Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 4249 articles
Browse latest View live

Different attachment file name but with same content

December 1, 2014, 11:53 pm
$
0
0
Hi all,
I have an issue on my exchange enviroment ( exchange 2010 sp3 rollup 4)
some user send emails vith several pdf attached files.
the reciver see the file with the correct name (all different ) but the content is the same.

Luca Pozzoli

Search

store driver failed to submit event

December 18, 2014, 6:00 pm
$
0
0

Since upgrading from Exchange 2010 to Exchange 2013, users who are close to their mailbox limit do not get warning messages, because delivery of the warning message fails, with the following error in the event log: 

The store driver failed to submit event <event number> mailbox <mailbox guid> MDB <database guid> and couldn't generate an NDR due to exception Microsoft.Exchange.MailboxTransport.StoreDriverCommon.InvalidSenderException

   at Microsoft.Exchange.MailboxTransport.Shared.SubmissionItem.SubmissionItemUtils.CopySenderTo(SubmissionItemBase submissionItem, TransportMailItem message)

   at Microsoft.Exchange.MailboxTransport.Submission.StoreDriverSubmission.MailItemSubmitter.GenerateNdrMailItem()

   at Microsoft.Exchange.MailboxTransport.Submission.StoreDriverSubmission.MailItemSubmitter.<>c__DisplayClass1.<FailedSubmissionNdrWorker>b__0()

   at Microsoft.Exchange.MailboxTransport.StoreDriverCommon.StorageExceptionHandler.RunUnderTableBasedExceptionHandler(IMessageConverter converter, StoreDriverDelegate workerFunction).

Is anyone able to suggest what the problem may be?

[Transport rule] detect sender is part of subdomain .example.be

December 10, 2014, 6:52 am
$
0
0

Hi,

I created a transport rule with subject detection (regex even) which is working fine. What I do is add a bcc.
Now I would like to tweak this rule further by only allowing mails received from a xxx@yyy.example.net address, so for example not from zzz@example.net

I tried the sender address includes any of these words: .example.net
Also tried the sender address matches any of these text patterns .example.net

Both with no success, please advice.

Best regards,
Kristof

Exchange 2013 - Unable to send email, Internally & Externally

February 3, 2013, 11:10 am
$
0
0

Hi,

I have new testing lab to play around with which is starting to drive me insane. I have exchange 2013 and outlook 2013. I can receive emails from external domains but I am unable to send emails internally or externally!

Now I would know what to look at if I couldn't send externally, But not being able to send internally has completed confused me!

anyone got any tips where to start troubleshooting for not being able to send internal mail? Once internal mail works I should then be able to get external mail working as well....

Thanks



Modifying Connectors for Receiving Internet Mail - Anonymous setting?

January 7, 2015, 7:29 pm
$
0
0

I have a mail reflector for my domain to deliver mail on an alternate port, other than 25 because my ISP blocks port 25. I have the following default receive connectors:

Default Client Font End Transport (FrontEnd Transport) - TLS, Basic, Integrated, Exchange users, port 587
Default Client Proxy (Hub Transport) - TLS, Basic, Offer Basic after TLS, Integrated, Exchange Server Auth, Exchange Servers, Exchange users, port 465
Default Front End Transport (FrontEnd Transport) - TLS, Basic, Offer Basic after TLS, Integrated, Exchange server auth, Exchange Servers, Legacy Exchange Servers, Anonymous Users, port 25
Default Hub Transport (Hub transport) - TLS, Basic, Offer Basic after TLS, Integrated, Exchange Server Auth, Exchange Servers, Legacy, Exchange Users, port 2525
Default Outbound Proxy Frontend Transport (Frontend transport) TLS, Enable domain security, Basic, Offer basic after TLS, integrated, Exchange server auth, exchange servers, anonymous, port 717

Issue: When I initially had mail forwarded to port 2525, I received a mail delivery system message: host mail.skincdc.com[69.250.204.88] said: 530 5.7.1 .Client was not authenticated (in reply to MAIL FROM command).

I modified the “Default Hub Transport” connector to allow Anonymous Users in addition to what I already had selected in the security settings. Voila, email is delivered to my exchange server from external domains.

I wasn’t sure if adding Anonymous Users to this connector would pose any issues. In order to try an alternate port, I changed my registrar to port 2626 and created a new receive connector Hub Transport, with only Anonymous Users and port 2626. I saw the initial connection in my TMG firewall logs, but mail never made it to my exchange server, and I wasn’t receiving the above error message right away as before. Disabling this new rule and modifying the firewall back to port 2525, email immediately was delivered. So can I just leave my Default Hub Transport receive connector as is with the security settings and Anonymous set? Thanks.

Next….getting email to send out on a different port than 25 to external domains. Still having issues with this one.

-SK



Exchange Server 2013 and ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

January 8, 2015, 11:18 am
$
0
0

Hello, Team!

I think I’ve found a serious bug in last CU releases. This is the case:

1 Multirole server Exchange 2013 SP1 (and older)

I care about preventing spoofing my company’s email addresses, and remove remove the ms-Exch-SMTP-Accept-Authoritative-Domain-Sender transport permission from anonymous senders.

Remove-ADPermission <ReceiveConnector Name> –user “NT AUTHORITY\Anonymous Logon” –ExtendedRights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

But in Exchange 2013 CU5, CU6 and even CU7 release this revoke permissions DOESN’T WORKS without any errors, softly. I've try Powershell and ADSI but unsuccessfully.

Then we take off permission on connector above, we keep 3 default permissions:

Accept-any-sender

Accept-Routing-Headers

Submit-Message to Server

It is wonderful works only on server SP1, but not on servers with older versions, which have right settings.

The saddest thing is I have information about Office 365 this behavior reproduced too. And I also think what in your lab you could take 15 minutes and play this simply thing....

I found only that information on connector side is diffenent on SP1 and CU5,6,7.

This is normal connection on SP1, when somebody try spoofed address. We can see a 250 AUTH Response on server side, and server refuse fake connection, all right.

And on cu5 and newest we doesnt see this code. Maybe auth mechanism miss something?

Any suggestions? On MS connect site a didn't found exchange bugs topic :)



Forced TLS-connector Exchange online bulk add domain fails

January 8, 2015, 1:20 pm
$
0
0

Hi

I have no problem adding the connector via shell or portal. My problem is that the amount of domains that I add exceed the limits in powershell, adding less domains is successful but the next batch overwrites the privious domain batch.

On the 365 portal GUI I can't add multiple domains separated via ;.

How can I bulk add all my domain without copy past single domain in the portal GUI.

/Magnus


Exchange 2010 with Forefront, can't receive large attachments from outside ONLY.

June 10, 2013, 1:38 pm
$
0
0
I am able to send and receive large files internally now. Also I am able to send large files to the outside. But I can't receive anything larger then defaulted 10mb. My Environment is 2 Edge boxes, 2 cas HT boxes, 2 mx DB boxes.

I was asked to increase the size of the emails my organization can receive, I went ahead and adjusted the following:
EDGE
1. Receive and Send connectors, set to 40mb.
2. Forefront -->Advanced Options--> Threshold Levels--> all max sized are at 50mb.
CASHT
1. Organization Configuration--> Hub Transport -->Send Connectors and GLOBAL SETTINGS
2. Server Configuration--> HUB Transport--> all the connectors
3. Recipient Configuration--> Mailbox --> users. 

All sizes are set to 40mg!

I am able to send large files (24354K), but  not able to receive 

The following is output from Get-TransportConfig:

ClearCategories                     : True
ConvertDisclaimerWrapperToEml       : False
DSNConversionMode                   : UseExchangeDSNs
ExternalDelayDsnEnabled             : True
ExternalDsnDefaultLanguage          :
ExternalDsnLanguageDetectionEnabled : True
ExternalDsnMaxMessageAttachSize     : 40 MB (41,943,040 bytes)
ExternalDsnReportingAuthority       :
ExternalDsnSendHtml                 : True
ExternalPostmasterAddress           :
GenerateCopyOfDSNFor                : {}
HygieneSuite                        : Standard
InternalDelayDsnEnabled             : True
InternalDsnDefaultLanguage          :
InternalDsnLanguageDetectionEnabled : True
InternalDsnMaxMessageAttachSize     : 40 MB (41,943,040 bytes)
InternalDsnReportingAuthority       :
InternalDsnSendHtml                 : True
InternalSMTPServers                 : {}
JournalingReportNdrTo               : 
LegacyJournalingMigrationEnabled    : False
MaxDumpsterSizePerDatabase          : 60 MB (62,914,560 bytes)
MaxDumpsterTime                     : 7.00:00:00
MaxReceiveSize                      : unlimited
MaxRecipientEnvelopeLimit           : unlimited
MaxSendSize                         : unlimited
MigrationEnabled                    : False
OpenDomainRoutingEnabled            : False
Rfc2231EncodingEnabled              : False
ShadowHeartbeatRetryCount           : 12
ShadowHeartbeatTimeoutInterval      : 00:15:00
ShadowMessageAutoDiscardInterval    : 2.00:00:00
ShadowRedundancyEnabled             : True
SupervisionTags                     : {Reject, Allow}
TLSReceiveDomainSecureList          : {}
TLSSendDomainSecureList             : {}
VerifySecureSubmitEnabled           : False
VoicemailJournalingEnabled          : True
HeaderPromotionModeSetting          : NoCreate
Xexch50Enabled                      : True

Also my antispam cloud service sent me the following logs:

10:10:38.662 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: MAIL FROM:<USER@gmail.com> SIZE=34140018
10:10:38.771 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 250 2.1.0 Sender OK
10:10:38.771 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: RCPT TO:<work@workemail.com> NOTIFY=FAILURE,DELAY
10:10:38.896 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 250 2.1.5 Recipient OK
10:10:38.896 4 SMTP-037868(workemail.com.smtpip.com:25) cmd: DATA
10:10:39.021 4 SMTP-037868(workemail.com.smtpip.com:25) rsp: 354 Start mail input; end with <CRLF>.<CRLF>
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) abort request
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) write failed. Error Code=socket aborted
10:13:57.661 3 SMTP-037868(workemail.com.smtpip.com:25) [1959469085] failed to send. Error Code=socket aborted


AND 

Also another error from Appriver:
08:48:34.798 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: MAIL FROM:<user@gmail.com> SIZE=34148430
08:48:34.907 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 250 2.1.0 Sender OK
08:48:34.907 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: RCPT TO:<work@workemail.com> NOTIFY=FAILURE,DELAY
08:48:35.032 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 250 2.1.5 Recipient OK
08:48:35.032 4 SMTP-929371(workemail.com.smtpip.com:25) cmd: DATA
08:48:35.157 4 SMTP-929371(workemail.com.smtpip.com:25) rsp: 354 Start mail input; end with <CRLF>.<CRLF>
08:53:34.718 3 SMTP-929371(workemail.com.smtpip.com:25) write failed. Error Code=connection reset by peer
08:53:34.718 3 SMTP-929371(workemail.com.smtpip.com:25) [1959495450] failed to send. Error Code=connection reset by peer

I am out of options here,  wondering if anyone know's anything about this?

Vladimir

Search

Internal clients can't send nor rcv internally

January 8, 2015, 11:58 am
$
0
0

I have an Ex2k13 setup as :

Win2012 R2 DC

Win2012 R2 + Ex2k13 act as CAS and MBX server 

now i promoted a new Ex2k13 node to configure DAG between them , but once the installation of the new exchange finished and before doing any settings related to DAG or any send/rcv connector , i started receiving complains about some internal users can't send/rcv internally although the mailbox is connected ,

at first i checked queue and i found many emails in the shadow queue , although it shudn't be related to the problem but i disabled it then i had to stop all transport services and other exchange services in the new Exchange node and then the users started to send / rcv normally !

what cud be the reason ? and how to avoid it ?

BR, Mohamed Wahab "Egypt Cyber Center"

Exchange subdomains - simultaneous parallel delivery

January 8, 2015, 6:18 pm
$
0
0
I would like to have two Exchange subdomains on two different physical servers at two different physical sites.  The userlist on each subdomain would be the same.   Can I setup my MX/DNS records at my DNS/MX hoster so that all mail that is intended for user1@maindomain.com gets rerouted so that it will be sent simultaneously to user1@subdomain1.maindomain.com and user1@user2@subdomain1.maindomain.com. I then want it so that wheether  user1 logs into subdomain1 or subdomain2 when they reply the reply to the received email will look likes it's from user1@maindomain.com. If there is another way to accomplish this I would appreciate knowing what it would be.

Exchange 2013 not receiving internal and external emails ..

January 9, 2015, 5:34 am
$
0
0

I have a coexistence of exchange 2007 and exchange 2013 ..2013 mailboxes where able to receive and send mails (internal and external) but suddenly the mail flow has stopped. 

Mail flow status

2013 to 2007 = OK

2013 to internet = OK

2013 to 2013 = OK

2007 to 2013 = FAIL

Internet to 2013 = FAIL 

incoming internet mails return the NDR below

Diagnostic information for administrators:
Generating server: mydomain.com
test08@mydomain.com
Remote Server returned '< #4.4.7 smtp;400 4.4.7 Message delayed>'

What could be a possible reason for this? 

Cheers guys ..

..forever is just a minute away*

DLP feature vs Enterprise CAL

January 8, 2015, 4:02 pm
$
0
0

Hi,

I am trying to test the DLP feature.

My install: Exchange 2013 SP1, Enterprise Server License.

Client: Outlook 2013 Pro ( can work with EX13 for DLP)

Standard CAL license.

I tried to create a DPL test rule. It doesn't work.

It said that I need Enterprise CAL ( ECAL). I don't see where I can "Install" the Enterprise CAL. I want to test this feature before spending $10K on the Enterprise CAL. Can someone shed a light. ALL googling come up with the different between SCAL and ECAL. 

I ran this comment and it shows that all users are using SCAL: Get-ExchangeServerAccessLicenseUser –LicenseName “Exchange Server 2013 Standard CAL”


Is my best bet a hosted SmartHost

January 8, 2015, 9:45 am
$
0
0

My ISP blocks port 25. I'm having a hell of a time getting my internal exchange server to deliver mail on a different port. I have configured my send connector for port 587 (among others for testing) but mail sent to the Internet (gmail / yahoo / other) simply will not deliver. I see the connection establish on my TMG firewall on the alternate port, but the messages just stay in the exchange queue with the error: Remote Server at gmail.com (2a00:1450:4013:c01::1a) returned '441 4.4.1 Error encountered while communicating with primary target IP address: "Failed to connect. Winsock error code: 10051, Win32 error code: 10051." Attempted failover to alternate host, but that did not succeed. 

I don't understand why I can't get mail to deliver? Maybe it's my DNS, although it seems to be working fine. I have a split-DNS, no other systems have issues. I'm also seeing the connection resolve on my TMG logs. Is mail in fact actually being delivered on port 587 and maybe gmail / yahoo isn't allowing it through? I'd like to configure this on my end, but more than likely would be solved with a SmartHost provided by my registrar.

-SK

Linking DLP and MRM together

November 11, 2014, 2:22 am
$
0
0

Is it possible to link DLP and MRM features in Exchange 2013?

I cannot find any documentation that confirms whether or not it is possible to create a DLP policy which will categorise an email, and then automatically apply a retention tag to it based on this classification?

Does anyone have any thought as to if this can be achieved, and if so how?

Data Loss Prevention - Social Security Number

January 9, 2015, 8:08 am
$
0
0

I've been doing some testing on Microsoft's pre-packaged SSN, and I noticed that the only time it will catch an SSN in this format ######### (no dashes) , is when there is a date in the subject or body. Is there a way to get this policy to not do this? Or possibly get the XML sheet, and take this component out?

Example:

Subject or Body contains: SSN ######### , the policy is not triggered

Subject or Body contains: SSN ######### in either body or subject, and any date in this format ( Friday, January 09, 2015 ), the policy is triggered.

Search

Exchange 2013 S/MIME with Server 2008 R2

January 9, 2015, 7:04 am
$
0
0

So I am trying to configure S/MIME on my 2013 Exchange server, but the process in which I need to export the rootca is vague and only applies to Server 2012/Windows 8 because of the export-certificate command.  

http://technet.microsoft.com/en-us/library/hh848628.aspx

My domain consists of a single DC/CA and member server that hosts Exchange.  Both servers are on Server 2008 R2, and I have installed PowerShell v4.0 on my DC to try an export the certificate but it continues to fail with:

export-certificate : The term 'export-certificate' is not recognized as the name of a cmdlet, function, script file,
or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and
try again.

The examples given to set up the export are equally vague:

PS C:\>$cert= (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF) <--What path is this referencing??
If anybody has experience doing this I would greatly appreciate some guidance.
Mike

Microsoft Exchange Anti Spam Update

January 6, 2015, 10:04 am
$
0
0
I installed the Microsoft Exchange Server Standard Anti Spam Filter update V3.3.14422.478 on the 5th of January, 2015 and after a required reboot it appears as though many users,  including myself are no longer receiving e-mails with attachments.  It is Exchange Server standard 2010, any ideas where I can start to trouble shoot?  There were other updates installed on that date but they were for the windows server and IE 11, one for malicious software removal.

Exchange Server FQDN

January 12, 2015, 7:21 am
$
0
0

Hello Dear,

suppose,  I have an exchange server for local use  mail.example.com. now I want to internet access this mail server but I want to this FQDN follwing mail.example.com.bd or mail.example-bd.com , can it possible ?

Message time is days before message tracking logs show it was received.

January 12, 2015, 7:46 am
$
0
0

Environment: Exchange 2013 CU7

I have a user who is reporting that she sent a message on 1/6/2015 to an internal Exchange recipient from her Outlook client.  I have seen the message from the mailboxes and it shows the correct date.  However, they said the message didn't arrive in the recipient mailbox until 1/9/2015.  I ran a get-message tracking log and it shows the server received it and delivered to mailbox on 1/9/2015.

Does anyone have any ideas on why the message would show 1/6 but the server didn't get it until 1/9?  

Thanks,

Jeff

SMTP Address Should Change after deliver mail to Public Network

January 12, 2015, 10:17 pm
$
0
0

Hi,

Below is the scenario. 

In my Exchange Organisations we have Two Accepted Domain abc.com and xyz.com

User 1 have both SMTP Domain abc.com is a primary address and xyz.com is a secondary address.

User1 wants

if he sending a mail to external domain @yahoo.com then his SMTP Address Should show xyz.com.

Is it possible. .?

If yes then how?

Regards,

Ravinder kr. 

Viewing all 4249 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>