Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

Delivery Report (Pending)

May 28, 2014, 3:57 am
$
0
0

I'm having some issues with some emails in a pending state and I can not see why?
on the delivery report I get the following: -

Pending 27/05/2014 17:31 ExchangeServer1.domain.local The message has been transferred from ExchangeServer1.domain.local to ExchangeServer2.domain.local. 28/05/2014 09:27 ExchangeServer1.domain.local No further information is available about this message because the logs are no longer available.

Most of the recipients received the email but there are 7 that are on Pending?

Any ideas on how to track why these are set to pending?

Matthew John Earley BSc (hons) || www.o0MattE0o.myby.co.uk


Search

EOP: Set spam confidence level does not move message to junk email

May 28, 2014, 3:08 pm
$
0
0

We have recently been migrated to Microsoft EOP from FOPE. We have a transport rule that gives a spam message an SCL of 7 and prepends the subject line with "SPAM:". I know that the transport rule is working because I see the SCL value in the header as 7. I have the set-organizationConfig SCLJunkThreshold set to 5. If I get-mailboxjunkemailconfiguration for a mailbox it shows enabled is true.

I can't figure this out.

Best Practice on Not Exposing your internal FQDN to the outside world

May 27, 2014, 8:43 am
$
0
0

Exchange server 2010, sits in DMZ, internet facing. The server is currently using the Default Receive Connector. This exposes the internal fqdn to the outside world (ehlo). Since you should not (can't) change the FQDN on your Default Receive connector, what is the best practice here?

The only solution I can see is the following:

1. Change the Network on the Default Receive Connector to only internal IP addresses.

2. Create a new Internet Receive Connector port 25 for external IP addresses (not sure what to put in Network tab?) and use my external FQDN for ehlo responses (e.g. mail.domain.com)

3. What do I pick for Auth and Permissions, TLS and Annoymous only?

Michael Maxwell

Exchange Server 2013: incoming messages are not delivered into user mailboxes occasionally

June 27, 2013, 10:35 pm
$
0
0

Exchange Server 2013 CU1, two mailbox servers (DAG, only one mail database), two CAS servers (NLB cluster). Two Sendmail/CentOS-based SMTP relays route mail between Exchange servers and Internet (incoming mail is routed to NLB cluster name).

Usually mail flow is OK: messages are sent and received normally. However, I've got several complains from different users. They state that occasionally they don't receive messages that were sent to them from outside. Tomorrow morning I've decided to investigate the issue.

So, we have a message sent from Gmail account that was not delivered in user mailbox. It was received and routed to Exchange by Sendmail host:

Jun 27 22:06:37 MX01 sendmail[12169]: r5RG6HC8012166: to=<USER_ADDRESS>, delay=00:00:19, xdelay=00:00:19, mailer=smtp, pri=124702, relay=NLB-FQDN [NLB-IP], dsn=2.0.0, stat=Sent (<CAHgK_sjEkj41htuVsutMP3XhgR5RRDs8-EgSC-UfHoaiHWFj=A@mail.gmail.com> [InternalId=13069585481819] Queued mail for delivery) 

Running Get-MessageTrackingLog applet on the mailbox servers displayed the followed log entries for the message:

DB Server #1:

    22:11:18 HAREDIRECT

    22:11:18 RECEIVE

    22:11:18 AGENTINFO

DB Server #2:

    22:11:18 HARECEIVE

    22:12:44 HADISCARD

So, we can see that the message was placed into shadow queues, but was NOT delivered into mailbox (no DELIVER status entries). Also pay attention to the timing. Time on all the servers is in sync, but Sendmail timestamp is 22:06, and Exchange timestamps are 5 minutes behind it.

Today a message sent to the same address from the same Google mailbox was received by Exchange and placed into user mailbox with no glitches.

We use Exchange antispam system activated on Exchange mailbox servers. Spam is never dropped silently. It is either returned to sender (SCL 9) or placed into quarantine mailbox (SCL 6 and above). I'm pretty sure that the lost message was not in the quarantine mailbox this morning, and the sender didn't receive any NDRs.

Any ideas what to investigate next?


Drop messages in queue that have a blank sender

May 28, 2014, 3:06 pm
$
0
0

I'm getting hundreds of messages in the Queue where the From Address is < >. 

Do I just let these build up or is there a setting somewhere that would just drop the message if it has a blank sender?

Here is an example of one that I've received;

Identity: Pebbles\512\21474838371
Subject: Undeliverable: MUST READ: Vehicle's Below Kelly-Blue-Book*
Internet Message ID: <1ca164f3-6423-4aa3-9574-a5124e61d827@mydomain.com>
From Address: <>
Status: Ready
Size (KB): 10
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 5/27/2014 11:51:09 AM
Expiration Time: 5/29/2014 11:51:09 AM
Last Error: 400 4.4.7 Message delayed
Queue ID: Pebbles\512
Recipients:  Notification9334@carforcheap0821.us;2;2;[{LRT=};{LED=400 4.4.7 Message delayed};{FQDN=};{IP=}];0;CN=outbound,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT)....

1 email server in domain; Exchange 2013 sp1/Win2012 Standard

PennyM

Can't send mail to AOL!

May 29, 2014, 11:50 am
$
0
0

I have been trying to get mail flowing to AOL for months now.... I finally managed to figure out how to get an SMTP log from my send connector. The log contained the following:

attempting to connect
,+,,<,220-mtaig-mbc05.mx.aol.com ESMTP Internet Inbound,<,220-AOL and its affiliated companies do not,<,220-authorize the use of its proprietary computers and computer,<,"220-networks to accept, transmit, or distribute unsolicited bulk",<,220-e-mail sent from the internet.,<,220-Effective immediately:,<,220-AOL may no longer accept connections from IP addresses,<,220 which no do not have reverse-DNS (PTR records) assigned.,>,EHLO mail.<REMOVED>.net,<,250-mtaig-mbc05.mx.aol.com,<,250-STARTTLS,<,250 DSN,>,STARTTLS,<,220 2.0.0 Ready to start TLS,
*,,Received certificate
*,1F75F1B43AEDCCA6B206A8D8CA35D87FC37F7A95,Certificate thumbprint>,EHLO mail.<REMOVED>.net,<,554 The security certificate was issued by a company you have not chosen to trust.,>,HELO mail.<REMOVED>.net,
-,,Remote

It seems to not like the certificate on the AOL server.... How in the world do I fix this?

Thank You

Is there an Exchange 2013 DoD/Federal Message Clean/Spill Procedure?

May 29, 2014, 3:47 pm
$
0
0

I have seen DoD/Federal procedures to clean a message from early versions of Exchange (i.e. leakage/spill), but these procedures would not work for Exchange 2013.

I know that in the past Microsoft has worked with DISA & NSA to develop a message clean procedure for older versions of Exchange.

Is there a published procedure or best practice to clean a message from Exchange 2013 that meets DoD/Federal standards?

Thanks

Tom

Thomas Talley

Wrong RejectMessage when using transport rule on exchange 2013 edge server

May 29, 2014, 4:38 pm
$
0
0

Hi,

we are using Exchange 2013 SP1 (CU4) as an exchange edge server.

We configured our domain with an spf text record which works fine for senderId. But senderId only recognizes the email address of the "from:" header and not the "mail from:".

So we added a transport rule (which we already had working on an exchange 2010 edge server): 

New-TransportRule -Name SPF -HeaderMatchesMessageHeader Received-SPF -HeaderMatchesPatterns Fail -SmtpRejectMessageRejectText "5.7.1 SPF unauthorized mail is prohibited." -SmtpRejectMessageRejectStatusCode 550 -SenderAddressLocation HeaderOrEnvelope -StopRuleProcessing:$true

On exchange 2010 the reject message was: "550 5.7.1 SPF unauthorized mail is prohibited."

But now on exchange 2013 SP1 its: "550 TRANSPORT.RULES.RejectMessage; the message was rejected by organization policy"

so the SmtpRejectMessageRejectText isn't used in the output. I assume this is a bug, because we added the same transport rule as we had on exchange 2010 edge.

Does anybody have the same issue?

Best regards

Thorben

Search

Transport rule to block users from sending messages to their former email addresses

May 28, 2014, 10:09 am
$
0
0

Hi

 

I have an interesting ‘opportunity’ with a customer, where they are looking to provide email (Exchange Online) to retirees.  So with that in mind we have setup the domain retiredcompany.com on Office 365.   We have also setup redirects to send email sent to user@retired.company.com to office 365 mailboxes.  This all works fine.  email sent to user@retired.company.com gets routed to the appropriate inbox.

Now to complicate matters, when a user retires they will be moved to a cloud mailbox.  A forwarder will be placed on Exchange on-premises to forward user@company.com mail to the users retiredcompany.com mailbox.  Again all works fine.

The problem is that the customer wants to block the cloud user from sending messages to their user@company.com address.  This will be an issue when the user "replies all" to messages that contain their old user@company.com address.

 

Now I know I can use transport rules in Exchange Online, but I can't figure out a way to block this scenario without having to build a rule for each retiree, which will not scale.  I need a transport rule that will compare the username portion (left of @) of the senders address to the username portion (left of @) of any recipients address and block the message from being sent to that recipient when they match.

 

Notes:

We have structured the username to match the on-premises usernames, so the match should work.

The customer is fine with blocking messages if the users send messages to their old email addresses, so it's ok if we will intentionally be blocking some good messages.

The customer doesn't want the users to receive messages that they send unknowingly to an old email address that is being forwarded.

Exchange 2013 send mail through EOP

May 29, 2014, 1:30 am
$
0
0

We have Exchange 2013 CU3 organization (2 CAS servers and 2 mailbox servers) and about 40 accepted domains. We've configured incoming mails to go through EOP and be delivered to our on-premises Exchange. Now we need to configure outbound mail flow to go through EOP. We've seen that in Outbound connector on Exchange 2013, for Smart host we should enter our MX record, for example abc-com.mail.protection.outlook.com.

Since we have ~40 accepted domains and ~40 different MX record, what should we enter for Smart host in Outbound connector on our Exchange 2013? I didn't found anywhere that anyone mentions similar scenario.

Thanks

LED=441 4.4.1 Error encounteredwhile communicating...

May 29, 2014, 9:31 am
$
0
0

My problem is with mail flow.   If I go into the Exchange 2013 toolbox and open the queue viewer I can see over a hundred messages stacking up.  What do I do to stop these errors?

In the Queues tab under Last Error I see the following error; majority of these errors in the "From Address" is<>

"[{LRT=(date\time);{LED=441 4.4.1 Error encountered while communicating with primary target IP addrress; "Failed to connect. Winsock error code: 10060, Win32 error code 10060. Attempted failover to alternate host, but that did not succeed. Either the" (the rest of the error message is cut off)

Win2012/Ex2013 sp1

PennyM

Unsubscribe link

May 29, 2014, 2:47 am
$
0
0

Hi Guys

Pleas let me know if this can be achiveable

  1. we have a requirment that every outbound email should have a Unsubscribe link
  2. The Unsubscribe link should be applicable only for external domains
  3. Any user who clicks on Unsubscribe link; MS Exchange automatically prevent future email from being sent to that user
  4. Exchange administrator should have the ability to make changes to the unsubscribe list, if  required i.e., add/remove domains/users

 Let me know if this is possible using Exchange 2013, or should we look at 3<sup style="color:#1f497d;font-family:Calibri, sans-serif;">rd</sup> party software to accomplish this

Regards,

raghu

IPBlocklistProvider

May 30, 2014, 6:48 am
$
0
0

Hi

I installed the Exchange 2013 antispam Agent and configured spamhaus as IpBlockListProvider, using "Add-IPBlockListProvider -Name "Spamhaus" -LookupDomain "zen.spamhaus.org" -RejectionResponse "Source IP address is listed at the Spamhaus.org block list Provider"

I dont know if it works, because there are no Spamhaus entries in the AgentLog. Can anyone tell me why, or where I have to search.

Regards
Peter

Unable to automatically forward emails via smarthost which are sent from one specific external domain

May 30, 2014, 3:21 am
$
0
0

I am trying to auto forward external emails from Exchange 2007 via a send connector to a smarthost, the smarthost points at a CAS server hosting Exchange 2013, which in turn proxies the mail to the mailbox server running Exchange 2013.

Emails from gmail, hotmail, outlook.com and other domains are being delivered into the Exchange 2007 mailbox, being auto forwarded to a mail contact, which sends across the send connector and are being delivered to the appropriate mailbox on the Exchange 2013 server.

Emails sent from one domain in particular is failing with the following NDR SMTP error

#5.3.0 smtp;530 5.3.0 Too many related errors> #SMTP#

Does anyone have any idea as to what could be causing this error?

The queue on the Exchange 2007 server is showing the following error when trying to send email from this domain

Target IP address responded with: "421 4.4.2 Connection dropped."  Attempted failover to alternate host, but did not succeed.  Either there are no alternate hosts, or delivery failed to all alternate hosts.

As I recall, I have tried disabling AV and increasing the max protocol errors on the receive connectors on both Exchange 2013 CAS and Mailbox server, but neither have made any difference.

Wireshark trace shows 3 delivery attempts, but it eventually fails with the 5.3.0 error

Thanks for your help

certain extensions blocked

May 30, 2014, 9:18 am
$
0
0

The users regularly need to browse sites in the .uk   Also they email to the .uk extension.

I cannot figure out how to permanently allow such access and email usage.

I have added .uk to allow list but at first it worked and now it does not.

We are using Exchange 2010

Thanks,

Jay

Jay Doyle

Search

Exch 2013 Forwarding Mail from local account to External SMTP user

November 21, 2012, 11:53 am
$
0
0

New 2013 implementation... Two Servers (Front End and Back End) both running Exchange 2013.

I am having trouble sending a local AD Exchange mailbox mail to external SMTP address.  I have tried several options.. I have created an "contact" as was required in previous versions.  I have created new AD accounts with external SMTP addresses, I have also attempted to use the scriptlet:

Set-Mailbox -Identity "%AD-USER%" -DeliverToMailboxAndForward $true -ForwardingSMTPAddressexternaluser@mail.com  (%AD-USER% was actual AD Username/mailbox) andexternaluser@mail.com was actual receipient SMTP address (username@gmail.com)

Local AD Mailbox receives the mail appropriately however I have enabled forwarding everyway I know how and nothing seems to work.  If I send mail straight from my account to the destination SMTP address, they get it; just not if it is sent to the local AD account then forwarded via -DeliverToMailboxAndForward command...

Please help.. I have several users that I need to have their mail CC'd to an external SMTP address.. Previous versions of Exchange required a "Contact" to be created and then the mailbox forwarded to that contact, which had a SMPT mail address...

Im not adverse to implementing via powershell if I can just get it to work... Any suggestions are greatly appreciated and needed.

How to remove the GenerateIncidentReport action from a transportation rule

May 31, 2014, 1:23 pm
$
0
0
In Office 365 how do you remove the Generate Incident Report action from a rule? We enabled the reports during troubleshooting and now I would like to remove it from some of the rules. If I click the X to remove it in the EAC, I receive the fallowing error"You can't specify the IncidentReportContent parameter because the rule doesn't contain the GenerateIncidentReport action. You need to always provide GenerateIncidentReport when setting IncidentReportContent." I've also gone through the PS commands and I see how to set the values but no way to clear them via the command line. It sounds like it is a dependency issueto me and I very easily could be skimming over something simple. Right now the only solution I can piece together is to rebuild the rules which sounds less than appealing. 

How to get pst from Exchange 2007 server

May 7, 2014, 10:26 pm
$
0
0

Hi,

How to get pst from exchange server 2007 & 2010.

Regards

Anil

Exchange 2013 - DWG attachement (421 4.7.11 Message deferred )

June 2, 2014, 3:26 am
$
0
0

We use MSExchange Server 2013 standard

and we have problem with recieving e-mails with .dwg attachment from everywhere. This messages are in theQueue

of Exchange server and always gives the error below:

We tried make ZIP files from DWG, but it is the same problem

Identity: CALLISTO\Submission\17763984736359
Subject: FW: Odesílání e-mailu: b.dwg, c.dwg, d.dwg, a.dwg
Internet Message ID: <4B6E309ADA622C43BD2121BC5010A40850F1F64E@SBS2011.jaz.local>
From Address: petrjedlicka@jaz.cz
Status: Opakovat
Size (KB): 7520
Message Source Name: SMTP:Default CALLISTO
Source IP: 81.201.49.168
SCL: -1
Date Received: 2. 6. 2014 11:59:24
Expiration Time: 4. 6. 2014 11:59:24
Last Error: 421 4.7.11 Message deferred. The attempt to extract text timed out., tenant -
Queue ID: CALLISTO\Submission
Recipients:  servis@uniservis-hasek.cz;3;0;421 4.7.11 Message deferred. The attempt to extract text timed out., tenant - ;0; it@jaz.cz;3;0;421 4.7.11 Message deferred. The attempt to extract text timed out., tenant - ;0;

Any IDEAS? Thanks

How do "Scoped Send connectors" work in Exchange 2013?

June 3, 2014, 10:49 am
$
0
0

Scenario:

Exchange 2013 intersite DAG between 2 sites - LA and Chicago. Just deployed a virtual cisco IronPort appliance in Chicago and configured SEND connector to send mail to "SMART HOST (IP of Ironport) and all is well in Exchange "SEND-Land". 

We have a second virtual Ironport appliance in LA and heard about the "scoped send connector" setting that only allows transport servers from a specific site to send. Idea is to configure LA Ironport, create another SEND connector as "scoped" and add LA mailbox servers. Would this pretty much work? Idea is to minimize traffic traversing WAN to send email. Right now, all mailbox servers are added in single SEND connector and configured to send mail via SMARTHOST (IP of Ironport in Chicago). 

Thoughts? Thanks!

Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>