Quantcast
Channel: Exchange Previous Versions - Mail Flow and Secure Messaging forum
Viewing all 944 articles
Browse latest View live

Edge Server 2007 Subcription issue coexistence with exchange server 2013

September 16, 2015, 10:16 am
$
0
0

Hi Everybody!!!!

Present evironment is in coexistence ( 2007 and and 2013)

exchange 2007 : 1Mailbox and 2 HUB and CAS Server, edge server in perimeter

exchange 2103: 1Mailbox and 1 CAS server.

1) Exchange Thirds party UCC SSl certficate configured for exchange 2013 cas and same certifcate has been exported to

exchange 2007 cas servers and edge server 2007 configured successfully. Coexitence configured

2) All Mailbox MIgrated successfully to exchange 2013 mailbox server

3) I want to shut down both Exchange 2007 cas server and route all mails through exchange 2013CAS and mailbox server to Edge server 2007.

4) disabled receive connectors of Exchange 2007 CAS servers. New  Edge subscription done from edge server 2007 for exchange 2013 mailbox server, but mailbox server not accepting edge subscription giving error as  ssl certificate which has been already used by another hub transport cannot be used. Edge and 2013 mailbox server certificate must be different.

Need your immediate assitance...

Rgds

karhtik

Search

How to rewrite outgoing From: header with incoming To: header?

July 21, 2015, 11:38 am
$
0
0
Could this work?

Incoming mail gets delivered via Distribution Groups

If the To: header remains unchanged at Group member receipt, on Reply use Transport Rules to replace outbound From: header with incoming To: header text

NOTE: I need to flesh out a test scenario to pass on to my Exchange admin, since my expertise is on the MTA side ...

~ Mike

SMTP Through Exchange to the RightFax FAX connector fails - RecipNotFound

September 18, 2015, 11:06 am
$
0
0

Our goal is to have one of our Unix systems send email through Exchange and out our RightFax FAX connector.  The Unix system can send to Exchange successfully, and an Outlook user in Exchange can send a FAX successfully, so the pieces work.  Now we're trying to get SMTP emails with encapsulated addresses to send through to our RightFax FAX connector.  We're using the following formats in our testing:

(The phone numbers are valid external FAX numbers in our testing.)  When we send these messages, we are getting NDRs like the following:

IMCEAFAX-16145551212@ourcompany.com
#550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##

This tells me that our system is attempting to deliver this message to an internal user who has this email address.  Obviously, since we are attempting to send to an external FAX system, none of our users is going to have this address.  I think this is happening because we are authoritative for ourcompany.com, but I have a feeling that if we change SMTP domain of the address to something like fax.ourcompany.com and set our system to not be authoritative, our system will attempt to send the email via SMTP to another system, rather than remove the encapsulation and send through our RightFax connection.  Has anyone done this, and if so, how did you get it working?

TIA ...

Will Martin ...
-join ('77696c6c406d617274696e2d66616d696c6965732e6f7267' -split '(?<=\G.{2})' | ? { $_ } | % { [char][int]"0x$_" })



Some users passwords were changed

September 20, 2015, 7:34 am
$
0
0

In the last two weeks the same following case happened three times for three different users :

The user password gets changed and when looking through the logs this is what i found in the CAS server IIS logs :

2015-09-20 09:55:09 192.168.x.x GET /owa/forms/premium/ChangePassword.aspx ae=Options&t=ChangePassword&Initial+Budget>>Conn:1,HangingConn:0,AD:18000/17985/1%,CAS:90000/88368/3%,AB:18000/18000/0%,RPC:90000/88663/3%,FC:1000/0,Policy:DefaultThrottlingPolicy_7278bd57-2633-4181-a271-c21ae9d20cc5,Norm&v=14.3.224.2&mbx=MBX02.domain.local&sessionId=9c407ff6022140dba1164017ff708541&prfltncy=35&prfrpccnt=0&prfrpcltncy=0&prfldpcnt=0&prfldpltncy=0&prfavlcnt=0&prfavlltncy=0&End+Budget>>Conn:1,HangingConn:0,AD:18000/17985/1%,CAS:90000/88368/3%,AB:18000/18000/0%,RPC:90000/88663/3%,FC:1000/0,Policy:DefaultThrottlingPolicy_7278bd57-2633-4181-a271-c21ae9d20cc5,Norm 443 sjohn 166.70.207.2 Mozilla/5.0+(Windows+NT+6.1;+rv:31.0)+Gecko/20100101+Firefox/31.0 200 0 0 234

what I understood from these logs is that sjohn (user ID) password was changed through the owa at 9:55 on 20-september from the ip 166.70.207.2   right?

Just want to make sure that there is nothing wrong with exchange environment especially that this case repeated exactly the same way for three users any ideas!!!!

Another Annoyed IT Admin

May 28, 2015, 9:39 am
$
0
0
One of my clients suddenly showed up on the FBLW15 blacklist. The MX records have not been changed, the PTR has been set correctly for 3 months and they are on no other blacklists. This has impacted business with both a major vendor and client. The damage to a company's image by being placed on a blacklist with no reason can be immeasurable, particularly when dealing with government or quasi-governmental agencies. Microsoft needs to be much more careful when blacklisting and should be checking these addresses against other blacklists and asking why they are the only ones doing so. I smell a lawsuit coming. Short term I will have to recommend to clients that they stay away from any hosting done by Microsoft as their false positives with existing messaging clients are too high. We had a potential of missing both a large order from a client and a large order to a vendor went astray. This appears to be an ongoing issue for at least the last three years and there is no excuse for not fixing this issue.

Mailbox forwarding differs from forwarding using a contact

September 21, 2015, 12:12 am
$
0
0

Hello,

I’m investigating an odd issue between Gmail and Exchange 2010 SP3  that I’m trying to troubleshooting as part of our mail migration strategy, basically out of office messages are not being received by users in a specific scenario. The setup is as follows:

  1.       MX for contoso.com à on premise Exchange
  2.       MX for gmail.contoso.com à Gmail 
  3.       Exchange uses mail contacts to forward to Google, using either
    1.       A mail contact performing the forwarding to gmail.contoso.com (i.e. internal @contoso.com and external gmail.contoso.com address on same object), no mailbox involved
    2.      A mailbox forwarding to a gmail.contoso.com mail contact

If a user in Google with a mailbox in Exchange is forwarding to a contact and sets their out of office, the following behaviour occurs:

Sender

Result

SPF Result

External (i.e. hotmail.com)

Recipient receives their own out of office, i.e. joe.bloggs sets his own out of office and gets a message in his inbox saying joe bloggs is out of the office”

Fail - spf=fail (google.com: domain of joe.bloggs@contoso.com does not designate 45.2.168.8 as permitted sender

Gmail (contoso.com)

Out of office received OK

Pass

Exchange (contoso.com)

Out of office received OK

Pass

If the above tests are repeated using a mail contact as in scenario 3a, in all tests the out of office is received and the SPF check passes.

Email delivery between accounts from internal Exchange, internal Gmail and external works fine - this just seems to be an issue with out of office messages, which is due to the fact an Exchange mailbox forwards emails using a different mechanism than an Exchange mail contact - is there a way around this?

Thanks

IT Support/Everything

Antivirus XP 2008

August 1, 2008, 1:48 am
$
0
0

I was unfortunate enough to receive a free copy of Antivirus XP 2008. Smile  It is really quite malicious and difficult to remove, it made rules in my firewall settings and was impervious to the standard XP 'Add/remove Programs' function.  I unfortunately did not consult the Internet before I removed it, rather brutally, but I think it has gone.  However it took out some of my desktop picture functions.  The Properties tab is no longer available - gone, not just greyed out.  It left me with a bright blue background (Blue Screen colour) and on start up it says that it is missing a file: C:\Documents and Settings\'my name'\Local Settings\Temp\.tt21.tmp.vbs.

 

So far everything else seems OK, but I would like to know if I can repair the O/S?

blocked using FBLW15

April 30, 2014, 2:12 am
$
0
0
Good morning,
we have a problem with sending emails from domain @macauditor.pl to domains which are hosted on Outlook.com or protected by Microsoft Forefront. Problem occurred after we changed IP address of our mail server. We have set MX, revDNS and SPF records correctly, but still are getting the following NDR:
"550 5.7.1 Service unavailable; Client host [217.67.215.242] blocked using FBLW15; To request removal from this list To request removal from this list please forward this message to delist@messaging.microsoft.com".
I have sent email to "delist@messaging.microsoft.com" but didn't get any response other than this:
"Thank you for your delisting request SRX1244578730ID. Your ticket was received on (Apr 28 2014 11:11 AM UTC) and will be responded to within 24 hours."
It has been nearly 2 days since our first request and we are still unable to send emails to domains: @bbdo.com.pl, @mediadirection.com.pl, @ideatfi.pl, @inventumtfi.pl. Those domains belong to our important clients, so this is a huge problem for us.

We have already checked our IP at http://www.anti-abuse.org/ and it seems that we are 'clean' everywhere. Only MS is blocking our emails.

Kind Regards,
Paweł Gąsieniec
Search

Combine mail enabled and disabled groups via group nesting

September 23, 2015, 9:54 pm
$
0
0

Greetings,

  Can anyone point me to a document that describes the rules for combining mail enabled and disabled groups via nesting?

 For example, user is a member of GROUPA which is not mail enabled and GROUPA is a member of GROUPB which is mail enabled so if I send mail to GROUPB does the user get it? Do all the groups in the nesting chain have to be mail enabled?

Thanks

David Z

Tranport rule question

September 24, 2015, 10:25 am
$
0
0

Hello,

Can somebody please explain to me the difference between "matches text patterns" and "contains specific words"? Thanks

Jim

Exchange 2010 - Route Based on Sender Domain - Different Send Connectors.

January 8, 2012, 1:20 pm
$
0
0

 

Hello Team,

We have an exchange 2010 environment with 2 email domains, lets says 123.com and abc.com. Currently they are all routing through my default Send Connnector to going out.

My requirements is I want to set up two send connectors and configure to used two different ISP's smart host, so that all mails from 123.com goes through my first send connector using (ISP-A) and abc.com through send connector using (ISP-B)

While searching I have found some third party tools to achieve this purpose, like
http://ivasoft.com/routebysender.shtml 
http://www.messageconcept.net/en/products/exsbr/functionality/
 
but, I want to know is there  any way to acheive this using Exchange configuration only without going for Third party utilities.


Any help would be really appreciated!

Thanks

Fazal

 

My Microsoft Word Files Have A Virus: How Can I Repair These Files?

October 19, 2008, 2:30 pm
$
0
0
I NEED THE INFORMATION IN THESE FILES, BUT VIRUSBARRIER X5 WON'T LET ME REPAIR THEM.

IF THE FILES CANNOT BE REPAIRED, HOW DO I SAVE THE INFORMATION IN THEM? SHOULD I COPY THE INFORMATION FROM EACH FILE AND CREATE A NEW FILE AND PASTE IT IN THERE?

I THOUGHT THAT MY MICROSOFT WORD PROGRAM WAS CORRUPT BECAUSE IT HAS PRODUCED FILES THAT ALL HAVE A VIRUS FOR THE LAST MONTH, BUT I JUST RAN A VIRUS SCAN ON MY APPLICATIONS AND IT SAYS IT'S NOT CORRUPT. SO WHY IS MICROSOFT WORD PRODUCING CORRUPTED FILES?

AND HOW CAN I SAVE THE INFORMATION IN MY CORRUPTED FILES? IF I CREATE NEW WORD DOCUMENTS THEY WILL BE CORRUPTED TOO!

PS. I AM ON A MAC COMPUTER, A MACBOOK PRO, WHICH IS AN INTEL PC PROCESSOR, USING MAX OS 10.4.11

PSS. AM I ON THE RIGHT FORUM / IN THE RIGHT SECTION FOR THIS QUESTION? IF NOT, PLEASE LET ME KNOW WHERE I SHOULD POST THIS QUESTION!

THANKS FOR YOU HELP!!!

-M

TLS Warnings when replacing a CA UCC SAN SSL certificate

October 2, 2015, 9:06 am
$
0
0

Need help resolving TLS warnings when assigning services to a reissue of our UCC SAN SSL certificate. Exchange 2010 SP2 with Hub, CAS, Mailbox roles (server1).

Due to requirement to eliminate internal host names, we obtained a reissued cert (replacement of original minus the host (NetBIOS) names) from our CA (DigiCert). We also obtained a duplicate of the reissued cert for our second E2K10 SP2 HUB, CAS, Mailbox (server2, in different office).

Reissued cert lists same FQDNs as currently installed cert:

mail.company.com
mail2.company.com
server1.addomain.company.com
server2.addomain.company.com
autodiscover.company.com
legacyexchange.company.com

DigiCert said internal FQDNs ending in .com were fine.
The common name is (remains) mail.company.com

Our servers' Exchange virtual directories' internal URLs use either internal or external FQDN. None use host (NetBIOS) name. Our receive and send connectors also use either internal or external FQDN in HELO-EHLO response.

Tonight I imported the reissued cert on server1 and tried to assign services (IMAP,POP3,IIS,SMTP) using EMC. I got the following errors and can't figure out if this is to be expected (did not remove original cert first) or if not, why occurred:

WARNING: This certificate will not be used for external TLS connections with an FQDN of 'server1.addomain.company.com' because the CA-signed certificate with thumbprint '<thumbprint-of-original-CA-cert>' takes precedence. The following receive/send connectors match that FQDN: Default SERVER1, Client SERVER1.

WARNING: This certificate will not be used for external TLS connections with an FQDN of 'mail.company.com' because the CA-signed certificate with thumbprint '<thumbprint-of-original-CA-cert>' takes precedence. The following receive/send connectors match that FQDN: Incoming from <internal app server, e.g SharePoint>.
 
When I clicked Finish (did not see how to back out at that point), the reissued cert showed all services (IMAP,POP3,IIS,SMTP) assigned. The original showed IMAP,POP3,SMTP. No error messages in the Application or System Event Logs. In fact, the Transport service event errors about expiring STARTTLS certificate stopped even though I did not restart Transport service.

I searched for answers here and online but our situation does not appear to match others' causes. For example, the FQDNs used in our connectors match those on the reissued cert. The cert taking precedence is the original CA cert not the Exchange self-signed cert. Are we missing a setting(s)? Should we remove SMTP from the original cert and if yes, before or after assigning it to reissued cert? The previous times we replaced the SSL cert (because it was expiring) we did not get the warnings. We installed the replacement, assigned services to it, restarted the Transport Service, waited a few days, then removed the old cert. I don't recall removing SMTP from old cert before removing it.

I was able to reassign services to the original cert (has not yet expired) and remove the reissued cert. The STARTTLS event log errors started up again, of course.

To see if I got the same message on server2, I imported the duplicate of the reissued cert and assigned services. I did not get the TLS warnings. Like server1, the duplicate cert showed all services (IMAP,POP3,IIS,SMTP) assigned. The original cert showed IMAP,POP3,SMTP.

DigiCert tech support could not determine the problem. Troubleshooting, we generated a new CSR for server1, rekeyed the cert on DigiCert site using new CSR, DigiCert reissued cert, I downloaded it, and tried again. Same error. I again reverted to original cert and removed the rekeyed reissue. I tried to remove the duplicate from server2 so that both servers were using the original cert, but I got similar TLS warning when trying to do that and am also clueless as to why. I have not restarted the Transport service yet on server2.

Thanks,
Joan
 

Getting Delisted - What to do?

October 5, 2015, 3:50 am
$
0
0

Hi,

We have been unable to send emails since we switched to our new Service Provider (and received a new IP). We setup PTR records for the new IP but we have been receiving the standard

5.7.1 smtp;550 5.7.1 Service unavailable; Client host [xxx.xxx.xxx.xxx] blocked using FBLW15; To request removal from this list please forward this message to delist@messaging.microsoft.com

We have fowarded the messages as requested, along with a 'Please remove our IP request' to the delisting email address, but its not having any effect. We get a standard reply with a ticket number, but thats all. No follow up, no other info.

We have been blocked for 4 days now and its killing our business. How do we get delisted?

Have also spent 3 hours so far on the phone to various people, none of whom were able to help, other than to keep passing the call along.

SBS 2011 Transport Error

June 28, 2011, 10:12 pm
$
0
0

SBS server was rebooted, and it never came all the way back.  I can;t start the RPC Client Access, Exchange Throtteling,  or the MS Exchange Transport service. 

Everything looks ok, but its not.  Anyone seen this before?

Exchange 2010 Update Rollup V3.3

 

Encountered unexpected error when starting MSExchangeRPC service. Error details: Microsoft.Exchange.Rpc.RpcException: RpcServerUseProtseq
   at ThrowRpcException(Int32 rpcStatus, String message)
   at Microsoft.Exchange.Rpc.RpcServerBase.ThrowRpcException(String message, Int32 rpcStatus)
   at Microsoft.Exchange.Rpc.RpcServerBase.StartGlobalServer(String[] protocolSequences, String[] protocolEndpoints, UInt32 minCalls, UInt32 maxCalls)
   at Microsoft.Exchange.RpcClientAccess.Service.RpcEndPoint.Start(IRpcDispatch rpcDispatch, UInt16 endpointTcp, ExEventLog eventLog)
   at Microsoft.Exchange.RpcClientAccess.Service.RpcClientAccessService.<DeferredServiceStartInitialization>b__4()
   at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)

 


The Microsoft Exchange Throttling Service failed to register the RPC server. The service will be stopped. Failure details: Microsoft.Exchange.Rpc.RpcException: RpcServerUseProtseq TCP/IP
   at ThrowRpcException(Int32 rpcStatus, String message)
   at Microsoft.Exchange.Rpc.RpcServerBase.ThrowRpcException(String message, Int32 rpcStatus)
   at Microsoft.Exchange.Rpc.RpcServerBase.RegisterServer(Type type, ObjectSecurity sd, UInt32 desiredAccess, ValueType mgrTypeGuid, Void* mgrEpv, String annotation, Boolean isLocalOnly, UInt32 maxCalls)
   at Microsoft.Exchange.Rpc.RpcServerBase.RegisterServer(Type type, ObjectSecurity sd, UInt32 accessMask, Boolean isLocalOnly, UInt32 maxCalls)
   at Microsoft.Exchange.Data.ThrottlingService.ThrottlingRpcServerImpl.TryRegisterRpcServer(ObjectSecurity rpcSecurityDescriptor, ThrottlingRpcServerImpl& serverInstance)

 

 

Also Getting

Watson report about to be sent for process id: 7272, with parameters: E12, c-RTL-AMD64, 14.01.0289.001, MSExSearch, M.Exchange.Rpc, M.E.R.RpcServerBase.RegisterServer, M.E.Rpc.RpcException, 8a2f, 14.01.0289.001.
ErrorReportingEnabled: False

 

 

Which leads me to this: http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Exchange&ProdVer=8.0&EvtID=4999&EvtSrc=MSExchange+Common&LCID=1033

 

IS PSS my only option here?

 

Thanks
Jeremy

Search

WARNING: This certificate will not be used for external TLS connections

October 7, 2015, 7:48 am
$
0
0

Trying to replace Digicert SSL cert on Exchange 2010 CAS. Needed to reissue a cert without internal names
Followed this procedure per Digicert: https://blog.digicert.com/exchange-replacing-internal-names-certificates-part-2/#exchange_management_shell (Used shell script portion of this procedure).

When trying to enable the new cert, I receive the following error/warning:

WARNING: This certificate will not be used for external TLS connections with an
FQDN of 'mail.domain.com' because the self-signed certificate with
thumbprint xxxxxxxxxxxxxxxxx' takes precedence.

Engaged Digicert support. Support confirmed all steps to replace the old cert were done correctly.
Assign the purchased certificate to SMTP, IMAP, POP and IIS. Outlook users now receive security error.

Get-ExchangeCertificate

                 Services   Subject
                 --------   -------
5E5D0559AE9BAC9  IP.WS.     CN=mail.ldimechanical.com, OU=Corporate, O=LDI Mechanical Inc, ...  <--OLD CERT (Exp 10/31)
E1612480AD167A5  IP..S.     CN=mail.ldimechanical.com, OU=Corporate, O=LDI Mechanical Inc, ...    <--NEW CERT (reissued without internal names).
D0716BAB007B827  ....S.     CN=mail-01

Also created DNS entry for external name to point to internal IP address.

Exported the old cert. Tried removing it from the EMC. Received an error : The internal transport cert cannot be removed because that would cause exchange transport service to stop. To replace the internal transport cert create a new cert. The new cert will automatically becomae the internal transport cert. you can then remove the existing cert.

Please advise.

MikeD

Odd SMTP issue

May 19, 2015, 1:24 pm
$
0
0

I have 2 Cisco UCS environments on the same subnet; call it 10.10.0.x...so a firewall is likely not the problem.  The UCS sends out emails using a function called 'CallHome' when there are issues so I've attached each environment to the same SMTP host [an Exchange 2010 server].

My problem is that one UCS sends emails perfectly while the other fails with;

"problem in transporting the message Error in transporting email message for CiscoTAC-1 SMTPclient: sockfd opened...:5  SMTPclient: smtp2.XXXXXXX.com --> 421 4.3.2 Service not available^M  SMTPclient: unexpected reply: 421 4.3.2 Service not available^M".  

I've verified that the Exchange server lists all the necessary IPs allowed to send email via that server/SMTP host.  Both Cisco and my Exchange guys are stumped.  HELP!!!

----- Michael W. Oehlert, Network Engineer, GIS


Exchange 2007 - ContentConversion of the transfer routing phase increase email size drastically.

October 13, 2015, 12:46 pm
$
0
0

Everything I have researched leads me to believe this is normal, however I wanted to see if I could get some feedback that will confirm. What makes me so confused is that I had not ran into this as an issue yet, which completely surprises me.

For what appears to be everyone in the company, when they send an email to an outside domain, it goes through the normal process.  But when it gets to the second step, the size increases fairly drastically.  The bigger the email/attachment, the more it increases.  An example email from earlier today with a sizable attachment:

1.EventId: RECEIVE   |   Source:  STOREDRIVE    |    TotalBytes:  17104978
2.EventId: TRANSFER   |   Source:  ROUTING    |    TotalBytes:  23395934
3.EventId: SEND    |    Source:  SMTP    |    TotalBytes:  23395934

Should I really be seeing a 6MB increase here from the ContentConversion?

The reason I'm baffled is because I work for a MSP and work with dozens of Exchange environments but have not once encountered a problem where this increase in size is making the email get blocked.  In this particular instance, the receiving domains caps at 20MB, so it's rejecting our email.  I would have thought I'd seen this before, but every day is new I guess.

Thanks for helping me learn!

#5.7.1 smtp;550 5.7.1 Unable to relay

September 8, 2015, 9:40 am
$
0
0

Hi, In my company we are facing lot of problems sending emails to some recipients when their email addresses are surrounded by single quotes, in Outlook. Ex.: 'example@xpto.com'. If we remove the quotes the message relays with no problem.

What should I do in this case? I'll appreciate any help.

We use Oulook 2007 and Exchange Server 2003.

Here is the error:

Your message did not reach some or all of the intended recipients.

Subject: Here is the subject

Sent: 23-07-2014 08:52

The following recipient(s) cannot be reached:

example@xpto.com on 23-07-2014 08:52 You do not have permission to send to this recipient. For assistance, contact your system administrator.

<mail_server #5.7.1="" 5.7.1="" example@xpto.com="" for="" relay="" smtp;550="" to="" unable=""></mail_server>

Error when attempting to Create Connectors for 2003 - 2010 Routing Group (Coexistence)

October 14, 2015, 7:19 am
$
0
0

We have installed 2010 exchange with legacy 2003 server and trying to get coexistence but we receive the following error when creating routing group connectors between the two servers.

The error occurs when we run this:

New-RoutingGroupConnector –Name “RGC 2003-2010” –SourceTransportServers “2010server.domain.net” –TargetTransportServers “2003server.domain.net” –Cost 100 –Bidirectional $true

Error:

Home routing group isn't defined for server "2003server".

   + CategoryInfo          : InvalidOperation: (RGC 2003-2010:RoutingGroupConnector) [New-RoutingGroupConnector], Sen

  dConnectorUndefinedServerRgException

   + FullyQualifiedErrorId : B149227,Microsoft.Exchange.Management.SystemConfigurationTasks.NewRoutingGroupConnector

Any thoughts or ideas would be greatly appreciated.

Thanks,

Viewing all 944 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>