550 5.1.1 User unknown" error?
Why I should uncheck "Block messages sent to recipients that do not exist in the directory"?
I don't want to uncheck that settings.

My Environment:

Two Mailbox Server (Exchange 2013 CU13);

One Edge Transport Server (Exchange Server 2010);

I have installed Anti-spam and anti-malware on Mailbox servers.

Thank you for your help...


Exchange 2013 logs for troubleshooting mailflow

December 29, 2016, 4:10 am
$
0
0
Hi All,

We have created an receive connector on exchnage 2013 CAS server, for an application which uses to connect through IMAP to fetch email from the mailbox ,the problem is there has been some delay with the application sending emails ,we need to troubleshoot this issue from exchange side ,for this i wanted to know which logs do i need to check .

TechGUy,System Administrator.

Exchange 2013 Database Growth

December 31, 2016, 11:15 pm
$
0
0

Hi 

We have 2 Exchange mailbox, and 2 CAS

I need to increase the exchange mailbox disks storage 

So I will  need to get exactly how the exchange mailbox databases size increased last year or last 2 year 

then I can know how much size should be increased 

Mahmoud

Exchange 2013 moderation email tracking log

January 3, 2017, 3:37 am
$
0
0

Dear Partner,

We have Exchange 2013 , We got in Mail flow two massages are pending and not received to mailbox user.

Based on Microsoft the about Pending :   If message delivery is pending because a message meets the criteria for an organization-wide rule or policy or because it’s subject to message approval, the status message explains what action a rule is performing or that the message must be approved by a moderator before delivery.

The Owner message sent to user normal email .

We need tracking log if this massage moderation or not ?

https://technet.microsoft.com/en-us/library/dd297936%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396

https://technet.microsoft.com/en-us/library/jj150554(v=exchg.150).aspx

Regards

Magdy

Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>