Hi All,

I have 2 CAS/HT Servers configured viz Microsoft Load Balancer and 2 Mailbox Servers. I have configured 1:1 NAT on my Firewall pointing to NLB Virtual IP.

WAN IP: xx.xxx.xx.80

Exchange IP: xx.xxx.xx.81

There is no problem with incoming packets which works perfectly but, my outgoing email packets are going through firewall IP (xx.xxx.xx.80) and not exchange IPs (xx.xxx.xx.81). I can see this firewall IP in the email headers. 

What is it that I need to correct on my cisco to make sure all packets are going through my Exchange IPs?. One method I think is to create an outside dynamic NAT rule with source IPs of my 2 CAS/HT Servers & NLB IP which will point destination to my Exchange public IP but then I start thinking what is the point of having NLB configured? Also, will not the packets get distributedby firewall to select any host from the pool of 3 source IPs (2 CAS/HT & NLB)? Is there a method to fix incoming packets to one host only?

Appreciate your time for answering.

Hi guys,

I've spent way too long on this and I'm hoping someone can help me out.

A couple of days ago I thought I'd have a crack at installing CU1 on my 2013 server (around 12pm). It failed and it looked like I stopped receiving mail. I was however still 'connected to exchange'. I later realised that no mail was received after about 2pm that day.

I restored the entire server back to 7am that morning when I knew that the system was running fine. Strangely enough systems still aren't working.

I can connect to OWA/ECP and log in fine. I see my mail up until 2pm.

I can send email from OWA yet it doesn't appear in my outbox or sent items not does it appear in the exchange queue.

Outlook on domain computer says disconnected (Kerberos?) but my Outlook on my external computer says connected (basic authentication).

There are only 2 servers (Exchange and AD) and I've now changed our outgoing mail server and MX records so that mail doesn't pass through our spam filter.

Here's what I've done:

checked MX records

Removed port forward (all outbound traffic allowed) and re-added

Tested with remote connectivity analyser and got the following:

Testing TCP port 25 on host mail.domain.com.au to ensure it's listening and open.
	The specified port is either blocked, not listening, or not producing the expected response.
	Additional Details   The connection was established but a banner was never received. Elapsed Time: 16673 ms.

Any help would be awesome! Thanks

In Exchange 2010 I was able to send a specific disclaimer (with or without Mobile Phone number) based on a AD Pattern match. Strangly Exchange 2013 does not allow the expression I'm using. I was wondering if anyone could help me out:

I'm using powershell:

Get-TransportRule "Signature - With mobile" | Set-Transportrule -SenderADAttributeMatchesPatterns ("mobilenumber:\S(\S|\s)*")

I've also tried:
\S(\S|\s)*
/\S(\S|\s)*/g

The error i'm getting:

The specified regular expression '\S(\s|\S)*'is invalid.
Parameter name: SenderAttributeMatches

But none seem to work in Exchange 2013. When I stop using groupings (), the expression is allowed though.

Any help would be greatly appriciated

Dear Sir/Madam:

How to create email flows between two Exchange 2013 servers in two different Domains so that the users inside each Domain can receive emails  vice versa.

Many Thanks

Hi,

we've got some issues when sending emails to some linux recipients, that attachments or s/mime signed emails are converted to the dreaded winmail.dat attachements. 

On Exchange 2010 i've just configured the corresponding remote domain (or the default one) to disable TNEF sending to this mail domain.

Apparently with Exchange 2013 this setting does not work anymore. With setting the parameter "TNEFenabled" to $false, the recipients still get winmail.dat attachments.

do you have any idea how to work this out?

Kind regards,

Peter

Messages send fine with attachments to most email servers.  But we are running into an issue with some messages that do not send if there is a larger ~500KB attachment.  I can send a large file to gmail for instance 5MB and it goes fine but if I send to a recipient on AOL with an attachment of 500KB the connection to the server drops or times out.
I can then send a smaller attachment to the same recipient and message sends successfully.

 Here is the SMTP Send Log:

014-01-27T18:18:25.359Z,Default,08D0E866E8D574F4,0,,64.12.138.161:25,*,,attempting to connect
2014-01-27T18:18:25.437Z,Default,08D0E866E8D574F4,1,205.155.233.2:19745,64.12.138.161:25,+,,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,2,205.155.233.2:19745,64.12.138.161:25,<,220-mtain-mp03.r1000.mx.aol.com ESMTP Internet Inbound,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,3,205.155.233.2:19745,64.12.138.161:25,<,220-AOL and its affiliated companies do not,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,4,205.155.233.2:19745,64.12.138.161:25,<,220-authorize the use of its proprietary computers and computer,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,5,205.155.233.2:19745,64.12.138.161:25,<,"220-networks to accept, transmit, or distribute unsolicited bulk",
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,6,205.155.233.2:19745,64.12.138.161:25,<,220-e-mail sent from the internet.,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,7,205.155.233.2:19745,64.12.138.161:25,<,220-Effective immediately:,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,8,205.155.233.2:19745,64.12.138.161:25,<,220-AOL may no longer accept connections from IP addresses,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,9,205.155.233.2:19745,64.12.138.161:25,<,220 which no do not have reverse-DNS (PTR records) assigned.,
2014-01-27T18:18:25.750Z,Default,08D0E866E8D574F4,10,205.155.233.2:19745,64.12.138.161:25,>,EHLO gamma.sbcoe.k12.ca.us,
2014-01-27T18:18:25.828Z,Default,08D0E866E8D574F4,11,205.155.233.2:19745,64.12.138.161:25,<,250-mtain-mp03.r1000.mx.aol.com,
2014-01-27T18:18:25.828Z,Default,08D0E866E8D574F4,12,205.155.233.2:19745,64.12.138.161:25,<,250-STARTTLS,
2014-01-27T18:18:25.828Z,Default,08D0E866E8D574F4,13,205.155.233.2:19745,64.12.138.161:25,<,250 DSN,
2014-01-27T18:18:25.828Z,Default,08D0E866E8D574F4,14,205.155.233.2:19745,64.12.138.161:25,*,202772,sending message
2014-01-27T18:18:25.828Z,Default,08D0E866E8D574F4,15,205.155.233.2:19745,64.12.138.161:25,>,MAIL FROM:<sender email address>,
2014-01-27T18:18:26.093Z,Default,08D0E866E8D574F4,16,205.155.233.2:19745,64.12.138.161:25,<,250 2.1.0 Ok,
2014-01-27T18:18:26.093Z,Default,08D0E866E8D574F4,17,205.155.233.2:19745,64.12.138.161:25,>,RCPT TO:<recipient email address>,
2014-01-27T18:18:26.187Z,Default,08D0E866E8D574F4,18,205.155.233.2:19745,64.12.138.161:25,<,250 2.1.5 Ok,
2014-01-27T18:18:26.203Z,Default,08D0E866E8D574F4,19,205.155.233.2:19745,64.12.138.161:25,>,DATA,
2014-01-27T18:18:26.281Z,Default,08D0E866E8D574F4,20,205.155.233.2:19745,64.12.138.161:25,<,354 End data with <CR><LF>.<CR><LF>,

Thanks

This past Tuesday after hours, my company was the victim of an OWA exploit that caused our domain to get blacklisted due to sending out millions of spams. I was at a  loss to explain how that could occur, I had traced down the user source and through message tracking logs and IIS logs, and proxy logs, determined the source was a specific user and OWA.

This website describes the exploit exactly. To a T. http://blog.spiderlabs.com/2013/09/hey-can-i-use-your-server-for-spamming.html

The user's account was compromised through a phishing email (which got through the spam filter), and the user was dumb enough to fill out the form.

But that being said, the mechanism the hacker/spammer used to do automated spam via OWA by scripting uploading email to the users drafts and sent items, I would like to hope that MS is looking at patching that so there is no possibility of an exploit. I was fully patched with Exchange 2007 SP3 with the latest Update Rollup (12).

This was a huge black eye on us.

Hello,

We have Exchange Server 2013 installed as VM in our Windows Datacenter 2008 R2, we have problems in sending and receiving, we are troubleshooting the Exchange to figure out what are the problems, the strange thing is when we configure the Primary DNS and the secondary DNS to 108.178.62.234 (Our Provider DNS) 108.178.62.210 (Our Provider DNS) 50% of emails recipient didn't receive to our Excahge server same as while the sending emails.

Additional Information:

• We have 2 Static IP Addresses connected to Exchange server (108.178.58.100,108.178.58.120).
• We are using multi domains to sending emails all Domains SPF records txt value (v="v=spf1 a mx -all" ) we tried to set SPF records to (v=spf1 include:_spf.google.com ~all) but the errors below still received after sending them from Exhcnage server.
• We configured the Exchange 2013 IIS redirect to https://excas1.wolfsol.com, so all domains redirected from http to https (e.g. http://mail.abc.com redirect to https://excas1.wolfsol.com/owa) and SSL certificate is working fine.
• We are using one SSL certificate for exchange server issued to excas1.wolfsol.com
• We set Network Primary DNS to 108.178.62.234 (our server hosting provider DNS)
• We are not using FOP (because the configuration from Microsoft is not clear for multi domains exhcnage 2013) is there any alternative solution for blocking the Spams. We are receiving hundreds of Spams Emails daily.

Here are some of the errors:

============================================

Microsoft Outlook

Wed 1/22/2014 12:19 AM

To:

amm.gold@aramex.com;

To send this message again,click here.

86.96.206.41 rejected your message to the following email addresses:

amm.gold@aramex.com (amm.gold@aramex.com)

86.96.206.41 gave this error: Message rejected due to content restrictions

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

===============================

ESMTP rejected your message to the following email addresses:

JORAMSUP@UNHCR.ORG (JORAMSUP@UNHCR.ORG)

ESMTP gave this error: Transaction Failed Spam Message not queued.

A problem occurred while delivering this message to this email address. Try sending this message again. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server: EXCAS1.wolfsol.com

JORAMSUP@UNHCR.ORG ESMTP Remote Server returned '554 Transaction Failed Spam Message not queued.'

Original message headers:

Received: from EXCAS1.wolfsol.com (2002:6cb2:3a78::6cb2:3a78) by

 EXCAS1.wolfsol.com (2002:6cb2:3a78::6cb2:3a78) with Microsoft SMTP Server

 (TLS) id 15.0.775.38; Mon, 20 Jan 2014 02:58:35 -0800

Received: from EXCAS1.wolfsol.com ([2002:6cb2:3a64::6cb2:3a64]) by

 EXCAS1.wolfsol.com ([2002:6cb2:3a64::6cb2:3a64]) with mapi id 15.00.0775.031;

 Mon, 20 Jan 2014 02:58:35 -0800

From: orient1 <orient1@orientengllc.com>

To: "JORAMSUP@UNHCR.ORG" <JORAMSUP@UNHCR.ORG>

Subject: ITB JORAM/SUP/ITB/06/2014 Zaatari Wastewater Sewer Consultancy

Thread-Topic: ITB JORAM/SUP/ITB/06/2014 Zaatari Wastewater Sewer Consultancy

Thread-Index: AQHPFc5Hy7AJfloBJEOaGzFpMwhixA==

Date: Mon, 20 Jan 2014 10:58:34 +0000

Message-ID: <cf1cbfbe0b2e40d1ac15f17e22e31e52@EXCAS1.wolfsol.com>

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach: yes

X-MS-TNEF-Correlator:

x-originating-ip: [86.108.93.166]

Content-Type: multipart/related;

        boundary="_004_cf1cbfbe0b2e40d1ac15f17e22e31e52EXCAS1wolfsolcom_";

        type="multipart/alternative"

MIME-Version: 1.0
=======================================

Any suggestions? 

Only happens if the users have a 2nd-mailbox attached, a pop3 or imap4 email account and with online mode, users are working with outlook 2010/Outlook 2013 Windows 7/ Windows 8 OS+Office fully patched! If we activate cache mode the issue disappears.

  For application compatibility we need to put outlook with online mode activated, thanks for your help.

Hello. The goal I want to achieve - force all internal clients to authenticate against exchange server. I have one exchange server with mailbox and CAS roles. As I take it, I should make some configuration with receive connector. Is that correct? How exactly can I achieve that, keeping also in mind, that external clients should have anonymous authentication option availible for them?

Hi,

We have configured SQL job which sends once a month more than 1500 emails simultaneously.

Not all emails are delivering.

Which throttling settings should I look for to change?

For one of our customers we are currently working on a prove of concept to implement on premise exchange servers. The problem mentioned below takes place on test servers.

Server names and mail domain names are changed to generic values.

On our on premise exchange environment we encounter the following problems when emailing to a specific email domain .

Email to the domain companyname.com is placed in to the Unreachable Domain queue with the following error:

Last Error: The mailbox recipient does not have a mailbox database

Queue ID: SERVEREX01\Unreachable

Recipients:  user@companyname.com;2;3;The mailbox recipient does not have a mailbox database;1;<No Home Database>

Situation:

Customer uses a local Active Directory which contains all the user accounts and uses Office 365 / Exchange Online to provide these users with a mailbox. SSO between the local AD and O365 is provided by a third party identity provider. Dirsync is used to sync all user information from the local AD to O365 AD. This also includes the SMTP addresses users have on the Office 365 mailbox. In the local AD this information is saved is the proxyaddress attribute field and synced to O365. Office 365 uses the following mail domains for customer: companyname.com and companyname.onmicrosoft.com.

Customer wants to use local on premise exchange servers for specific locations and users and doesn’t want to implement a hybrid exchange environment. Therefore we installed an Exchange 2010 Edge server in the DMZ and an Exchange 2013 MBX / CAS server in the server network. The Exchange 2013 server is installed in the same Active Directory as the one mentioned above. This environment uses the mail domain @central.companyname.com. The email environment is configured to only accept email for this domain.

The email environment works fine. It can send and receive email internally and externally. There is only one issue. It’s impossible to send email from the on premise environment to office 365. The other way around (O365 to on premise) works fine.

When an email is send to a companyname.com email address the exchange 2013 mail server places the email in the Unreachable Domain queue and reports the following error:

Last Error: The mailbox recipient does not have a mailbox database

Queue ID: SERVEREX01\Unreachable

Recipients:  user@companyname.com;2;3;The mailbox recipient does not have a mailbox database;1;<No Home Database>

This is caused by the fact that the @companyname.com email addresses are stored in the active directory exchange uses. We tried to fix this problem to create a internal and external relay domain with the appropriate send connector but this didn’t help.

When we remove the proxyaddress attribute in the local active directory we are able to send email from the on premise exchange server to Office365. Removing the proxyaddresses is not a solution because these settings will be synced to Office 365 and users can’t receive email anymore in there cloud mailbox.

It looks like the SMTP Categorizer first looks in active directory if the target email addresses is available. If so it will send the email to this users (but doesn’t have a mailbox server and mailbox database).

Can we configure a working mailflow for email from on premise to Office 365 for @companyname.com addresses?

Hi,

Just finish to configure Exchange 2013 CU3; I have no problem with OWA. But trying to connect to outlook 2007 SP3 (PC  is joined to local domain: mysociety.lan) i'm facing with this error: "The connection to Microsoft Exchange is unavailable. Outlook must be online or connected to complete this action". When i try to continue it gives to me : GUID@mysociety.com; when i replace it to:GUID@mysociety.lan it connect; but restarting the computer give me the same error.

Please Help

So we have users who answer their own email but then also answer emails for 3 other address. When they reply to those address the from address is changed to match. However there is no group sent items folder.

I'd like to set it up so the sent items from address 1 go to one folder, and address 2 go to a second folder

EDIT: Client side rules do not allow you to select the from address as a routing option.

ok, so i have successfully migrated all of our US employees from Exchange 2010 to 2013 cross forest on prem.

we are all happy that it is done!! WOot WOot...

so now i am thinking post-migration task.

to give a bit of background, US & UK were 1 company, then there was a split & now we are 2 separate companies. The Uk people are still using Exchange 2010 & the old domain (company.local) & will continue to. All of us US employees are now on exchange 2013 in a separate forest (company.US,,  there is a 2 way trust in place) Currently all of our PC's are still part of the .local domain & thats how we login, however Lync & Exchange use our new .US accounts (domain migration is happening in a few weeks)

so on the .local side, any migrated email accounts, have been converted from mailboxes to contacts/mailusers, with external addresses that point to our new email domain. (via x500 emails/forwarders)

I being a bit green to some things x500, i am not sure what this does, except possibly tell the outlook client that the MB doesnt exist in .local anymore & is over in .US (like i said i am not 100% on this) Which then is the reason that the outlook clients get the initial pop up stating your admin has made a change & you need to restart outlook. However there is also a corresponding X500 email listed for the users in the .US side (not sure what that is for, unless that is how exchangematches the .local to the .US account)

My first question is, what happens for users who are still using domain accounts on .local, but email from .US via Outlook if & when the x500's are removed. Will outlook continue to work? or would we need to go into outlook & remove everyones account , & then put in the new .US account. (right now the outlook clients still show the old email address. John.smith@company.com. The new address is John.smith@companyUSA.com)

Or is the outlook client already looking at the new .US server & no longer @ the old UK servers?

also, we have noticed some issues with Full access & send-as permissions. The user & corresponding groups have been granted full access & send-as via the shell, however they would get odd """T

his message could not be sent. Try sending the message again later, or contact your network administrator.  Error is [0x80070005-00000000-00000000].""""

& would get emails bounced back when trying to send as the other account. Groups & permissions & everything were checked & nothing seemed to work. Until i then took the users AD account from the .local side, & added it to the Group that has full access/send as on the .US side. Keep in mind that the Exchange account was/is already a .US account, but the domain account is .local & Outlook still says company.com instead of companyusa.com (mail to the main mailbox flowed fine, in & out, outbound even comes out as CompanyUSA.com. So it seems that outlook is still using the Domain account & not the exchange account to determine some rights. 

Obviously this second item ^^ we hope to be fixed once the domain migration is finished. 

So for the most part i want to know about the x500, & if when we are all using domain & email accounts on .US, & then the UK removes/deletes our accounts from .Local.

the reason i worry, is i have seen people post about issues post migration after they turn off the old exchange servers.

Hi,

I have Exchange 2010 configured with Lync 2010 to send email about missed Lync calls.

A certain user is getting those email with a random delay (can be a few minutes up to few days), the user is getting all those mails in a bulk.

Mails appear in the inbox in their original time and date (time of the missed call).

What could be the reason they are not delivered immediately?

The user is properly configured (as same as other users).

Regards,

Vitali

Hi,

Please help me to block users to sending mails to specific domain in exchange server 2010 without using any rules 

Thankx