Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 3660 articles
Browse latest View live

Huge problems with delivering e-mails to MS Mail-Protection (MX *.protection.outlook.com) servers

June 5, 2019, 12:22 am
$
0
0

Hello there,

We deliver hundreds of transactional b2b mails every day to multiple b2b recipients.

The problem is that, for some reason, especially the businesses using the MS mail protection (MX server is <recipientcompany>.*.protection.outlook.com) very frequently flag our servers as spam. I can assure you we are not sending any spam, every spam tester gives great results/ratings for our mails, we are not on any blacklist. We are only sending like hundreds of transactional mails per day, no marketing mails or something like that. SPF and DKIM records are correct in my opinion.

Also very weird: We are using mailgun.com, so I have detailed logs of all our mails. the emails sent to MS mail-protected servers are instantly delivered with status code 250 (all good), but still are flagged as spam. Why is that?

Does anyone have any tips for me on what to do? It is of utmost importance to our business that these important emails are delivered on time, so I need this to work!

Hope you can help, thanks in advance,

cheers, Patrick


Search

Exchange 2013 CAS Receive Connectors

June 5, 2019, 1:25 pm
$
0
0
In our environment we have 4 stand alone Exchange 2013 CAS servers. Our external smtp mail is routed through our mailbox servers to a email appliance both inbound and outbound. The CAS servers do not handle any email that I am aware of. There are 3 receive connectors on each of the CAS servers (Client Frontend), (Default Frontend), (Outbound Proxy Frontend). My question is can these be disabled since they are not in the mailflow chain. If not disabled maybe the scope can be restricted. Any assistance welcomed. 

Recover/Extract Exchange Server 2013 License Key

June 5, 2019, 10:44 am
$
0
0

Hi Experts,

On Windows 10 and 2012 R2 (to latest), there's a command to get the OS license key but on exchange server 2013 would that be possible? I am planning to setup another Exchange server due to alot of bugs happening on the old setup.

thanks,
GT - newbie here :)

Receive Connector with Authentication and not open relay

June 10, 2019, 12:55 pm
$
0
0

  I am struggling with creating a receive connector that does authentication but does not allow emails to be relayed outside.

  I choose only permission group "Exchange users" while creating connector and remove below permissions,

 Get-ReceiveConnector relay | Remove-ADPermission -User "NT AUTHORITY\Authenticated Users" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

  Still when I test out, I am able to relay to outside of exchange as well using this connector. I want to block that outside part. Only emails going inside should be allowed.

  I suspect many inherited permissions are there that I am unable to get rid of?

 Any pointers?

Shahid Roofi


External MailTip

June 11, 2019, 5:09 am
$
0
0

Hi,

For this example we have our domains

domain.co.uk
domain.it

When sending emails to these domain we receive no External Mailtip Warning - Which is correct.

We have another domain associated with the company, but is not managed by us. When sending to the domain we receive the MailTip when sending to the domain

domain.fr 

Is it possible to set the External MailTip, to ignore this domain and not give a warning? 

Thank you in advance


Replace Return-Path using Transportrule

June 11, 2019, 11:04 pm
$
0
0

Hi!

I'm trying to replace the Return-Path value in certain mail headers and failing badly. :(

I created a new transport rule using New-Transportrule-SetHeaderName 'Return-Path' -SetHeaderValue <new Emailaddress> but it doesn't seem to work. I also tried-RemoveHeader 'Return-Path', but also without any results.

Can someone tell me what I'm doing wrong?

We have Exchange 2016 with Edge Servers in an Exchange Hybrid. I created and tested the rule on premise and not in the cloud!

Thanks for any and all help.

Best Regards,

Gerrit

If you think <g class="gr_ gr_14 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling multiReplace" data-gr-id="14" id="14">your</g> to small to make a <g class="gr_ gr_12 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="12" id="12">differnce</g>, try going to bed with a mosquito in the room...



Setting up S/MIME on Exchange 2013

April 15, 2019, 6:19 am
$
0
0

Hello,

I've been tasked to setup S/MIME on the Exchange server and pretty much followed these steps.http://dizdarevic.ba/ddamirblog/?p=78

My main concern is the certificate. I guess I would need to get a new cert for the receiving end to install on their server. Would I need to install that same cert on the exchange server? How would this affect the current CA cert on the exchange server? Could I use the existing CA cert that I have? and if so, will it also send our private key to them?

Sorry, Cert is not my strong suit.

Exchange 2013 rejects miltiple mails if one address is wrong

June 13, 2019, 6:17 am
$
0
0

Dear team,


one of our customers uses Exchange 2013 CU 7. 

The following issue occurs - when a mail is sent from outside to several mail addresses in the organization and one is wrong, all the mails are rejected. RecipientFilterConfig and RecipientValidationEnabled are with value true (enabled).

How this can be mitigated?


Br,

Marin

Search

ارقام شكاوي توكيل نورج ((01014723434)) الوكيل الرسمى ((01225025360))

June 15, 2019, 1:23 am

simplify transport rules with regex?

April 26, 2019, 1:56 pm
$
0
0

To log emails by project, we've got about 1600 mail transport rules configured where if a string is detected in the subject it sends a bcc of the email into a corresponding mail-enabled public folder.

For example, if subject contains the project "ABCD-123", send bcc to ABCD-123@domain.com (this is the alias of the PF). Same for ABCD-124 or WXYZ-999, etc.  All of our projects use this pattern and have a rule and PF.

Is there a way to have one rule to replace all of these, maybe using regex pattern match to accomplish this?

If subject contains (([A-Za-z]{4})-(\d{3})) then send bcc to (([A-Za-z]{4})-(\d{3}))@domain.com

Do not recieve bounced messages on relayed mail

June 20, 2019, 12:39 pm
$
0
0
We have a IBM Iseries producing utility bills and we are sending some of them out by e-mail. The Iseries is configured to relay the mail through our exchange 2013 mail server. I set up the Exchange server to relay mail  from the Iseries and everything is working ok. It relays to all destinations. What I want to do is see any bounced messages. The Iseries sends mail with the header "sender@iseries.ourdomainname.com"  if we are sending straight to a anyone internally if we relay through exchange to outside our network the header is changed "sender@ourdomainname.com" like all mail coming from exchange. This is normal is suspect but it I would like to see any bounced messages. I have tired sending messages from the Iseries through the exchange server knowing they are going to bounce but I cannot find the bounced messages on either server. Should I not worry about bounced message and try set up a delivery report from exchange if that is feasible. Is it even possible to see the bounced messages ? Not sure how this works I am not getting any closer doing google searches. Perhaps I am not asking it the right questions but if someone could clear this up for me I could finish this project. 

Exchange 2013 Error 12023

June 20, 2019, 7:33 pm
$
0
0

Hello - 

I have an Exchange 2013 server that is kicking up Transport Delivery Errors.  Seen below:

Microsoft Exchange could not load the certificate with thumbprint of F306F39ED2B90C76FD2B3356FE30547F4D90161F from the personal store on the local computer. This certificate was configured for authentication with other Exchange servers. Mail flow to other Exchange servers could be affected by this error. If the certificate with this thumbprint still exists in the personal store, run Enable-ExchangeCertificate F306F39ED2B90C76FD2B3356FE30547F4D90161F -Services SMTP to resolve the issue. If the certificate does not exist in the personal store, restore it from backup by using the Import-ExchangeCertificate cmdlet, or create a new certificate for the FQDN or the server enabled for SMTP by running the following command: New-ExchangeCertificate -DomainName serverfqdn -Services SMTP. Meanwhile, the certificate with thumbprint 4C03F3712D218B005561A7AEA703C3985A80FBB4 is being used.

The old cert has vanished.  I don't know what it was but it doesn't exist in the personal store, or in Exchange.  I created the new cert seen at the bottom and it appears to be using it but the errors persist.  Removing the cert from Exchange doesn't work since it doesn't exist and assigning it to -Service None doesn't work either, also since it doesn't exist.  

When I run Get-ExchangeCertificate I see my new cert and can see that it is assigned to SMTP, however, when I try to re-enable it by assigning it to -Services None, then back to -Services SMTP I get the following error when attempting to set it back to SMTP:

The error message is: Unknown error (0xe0434352)

I wouldn't worry too much about the errors but this morning the Mailbox Transport Delivery Service was stopped and users were not receiving mail.  Anyone know how to remove the non-existent cert and stop the errors?

Thanks

How can I post a article in Microsoft?

June 21, 2019, 9:09 pm
$
0
0
Hi Everybody! I am new in Microsoft. I can't post article in Microsoft. Please tell me how can I post article. What I need to do for article posting?

Mail stuck in send queue

April 17, 2019, 12:05 pm
$
0
0

Getting this error when sending email to internet:

4.4.1 Error encuntered while communicating with primary target IP address: "Failed to connect. Winsock error code: 10060."

simplify transport rules with regex?

April 26, 2019, 1:56 pm
$
0
0

To log emails by project, we've got about 1600 mail transport rules configured where if a string is detected in the subject it sends a bcc of the email into a corresponding mail-enabled public folder.

For example, if subject contains the project "ABCD-123", send bcc to ABCD-123@domain.com (this is the alias of the PF). Same for ABCD-124 or WXYZ-999, etc.  All of our projects use this pattern and have a rule and PF.

Is there a way to have one rule to replace all of these, maybe using regex pattern match to accomplish this?

If subject contains (([A-Za-z]{4})-(\d{3})) then send bcc to (([A-Za-z]{4})-(\d{3}))@domain.com

Search

Allow Third Party Spoofing

June 25, 2019, 7:56 am
$
0
0

    Anyone know why Sender ID rejects messages from an outside company that has permission to use our domain?

Currently our SPF record looks like this-

v=spf1 ip4:(Public IP) mx:mail.mycompany.com a:mycompany.com mx:allowedcompany.com include:allowedcompany.com -all 

From what I understand, this should:

-Allow my domain's mail exchanging server as a permitted sender.

-Check IP of sender matches our A record.

-Allows allowedcompany.com 's mail exchanging server as a permitted sender.

-Does a pass fail check of allowedcompany.com 's spf record. 

    Allowedcompany.com does have an spf record that is correct, so it would seem that the inlcude here is redundant if it checks the mx record of allowedcompany.com.

Either way, when allowedcompany.com sends mail using our domain name in the sender field of the header and not the envelope, a test email to gmail passes spf check as permitted sender. However, when the same kind of email is sent to our exchange using our domain name in the header (not envelope), Sender ID rejects it. In this case I added allowedcompany.com to the Sender ID config domains to bypass Sender ID, but this did not allow the message through either. All cases gave "RejectMessage,550 5.7.1 Sender ID (PRA) Not Permitted,Fail_NotPermitted." We also tried a rule to bypass anti spam when the domain of the sender is allowedcompany.com in the envelope, but this did not work either.

Any help is appreciated.

Users of mail.protection.outlook.com service do not receive e-mails from our email server, although the server reports the e-mails as being delivered

June 25, 2019, 11:44 am
$
0
0

Hi, everyone,

This is both a technical inquiry and a procedural one.

We are trying to send e-mails from a private e-mail server to e-mail accounts that seem to be protected by mail.protection.outlook.com (the logs are showing relay=xxxxxxx.mail.protection.outlook.com). The customers are complaining that they are not receiving the e-mails.

But, the mail logs are showing that server receiving the e-mails. (250 ......... Queued mail for delivery).

Our mail server has a good or neutral reputation on all services, is not listed in any spam block list, is sending exclusively less than 500 e-mails per day and all are business e-mails (not only solicited but also paid for).

There are multiple reports on the internet about lost mail on the mail.protection.outlook.com. We have zero experience with the outlook protection service. Could you please instruct of how to proceed? Is there a more appropriate place to ask these questions? 

Is there anything that the user of the outlook protection system can do? A place where it can be said that they really want our e-mails?

Thank you,

Sorin Milutinovici

Email Delivery / Possible transport rule

June 26, 2019, 1:34 am
$
0
0

Hello Everybody,

I have a situation that when one of my customers is trying to send an email to a particular domain but the email gets dropped.

We have a cloud based email solution just like mimecast or messagelabs. 

When the email is sent to the particular domain it gets blocked on the on premise part ( exchange 2010) 

I understand that an transport rule is blocking it but: 

-we have over 140 transport rules ( checked them one by one manually ) 

-exported message tracking logs and inside of them i see that source : Agent eventid:fail but no information in the event data (its a silent drop so the email is getting blocked but no notification is sent to the sender ) 

Just for your own information i cannot : 

-add to each rule an bounceback 

-turn of rules one by one 

-use the filter parameter in transport server command  ( dont have this cmdlet in the powershell) 

I'm struggling for the last couple days with this issue. 

Any ideas ? 

Thx :) ! 

Can we setup IPSec between exchnage on-premises and exchnage online in hybrid?

June 26, 2019, 7:40 pm
$
0
0

We have deployed exchange hybrid with office 365 and planning to deploy IPSec in order to get an extra layer of encryption between on premises exchange and office 365.

I this feasible? If yes how we can do this?

Issue when sending email to a mail enabled security group

June 29, 2019, 5:20 am
$
0
0

Hello

We have Exchange Server 2013 in our environment.I had created a mail enabled secuirty group.Inside this groups are few other mail enabled security groups. Basically a group was created with nested groups. There are altogether around 60 users within this group from different databases.

When an email was sent to this group, only 13 users received the email. For others mail delivery failed without any NDR to sender.The email was delivered to 13 random users within the group from different databases.

Kindly suggest me if anyone has faced similar issue and how should I resolve this.

ThankYou

Viewing all 3660 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>