Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

Some users cannot send and receive email with outlook but can send and receive email with owa

November 5, 2014, 6:39 pm
$
0
0

Hello,

I have Exchange Server 2010 SP3. All users can send and receive email via webmail.

Some users can not send and receive email via microsoft outlook. If they send email only stuck in outbox and there is no mail receive in their inbox. But another users cand send and receive mail via microsoft outlook correctly.

I have check queue in hub transport server and edge transport server, there is no problem i found.

I have check microsoft exchange mail submission service on mailbox server, and it's started.

How do i troubleshoot this problem? Please help me. 

Thanks,

Suhud

Search

MS Filtering Engine Update -Unsuccessful

January 30, 2013, 1:45 am
$
0
0

Hi all

Its me again.

I am trying to update the inbuilt malware definitions according to the instructions in article.

http://technet.microsoft.com/en-us/library/jj657471.aspx

& $env:ExchangeInstallPath\Scripts\Update-MalwareFilteringServer.ps1 -Identity <FQDN of server>

I am getting the following two events  see below on all the mailbox servers. I obviously cannot go into production Exchange 2013 RTM on Windows 2012 Servers and Domaincontrollers.

Log Name:      Application
Source:        Microsoft-Filtering-FIPFS
Date:          1/29/2013 2:50:45 PM
Event ID:      6027
Task Category: None
Level:         Error
Keywords:     
User:          NETWORK SERVICE
Computer:    Removed To Protect The Innocent 
Description:
MS Filtering Engine Update process was unsuccessful in contacting the Primary Update Path. Update Path:http://forefrontdl.microsoft.com/server/scanengineupdate
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Filtering-FIPFS" Guid="{1BE3A000-EA09-4AB8-B0A0-30BBB6793D80}" />
    <EventID>6027</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-01-29T12:50:45.262896300Z" />
    <EventRecordID>120660</EventRecordID>
    <Correlation />
    <Execution ProcessID="2584" ThreadID="3752" />
    <Channel>Application</Channel>
    <Computer>Removed To Protect The Innocent
    <Security UserID="S-1-5-20" />
  </System>
  <EventData>
    <Data Name="UpdatePath">http://forefrontdl.microsoft.com/server/scanengineupdate</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Microsoft-Filtering-FIPFS
Date:          1/29/2013 2:53:25 PM
Event ID:      6024
Task Category: None
Level:         Information
Keywords:     
User:          NETWORK SERVICE
Computer:     Removed To Protect The Innocent
Description:
MS Filtering Engine Update process is checking for new engine updates.
 Scan Engine: Microsoft
 Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Filtering-FIPFS" Guid="{1BE3A000-EA09-4AB8-B0A0-30BBB6793D80}" />
    <EventID>6024</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-01-29T12:53:25.654390000Z" />
    <EventRecordID>120667</EventRecordID>
    <Correlation />
    <Execution ProcessID="2584" ThreadID="3752" />
    <Channel>Application</Channel>
    <Computer> Removed To Protect The Innocent
    <Security UserID="S-1-5-20" />
  </System>
  <EventData>
    <Data Name="EngineName">Microsoft</Data>
    <Data Name="UpdatePath">http://forefrontdl.microsoft.com/server/scanengineupdate</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Microsoft-Filtering-FIPFS
Date:          1/29/2013 2:56:07 PM
Event ID:      6030
Task Category: None
Level:         Information
Keywords:     
User:          NETWORK SERVICE
Computer:   Removed To Protect The Innocent  
Description:
MS Filtering Engine Update process is attempting to download a scan engine update.
 Scan Engine: Microsoft
 Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Filtering-FIPFS" Guid="{1BE3A000-EA09-4AB8-B0A0-30BBB6793D80}" />
    <EventID>6030</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-01-29T12:56:07.715314800Z" />
    <EventRecordID>120668</EventRecordID>
    <Correlation />
    <Execution ProcessID="2584" ThreadID="3748" />
    <Channel>Application</Channel>
    <Computer> Removed To Protect The Innocent
    <Security UserID="S-1-5-20" />
  </System>
  <EventData>
    <Data Name="EngineName">Microsoft</Data>
    <Data Name="UpdatePath">http://forefrontdl.microsoft.com/server/scanengineupdate</Data>
  </EventData>
</Event>

Log Name:      Application
Source:        Microsoft-Filtering-FIPFS
Date:          1/29/2013 3:48:03 PM
Event ID:      7003
Task Category: None
Level:         Information
Keywords:     
User:          NETWORK SERVICE
Computer:    Removed To Protect The Innocent 
Description:
MS Filtering Engine Update process has successfully scheduled all update jobs.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Filtering-FIPFS" Guid="{1BE3A000-EA09-4AB8-B0A0-30BBB6793D80}" />
    <EventID>7003</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-01-29T13:48:03.321784200Z" />
    <EventRecordID>120776</EventRecordID>
    <Correlation />
    <Execution ProcessID="2584" ThreadID="21120" />
    <Channel>Application</Channel>
    <Computer>Removed To Protect The Innocent</Computer>
    <Security UserID="S-1-5-20" />
  </System>
  <EventData>
  </EventData>
</Event>

Regards

Bright

Exchange 2013 External Incoming Emails With Large Attachments Disappearing No NDR

November 6, 2014, 8:07 am
$
0
0
I have a problem I am running Exchange 2013 recently upgraded to service pack one hoping to fix the problem no luck changed the ConnectionTimeouts on the recieve connectors no luck, diasabled certain commands chunking and BinaryMime no luck I can recieve large attachements internally and send to external users but no user is able to recieve emails with attachments bigger than 1 MB all formats doc,xlsx,pdf etc and there is no NDR the attachment is either stripped or the email disappears into thin air literary. I am about to lose my mind over this. This started a month ago howcan I test at what point between the sender and myself the emails are being filtered all other emails come through as long as the attachments are less than 1 MB.

Edge Server Question

November 6, 2014, 6:20 pm
$
0
0

Hopefully this is a nice and easy simple question for somebody

Have the following setup

AD_Site_A
EX1 and EDGE Server

AD_Site_B
EX2 HUB

AD_Site_C
EX3

AD_Site_A - can send outbound mail through Edge role

Do I need an Edge Server, or Edge subscription for the Exchange servers in Site_B and Site_C ?

if i disable the hub server, will mail fail in Sites_B and C


Automatic rules to Internal distribution group failing when authentication is enabled

October 17, 2014, 2:23 am
$
0
0

Hi Forum,

I have set up a rule on a user's PC whereby when he (user@internal.com) receives an external email (from sender@external.com), it should be automatically forwarded to a distribution group (group@internal.com) with cc touser1@internal.com and user2@internal.com .

This worked well for some time until recently when it started failing. The only way we can get this working again is when we disable authentication to the distribution group (group@internal.com ). We do not want this disabled as we don't want the outside world to Spam this distribution group. No changes has been made to the system which could have caused this issue. 

Is there a way to get this rule working without disabling the authentication?

Cheers

Arvind

Message body changed, DKIM fails when using Exchange Online

November 7, 2014, 7:12 am
$
0
0
Scenario:
  1. I send a message from an aol.com address to a gmail.com address. Everything works as expected.
  2. I send a message from an aol.com address to an address handled by my organization's Exchange Online and EOP that forwards to gmail.com. The message does not pass DKIM and is placed in the spam folder.

The DKIM message from Google is:

dkim=neutral (body hash did not verify) header.i=@;

When I compare the 2 messages, the only difference in the fields used for DKIM (DomainKeys Identified Mail) validation is that the following line is removed from the message body when handled by Exchange Online:

This is a multi-part message in MIME format.

Just wondering if anyone else has seen this, knows why it is happening, or how to prevent it.

Thanks!

EDIT:

The mail-flow is more complicated than what I initially described. External mail first hits EOP (Exchange Online Protection) and is then routed to an on-premise Postfix server. From there it is sent back out through Exchange Online. It is possible that the message is changed by either Exchange Online or Postfix--I'm trying to determine that now.



Worked around needed for DMARC Reject issue with Yahoo.com & Aol.com senders to a DL with external recipients

August 28, 2014, 1:57 pm
$
0
0

I posted on my blog about this issue in April here: http://blog.jasonsherry.net/2014/04/10/dmarc-broke-your-mailing-lists/

I had hoped to find some work around by now, but still haven't.

The issue occurs if you host a DL (Distribution List\Groups) that contains external recipients and external recipients can send to this DL. In my case I host 20+ DLs+ for friends and family that contain many external recipients. basically running a ListSrv using Exchange.

The issue, starting in April when Yahoo.com and now Aol.com, is that the DMARC policy on some mailsystems is set to Reject. So when a yahoo.com user sends an e-mail to DL@company.com and this DL then sends the message to members at aol.com, yahoo.com, msn.com, comcast.net, hotmail.com, and others it will be rejected. The reason is that these e-mail providers check the DMARC policy for the domain the message shows up as coming from. In this case the message was sent from user@yahoo.com, but got forwarded by Exchange to the DL members. The From address will show user@yahoo.com, but the actual sending server was Exchange, not Yahoo. So the e-mail is rejected, causing a NDR talking about the DMARC policy in many cases.

One option is to setup a Mailbox and put the DL e-mail address on it and then have a Rule set on the mailbox to forward mail to the DL.  But I really don't want to create 20+ mailboxes and set this up.

So has anyone, with Exchange, figured a better solution?

If this post helps to resolve your issue, please click the "Propose as Answer" If you find it helpful , mark it as helpful by clicking on "Vote as Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster. If you need an expert migration consultant to assist your organization feel free to contact me directly.

Jason Sherry | Blog | Hire Me | Twitter: @JasonSherry
Microsoft Infrastructure Architect, MCSE: M, MCTIP, Microsoft Exchange MVP

Exchange 2013 issues - (new send email Stuck in Drafts not send)

March 4, 2013, 2:02 am
$
0
0
Exchange 2013 issues - (new send email Stuck in Drafts folder not send)
Search

This message can't be moderated because the approval system is too busy and can't accept messages now. Please try resending this message later, or contact the recipient directly.

November 9, 2014, 7:14 pm
$
0
0

Hello All,

We have in house Exchange 2013 running on Windows Server 2008 Standard R2. I have a group of all employee in the organization called employee@mydomian.com 

but from last couple of days I am getting this error while sending email to above mentioned group.

The delivery failure message says-

This message can't be moderated because the approval system is too busy and can't accept messages now. Please try resending this message later, or contact the recipient directly.

Please Help me to fix the same.

Thanks, Manoj

Exchange 2013 TransportRoles\Data\Temp filling up disk

August 8, 2013, 10:48 am
$
0
0

I have a single multi-role Exchange 2013 server and it would appear that it's not properly maintaining the temp files for the transport service.  I still have all those folder locations at their default and the problem folder is c:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Temp

I never had a problem with this in Exchange 2007 but I am used to running a PowerShell script nightly to clean up the IIS log files.  Do I need to do something similar for this temp folder?  Is there a setting I can adjust so that Exchange will limit the size of this folder itself?  If I stop the transport service and delete the files here will I lose anything?

Any suggestions or insight would be greatly appreciated.


Exchange 2013 transport rules support for Arabic Language

November 10, 2014, 2:54 am
$
0
0

Hi,

I have Exchange 2013

I want to deploy signatures through Exchange transport rules. the signatures are in Arabic language but it does not appear in the signature.

What is the solution

Mashhour Faraj

Exchange 2013 - Mail left at ISP-how to retrieve

November 2, 2014, 3:48 pm
$
0
0

Using Exchange Server 2013 for about 2 months with both roles on one server.  Anti-spam is disabled and we have no other spam filters presently. We have the default connectors for Sending and Receiving via MX records. Our ISP (Time Warner) host our email. We began to notice some emails had not been received for a couple of our 10 users, so we logged into the web interface for the mail box of just one of our users to check if anything was in the Inbox. Sure enough, there were actually several emails over that 2-month period that the user never received. We have not checked other users yet but suspect that they have emails left there too.

1. It seems that if our Exchange Server doe snot Receive the emails, they remain at the ISP. How to we determine why this happened? What should we check in our configuration, etc. 

2. How do we retrieve the mail now setting at the ISP in the user's Inbox? We use Outlook 2013/2010 as email client for users.

Thanks!


Exch 2013- Spam -where does mail go?

November 3, 2014, 4:25 am
$
0
0
If Antispam is enabled in Exchange 2013, where does the Spam go?

can someone help me find my exchange server address. .

November 10, 2014, 8:27 am
$
0
0

Hi there-

Can someone please tell me how to find my exchange server address?  Why do some email attachments need it?

Thanks so much.

G.

Incoming mail error

November 10, 2014, 1:32 pm
$
0
0

Hi all, I got something I've never seen before, I searched the forums and the only one thread I saw was not related to mine, we have some users saying their contacts are not able to send them emails, I looked at the logs, and in the receiving end, it shows this error

2014-11-10T16:54:00.732Z,CRXMAIL\Default CRXMAIL,08D1C8382F1C88AE,48,x.x.x.x:25,157.56.111.71:51765,*,,Ignored X-OriginatorOrg header value 'kyocera.com' because session capabilities do not allow it

2014-11-10T16:54:00.936Z,CRXMAIL\Default CRXMAIL,08D1C8382F1C88AE,49,x.x.x.x:25,157.56.111.71:51765,>,250 2.6.0 <63060AAB068EBD4A91B1FD4960315A537B73C590@KIISD48.corp.kyosys.com> [InternalId=188743] Queued mail for delivery

There's other domains where this is showing like maybe 2 other, though I'm only getting complains from one user, I should have more, I also noticed in the logs that these domains are somehow hosted using outlook.com, so there's a pattern, anyone seen this before, doesn't look like it's mentioned much in the forums, I'm not sure where else to look, my firewall hasn't had any changed lately. Any pointers or advise would be great

thanks in advanced.

Search

Text patterns

November 10, 2014, 3:48 pm
$
0
0

Trying to create a transport rule to catch messages sent to more than 100 recipients.

Using the "when the message header matches text patterns" with "When the "To" matches "

(?:.*?(\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}\b)){100}
I get an error about the backslash is not accepted, any ideas?

Setup Exchange to duplicate emails to my SMTP server.

November 10, 2014, 5:52 pm
$
0
0

Hello.

I am developing product to detect leakage of sensitive data from internal networks. Often comes out requirement to check company emails ruling by Exchange server. Already I have SMTP server which is integrated with main logic of analyze data and nothing more, so next step is to receive emails from Exchange server. But solution is much more complicated than I expect, maybe because I never had to work with Exchange before. So there is my issue:

There is a portable way, between different versions of Exchange servers and configurations, to setup them send duplicates of all (internal and maybe incoming) emails to this SMTP server?

Difference between send and receive connector

November 10, 2014, 7:12 pm
$
0
0

Hi  Exchange Server Expert,

I have been informed by my boss to enable the send/receive email of our sharepoint server via our exchange server. What in my mind will be send and receive connector. As I know that the send connector is controlling the email that being send out, for ie: send email from internal company to external parties and the receive connector control email that being received ie: external parties send email to internal companies. am I correct here?

if I would like to allow my sharepoint server to receive incoming email, what connector should I configured in our exchange server? FYI, we are using exchange server 2010 SP2. All our emails are being routed thru the Symantec cloud for email scanning and filtering.

thanks.

regards,

Henry

Sender Filtering Exchange 2013

November 10, 2014, 8:57 pm
$
0
0

Hi All,

I was going through CBT nugget series for Exchange 2013 and came across Sender Filtering section where trainer explains it as below, which has left me confused. Hope some can throw some light on what he was trying to say.

----------------------------------

Microsoft Exchange Server 2013 70-341 - Configuring and Managing Hygiene:

00:14:43 - I can also set it(Sender Filtering) up for blocked domains as well.

00:14:47 - So for blocked domains, if we have another company, for

00:14:51 - example, that we just acquired, we don't want anyone

00:14:54 - to actually send any emails out as the old company name.

00:14:58 - We could say blocked domains would be

00:15:00 - companywejustpurchased.com, and this would prevent anyone

00:15:05 - from that company from sending out email from

00:15:08 - the old company name.

----------------------------------

As per my understanding and from Technet articles below it works ONLY on messages that come FROM external sources.

----------------------------------

http://technet.microsoft.com/en-us/library/bb124354(v=exchg.150).aspx

Sender filtering relies on the MAIL FROM: SMTP header to determine what action, if any, to take on an inbound email message. Sender filtering is provided by the Sender Filter agent.

As noted earlier in this topic, ONLY messages that come FROM external sources are filtered.External sources are defined as non-authenticated sources. These are considered anonymous Internet sources.

----------------------------------

However looking at the explaination from Trainer, it appears that Sender Filtering works(Blocks) on outbound emails from my organization going outside to the internet as well. (I thought this can only be achieved using Transport Rules)

Please let me know, what I missed or what exactly sender filtering does or doesn't do.

Regards,

Satyajit

Please“Vote As Helpful” if you find my contribution useful or “Mark As Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.

FIXED - Exchange 2013 - Can I Recreate Default Frontend Receive Connector SAFELY?

November 2, 2014, 1:40 am
$
0
0

Hi

I'm need of some urgent assistance please.

I had a fully functional Exchange 2013 server and decided to create a receive connector for a photocopier/scanner to included its static IP  port number 25.

I accidentally chose Hub Transport role and not FrontEndTransport role which appears to have messed up port 25 connectivity on mail coming in from the internet. When I stopped and restarted the Transport Service within services.msc I then got this error.

Source: MSExchangeTransport
Event ID: 1036
Task Category: SmtpReceive
Level: Error

Description: Inbound direct trust authentication failed for certificate %1. The source IP address of the server that tried to authenticate to Microsoft Exchange is [%2]. Make sure EdgeSync is running properly.

I proceeded to delete the offending Receive connector for the scanner/photocopier and restart the server,  the transport service started ok this time but still I cant receive mail from the outside world.

My question: Can I delete the automatically created default Frontend "servername" connector which contains the proper settings then recreate it again with the same settings and NOT harm/delete all the users emails or the mailstore or anything bad for that matter?

I have the details on how to create the connector but just wanted to check that's its ok to remove it and re-add it again now that everything was setup and running fine. I'm hoping the recreated Connector will fix what I broke.

Appears what I have done has broken my connectivity to telnet to port 25 to the exchange server from the outside world although oddly I can telnet to the server from a command prompt on the exchange server (telnet "servername" 25) and getpresented with the exchange server responding. The tickbox for anonymous is ticked already. Port 25 already is forwarded from the firewall to the exchange server and was working fine till I made the error.

Any help is greatly appreciated. Thankyou.




Viewing all 4249 articles
Browse latest View live
Search