Pending messages when email sent in to shared group

September 19, 2019, 5:02 am

≫ Next: How to require confirmation on sending external emails with attachments

≪ Previous: Ho to prevent spam from authenticated users?

Hi All,

Our organisations runs an on premise version of exchange 2013 CU 21 with 12 servers and 4 DAGs (3 servers per DAG)

A few of our servers were recently migrated by a third party over to a new site/data center and ever since the migration we have encountered numerous issues.

The issue i am looking in to at the moment and hoping to get some help on is that we have a universal mail enabled global IT security group with 3 mail enabled global security groups as similar to the below

(G) BHV (GL) IT Infrastructure (Universal Security)

Inf UK (GL Security)

Inf Asia (GL Security)

Inf US (GL Security)

When a member of the team, not just 1 member but all sends an email in to the group, sometimes it will send fine to all 31 recipients, but when sent again later it will only send to 18 or another amount less than 31. We have viewed this via running the delivery reports from ECP, the messages that don't send have a state of pending.

I have Microsoft on the case also, but dont seem to be getting very far at the moment.

Thanks

↧

How to require confirmation on sending external emails with attachments

December 30, 2019, 11:04 am

≫ Next: no mail flow from exchange 2007 to exchange 2013

≪ Previous: Pending messages when email sent in to shared group

Does anyone know of a way to require a user to confirm sending (via pop-up) of an email that is

a) addressed to an external domain

b) contains an attachment

I have tried to set up the Policy Tips rule in mail flow, but it doesn't not work with selecting an external contact and attachment size > 1kb. It says you can only use Policy Tips when selecting mail contains sensitive information.

Thank you in advanced for any advice!

↧

no mail flow from exchange 2007 to exchange 2013

January 8, 2020, 3:33 am

≫ Next: hard direct fail and no available shadow servers

≪ Previous: How to require confirmation on sending external emails with attachments

We are performing an upgradev from exchange 2007 to exchange 2013

mail flows from 2013 to 2007 correctly

but when mails are sent from 2007 to 2013 the mails arent recived

I looked at message tracking and it seems there is not attempt from 2007 to send the mails to 2013

i have checked the frontend recive connector on 2013 and it has the exchange servers (and legacy) checked as well as echange authentication

↧

hard direct fail and no available shadow servers

March 16, 2015, 7:34 am

≫ Next: problem with internal exchnage ip in message header BUT ONLY WITH SPECIFIC TARGET SERVERS

≪ Previous: no mail flow from exchange 2007 to exchange 2013

I was going through message tracking, external user may not be receiving emails from us, and I ran into these two errors I had not seen before, Hard Direct Fail and No Suitable Shadow Servers.

the email in question is being forwarded from an AS400 through our Exchange 2013 through a relay connector, also we have two Exchange 2013 servers and a witness server to form a DAG group.

does the shadow server refer to the 2nd exchange in the DAG group?

I ran several status checks on the DAG group, and status appears to be ok.

↧

problem with internal exchnage ip in message header BUT ONLY WITH SPECIFIC TARGET SERVERS

January 16, 2020, 11:00 am

≫ Next: Email address creation policies

≪ Previous: hard direct fail and no available shadow servers

Hello guys,

I have a problem that is unclear for me.

It is looking like I have successfully remove Exchange server internal ip from message header because I am not able too see it in message source anymore for example sending a test mail to my gmail account the header is looking like this:

So I have expeted, that I will not be able to see not so popularDelivery delayed error anymore. The reality is that I am receiving again the same error message as before.

It si not clear to me, why I can see the internal 192.168.1.2 ip address again here when there is no similar record in gmail received header.

Can you help me please?

I have only one send connector in Exchange 2016.

Thank you very much.

Tom

↧

Email address creation policies

January 17, 2020, 12:23 am

≫ Next: Two issues in Email signature through disclaimer in mail flow rule

≪ Previous: problem with internal exchnage ip in message header BUT ONLY WITH SPECIFIC TARGET SERVERS

Hello Team,

Can you guide me on how to create Email addresses in an Exchange hybrid setup base on conditions like,

User with same firstname/lastname….etc

If condition matches, add numeric to the email address ..etc

Please advise.

↧

Two issues in Email signature through disclaimer in mail flow rule

January 19, 2020, 5:10 am

≫ Next: How to stop External E-Mail Addresses

≪ Previous: Email address creation policies

i have applied email signature through mail flow rule in exchange 2013. Choose a disclaimer rule and put the html code with active directory attributes so everytime anyone email to anyone, its name, designation appears in below email.

1st issue in this rule that this signature appears everytime the user emails either in a conversation of a email like back and forth or in new email. And our requirement is that this signature should not appear again and again when replying a email multiple times, only appear once.

How is it possible? Please guide.

Second issue, i have a put an image in signature which is a logo of our bank and that logo is located in local file server and i noticed that that logo does not appear other than desktop outlook on local LAN. Like if i email from mobile or owa or email to an external user the logo image does not appear instead image name appearing.

How can i resolve this?

↧

How to stop External E-Mail Addresses

January 22, 2020, 12:04 am

≫ Next: Exchange Server 2013 and ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

≪ Previous: Two issues in Email signature through disclaimer in mail flow rule

Hi,

telnet exchange2013 25

helo

mail from: myuser@gmail.com

sender OK

rcpt to: myuser@myinternaldomain.com

recipient ok

rcpt to: otheruser@gmail.com

recipient OK

Is it possible to stop this? Any internal user can just telnet to exchange server on port 25 and use any email address internal or external and send email.

↧

Exchange Server 2013 and ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

January 8, 2015, 11:18 am

≫ Next: Exchange 2013 - Exchange Server Certificate

≪ Previous: How to stop External E-Mail Addresses

Hello, Team!

I think I’ve found a serious issue in last CU releases. This is the case:

1 Multirole server Exchange 2013 SP1 (and older) , one creceive connector from internet to this server, no edge, nothing.

I care about preventing spoofing my company’s email addresses, and remove remove the ms-Exch-SMTP-Accept-Authoritative-Domain-Sender transport permission from anonymous senders.

To do this, we usually simple run powershell command

Remove-ADPermission <ReceiveConnector Name> –user “NT AUTHORITY\Anonymous Logon” –ExtendedRights ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

This command works on Exchange SP1, the client (telnet session, f.e.) which try spoof address of company will be refused. (see screenshot below)

But in Exchange 2013 CU5, CU6 and even CU7 release this revoke permissions DOESN’T WORKS without any errors, softly. I've try Powershell and ADSI but unsuccessfully.

Then we take off permission on connector above, we keep 3 default permissions:

Accept-any-sender

Accept-Routing-Headers

Submit-Message to Server

It is wonderful works only on server SP1, but not on servers with older versions, which have right settings.

The saddest thing is I have information about Office 365 this behavior reproduced too. And I also think what in your lab you could take 15 minutes and play this simply thing....

I found only that information on connector side is diffenent on SP1 and CU5,6,7.

This is normal connection on SP1, when somebody try spoofed address. We can see a 250 AUTH Response on server side, and server refuse fake connection, all right.

And on CU5 and newest versions we doesnt see this code. Maybe auth mechanism miss something?

Any suggestions? On MS connect site a didn't found exchange bugs topic :)

↧

Exchange 2013 - Exchange Server Certificate

January 22, 2020, 5:52 pm

≫ Next: Someone is sending emails in my name

≪ Previous: Exchange Server 2013 and ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

Hi,

Regarding the Exchange Server Certificate,

https://docs.microsoft.com/en-us/exchange/architecture/client-access/renew-certificates?view=exchserver-2019

Based on that article, each certificate is valid up to 5 years.

I just want to know, what are the implications if the exchange server was not renewed on time?

Will outlook users experience mail flow issues?

↧

Someone is sending emails in my name

January 24, 2020, 3:17 am

≫ Next: Smart Reply with Quoted Text from client.

≪ Previous: Exchange 2013 - Exchange Server Certificate

Hi,

I've discovered someone is sending emails in my name but with unknown email addresses. So far I'd consider it a normal scam. BUT those emails contain previous emails that were really sent to me, it's like I'm answering to an email so they can see their last email to me. We're using an exchange 2010 and no virus attacks have happened on our server. The issue affects only me so far. How are they putting real-life previous emails in these new scam emails? Anyone had this issue before?

↧

Smart Reply with Quoted Text from client.

January 24, 2020, 5:12 am

≫ Next: Renaming the public folder mailbox

≪ Previous: Someone is sending emails in my name

Hey all,

I was wondering if we can request server to add the quoted text when we are Smart Replying to the email from the client. Is something of this sort is available? I am pretty novice to the exchange mail client command. Any help,recommendation or references will be of great help. Thanks.

↧

Renaming the public folder mailbox

August 17, 2018, 8:30 am

≫ Next: EMAILS with AIP

≪ Previous: Smart Reply with Quoted Text from client.

How to rename a public folder mailbox?

I created a test public folder mailboxe with the name

Pftestmailbox and it created the emails SMTP: pftestmailbox@xyz.com

all my production public folder are PFMB01 and SMTP: PFMB01@xyz.com

Now I want to change my pftestmailbox to PFMB 13. If I change the name will this change the email address also frompftestmailbox@xyz.com to Pfmb13@xyz.com.

↧

EMAILS with AIP

February 5, 2020, 6:54 pm

≫ Next: Mail flow cutover with baracuda as spamfilter in hybrid

≪ Previous: Renaming the public folder mailbox

We use Azure information tags for mail classification , Is there a powershell command to generate a report which can be used to check which mails have AIP tags and which dont have AIP tags

↧

Mail flow cutover with baracuda as spamfilter in hybrid

February 5, 2020, 7:52 pm

≫ Next: Remote Server returned '530 5.7.1 Client was not authenticated'

≪ Previous: EMAILS with AIP

Hello Expert,

Need an advice regarding baracuda cutover.

My current env is baracuda is pointed to onpremises Exchange server 2010.

I will be running Hybrid configuration wizard and AAD tool.

At what stage i should a cutover for baracuda should it before migrating any mailbox to office365 or once all mailboxes has been migrated to office365?

Currently i am also using global relay as archiving solution for onpremises mailboxes.

Regard,

Nbd108786

↧

Remote Server returned '530 5.7.1 Client was not authenticated'

December 11, 2019, 3:38 am

≫ Next: Securing connections with Exchange-server (using TLS)

≪ Previous: Mail flow cutover with baracuda as spamfilter in hybrid

Dear All kindly help me out. i m using Microsoft Exchange 2010. Due to some configuration i am facing that issue.

I am unable to send email from other domains. My exchange server reject that email with this message.

Remote Server returned '530 5.7.1 Client was not authenticated'

if i check the option of anonymous in receive connector then it will also not asking authentication from my domain users.

therefore i unchecked the anonymous option. But now i am unable to get emails from other domains.

Kindly give me any solution i will be very thankful.

Regards,

↧

Securing connections with Exchange-server (using TLS)

February 7, 2020, 4:49 am

≫ Next: How to setup automatic birthday wishes to all Exchange users

≪ Previous: Remote Server returned '530 5.7.1 Client was not authenticated'

Hi all,

I want to make the connections with our Exchange server more secure. Plan is to only allow TLS1.2 connections to the servers and rejected connections with TLS1.0/1.1 or even without TLS.

I know that we have several other servers and applications that are connecting to Exchange to send mail (with and without authentication). And off course the Outlook-clients, which I believe are at the right level of TLS.

Right now I want to determine which clients are connecting to Exchange and with which TLS-version. What is the best way to figure this out? I'm sure that I can find this in the Exchange receive logs files, but to diagnose this logs is a huge job.
Are there others ways to easily find out which TLS-version are used?

Hope you can help me with this.

Kind regards,
Arjan

↧