Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 3660 articles
Browse latest View live

intermittent mail flow issue

April 10, 2014, 9:02 pm
$
0
0

Hi,

I have an Exchange Server 2013 running on one Server. I have set up a receive connector for the internal Scanner (Scan to Email). this works most of the time - but occasionally fails with the following error: "51 4.4.0 Error encountered while communicating with primary target IP address: ""421 4.4.2 Connection dropped" - any help will be appreciated.

I have run the health tests on the server and these are the unhealthy returns:

ServerStateNameTargetResourceHealthSetNameAlertValueServerComp
onent
--------------------------------------------------------------
EXCHVMNotApplicableActiveSyncCTPMonitorActiveSyncActiveSyncUnhealthyNone
EXCHVMOfflineOutlookProxyTestM...MSExchangeRpcProx...Outlook.ProxyUnhealthyRpcProxy
EXCHVMOfflineRWSProxyTestMonitorMSExchangeReporti...RWS.ProxyUnhealthyRwsProxy
EXCHVMOfflineRPSProxyTestMonitorMSExchangePowerSh...RPS.ProxyUnhealthyRpsProxy
EXCHVMOfflineOWAProxyTestMonitorMSExchangeOWACale...OWA.ProxyUnhealthyOwaProxy
EXCHVMOfflineAutodiscoverProxy...MSExchangeAutoDis...Autodiscover...UnhealthyAutoDis...
EXCHVMOfflineOWAProxyTestMonitorMSExchangeOWAAppPoolOWA.ProxyUnhealthyOwaProxy
EXCHVMOfflineOABProxyTestMonitorMSExchangeOABAppPoolOAB.ProxyUnhealthyOabProxy
EXCHVMOfflineActiveSyncProxyTe...MSExchangeSyncApp...ActiveSync.P...UnhealthyActiveS...
EXCHVMOfflineEWSProxyTestMonitorMSExchangeService...EWS.ProxyUnhealthyEwsProxy
EXCHVMOfflineECPProxyTestMonitorMSExchangeECPAppPoolECP.ProxyUnhealthyEcpProxy
EXCHVMNotApplicableAutodiscoverCtpMo...EXCHVM.theplantpe...AutodiscoverUnhealthyNone
EXCHVMOnlineOnPremisesInbound...FrontendTran...UnhealthyFronten...
EXCHVMNotApplicableEWSCtpMonitorEXCHVM.theplantpe...EWSUnhealthyNone
EXCHVMNotApplicableHealthManagerHear...MonitoringUnhealthyNone
EXCHVMNotApplicableOwaIMInitializati...OWA.Protocol.DepOWA.Protocol...UnhealthyNone
EXCHVMOnlineHubAvailabilityMo...HubTransportHubTransportUnhealthyHubTran...
EXCHVMOnlineMessages.failed.t...HubTransportUnhealthyHubTran...
EXCHVMNotApplicableOwaCtpMonitorOWAUnhealthyNone
EXCHVMNotApplicableMapi.Submit.MonitorMailboxTransportMailboxTrans...UnhealthyNone
EXCHVMNotApplicableOutlookMailboxCtp...OutlookUnhealthyNone

any idea where I should start?

Search

IIS SMTP Relay

May 7, 2014, 8:07 pm
$
0
0

We are using windows server 2008 Server R2. We installed IIS and the SMTP relay component. It is setup to relay mail to our exchange 2010 CAS server. All internal mail is relaying properly on this server to the exchange 2010 CAS server to internal email addresses. When someone tries to send to a recipient outside the organization such as to domain name hotmail.com, gmail.com microsoft .com, it does not relay the message. When I check the logs it looks like it does not even relay the external email address to the cas server.


The error message we get is below. Please assist in what is wrong.

Delivery has failed to these recipients or groups:

gogear22@hotmail.com
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

Diagnostic information for administrators:

Generating server:PRI.cross.com

gogear22@hotmail.com
#< #5.7.1 smtp;550 5.7.1 Unable to relay> #SMTP#

Original message headers:

Received: from HH-DATAserver ([192.111.111.2]) by PRI.cross.com with
 Microsoft SMTPSVC(7.5.7601.17514);	 Wed, 7 May 2014 20:12:03 -0300
From: hh-dataserver<hhdataserver@pri.cross.com>
To: <gogear22@hotmail.com>
Date: Wed, 7 May 2014 18:12:03 -0500
Subject: test messase
X-Mailer: SMTP Mail Component
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Return-Path: it@hh.cross.com
Message-ID: <HH-DATAserverMwVN7miR9Odu00000056@pri.cross.com>
X-OriginalArrivalTime: 07 May 2014 23:12:03.0714 (UTC) FILETIME=[C2029620:01CF6A49]




How to get pst from Exchange 2007 server

May 7, 2014, 10:26 pm
$
0
0

Hi,

How to get pst from exchange server 2007 & 2010.

Regards

Anil

Can't realize how to configure Receive connectors

May 15, 2014, 1:42 am
$
0
0

There is a number of servers:

All of them Exchange Server 2010 SP3 RU5

EDGE Server - EDGE role

Exchange10 - Roles: Hub Transport, CAs, Mailbox, UM

Exchange10s - Roles: Hub Transport, CAs, Mailbox, UM 

Now I installed Exchange 2013 with roles CAS, Mailbox. Firewall disabled.

There are 5 default receive connectors on it. How can i configure them for mail flowing between each other and to the internet throw the EDGE?

I tried to send messages from all servers and from internet. Default connectors don't work because messages stuck into the queues of EDGE and Hub transport Exchange10

I tried to disable default connectors and make my own (with restart services), but result is the same.

My own receive connector were with these parameters:

AuthMechanism    : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
RemoteIPRanges   : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
TransportRole    : HubTransport
PermissionGroups : All permission groups

Bindings : {[::]:25, 0.0.0.0:25}

Internet mail stops suddenly until Exchange Transport service is restarted manually - Exchange 2013

May 14, 2014, 10:43 pm
$
0
0
Internet mail stops suddenly until I restart Exchange Transport Service manually. I have Exchange 2013, what is the best solution for this?
 I have to keep restarting this service every 40 minutes!

RecipientThreadLimitExceeded in message tracking logs, queuing and holding up local email delivery to office365

May 15, 2014, 9:04 am
$
0
0

Please let me know if anyone knows an answer to this one... We're in a Hybrid Exchange environment, with 2 x Exchange 2007 servers,  and 1 x Exchange 2013 Hybrid server which is pointing to Office 365 for the purposes of relaying mail to O365 while we migrate our users out there.

We have just finished migrating, but just a couple of days ago we started experiencing delays in email delivery to O365... Not all mail, but some!  Incoming email or locally generated email gets relayed out through the Hybrid server and out to O365, but not all email is delayed... only some, but it's constant.  During the busiest part of the day, about 200 messages are sitting in the Queue in Exch2013... but they all eventually resolve between 5 and 45minutes.  The users are not happy.

The last error in the queue viewer for each hung email reads:  451 4.4.0 Temporary server error.  Please try again later.

If I look at the message tracking logs, I find an interesting item -- "RecipientThreadLimitExceeded":

2014-05-15T14:15:51.608Z,192.168.3.11,hydra,207.46.163.215,company-mail-onmicrosoft-com.mail.protection.outlook.com,RecipientThreadLimitExceeded,Outbound to Office 365,SMTP,DEFER,10307921510617,<5E5E05B0073A514AA6D072AFB5EB8182276370A4@APSWP0475.fubar.com>,885ea3ce-a020-41b1-8950-08d13e58d6d3,JoeUser@company.mail.onmicrosoft.com,451 4.4.0 Temporary server error. Please try again later,10117,1,,,Read: This is your generic subject line,sender@fubar.com,sender2@fubar.com,2014-05-15T14:16:51.608Z,Undefined,,,,S:Microsoft.Exchange.Transport.MailRecipient.RequiredTlsAuthLevel=Opportunistic;S:Microsoft.Exchange.Transport.MailRecipient.EffectiveTlsAuthLevel=EncryptionOnly;S:DeliveryPriority=Normal

I have tried to find some documentation on resolution for this RecipientThreadLimitExceeded error, but I can only come up with some Exchange 2011 documentation which recommends adding some entries to the EdgeTransport.exe.config file to bump up the RecipientThreadLimit value... I have not found anything pertaining to 2013.  I cannot even find any powershell commands to see what the current RecipientThreadLimit is on 2013!  Aghg!

Has anyone seen this before, or have any recommendations?

Thank you,
Mike

mail flow completely broken after upgrading Exchange Server 2013 CU3 (Build 775.38) to Exchange Server 2013 SP1 (Build 847.32)

May 16, 2014, 1:14 am
$
0
0

internal mail flow completely broken.

external mail flow completely broken.

i upgraded exchange server as follows:

1. setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

2. setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms

3. upgraded the exchange server with GUI installer

also considered this: http://support.microsoft.com/kb/2938053/en-us

receive connectors :

Transport Service couldn't start, then i disabled hub transports, and it starts, but no mail flow on port 25. according to this:

http://social.technet.microsoft.com/wiki/contents/articles/24056.what-the-crash.aspx

i didn't have any success to fix mail flow, any solution?


Remote Server returned '550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found'

May 16, 2014, 5:32 am
$
0
0

Hi all,

having the following issue that started today,everything been working fine until now.

When Office 365 users send e-mail to some on premise users they get the following error in Return.

Remote
Server returned '550 5.1.1 RESOLVER.ADR.ExRecipNotFound; not found'

On premis users (Exchange 2013) can send to the same contact just fine.So for 365 users that failed we have tested the following:

Using OWA,says recepient cannot be found.

All 365 users fails to same recepients,for now a dosen People.

Address that fail,mailboxes are spread accross different databases.

Cannot see any error in event Viewer related to this.

Any tips?

thanks!

Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

Search

Send connector not working for external emails

May 16, 2014, 7:38 pm
$
0
0

Hi - really hope someone can help, I am quite a novice at setting up Exchange so please bear with me. I have recently installed Exchange 2013, there was some initial failures due to old 2010 Exchange server that died, eventually got to a successful install of Exchange 2013 running on server 2012, so far I can send and receive emails internally no problem, I can receive emails from external email addresses, I just cannot send emails to an external email addresses. I am seeing errors like below when I send to a gmail.com account

Failed to connect. Winsock error code: 10051, Win32 error code: 10051 Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 2607:f8b0:400c:c03::1a:25'

Please help! getting quite desperate to solve this issue. 

Support for TLS 1.2 over Exchange 2013?

May 27, 2014, 12:29 am
$
0
0

How to enable TSL1.2 in Exchange 2013, any documentation leading me to configure it?

Is there any confirmation about TSL 1.2 Supporting or not?

Any help or insight would be greatly appreciated. Thanks!

SenderID SPF Include keyword bad evaluation

May 23, 2014, 3:32 am
$
0
0

Hello there in Exchange forums.

I have Exchange 2010 server with all current patches and SenderID action set to reject if SPF fails. If the domain is using keyword include in their SPF TXT record (such as account.microsoft.com where for example onedrive mails come from), the sender ID fails with 550 5.7.1 Sender ID (PRA) Not Permitted, instead of accept message.

Do anyone resolve that?

Delivery Report (Pending)

May 28, 2014, 3:57 am
$
0
0

I'm having some issues with some emails in a pending state and I can not see why?
on the delivery report I get the following: -

Pending 27/05/2014 17:31 ExchangeServer1.domain.local The message has been transferred from ExchangeServer1.domain.local to ExchangeServer2.domain.local. 28/05/2014 09:27 ExchangeServer1.domain.local No further information is available about this message because the logs are no longer available.

Most of the recipients received the email but there are 7 that are on Pending?

Any ideas on how to track why these are set to pending?

Matthew John Earley BSc (hons) || www.o0MattE0o.myby.co.uk


EOP: Set spam confidence level does not move message to junk email

May 28, 2014, 3:08 pm
$
0
0

We have recently been migrated to Microsoft EOP from FOPE. We have a transport rule that gives a spam message an SCL of 7 and prepends the subject line with "SPAM:". I know that the transport rule is working because I see the SCL value in the header as 7. I have the set-organizationConfig SCLJunkThreshold set to 5. If I get-mailboxjunkemailconfiguration for a mailbox it shows enabled is true.

I can't figure this out.

Best Practice on Not Exposing your internal FQDN to the outside world

May 27, 2014, 8:43 am
$
0
0

Exchange server 2010, sits in DMZ, internet facing. The server is currently using the Default Receive Connector. This exposes the internal fqdn to the outside world (ehlo). Since you should not (can't) change the FQDN on your Default Receive connector, what is the best practice here?

The only solution I can see is the following:

1. Change the Network on the Default Receive Connector to only internal IP addresses.

2. Create a new Internet Receive Connector port 25 for external IP addresses (not sure what to put in Network tab?) and use my external FQDN for ehlo responses (e.g. mail.domain.com)

3. What do I pick for Auth and Permissions, TLS and Annoymous only?

Michael Maxwell

Exchange Server 2013: incoming messages are not delivered into user mailboxes occasionally

June 27, 2013, 10:35 pm
$
0
0

Exchange Server 2013 CU1, two mailbox servers (DAG, only one mail database), two CAS servers (NLB cluster). Two Sendmail/CentOS-based SMTP relays route mail between Exchange servers and Internet (incoming mail is routed to NLB cluster name).

Usually mail flow is OK: messages are sent and received normally. However, I've got several complains from different users. They state that occasionally they don't receive messages that were sent to them from outside. Tomorrow morning I've decided to investigate the issue.

So, we have a message sent from Gmail account that was not delivered in user mailbox. It was received and routed to Exchange by Sendmail host:

Jun 27 22:06:37 MX01 sendmail[12169]: r5RG6HC8012166: to=<USER_ADDRESS>, delay=00:00:19, xdelay=00:00:19, mailer=smtp, pri=124702, relay=NLB-FQDN [NLB-IP], dsn=2.0.0, stat=Sent (<CAHgK_sjEkj41htuVsutMP3XhgR5RRDs8-EgSC-UfHoaiHWFj=A@mail.gmail.com> [InternalId=13069585481819] Queued mail for delivery) 

Running Get-MessageTrackingLog applet on the mailbox servers displayed the followed log entries for the message:

DB Server #1:

    22:11:18 HAREDIRECT

    22:11:18 RECEIVE

    22:11:18 AGENTINFO

DB Server #2:

    22:11:18 HARECEIVE

    22:12:44 HADISCARD

So, we can see that the message was placed into shadow queues, but was NOT delivered into mailbox (no DELIVER status entries). Also pay attention to the timing. Time on all the servers is in sync, but Sendmail timestamp is 22:06, and Exchange timestamps are 5 minutes behind it.

Today a message sent to the same address from the same Google mailbox was received by Exchange and placed into user mailbox with no glitches.

We use Exchange antispam system activated on Exchange mailbox servers. Spam is never dropped silently. It is either returned to sender (SCL 9) or placed into quarantine mailbox (SCL 6 and above). I'm pretty sure that the lost message was not in the quarantine mailbox this morning, and the sender didn't receive any NDRs.

Any ideas what to investigate next?


Search

Drop messages in queue that have a blank sender

May 28, 2014, 3:06 pm
$
0
0

I'm getting hundreds of messages in the Queue where the From Address is < >. 

Do I just let these build up or is there a setting somewhere that would just drop the message if it has a blank sender?

Here is an example of one that I've received;

Identity: Pebbles\512\21474838371
Subject: Undeliverable: MUST READ: Vehicle's Below Kelly-Blue-Book*
Internet Message ID: <1ca164f3-6423-4aa3-9574-a5124e61d827@mydomain.com>
From Address: <>
Status: Ready
Size (KB): 10
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 5/27/2014 11:51:09 AM
Expiration Time: 5/29/2014 11:51:09 AM
Last Error: 400 4.4.7 Message delayed
Queue ID: Pebbles\512
Recipients:  Notification9334@carforcheap0821.us;2;2;[{LRT=};{LED=400 4.4.7 Message delayed};{FQDN=};{IP=}];0;CN=outbound,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT)....

1 email server in domain; Exchange 2013 sp1/Win2012 Standard

PennyM

Can't send mail to AOL!

May 29, 2014, 11:50 am
$
0
0

I have been trying to get mail flowing to AOL for months now.... I finally managed to figure out how to get an SMTP log from my send connector. The log contained the following:

attempting to connect
,+,,<,220-mtaig-mbc05.mx.aol.com ESMTP Internet Inbound,<,220-AOL and its affiliated companies do not,<,220-authorize the use of its proprietary computers and computer,<,"220-networks to accept, transmit, or distribute unsolicited bulk",<,220-e-mail sent from the internet.,<,220-Effective immediately:,<,220-AOL may no longer accept connections from IP addresses,<,220 which no do not have reverse-DNS (PTR records) assigned.,>,EHLO mail.<REMOVED>.net,<,250-mtaig-mbc05.mx.aol.com,<,250-STARTTLS,<,250 DSN,>,STARTTLS,<,220 2.0.0 Ready to start TLS,
*,,Received certificate
*,1F75F1B43AEDCCA6B206A8D8CA35D87FC37F7A95,Certificate thumbprint>,EHLO mail.<REMOVED>.net,<,554 The security certificate was issued by a company you have not chosen to trust.,>,HELO mail.<REMOVED>.net,
-,,Remote

It seems to not like the certificate on the AOL server.... How in the world do I fix this?

Thank You

Is there an Exchange 2013 DoD/Federal Message Clean/Spill Procedure?

May 29, 2014, 3:47 pm
$
0
0

I have seen DoD/Federal procedures to clean a message from early versions of Exchange (i.e. leakage/spill), but these procedures would not work for Exchange 2013.

I know that in the past Microsoft has worked with DISA & NSA to develop a message clean procedure for older versions of Exchange.

Is there a published procedure or best practice to clean a message from Exchange 2013 that meets DoD/Federal standards?

Thanks

Tom

Thomas Talley

Wrong RejectMessage when using transport rule on exchange 2013 edge server

May 29, 2014, 4:38 pm
$
0
0

Hi,

we are using Exchange 2013 SP1 (CU4) as an exchange edge server.

We configured our domain with an spf text record which works fine for senderId. But senderId only recognizes the email address of the "from:" header and not the "mail from:".

So we added a transport rule (which we already had working on an exchange 2010 edge server): 

New-TransportRule -Name SPF -HeaderMatchesMessageHeader Received-SPF -HeaderMatchesPatterns Fail -SmtpRejectMessageRejectText "5.7.1 SPF unauthorized mail is prohibited." -SmtpRejectMessageRejectStatusCode 550 -SenderAddressLocation HeaderOrEnvelope -StopRuleProcessing:$true

On exchange 2010 the reject message was: "550 5.7.1 SPF unauthorized mail is prohibited."

But now on exchange 2013 SP1 its: "550 TRANSPORT.RULES.RejectMessage; the message was rejected by organization policy"

so the SmtpRejectMessageRejectText isn't used in the output. I assume this is a bug, because we added the same transport rule as we had on exchange 2010 edge.

Does anybody have the same issue?

Best regards

Thorben

Transport rule to block users from sending messages to their former email addresses

May 28, 2014, 10:09 am
$
0
0

Hi

 

I have an interesting ‘opportunity’ with a customer, where they are looking to provide email (Exchange Online) to retirees.  So with that in mind we have setup the domain retiredcompany.com on Office 365.   We have also setup redirects to send email sent to user@retired.company.com to office 365 mailboxes.  This all works fine.  email sent to user@retired.company.com gets routed to the appropriate inbox.

Now to complicate matters, when a user retires they will be moved to a cloud mailbox.  A forwarder will be placed on Exchange on-premises to forward user@company.com mail to the users retiredcompany.com mailbox.  Again all works fine.

The problem is that the customer wants to block the cloud user from sending messages to their user@company.com address.  This will be an issue when the user "replies all" to messages that contain their old user@company.com address.

 

Now I know I can use transport rules in Exchange Online, but I can't figure out a way to block this scenario without having to build a rule for each retiree, which will not scale.  I need a transport rule that will compare the username portion (left of @) of the senders address to the username portion (left of @) of any recipients address and block the message from being sent to that recipient when they match.

 

Notes:

We have structured the username to match the on-premises usernames, so the match should work.

The customer is fine with blocking messages if the users send messages to their old email addresses, so it's ok if we will intentionally be blocking some good messages.

The customer doesn't want the users to receive messages that they send unknowingly to an old email address that is being forwarded.

Viewing all 3660 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>