Hello,

I have a newly installed Exchange 2013 working just dandy, except that it cannot relay mail for two particular domains. 

Problem domain # 1 gives me an NDR:

primary target IP address: "Failed to connect. Winsock error code: 10061,
Win32 error code: 10061." Attempted failover to alternate host, but that
did not succeed. Either there are no alternate hosts, or delivery failed to all
alternate hosts. The last endpoint attempted was 72.52.10.14:25'

Problem domain # 2 gives me a useless NDR:

Remote Server returned '550 4.4.7 QUEUE.Expired; message expired'<u5:p></u5:p>

Tracking messages to both domains I get a common error:

Eastern Time (US & Canada) and generated the error '[{LRT=};{LED=};{FQDN=};{IP=}]'.

Here's what I have done so far:

I can telnet to both problem domains on port 25 and get a 220
DNS resolves both mail server FQDN's to the correct IP
Using NSLOOKUP I can see MX records for both domains
I have verified EDNS using OARC's site

Currently I am stumped. Any suggestions or help would be greatly appreciated.

Miguel Fra | Falcon IT Services, Miami, FL
SharePoint Site | Joomla Site | Knowledgebase

I have followed the steps on how to enable S/MIME in OWA, I have downloaded and install the controls into IE, I can see the menu options to sign or encrypt, but if I try to sign an email I receive a message stating "No certificate was found.  If you have a smart card-based certificate, insert the card and try again.".  My SC is in the reader and I used it to log into webmail, but I am never able to tell it which certificate to choose.  

Did I miss something in my server configuration?

I have tried this on Windows 7 and Windows 8.

I have not loaded Outlook onto my computers and played with that yet.

Thanks,

Mike

Hey Folks,

We have an AD domain (domaincorp.org) and also an Internet/email domain (domain.org). Our users have email addresses that employ the latter.

Recently, we have had need for an internal unix SENDMAIL relay to masquerade asuser@domain.org . This seems to work fine when sending to external recipients. However, messages sent internally (to AD users) are dropped. However, the same message from the same SENDMAIL host succeeds when it originates as user@domaincorp.org .

We are running Exchange 2007 sp3 and both "domaincorp.org" and "domain.org" are listed in the "Accepted Domains" list at the origanization level, with domain.org being the default.Both hosts are on the same internal LAN . No DMZ, NAT'ing, etc. in play.

When sendmail IS NOT set to masquerade, both internal and external messages succeed. The relay/receive connector works perfectly. However the external RFC headers detect that the default domain of the unix box isn't SPX verified.When sendmail IS set to masquerading as domain.org, external succeeds and passes SPX muster. However, that same message now gets stopped cold internally. Nothing in message tracking even.

I should also add that the successful external messages to which I refer are routed thru a bulk mailserver and not the same Exchange box. So for the purposes of this thread, it is safe to say that ALL mail hitting the Exchange 2007 box itself is failing.

Our existing receive connector has "TLS, Basic, and Exchange" authentication methods set, and "Anonymous, Exchange Users, and Exchange Servers" for permission groups. SENDMAIL without masquerading succeeds to this connector, and an alternate connector.

How do I go about allowing mail from the internal relay to pose as user@domain.org?

Thanks!
Tom W.

JTW

Good afternoon, all!

I'm working on a new Exchange design and implementation project.  I had some research that seemed to indicate that I could have my Edge Transport server in the DMZ to receive Internet mail and to act as a web proxy for the Client Access server residing in the internal network.  However, in my testing I haven't found where that is possible.

Will the Edge Transport server provide that capability or will I need to open a path to the Client Access/Mailbox server?  Is there a tradeoff in separating the Client Access server into a separate machine in the DMZ for remote access, that is, if the Edge Transport server won't supply web proxy services, will I need to make a separate machine for Client Access?

Thanks!

Gregg

I have a single multi-role Exchange 2013 server and it would appear that it's not properly maintaining the temp files for the transport service.  I still have all those folder locations at their default and the problem folder is c:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\data\Temp

I never had a problem with this in Exchange 2007 but I am used to running a PowerShell script nightly to clean up the IIS log files.  Do I need to do something similar for this temp folder?  Is there a setting I can adjust so that Exchange will limit the size of this folder itself?  If I stop the transport service and delete the files here will I lose anything?

Any suggestions or insight would be greatly appreciated.

hi

i have exchange 2013 and it worked fine.now i want to add edge transport.

after i install edge transport i cannot send or receive email

i create xml file on edge transport then import it on hub transport and run start-

EdgeSynchronization command 
RunspaceId     : d2192d3a-009b-4fc8-ba3e-a70da064dfc1
Result         : Success
Type           : Recipients
Name           : EdgeTP
FailureDetails :
StartUTC       : 1/14/2015 8:23:27 PM
EndUTC         : 1/14/2015 8:23:27 PM
Added          : 0
Deleted        : 0
Updated        : 10
Scanned        : 21
TargetScanned  : 0

RunspaceId     : d2192d3a-009b-4fc8-ba3e-a70da064dfc1
Result         : Success
Type           : Configuration
Name           : EdgeTP
FailureDetails :
StartUTC       : 1/14/2015 8:23:27 PM
EndUTC         : 1/14/2015 8:23:28 PM
Added          : 0
Deleted        : 0
Updated        : 2
Scanned        : 21
TargetScanned  : 0

Hi all,

I have a issue. 

When i test my mail exchange system by telnet to port 25, i can fake a user on active directory and send mail to another user.

Please help me. How i can fix this problem ?

Thanks all.

I deleted an exchange 2013 mailbox database from the ecp, I then proceeded to remove the dbase folder and got the error"The action can’t be completed because the file is open in noderunner.exe"

Some search on google and I found the proposed solution to"restart-service hostcontrollerservice"

this worked for a few minutes and then the folder returned again. I even tried changing the drive letter and formatting but once I return the original drive letter, the folder returns. I am running exchange 2013 CU7 so NOPE! CU1 is not a fix as I have seen in some posts.

Any idea guys?

~Richard

..forever is just a minute away*

hi

i have exchange 2013 .(Hub transport in inside network and edge transport in DMZ)

Hi Technet

May you please assist me if possible

I'm currently running exchange 2013 on 2010 (2 exch 2010 servers) environment and having mail flow issues bidirectionally. Mails are sent from 2010 but don't get delivered on 2013 mailbox and vice versa. I've moved over the Receive connectors from 2010  manually and also changed the Hub Transport roles to FrontEndTransport to avoid conflict with port 25 and the Transport service hanging on starting state but still I have no luck in getting mail to flow

Test-MailFlow fails

Thank you
Jabu

jabulani.sibeko@cellfind.co.za

jsibeko@gmail.com

Hi All,

I am facing a issue while test the Mail-flow of my DC DR Server using Exchange Shell. Please look into the attached log and suggest the possible reason behing this issue.

I am create a DAG and map 3 Data Base server with in it. When I try the same command for two of my DC Server it showing no error but when I try the same command pointing to DR server than only I get this error .... 

[PS] C:\Windows\system32>Test-Mailflow -AutoDiscoverTargetMailboxServer -Identity "ASMSPLCP-EXDR"
[Microsoft.Mapi.MapiExceptionSendAsDenied]: MapiExceptionSendAsDenied: Unable to submit message. (hr=0x80070005,
ec=1244)
Diagnostic context:
    Lid: 40487   EMSMDBMT.EcDoRpcExt2 called [length=46]
    Lid: 56871   EMSMDBMT.EcDoRpcExt2 returned [ec=0x0][length=296][latency=78]
    Lid: 52176   ClientVersion: 15.0.913.22
    Lid: 50032   ServerVersion: 15.0.913.20
    Lid: 23226   --- ROP Parse Start ---
    Lid: 27962   ROP: ropSubmitMessage [50]
    Lid: 17082   ROP Error: 0x4DC
    Lid: 27745
    Lid: 21921   StoreEc: 0x4DC
    Lid: 27962   ROP: ropExtendedError [250]
    Lid: 1494    ---- Remote Context Beg ----
    Lid: 41232
    Lid: 60208
    Lid: 37136
    Lid: 34608
    Lid: 55056
    Lid: 42768
    Lid: 56112
    Lid: 29908   StoreEc: 0x4D9
    Lid: 33016   StoreEc: 0x4DC
    Lid: 63016   dwParam: 0x32
    Lid: 39640   StoreEc: 0x4DC
    Lid: 10786   dwParam: 0x0        Msg: 15.00.0913.000:ASMSPLCP-EXDR
    Lid: 1750    ---- Remote Context End ----
    Lid: 26849
    Lid: 21817   ROP Failure: 0x4DC
    Lid: 60547   StoreEc: 0x4DC
    Lid: 21966
    Lid: 30158   StoreEc: 0x4DC
    + CategoryInfo          : InvalidData: (:) [Test-Mailflow], RecipientTaskException
    + FullyQualifiedErrorId : [Server=ASMSPL-MBX1,RequestId=72333031-3423-4fdb-bd2b-e14d6ce05c16,TimeStamp=11/14/2014
   12:11:56 PM] [FailureCategory=Cmdlet-RecipientTaskException] 35158E0F,Microsoft.Exchange.Monitoring.TestMailFlow
    + PSComputerName        : asmspl-mbx1.domain.com

Regards, Koustov Choudhury

Hi All

I have a customer with Exchange Server 2013 Standard SP1. I have recently migrated them from Exchange 2010.
Single Server for All roles. VM has Trend Micro office scan agent installed. Server resource is adequate, Separate drive holds logs, exchange database.

The only Error / warnings I can find from Event logs are below
1) Event ID - 6002, Ping of Mailbox database timed out after 00.00.00 minutes
2) Event ID- 6027, MS Filtering failed to contact primary update path
3) Event ID- 16028, A lot of this event.

I have done a bit of searching and reading and seems like all the above could be ignored,

However my main concern is, I have noticed over the last couple of week that once a week Exchange Transport Service stops and fails to restart itself causing mail flow until staff tells me none is receiving email then I manually start the service.

Has someone ran it to something similar or can offer a solution? Perhaps a script that runs and checks transport service and if service failure detected then wait 1 minute to force restart it?

Thank you in advance.  

MCITP, MCSA, MCSE,VCP - Consultant, Solution Design, Implementation

I am trying to allow a server to relay through Exchange 2013 to an external email address. I added a new receive connector FrontendTranport port 25 and ran:

Get-ReceiveConnector -Identity "xxx" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"

If I disable the default FrontendTransport connector that is on port 25 then the server will relay, but outside email stop coming in. How can I setup the default Fronendtransport connector on port 25 to allow this internal IP to relay? Do I add the IP in the scope and run the above command on that receiver? Is that safe?

Thanks,

Baze

Hi,

I have multiple Mailbox servers. All servers are working fine. Except one mailbox server. Whenever this mailbox server send any email, it stucks in the queue and gave the following error.

451 please retry later (gl)

users get delivery delayed message. Whereas other mailbox servers send emails to the same domain. It is very strange that one mailbox server cannot send any email to any domain. Can somebody please help us in this regard.

Thanks

Anees

Hello all,

Is it possible to create a rule in Exchange 2013 based on a message header, and redirect to a custom send connector?

It looks like you can do it within Exchange Online with outbound connectors, but I don't have the same options in 2013.

"Apply this rule if...... A message head includes 'x-ibe-encrypted' header includes 'securemail'

Do the following...... Use the following send connector....

Redirect the message to.... the following send connector.

Hi,

I have recently deployed a test Exchange 2013 with the mailbox role and client access roll on Windows server 2012 R2

The test machine is also a DC, DNS server, DHCP Server. I have no edge transport server, the Frontend transport connector, ie SMTP service is being used.

Exchange 2013 has been updated to CU7 and windows server 2012 has all the latest updates installed from windows update.

The problem i am having is the Sender ID filter, installed with the anti-spam configuration, is running very slowly.

If i use the Test-SenderID cmdlet with any external address it can sometimes take minutes to come back with the test result.

However sometimes it comes back quite quickly - its somewhat intermittent. It doesn't matter what 'PurportedResponsibleDomain' i use or IPaddress for the test - the majority of the time its very slow, although occasionally it will come back within a second with the result, but do the same test again with the same parameters and its back to a minute or 2 again.

This slow response is replicated with a SMTP test via telnet, upon the final '.' to send the email, it can hang for a minute or 2. If i disable the SenderID filter i get the acknowledgement from the SMTP server within a second. This occurs if i telnet direct from the exchange machine, or from another machine on the network.

Things i have observed:

-After a couple of days from rebooting the server - the SenderID filter suddenly, for apparently no reason, starts responding instantly, with the Test-SenderID cmdlet consistently returing results within a second - ie problem resolved. If i reboot the server im back to the slow running.

-Internal email is being delivered fast, no delays

-External email is delayed by a minute or 2, confirmed to be caused by the SenderID filter.

Things i have checked:

-DNS configuration looks good, no problems, all Local IP's on the 1 and only adapter have A records. There is a valid MX record, external DNS records for the mail domain are correct. I have put valid SPF records for the dc domain etc.

-No errors in application logs other than the usual suspects from exchange 2013 (a few performance counter errors)

-No DNS errors or warnings in the event logs.

-InternalSMTPServers on the TransportConfig has been set to the IP assigned to the adapter. I have also tried adding all IP's on  this adapter (there are 4), and even 127.0.0.1 to this InternalSMTPServers list, but it makes no difference for external mail or the Test-SenderID cmdlet. It does however speed up a telnet smtp test direct from the exchange machine as the internalSMTPServers list results in a bypass.

In Exchange 2013, Outlook finds a new connection point made up of the user’s mailbox GUID + @ + the domain portion of the user’s primary SMTP address. This change makes it much less likely that users will see the dreaded message “Your administrator has made a change to your mailbox.”

http://technet.microsoft.com/en-us/library/dd298114(v=exchg.150).aspx

Although the error message in the topic has been already improved a lot in Exchange 2013, the users may still encounter them in some specific scenarios. We have collected them and let’s discuss them in this thread.

Symptom

=======================================

Consider the following scenario:

• Exchange 2013 was installed for a migration from Exchange 2007/2010.
• The legacy Exchange server is removed after successful migration.
• Exchange 2013 may be updated to Exchange 2013 SP1.
  
  

Some users were being randomly prompted with a popup in their outlook client with the following message when connecting with Exchange 2013 server:

“The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook”

Cause

=======================================

The issue may be caused due to Public Folders.

The msExchHomePublicMDB attribute on Exchange 2013 databases was set to deleted legacy public folder object.

References:

https://social.technet.microsoft.com/Forums/en-US/2f736bdd-1c00-4a22-97a5-95faeadf1495/exchange-2013-sp1-users-randomly-prompted-with-the-microsoft-exchange-administrator-has-made-a?forum=exchange2010

https://social.technet.microsoft.com/Forums/lync/en-US/7a7b3cf8-8761-421c-9d55-6c84e05531c0/the-administrator-has-made-a-change?forum=exchangesvrclients

https://social.technet.microsoft.com/Forums/en-US/0d71c843-b662-493c-ab6e-30708929ef18/2013-sp1-problem-the-microsoft-exchange-administrator-has-made-a-change-that-requires-you-quit-and?forum=exchangesvrdeploy

Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

i have trouble sending email to our other company locations was going to try sending via 3rd party smtp 

can anyone recommend a one? i found smtp2go have not used one before will it work for this for what i need?

has anyone used smtp2go?

So I have a really wierd issue. Any help would be greatly appreciated.

Internally we have a 2010/2013 org with:

Exchange 2010 - 2x CAS&HT , 2xMBX, 2xEdge Exchange 2013 - 2x CAS, 2xMBX

I am trying to subscribe my Edge Transport servers, that also run TMG firewall, to the Exchange org after installing Exchange 2013, so that I can send email out through Exchange 2013. However, I cannot telnet on port 25 from one of my 2013 Mailbox Servers to the Edge Transport. This works:

2013MX1 to EDGETMG02 2013MX2 to EDGETMG01 2013MX2 to EDGETMG02

However, if I telnet on port 25 from 2013MX1 to EDGETMG01 then I get an error 421 4.3.2 Service Not Available. What does this mean, and what can I do to fix this? At the moment email just queues up on Exchange 2013 without any route out to the internet.

Edit:

Exchange 2013 servers are all SP1 CU6 Exchange 2010 servers are all SP3 RU4

We can send email to Verizon.net from our domain teamwd.com. We can receive email from verizon.net email account but we can not send email from teamwd.com on there SBS 2011 Excahnge server. The client did get a new IP address due to getting a faster dsl connection. Not sure why we can not send a email to verizon.net. I asked verizon to add a ptr record on the connection but it did not help. Any help would be much appreciated.