Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 3660 articles
Browse latest View live

Send email from specific IP

August 30, 2016, 8:33 pm
$
0
0

Is it possible to have Exchange send via different IP addresses for different users, or domains?

We send email from our Exchange servers on behalf of several different clients. Several clients want their own IP address so the other clients don't send out spam and get black listed.

I can't find any documentation on if this is possible, or how you would manage it?

Simon Holman
Expeed Technology
Australian Web Hosting

Search

microsoft exchange mailbox transport submission service terminates unexpectedly

August 31, 2016, 9:11 am
$
0
0
Every few days Microsoft exchange mailbox transport submission service terminates unexpectedly. Do you know what could be the problem?

stuck messages

September 1, 2016, 3:29 am
$
0
0

Hello,

In our company we have Exchange server 2013. One of our partner says that when they try to send us messages they get stuck in their smtp server.
Can we check on our side if were any attempt of SMTP connection from them ?

could you suggest me any tools to work with this issue..

Thanks in advance,

421 4.4.2 Connection dropped due to TimedOut.

August 30, 2016, 12:05 am
$
0
0

We are having Exchange 2013 and all emails are comin & going fine except 1 domain.

From this domain, we can receive the emails but when we send email to them we receive below notification.

Diagnostic information for administrators:<o:p></o:p>

Generating server:FQDN of my mail server
Receiving server: FQDN of far end server (IP address of far end server)

Recipeint email address
Remote Server at FQDN and IP of far end returned '400 4.4.7 Message delayed'
24-08-2016 07:07:58 - Remote Server at FQDN and IP of far end returned '441 4.4.1 Error encountered while communicating with primary target IP address: "421 4.4.2 Connection dropped due to TimedOut." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was IP of far end:25'

All emails to other domains goes well.

Thanks, Rishi Pandit.

Changing a DL to a Shared Mailbox

September 1, 2016, 9:12 am
$
0
0

We have an Exchange 2013 / Hybrid O365 deployment, with most of our mailboxes now on Exchange Online.

For a long time, our company has been using Distribution Lists that people outside the organization email to. This has led to a lot of emails being generated internally, to the mailboxes of the users on the DL.

We want to convert the DLs to Shared Mailboxes to reduce the amount of internal email generated.

Obviously we will need to create a mailbox and give the users permissions to it.

What is the best practice steps for converting a DL to a shared mailbox with minimal downtime?

Users unable to send email to office365 users

September 1, 2016, 9:09 pm
$
0
0

Hi Team,

We are have Exchange 2013 with Cumulative update 14 in our environment. We have migrated few user to office365 by setting up Hybrid Environment. Now on-premises users are able to receive email from cloud user. But, on-premises users are unable to send mails to cloud users. we have added target address for that cloud user, still not receiving email.

Thanks in advance.

Database move 2010 to 2013

September 2, 2016, 5:44 am
$
0
0

Hey Guys;

There is a exchange 2010 and 2013 server on my environment  under the same domain.

i lost exchange 2010 server also no recovery option but i have a DB from 2010.

Can i mount it on 2013 server ? how ? thank you.

Exchange Server 2016 - All Incoming Emails to Junk

September 2, 2016, 3:09 am
$
0
0

I have recently installed Exchange Server 2016 and all incoming emails started going to Junk folder after installing Kaspersky Security 9.0 for Microsoft Exchange Servers

Any hint whether this can be controlled from Exchange settings or Kaspersky? 

Search

Accept no_replay email from specific destination

August 30, 2016, 6:45 am
$
0
0
Hello,

As the title describe. When a custmer is using a no_replay@domain.com email to communicate some information. We do not receive those emails and the sender get a messga esaying that our domain is "suspects your message is spam and rejected it." I'm wondering if it's possible to accepte or allow no-replay emails to be forworded to theire destination like a normal message.

Thank you so much,

Disable Read Receipts but allow Out of Office replies

September 2, 2016, 9:29 am
$
0
0

I have a single 2013 Exchange server setup.  I had a request to prevent internal users from being prompted to send read receipts on emails that originated from outside our organization.  After researching, I created a rule in Exchange that strips 'Disposition-Notification-To' from the message header if the email is received from outside the organization.  

I tested and confirmed with this rule in place, internal users are not prompted to send a read receive to an email they received from outside our organization.

However, what I just learned is this rule also prevents the outbound deliver of Out of Office replies.  So, if an internal user sets Out of Office in Outlook and receives an email from outside the organization, the sender never receives the Out of Office reply.  I can disable the Exchange rule and now Out of Office emails work correct.

I compared the message header line by line with the rule enabled and with the rule disabled and there is not a single instance of 'Disposition-Notification-To' on emails that do not request a read receipt, so why is the Exchange rule blocking outbound Out of Office reply messages?

Any help would be greatly appreciated.

Thanks,

Exchange Server 2013 - Network Troubleshoot Tool

August 24, 2016, 12:57 am
$
0
0
I am having internal network issues with routing emails to the exchange server and was wondering if someone knows any software to troubleshoot local network routing issues. I have tried Wireshark and can confirm that I am getting traffic on port 25 but for network issues it doesn't reach my exchange server 2013 - thanks for your help.

Throttling on Receive Connectors

September 5, 2016, 3:19 am
$
0
0

We recently transitioned from Exchange 2010 to 2013 and recreated all of our Receive Connectors with the same configuration. Since switching some of our bulk email applications, we have noticed that throughput has decreased dramatically. Where it took a few minutes to send 1,700 emails, it now takes almost an hour. Are there any new throttling options in Exchange 2013 that are not set on the Receive Connector?

These are the settings on the connector:

BinaryMimeEnabled                       : True
ChunkingEnabled                         : True
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
SmtpUtf8Enabled                         : False
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
ProxyEnabled                            : False
AdvertiseClientSettings                 : False
Enabled                                 : True
ConnectionTimeout                       : 00:59:00
ConnectionInactivityTimeout             : 00:20:00
MessageRateLimit                        : Unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : Unlimited
MaxInboundConnectionPerSource           : Unlimited
MaxInboundConnectionPercentagePerSource : 100
MaxHeaderSize                           : 128 KB (131,072 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 5
MaxLogonFailures                        : 3
MaxMessageSize                          : 35 MB (36,700,160 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 10000
PermissionGroups                        : AnonymousUsers, Custom
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : Verbose
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
TransportRole                           : FrontendTransport
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:00
MaxAcknowledgementDelay                 : 00:00:00
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Relay - External

Can I Run an Exchange Server Using a Free No-IP Hostname?

September 7, 2016, 1:57 am
$
0
0
Hi there,

I have installed  exchange server 2013 on my virtual test lab and my ISP is taking too long in assigning a static IP address for me domain my domain 

I have been looking at the www.no-ip.com website and it looks feasible to create mx records etc to push through email to a no-ip account.


 How do I setup Exchange to receive emails to the domain this way and also any others I need to consider/configure to get this working.

Any help in this matter would be gratefully received.

regards

Laxit

Allow external company send mail as internal company

September 7, 2016, 3:02 am

People in External Domains not Receiving Meeting Accept Notifications

August 24, 2016, 7:24 am
$
0
0

Hey everyone. Noticed a warning in my logs:

This warning is not the first one i have gotten like this. After some googling and then testing to verify, I determined that this occurs when trying to Accept a meeting invite that was sent by someone external to my company (say I am domain1.com, if someone @domain2.com sends me an invite, I will receive the invite but they will never see that I accepted it, although it WILL appear on my calendar as expected).

After some reading, it would appear that this is expected behavior:

http://msexchangeguru.com/2011/06/08/meeting-response/

But I would like to confirm that

  • This is expected
  • This cannot be changed

EDIT: I was actually able to accept a meeting from my test gmail account and my gmail account received the acceptance. There was no warning for this this time. So it would seem that this is only happening some of the time which has me scratching my head. Another user had the warning generated for them but then my spam filter reports it as having made it through the filter and out to the world. Then finally i found one case where it didn't seem that the meeting accept actually went through as there was no record for it on the spam filter. Any thoughts on this?

Please advise. Thanks guys!



Search

IIS WebService Request for principal permission failed

August 23, 2016, 9:36 pm
$
0
0

I have a simple web service and in the web service I have written a simple method as illustrated in the code below.

        [PrincipalPermission(SecurityAction.Demand, Role = @"KIANCOORP\SomethingElse Users U")]
        public string HelloWorld()
        {
            var msg = "Hello {0} from internal.".FormatWith(IdentityName);

            _log.Info(msg);

            return msg;
        }

I have hosted the web service in an app pool that is set to a Domain User KIANCOORP\webapppooluser, and I have added this user into the group of "KIANCOORP\SomethingElse Users U" (via active directory).

Now when I use an internet browser to browse to the web service I get the following prompt, so I try to log in with the same user that I have used to set as the app pool user for this HelloWorld web service of mine.

LogInPrompt For HelloWorld web method

Now if I try to log in with the correct credentials, the prompt comes up again 

Re-prompt for log in user name and password

Its like I have to enter the credentials 3 times, I have tested this and everytime I have been prompted with the login dialog box I have to try 3 times and eventually it gets into the following browser screen.

Browser display HTTP Error 401

If I go to the IIS logs this is what I will see.

System.ServiceModel Warning: 131076 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Warning"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.TraceHandledException.aspx</TraceIdentifier><Description>Handling an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.Security.SecurityException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Request for principal permission failed.</Message><StackTrace>   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
   at System.Security.Permissions.PrincipalPermission.Demand()
   at System.Security.PermissionSet.DemandNonCAS()
   at KianService.HelloWorld() in C:\vso\SandBox\KianService.cs:line 81
   at SyncInvokeHelloWorld(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)</StackTrace><ExceptionString>System.Security.SecurityException: Request for principal permission failed.
   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
   at System.Security.Permissions.PrincipalPermission.Demand()
   at System.Security.PermissionSet.DemandNonCAS()
   at KianService.HelloWorld() in C:\vso\SandBox\KianService.cs:line 81
   at SyncInvokeHelloWorld(Object , Object[] , Object[] )
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
The action that failed was:
Demand
The type of the first permission that failed was:
System.Security.Permissions.PrincipalPermission
The first permission that failed was:&amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"&amp;gt;&amp;lt;Identity Authenticated="true"
Role="KIANCOORP\SomethingElse Users U"/&amp;gt;&amp;lt;/IPermission&amp;gt;

The demand was for:
&amp;lt;IPermission class="System.Security.Permissions.PrincipalPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"&amp;gt;&amp;lt;Identity Authenticated="true"
Role="KIANCOORP\SomethingElse Users U"/&amp;gt;&amp;lt;/IPermission&amp;gt;

The assembly or AppDomain that failed was:
mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionString></Exception></TraceRecord>
System.ServiceModel Error: 131075 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Error"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.ThrowingException.aspx</TraceIdentifier><Description>Throwing an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.ServiceModel.FaultException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Access is denied.</Message><StackTrace>   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(RequestContext request, Boolean cleanThread, OperationContext currentOperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(RequestContext request, OperationContext currentOperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(IAsyncResult result)
   at System.Runtime.Fx.AsyncThunk.UnhandledExceptionFrame(IAsyncResult result)
   at System.Runtime.AsyncResult.Complete(Boolean completedSynchronously)
   at System.Runtime.InputQueue`1.AsyncQueueReader.Set(Item item)
   at System.Runtime.InputQueue`1.EnqueueAndDispatch(Item item, Boolean canDispatchOnThisThread)
   at System.Runtime.InputQueue`1.EnqueueAndDispatch(T item, Action dequeuedCallback, Boolean canDispatchOnThisThread)
   at System.ServiceModel.Channels.SingletonChannelAcceptor`3.Enqueue(QueueItemType item, Action dequeuedCallback, Boolean canDispatchOnThisThread)
   at System.ServiceModel.Channels.HttpChannelListener.HttpContextReceived(HttpRequestContext context, Action callback)
   at System.ServiceModel.Activation.HostedHttpTransportManager.HttpContextReceived(HostedHttpRequestAsyncResult result)
   at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.HandleRequest()
   at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.BeginRequest()
   at System.ServiceModel.Activation.HostedHttpRequestAsyncResult.OnBeginRequest(Object state)
   at System.Runtime.IOThreadScheduler.ScheduledOverlapped.IOCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
   at System.Runtime.Fx.IOCompletionThunk.UnhandledExceptionFrame(UInt32 error, UInt32 bytesRead, NativeOverlapped* nativeOverlapped)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)</StackTrace><ExceptionString>System.ServiceModel.FaultException: Access is denied.</ExceptionString></Exception></TraceRecord>
System.ServiceModel Information: 131076 : <TraceRecord xmlns="http://schemas.microsoft.com/2004/10/E2ETraceEvent/TraceRecord" Severity="Information"><TraceIdentifier>http://msdn.microsoft.com/en-NZ/library/System.ServiceModel.Diagnostics.TraceHandledException.aspx</TraceIdentifier><Description>Handling an exception.</Description><AppDomain>/LM/W3SVC/3/ROOT-1-131164864670874625</AppDomain><Exception><ExceptionType>System.ServiceModel.FaultException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</ExceptionType><Message>Access is denied.</Message><StackTrace>   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)</StackTrace><ExceptionString>System.ServiceModel.FaultException: Access is denied.
   at System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(Object instance, Object[] inputs, Object[]&amp;amp; outputs)
   at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc&amp;amp; rpc)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)</ExceptionString></Exception></TraceRecord>
I cant find anything helpful online that can help me trouble shoot this error.

Yours Sincerely, Kian, Ting



Exchange Server 2013 - Network Troubleshoot Tool

August 24, 2016, 12:57 am
$
0
0
I am having internal network issues with routing emails to the exchange server and was wondering if someone knows any software to troubleshoot local network routing issues. I have tried Wireshark and can confirm that I am getting traffic on port 25 but for network issues it doesn't reach my exchange server 2013 - thanks for your help.

Exchange Server 2013 - Lost incoming emails to server

August 23, 2016, 11:53 pm
$
0
0
I have had few internal IPs changed and now I started having issue with not getting external emails - it seems like the wireshark captures the external traffic for port 25 but it doesn't reach my exchange server. Urgently needed help!

Email to Hotmail (and other MS domains) rejected due to internal routing

September 8, 2016, 1:25 pm
$
0
0

We have a system that sends transnational email to customers.  We also have an SPF record that allows all of our outbound mail servers, and ends with ~all (softfail).  We also have proper DKIM and DMARC (with forensic reporting enabled).

The issue is when we send emails to <someuser>@hotmail.com, we get DMARC failure/spam reports fromstaff [at] hotmail.com stating:

This is an email abuse report for an email message received from IP 104.47.125.83 on Sun, 14 Feb 2016 07:02:27 -0800.

The message below did not meet the sending domain's authentication policy.

For more information about this format please see http://www.ietf.org/rfc/rfc5965.txt.

The report included is as follows:

Feedback-Type: auth-failure
User-Agent: XMR/2.2
Version: 1.0
Original-Mail-From: <webmaster@<domain removed>.com>
Arrival-Date: Sun, 14 Feb 2016 07:02:27 -0800
Message-ID: <20160214150202.cf6b8ba0a831@www.<domain removed>.com>
Authentication-Results: hotmail.com; spf=fail (sender IP is 104.47.125.83; identity alignment result is pass and alignment mode is relaxed) smtp.mailfrom=webmaster@<domain removed>.com; dkim=fail (identity alignment result is pass and alignment mode is relaxed) header.d=<domain removed>.com; x-hmca=fail header.id=webmaster@<domain removed>.com
Source-IP: 104.47.125.83
Auth-Failure: signature
Reported-Domain: <domain removed>.com
DKIM-Domain: <domain removed>.com
DKIM-Identity: @<domain removed>.com
DKIM-Selector: default

My question and issue is, why is Microsoft resending our emails internally, changing the sent-from IP and failing the SPF check?

Going to need someone from MS to address this as it seems to be an internal thing..

Please see: http://answers.microsoft.com/en-us/outlook_com/forum/oemail-osend/email-to-hotmail-and-other-ms-domains-rejected-due/34026f1a-9116-44cf-845e-66e5dcbc264e for more detail.

STOREDRIVER and DEFAULT FRONTEND receive conector after role split

August 11, 2016, 4:47 pm
$
0
0

Hi,

You know that if the CAS and MBX servers are collocated on the same server the SMTP Receive connection for the Transport service will listen on 2525 instead of 25, well, because of a requirement, I separated this roles on two servers, so I needed now, that the "DEFAULT FRONTEND Servername" that listened on 2525 to listen on 25, So I changed it (remember, CAS is not present anymore on this server), but mail is stuck on draft folders and if I see logs:

Error encountered while communicating with primary target IP address: "421 4.2.1 Unable to connect." Attempted
failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 10.2.x.x:2525]}

StoreDriver still wants to send email to 2525 instead of the updated 25 of the receive connector.

I restarted Mail Submission, Information Store, and Transport Services with no luck.

Where is Exchange reading this "old" config?

Many thanks

Viewing all 3660 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>