Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 3660 articles
Browse latest View live

SSL & TLS errors

$
0
0

Hi

We have exchange hybrid with 3 CAS and 3 Mailbox Servers . We can see the following errors is  generated from 'system' section of windows category logs.

In two cas servers

The error is

A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 46.

and third server error is

An error occurred while using SSL configuration for endpoint 0.0.0.0:443.  The error status code is contained within the returned data.

What may be the issue.

I request your advice to resolve this issue.

All services are working fine .

Regards

Ashraf


Ashraf


Mails are not getting received

$
0
0

Hi,

We use Exchange 2010 Standard. We have one mailbox server and one hubcas server. I am posting here, if this is not the suitable place, please move it to the required forum.

There is no edge server.

Sometimes we have mails stuck in our mail security gateway.

I also get below errors in event logs.

Event 9213

A non-expirable message with the Internal Message ID 15805706 could not be categorized. This message may be a journal report or other system message. The message will remain in the queue until administrative action is taken to resolve the error. Other messages may also have encountered this error. To further diagnose the error, use the Queue Viewer or the Exchange Mail Flow Troubleshooter.

Event 8010

A message with the Internal Message ID 15593265 was rejected by the remote server.  This message will be deferred and retried because it was marked for retry if rejected.  Other messages may also have encountered this error.

We have journaling enabled on databases.

Please let me know how do I find the root cause of this issue.

Mails rejected for none spf

$
0
0

I have an SQL server on whicn I use dbmail. I have configured an internal relay connector om my exchange server.

Mail are rejected some places. In the NDR mail I see that my private IP addresses for my exchange server and SQL server are pressent and their FQDNs instead for the common name for my exchange server. The relayconnnector is configured with my exchange servers common name.

Transport Rule Exceptions list not working fully

$
0
0

Hello

I am wanting to use a transport rule to help our users identify email originating from outside of the domain. In this rule I have prepended the Subject line with "External" and also prepended the message with a Banner. As we have several trusted sources which send email to our users I have added a list of Exceptions using "Except when the From address contains". Within this list of exceptions are multiple List Serve addresses, these address continue to get the external tags despite being listed as exceptions. We have several Lists, each of which are added as Mail Contacts on ourExchange 2010 environment.

I am hoping you all can help me identify where I went wrong, and help me resolve this issue. At this point this banner is in a testing phase and is expected to roll out to the rest of the domain once this issue is resolved.

Current Exceptions: 

 Except if the message:
     Is received from 'Inside the organization'
     or Includes these words in the message subject: '[External]  '
     or Includes these words in the sender's address: 

Any suggestions are appreciated


Mail Flow Issue

$
0
0

Hello 

if some body can help , my emails from our domain are going directly to junk emails folder in the recipients mailboxes

how can I fix that , I doubted that it's form the email signature ,so I tried to send blank email as a test but the problem is still

I checked my domain health on mxtoolbox  but every thing going good .

Note : I am using exchange server 2013 sp1 & I'm sending emails from outlook & all my friends that sending from the same domain are facing the same issue .

Thank you 

Transport Rule Exceptions list not working fully

$
0
0

Hello

I am wanting to use a transport rule to help our users identify email originating from outside of the domain. In this rule I have prepended the Subject line with "External" and also prepended the message with a Banner. As we have several trusted sources which send email to our users I have added a list of Exceptions using "Except when the From address contains". Within this list of exceptions are multiple List Serve addresses, these address continue to get the external tags despite being listed as exceptions. We have several Lists, each of which are added as Mail Contacts on ourExchange 2010 environment.

I am hoping you all can help me identify where I went wrong, and help me resolve this issue. At this point this banner is in a testing phase and is expected to roll out to the rest of the domain once this issue is resolved.

Current Exceptions: 

 Except if the message:
     Is received from 'Inside the organization'
     or Includes these words in the message subject: '[External]  '
     or Includes these words in the sender's address: 

Any suggestions are appreciated


How to add a proxy email address to delivery management for a mail-enabled security group

$
0
0

Hi,

We have a mail-enabled security group which they need restricted as to who can email it. I've been asked to add a proxy email address (which sits on a user account here) however I can only seem to add normal mailbox accounts to it.

Any ideas how to add a proxy email address to be able to send to this group?

Thanks!

대구오피 ≫Www.uuzoa2.com ≪ [유유닷컴] 오피백마


대전오피 〔uuzoa2.com 〕 [유유닷컴] 쓰리노

rejected messages

$
0
0

We running exchange 2013 on prem and in hybrid mode with office 365. We use barracuda essentials for spam and archiving. We have been seeing a lot of rejected messages in the logs of the Essentials stating the exchange server is rejecting the emails even though the users are valid. it is happening coming from multiple domains.

Rejected (smtp.abc.org:25:550 5.1.1 User unknown)

Allowed Sender Policies (header:Lisa.xyz@domain.com)Rejected (smtp.abc.org:25:550 5.1.1 User unknown) 

both were going to valid working email accounts on our domain that have mailboxes still on premise.

I have checked and updated our spf records and all other records look fine. The users get emails from other outside companies


Thank You in advance

Allowed Sender Policies (header:Lisa.xyz@domain.com) Rejected (smtp.abc.org:25:550 5.1.1 User unknown)
Allowed Sender Policies (header:Lisa.xyz@domain.com) Rejected (smtp.abc.org:25:550 5.1.1 User unknown)
AllowedSender Policies (header:Lisa.xyz@domain.com)Rejected (smtp.abc.org:25:550 5.1.1 User unknown)

Stonecold31666


Message trace details

$
0
0

What is the meaning of below custom_data in Message Trace

S:PCFA=OCAT|dkim=0
S:DeliveryPriority=Normal

S:AMA=EV|engine=A|v=0|sig=201902060009|name=|file=|hash=|phash=
S:AMA=EV|engine=S|v=0|sig=20190205.020|name=|file=|hash=|phash=
S:AMA=EV|engine=M|v=0|sig=1.285.949.0|name=|file=|hash=|phash=

S:TRA=ETRP|ruleId=2cf5d115-f94e-4732-8f34-36f65c121c96|st=2018-06-19T00:13:24.0000000Z|ExecW=0|ExecC=0|Conditions=DIP,F,0
S:TRA=ETRP|ruleId=a01820a0-fda1-412d-9d30-340e4b888344|st=2018-10-24T02:40:36.0000000Z|ExecW=0|ExecC=0|Conditions=ISUP,M.F,0
S:TRA=ETRP|ruleId=e664fc67-6337-488d-9337-d6c6324012b2|st=2018-11-08T10:13:36.0000000Z|ExecW=0|ExecC=0|Conditions=ISUP,M.F,0
S:TRA=ETRP|ruleId=a8a51256-6fb0-4ff1-a573-b354a68805b8|st=2018-11-26T04:37:50.0000000Z|ExecW=0|ExecC=0|Conditions=DIP,M.SD,0
'S:TRA=ETRP|ruleId=d959b20d-f646-47f2-a583-203d8a2281ef|st=2019-01-22T02:45:14.0000000Z|ExecW=0|ExecC=0|Conditions=DIP,F,0
ISUP,M.F,0'
S:TRA=ETRP|ruleId=3f421a0e-bdd4-48c5-82db-ef57acdcd908|st=2018-12-05T09:55:43.0000000Z|ExecW=0|ExecC=0|Conditions=DIP,F,0
S:TRA=ETRP|ruleId=6f7b105f-a8d7-4afb-ab0b-791b6b0a4fa1|st=2019-01-22T02:32:20.0000000Z|ExecW=0|ExecC=0
S:TRA=ETRI|MsgType=Normal|Ex=|IsKnown=|FipsStatus=NoFips|AttchUns=|ceErr=|Synth=False-Na-ON



Delay from office 365 to On-Prem

$
0
0

I currently have a Hybrid setup with Office 365 with students in the cloud and teachers On-Prem. Lately i have been noticing issues with O365 users sending emails to On-Prem. O365 Mail can sometimes take up to 2 hours to 2 days to be received On-Prem. 

I have opened a ticket with Office 365 Support and they believe the error is "When Office 365 try to send the email to on-prem, the “Defer” happened with the error {LED=450 4.4.317 Cannot connect to remote server [Message=451 4.4.0 Socket error ConnectionReset]"

They are unable to continue to resolve my issue because its a Hybrid scenario.

Any help would be appreciated. 

Emails are not going through

$
0
0

Hello Guys

I have a problem with my exchange server, all services are running, the database it is mounted and when I connect to outlook it shows connected but when I send the email it doesn't go through what could be the problem

kindly help

accepted domain

$
0
0

Hello,

I migrated one Exchange domain to office 365 (export pst-->import pst to office 365)

After deleting accepted domain for this domain  in Exchange,local users from other domains on this Exchange server are unable to send mail to this domain.

If I send from gmail,mail is delivered to office 365 for this domain.

So,removing accepted domain not working for this server.

If I create new user in office 365 for this domain,mail is delivered from local server but for existing users does not work.

If I remove(delete) existing user on Exchange server (AD) it wont send to same user in office 365

but if I remove autocomplete for that user in Outlook it sends to this user office 365 account with no problem

This is similar problem

http://forums.msexchange.org/Exchange_server_still_acts_authoritative_for_removed_accepted_domain/m_1800544861/tm.htm

 

Any advice except removing autocomplete on every computer?

Outbound emails from one specific email address blocked by Exchange 2013

$
0
0

Hi

We have a hybrid environment Exchange Online and are using Exchange 2013 as hybrid server. We have an application that submits emails to Exchange using SMTP and sends emails from noreply@smtpdomain.com. Since almost half of our user base is already in Exchange Online, many of these emails which are generated on-premises need to be routed to Exchange Online. This configuration has been working for months. On 24/06/2014, the emails from this application stopped getting delivered. 

On examination of message tracking logs, I found SMTP FAIL events - excerpt below.

ConnectorId             : Outbound to Office 365
Source                  : SMTP
EventId                 : FAIL
InternalMessageId       : 39560943768623
RecipientStatus         : {[{LRT=};{LED=550 5.1.8 Access denied, bad outbound sender};{FQDN=};{IP=}]}

Doing a search for the error in recipient status did not return anything but doing a search for "access denied, bad sender" did return results that suggested a scenario when a user in Exchange Online would be prevented from sending outbound email after having been identified as sending spam - see http://technet.microsoft.com/en-GB/library/dn458545(v=exchg.150).aspx

It seems our on-premises Exchange 2013 server has enacted a similar block on our noreply address which sends out a lot of emails. I have been able to confirm that if the 'from address' is changed to something like noreply123@smtpdomain.com, all emails from the application get delivered successfully.

I now need to find out how I can unblock our noreply address so these emails can be sent with the original from address.

Appreciate all help I can get on this one.


Receieve connectors Exchange 2016

$
0
0

In Exchange 2010, we had 4 receive connectors to secure our SMTP traffic.

  1. Internet, allowed anonymous access, and in the remote IP ranges the IP's of MessageLabs where configured (so was only accessible from our smarthosts on the internet).
  2. AllowRelay, allowed anonymous relay access to the IP's configured in the Remote IP ranges. Those servers are allowed to relay, however they have to use an Custom SMTP domain which was not linked to the company SMTP domains to which Exchange is authoritative.
  3. NoRelay, Allowed anonymous SMTP access to the IP's configured in the Remote IP ranges. Those servers are allowed to send SMTP messages, but are not allowed to relay.
  4. Authenticated access, allowed SMTP access to authenticated users. In which the used sender's address was verified against the credentials provided. If the provided credentials had send-as permissions on teh provided from address, than the mail would be accepted.

We have a company policy that states that OUR Exchange SMTP domains may only be used when the e-mail originates within the Exchange organisation, or is accepted by authenticated access.

Everything worked as designed, however this does not seem the case in Exchange 2016.

We have configured similar receive front-end connectors in Exchange2016 to provide the same service. We have provided each receive connector with its dedicated IP, as we saw that SMTP traffic somethimes ended up on the wrong receieve connector. Which wasn't the case in Exchange 2010. Since we have defined each Front-end receive connector to it's dedicated IP, we see the traffic ariving at the correct receive connector. However authentication is somethimes failing, somethimes we see that authetication occured from a certain system and that the e-mail is accepted, While somethimes that same system is failing altough credentials and senders address are provided and correct and equal as before. When we test from various systems using powershell, we often see the same error:

Send-MailMessage : The SMTP server requires a secure connection or the client was not authenticated. The server respons
e was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

 

Answers provided are coming from personal experience, and come with no warranty of success. I as everybody else do make mistakes.

Opening Encrypted Emails with Exchange Account or Microsoft Account

$
0
0
We have what may be a unique situation and I am hoping someone might be able to provide some assistance.  Our company is using Office 365 with a login of user at syr.companyname.  However, our email addresses are name at companyname. Our email is still run through and Exchange server.  We run into an issue when encrypted emails are sent to our employees through a customer's Office 365 account.  We cannot open the emails using our Office 365 login because the email address is not what is used for logging into Office 365. I understand the customer can modify their send settings to allow a different email address to open the encrypted emails, but they refuse to make that change.  We can use the one-time passcode, but this is extremely inconvenient as we receive several daily encrypted emails from the customer.  Since Microsoft no longer allows the option of creating a personal Microsoft login using a work email address, does anyone else have any suggestions on what we can do?  (Using a "personal" Microsoft login using the work email address does allow us to open the encrypted emails without issue.  However, not everyone had previously created a personal Microsoft login prior to the change.)  Our mail is hosted through an on-premises Exchange server.  We have not migrated to  AIP, our email is directed through Exchange and not 365.  Is there anyway we can add the email address as an alias to the Microsoft account when email is not hosted through 365?

To allow email from one external email address only for all DLs

$
0
0

Hi Team,

Anyone can suggest me on this we have one external email address and we want to allow the internal DLs to accept emails from this external email address and we don't want to remove require authentication tick from all DLs.

We do not want exchange transport rule also as it will also require to remove the ticks from all DLs and then add as an exception which will not suitable for us.

Please suggest me if we can use the accepted domain or address re-write in exchange?


Ankit Singh

450 4.4.318 Connection was closed abruptly

$
0
0

Hello,

I am getting below error while sending email to a group that contain more than 100 Users. This distribution group is allowed to accept email from outside. Our email first land on EOP and then receive on Onprem Edge server. We have public IP on edge server. No NAT.  There is no firewall in between EOP and OnPrem.





Ho to prevent spam from authenticated users?

$
0
0

Hi guys, I'm having some issues lately with users getting their smartphones infected anse sending a lot of spam to external addresses via our exchange system. This leads to blacklisting and mass hysteria... Our antispam system (fortimail) doesn't have a subsmission rate control and MS applies the native one only to SMTP submission it seems.

What do you do to prevent that kind of trouble? I cannot control user's devices, we let them use their own.

PS

Lowering the recipient rate could help but could backfire (prevent legit emails) while spam softwares could easily send more mails with less recipients to avoid being blocked.

Bye, Dario


Dario Palermo


Viewing all 3660 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>