Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

TLS on Exchange 2010

June 6, 2013, 3:40 am
$
0
0

I have been trying to setup TLS on exchange 2010 using a public certificate. but when I perform a TLS check I get an error because of the exchange self-signed certificate.

Please find result of the test below:

Checking hmtadmin@deloitte-mu.com

looking up MX hosts on domain "deloitte-mu.com"

  1. *******.deloitte-mu.com (preference:20)

Trying TLS on **********.deloitte-mu.com[196.192.8.61] (20):

seconds test stage and result
[000.870]Connected to server
[001.157]<--220 <local hostname>.deloitte-mu.local Microsoft ESMTP MAIL Service ready at Thu, 6 Jun 2013 14:35:41 +0400
[001.157]We are allowed to connect
[001.158] -->EHLO checktls.com
[001.454]<--250-<local hostname>.deloitte-mu.local Hello [69.61.187.232]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
[001.454]We can use this server
[001.455]TLS is an option on this server
[001.455] -->STARTTLS
[001.748]<--220 2.0.0 SMTP server ready
[001.749]STARTTLS command works on this server
[002.366]Cipher in use: AES128-SHA
[002.366]Connection converted to SSL
[002.427]
Certificate 1 of 2 in chain:
subject= /CN=<local hostname>
issuer= /CN=<local hostname>
[002.460]
Certificate 2 of 2 in chain:
subject= /CN=<local hostname>
issuer= /CN=<local hostname>
[002.722]Cert NOT VALIDATED: unable to get local issuer certificate
[002.722]this may help: What Is An Intermediate Certificate
[002.724]So email is encrypted but the domain is not verified
[002.728]Cert Hostname DOES NOT VERIFY (*********.deloitte-mu.com !=<local hostname>)
[002.729]So email is encrypted but the host is not verified
[002.729] ~~>EHLO checktls.com
[003.028]<~~250-<local hostname>.deloitte-mu.local Hello [69.61.187.232]
250-SIZE
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250-XRDST
250 XSHADOW
[003.033]TLS successfully started on this server
[003.033] ~~>MAIL FROM: <test@checktls.com>
[003.327]<~~250 2.1.0 Sender OK
[003.337]Sender is OK
[003.337] ~~>RCPT TO: <hmtadmin@deloitte-mu.com>
[003.633]<~~250 2.1.5 Recipient OK
[003.634]Recipient OK, E-mail address proofed
[003.634] ~~>QUIT
[003.932]<~~

221 2.0.0 Service closing transmission channel

Can anyone help me on the issue above.

Thanks.

Search

SMIME for email security: Error- Microsoft outlook cannot sign or encrypt this message because the certificate is not valid

June 7, 2013, 5:27 am
$
0
0

I have an issue trying to encrypt an email message and sending it to someone. The error which i'm facing is "Microsoft outlook cannot sign or encrypt this message because the certificate is not valid". I've never used this SMIME feature of outlook. Referred few articles and blogs but couldn't get any clue. I've managed to get the user certificate for myself from Comodo which is for free use. Please let me know how to understand and use this feature as i'm new to it. Does the server has to do anything in this process related to SMIME settings..

Mailflow 2013 to 2010

June 7, 2013, 5:42 am
$
0
0

Hi everyone,

I have exchange 2013 cu1 and installed on server 2012 which is coexisting with other 2 exchange 2010 SP3.

Now i have a problem with the mailboxes i have moved from exchange 2010 to 2013, users can receive emails but cannot totally send.

Kindly assist am stuck

Meshack


Ports to Send and Receive Mail

June 7, 2013, 7:35 am
$
0
0

If all I want to do is authenticate to exchange and be able to send and receive email from an Outlook client on a secure VLAN.  What ports do I need to request to be opened on the Firewall between my secure VLAN and the open VLAN?  Including sending and receiving over SSL.

Thanks!


What goes in Account field for SMTP Connector Outbound Security?

June 7, 2013, 9:25 am
$
0
0

Hello,

If my ISP is Verizon.net and my hosting company for our domain is Arvixe, when I fill the field for Account in the Outbound Security of the SmallBusiness SMTP Connector properties that are here:

Do I use the account from my Verizon.net ISP or do I use the account from Arvixe email?

Any help would be gratefully appreciated.

Thanks,
Tony

Stop The World, I want To Get Off! ........... Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

Send email from internet to 3 destinations. If one is User Unknown, mail is rejected and nobody recieved email

June 7, 2013, 11:57 am
$
0
0

Hi, We have a problem with a migrated installation of Exchange Server 2013

If I send an email from Gmail for example to user1@contoso.com, user2@contoso.com, user3@contoso.com and for example user2 doesn´t exists in Exchange, the in Gmail I receive and delivery failed with failed 3 destinations users. What´s append?

Internally, if I send an email to one valid user and one unkown user, the the valid user receive my email, and I receive a delivery failed report only for the user unknown. It´s a normal behairvour? Can I change that? I need to recieve emails from internet always, and if one user is unkown I hope the email is not rejected for all de destination recipients.

Many thanks!

Sergio Fathala - MCSE 2003

Exchange 2010 with Forefront, can't receive large attachments from outside ONLY.

June 10, 2013, 1:38 pm
$
0
0
I am able to send and receive large files internally now. Also I am able to send large files to the outside. But I can't receive anything larger then defaulted 10mb. My Environment is 2 Edge boxes, 2 cas HT boxes, 2 mx DB boxes.

I was asked to increase the size of the emails my organization can receive, I went ahead and adjusted the following:
EDGE
1. Receive and Send connectors, set to 40mb.
2. Forefront -->Advanced Options--> Threshold Levels--> all max sized are at 50mb.
CASHT
1. Organization Configuration--> Hub Transport -->Send Connectors and GLOBAL SETTINGS
2. Server Configuration--> HUB Transport--> all the connectors
3. Recipient Configuration--> Mailbox --> users. 

All sizes are set to 40mg!

I am able to send large files (24354K), but  not able to receive 

The following is output from Get-TransportConfig:

ClearCategories                     : True
ConvertDisclaimerWrapperToEml       : False
DSNConversionMode                   : UseExchangeDSNs
ExternalDelayDsnEnabled             : True
ExternalDsnDefaultLanguage          :
ExternalDsnLanguageDetectionEnabled : True
ExternalDsnMaxMessageAttachSize     : 40 MB (41,943,040 bytes)
ExternalDsnReportingAuthority       :
ExternalDsnSendHtml                 : True
ExternalPostmasterAddress           :
GenerateCopyOfDSNFor                : {}
HygieneSuite                        : Standard
InternalDelayDsnEnabled             : True
InternalDsnDefaultLanguage          :
InternalDsnLanguageDetectionEnabled : True
InternalDsnMaxMessageAttachSize     : 40 MB (41,943,040 bytes)
InternalDsnReportingAuthority       :
InternalDsnSendHtml                 : True
InternalSMTPServers                 : {}
JournalingReportNdrTo               : 
LegacyJournalingMigrationEnabled    : False
MaxDumpsterSizePerDatabase          : 60 MB (62,914,560 bytes)
MaxDumpsterTime                     : 7.00:00:00
MaxReceiveSize                      : unlimited
MaxRecipientEnvelopeLimit           : unlimited
MaxSendSize                         : unlimited
MigrationEnabled                    : False
OpenDomainRoutingEnabled            : False
Rfc2231EncodingEnabled              : False
ShadowHeartbeatRetryCount           : 12
ShadowHeartbeatTimeoutInterval      : 00:15:00
ShadowMessageAutoDiscardInterval    : 2.00:00:00
ShadowRedundancyEnabled             : True
SupervisionTags                     : {Reject, Allow}
TLSReceiveDomainSecureList          : {}
TLSSendDomainSecureList             : {}
VerifySecureSubmitEnabled           : False
VoicemailJournalingEnabled          : True
HeaderPromotionModeSetting          : NoCreate
Xexch50Enabled                      : True

Also my antispam cloud service sent me the following logs:

10:10:38.662 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: MAIL FROM:<USER@gmail.com> SIZE=34140018
10:10:38.771 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 250 2.1.0 Sender OK
10:10:38.771 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: RCPT TO:<work@workemail.com> NOTIFY=FAILURE,DELAY
10:10:38.896 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 250 2.1.5 Recipient OK
10:10:38.896 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: DATA
10:10:39.021 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 354 Start mail input; end with <CRLF>.<CRLF>
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) abort request
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) write failed. Error Code=socket aborted
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) [1959469085] failed to send. Error Code=socket aborted


AND 

Also another error from Appriver:
08:48:34.798 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: MAIL FROM:<user@gmail.com> SIZE=34148430
08:48:34.907 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 250 2.1.0 Sender OK
08:48:34.907 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: RCPT TO:<work@workemail.com> NOTIFY=FAILURE,DELAY
08:48:35.032 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 250 2.1.5 Recipient OK
08:48:35.032 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: DATA
08:48:35.157 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 354 Start mail input; end with <CRLF>.<CRLF>
08:53:34.718 3 SMTP-929371(workemail.com.smtpip.com:25) write failed. Error Code=connection reset by peer
08:53:34.718 3 SMTP-929371(workemail.com.smtpip.com:25) [1959495450] failed to send. Error Code=connection reset by peer

I am out of options here,  wondering if anyone know's anything about this?

Vladimir

remote pipeline has been stopped Exchange 2010 SP3

June 11, 2013, 12:37 pm
$
0
0

I upgraded to SP3 on my Exchange 2010 Server which is running CAS/HT Role.  I used to get this error on and off before too but mail never got stuck.  After installing SP3 I still get this error .... but mail never gets stuck and flows fine.

Cmdlet failed. Cmdlet Get-Queue, parameters {ResultSize=1000, ReturnPageInfo=True, Server=CAS001.domain.com, SortOrder={-MessageCount}, SearchForward=True, BookmarkObject=, BookmarkIndex=-1, IncludeBookmark=False}.

any ideas?  thanks!

Search

Unable to receive Emails from a Hotmail Sender.

June 12, 2013, 12:24 pm
$
0
0
I'm new to the Exchange servers here, but out of nowhere we can no longer receive emails sent from a "@hotmail" email account.  Nothing has changed between today and yesterday besides the date.
Does anybody have any insight into this that could help?
I should also note that we have Exchange 2010, not 2013.

Creating Exchange 2013 receive connectors for Internal Simple SMTP Devices e.g. Scanners

June 12, 2013, 7:55 pm
$
0
0

Like any organisation, I have a number of devices ranging from routers to switches, printers to multifunction centers, and some applications/scripts that send email via SMTP.

Some devices have no authentication mechanism in their software, while others offer windows credentials, and some support TLS.  I have been doing quite a bit of research on this and some suggestions either don't work, or are ill advised.  On one MS forum the "Moderator" confessed they had no idea how or if it could be done.

So what is the best way, and can it be provided as a step by step method.  I've set them up in the past with since Exchange 5.5, 2000, 2003, 2007, 2010 but cant crack it in 2013.  Judging by the number of hits on topics around this I am not in the minority.

I manage many sites that have the same types of devices making migration to Exchange 2013 a risk - so is it possible at all with Exchange 2013 - or do we exercise our downgrade rights to 2010 so that our major devices like the Multifunction centres can work in the way intended.?

To date I have tested Receive Connectors with the following properties

  • Custom Connector
  • tried both Hub and Frontend transport roles
  • With no Security, Basic Security, TLS Security (for those devices that supported it)
  • Permission group = anonymous
  • Remote Network settings = All Internal IP Addresses
  • Left Adapter bindings as defaults (all avail IPV4)

How do I tell my hosting company to send queued emails to our Exchange server 2003

June 10, 2013, 2:01 pm
$
0
0

Hello,

Does anybody know how to tell our hosting server email to send emails to our SBS 2003/Exchange server 2003?

We have a SMTP Virtual Server configured and a SmallBusiness SMTP Connector configured.

We can send and receive internal emails to exchange accounts.

We can send external emails from exchange accounts.

We cannot receive external emails through exchange.

Thanks,
Tony

Stop The World, I want To Get Off! ........... Life Isn't About Waiting For The Storm To Pass ... It's About Learning To Dance In The Rain.

Exchange 2003 - MTA RPC permission (9297)

June 11, 2013, 10:37 am
$
0
0

Dear

We have 2 x Exchange 2003 (FE & BE), during Exchange 2003/2010 mail flow issue, we delete then recreate send connector (to Smart host->Internet) and the (Ex2k3/Ex2k10-HT) servers routing group connectors

After that all mail flow working fine (between 2k3 & 2k10/ and outside/inside). Only we start getting Event logs on FE and BE with the below details :

Event Type:    Warning
Event Source:    MSExchangeMTA
Event Category:    Security
Event ID:    9297
Date:        6/4/2013
Time:        7:00:53 AM
User:        N/A
Computer:    BE
Description:
Calling client thread does not have permission to use MTA RPCs. Windows 2000 error code: 0X80070005. Client user account: NT AUTHORITY\ANONYMOUS LOGON. [BASE IL INCOMING RPC 29 237] (14)

When I gave the Anonymous SendAs/ReceiveAs permission it stop EventID 9297 and log event 9322, so i revert back. We don't have name resolution issue or communication issue between BE/FE servers

Folders deleted from Inbox does not get purged from Deleted Item folder even if the retention policies are in place and getting applied

June 13, 2013, 12:55 am
$
0
0

Hi There,

I've a retention policy in my organization for purging the items from deleted items folder after 3 days of getting deleted from the inbox. The policy is also working fine for the emails which are being deleted from the inbox. But when it comes to deleting a folder from the inbox, eventhough the retention policy gets applied the folder still remains in the deleted items folder but all the emails inside it gets purged normally.

Can some one please let me know if this is the default behaviour of how the MRM works or is this somekind of a bug. Also please let me know if there are any fix to this issue such that the folder should also get purged along with the mails as per the MRM policy.

event id:4999 - MSExchange Common - IS BACK!

June 13, 2013, 5:30 am
$
0
0

I was getting this error on my 2 CAS/HT Servers running Exchange 2010 SP2 RU4v2. 

 ___________________

Watson report about to be sent for process id: 10784, with parameters: E12, c-RTL-AMD64, 14.03.0123.004, WS, M.Exchange.StoreProvider, M.M.MapiMessage.CreateAttach, M.E.D.Storage.AccessDeniedException-27121, ffcb-5111, 14.03.0123.002. ErrorReportingEnabled: True

_____________________

I was suggested by few board members here to uprgade to RU6 or SP3.  So I did upgrade to SP3 about 2 days ago on one of my CAS/HT servers but today I see this above message again.

any ideas - thank you

Exchange 2013 Moderated Lists

June 13, 2013, 11:57 am
$
0
0

We have upgraded from 2007 to 2013 and we are planning on getting rid of our old list server to use Exchange's fancy new moderated distribution lists.  To my dismay, it won't let you add smtp accounts, thus, I have to create an AD object for every member of our lists.  The problem has come about giving access to users outside of our organization the ability to email the list.

If I set delivery management to the default, "Only members inside my organization" the following occurs: People in my organization are moderated, people outside get a NDR.

If I set delivery management to the other option, "Senders inside and outside my organization", the following occurs: People in my organization are moderated, people outside are not, and email goes through to the entire list.

How can I set this up so that inside and outside people get moderated.  This seems poorly implemented, or maybe it is just not working properly.

Search

Exchange 2013 ssl certificate request domain format

June 13, 2013, 1:11 am
$
0
0
When requesting an SSL certificate from exchange 2013 certificate generator. what format should the domain be in for the internal outlook connection and the external access, if my domain looks like these examples. "server.domain.local" and our domain name for emails is "email@anotherdomain.co.uk" do you have to put the reqeust in the format of  "server.anotherdomain.co.uk" or just "anotherdomain.co.uk"

in coming Mail flow in co-exist envt. Ex 2013 and 2007

June 13, 2013, 1:32 pm
$
0
0

If we deploy Exchange 2013 in co-exist envt with Exch 2007 and have to shut down Exch 2013 for some maintenance / update, does Ex-2007 takes care of the mail flow for the users who are still on Ex-2007 and not migrated over to Ex-2013?

I know there won't be any issue for outgoing email. I am not sure for incoming emails. Any suggestion?

Thanks.

Email being rejected on and off exhance server 2010

June 13, 2013, 4:33 pm
$
0
0

Hi all. I have an exchange server that has been up and runing now for 90 days no problems. We have not done anything to change anything on the server at all. I have installed SBS 2011 witch has exchange server 2010 as you all know. ok here is the problem. all the suden the emails were being rejected for inbound. And it is hit and miss. you can send an out side email fromme@hotmail.com once, maybe twice and you might get a address rejected. I have ran all updates, Disable the fire wall, ran best pratic, MX recoreds are right, I have even delted MX recoreds and remade them. I get no other errors and like I have said it is hit and miss. some times they come threw other times it wont. any thoughts on what I shouls look at?

Reporting-MTA: dns;bay0-omc2-s18.bay0.hotmail.com
Received-From-MTA: dns;BAY403-EAS424
Arrival-Date: Thu, 13 Jun 2013 16:14:53 -0700

Final-Recipient: rfc822;me@dormain.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;550 #5.1.0 Address rejected.

Dave Orn. IT/ Manager ProPac Labs

ERROR 5.7.1 unable to relay when setting up an exchange server to take over from hosted mail

June 14, 2013, 1:49 am
$
0
0

Ill first outline the situation,

We have a client that wanted to move his hosted mail to his new exchange server.

So we setup everything and outgoing mails work fine (i can test them no problem)

What i can't get around to is getting a test mail through telnet to drop an internet mail to a local account.

things i checked:

1) domain is in accepted domains list

2) in default mail policy the account@domain.com is allowed

3) administrator@domain.com is allowed email address for that user and is assigned to him as the primary email address

the default frontend connector allows anonymous connections

I am probably overlooking something stupid, possibly i cant get the mails to be accepted until the DNS record is moved from the current mail hosting to the new exchange public ip address?

Other option is a certificate issue but that shouldnt block anonymous mails to arrive?



its in dutch but i suppose most of the information is just readable like this

So if anyone can pitch an idea (or confirm it is indeed because of the public dns record still pointing to current mailhosting.)

Regards

Virtual Exchange 2013 CU1 raises Receive(SocketError) in SMTP log

June 16, 2013, 4:48 am
$
0
0
Hi community!

One week ago, we installed on a Windows Hyper-V 2012 core server an Exchange 2013 CU1 on a Windows Server 2012 virtual machine. On our LAN, we have a Windows Server 2008 R2 web server, which is sending emails to customers over the Exchange 2013.

To make this relay function on the Exchange 2013 to work, we created an internal frontend relay receive connector. Our experience last week was, that this connector stops working for about 5 to 30 minutes whenever it would like to. The sender web server got"service not available" errors. On a thread in the internet we found the solution to deactivate the Microsoft antispam agent of the Exchange 2013 and replaced it by Symantec Mailsecurity for Exchange 7.0.1.

But today, 12 hours after the installation of the workaround, some smtp messages where not sent (but most of the mails where sent). We found in the relay connectors receive log, that he accepted the failed message for sending (250 2.6.0 <baab5dde-0b49-420f-97ba-907466047b05@servername.domain.lokal> [InternalId=734439407867] Queued mail for delivery), but instead of waiting for the senders QUIT-command, the relay connector raises the error "Remote(SocketError)".

We didn't find any other errors with reference to this behavour.

There is only one thing more: last week we recognized problems with the outlook connections to the new Exchange server. The connection goes on- and offline multiple times in short time intervalls. We switched off the default configured "Receive Side Scaling" on the Windows Server 2012 virtual machines NIC, as suggested on the internet for Exchange 2013, running on hyper-v-hosts. Could this be responsible for the socket errors on SMTP-communication?

Hope my English is good enough to give a good explanation of the problem.

Best regard,
Peter
Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>