Quantcast
Channel: Exchange Server 2013 - Mail Flow and Secure Messaging forum
Viewing all 3660 articles
Browse latest View live

transport rule exchange 2013 ?

September 14, 2014, 11:39 am
$
0
0

hi,

we upgraded from exchange 2003 to 2013,

we was relaying on send connector for managing mail flow as all user mail outside the company is rejected, and we give user access per domain using send connector

user 1 has access to send to yahoo.com only, user2 has access to send to hotmail.com only, user 3 has access to send to any domain.

when we tried to apply this scenario with transport role,

we create a role that block access from user1 to all outside expect yahoo.com domain and the same with user2

but when we try to make the third role to block all user to all domain expect user3 with the greater priority no. it always take precedence over the other 2 role and block user1 access and user2 access.

so does anyone have any idea how to manage this?

Search

Routing Email to Un-Accepted Domain Internally

September 15, 2014, 12:19 am
$
0
0

Hi All,

This is a bit peculiar. But it’s been bugging me for some time now. Its nothing like I need to implement or need this, but just a concern to understand mail routing.

I was able to route email to

myname@gmail.cominternally back in Exchange 2003 to a mailbox hosted inside mydomain.com. I didn’t add the email domain to accepted domain as we say now.

As per the reading and available information from MS for Exchange 2013, it is possible to route emails only if we add the email domain to the accepted domains list.

Even the email policy will not let you save information if the domain is first not added in accepted domain.


If you delete an accepted domain that's used in an email address policy, the policy is no longer valid, and recipients with email addresses in that SMTP domain will be unable to send or receive email.


 

However adding

myname@gmail.comis allowed as an additional SMTP address to MAILBOX ENABLED local user (I’m not talking about external contact or Mail Enabled user here)

We typing

myname@gmail.comon new email GAL resolves it and lets me send email to the local user. (Even if I hide the user I believe it will work)

I’m trying to understand what is happening here and why it is accepting the email addressed to gmail.com(delivering it to local mailbox) instead of routing it out to internet.

Any reference to this in MS article.

Doing this in a accepted domain scenario makes sense, by how it works without the domain in accepted domain list works. How does categorizer works.

My Findings:


*The categorizer resolves the message sender by searching for the address in the ‘proxyAddresses’ attribute in Active Directory.

*The categorizer also resolves the message recipients by searching for the addresses in the ‘proxyAddresses’ attribute in Active Directory.

*The categorizer also checks to verify that the mail attribute exists in Active Directory, and stamps the mail attribute as the SMTP address.

*For local delivery, the categorizer marks the recipient as local by setting a per-recipient property on a message indicating the destination server for each recipient.

 

 


So,

Q:If we don’t have domain mentioned in accepted domain, is exchange going to accept email for it at all?

A: NO (Microsoft says)

What I think what MS means is Accepted Domain basically refers to emails coming from outside the exchange, which will not be accepted.

That would refer to the ‘SMTP Receive’ process of submission (

From SMTP Receive through a Receive connector).  But internal would be process of submission (Through a transport agent and would bypass the Accepted Domain check.)

 

Let me know your views and test results if you happen to test it.

Regards,

Satyajit

Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


New Exchange 2013 server added to Exchange 2010 environment won't send or receive email

August 13, 2014, 12:10 pm
$
0
0

Hi!

I've added an Exchange 2013 server to our Exchange 2010 environment, and it does not seem to be able to send or receive mail. It can definitely communicate with the Exchange 2010 server- I've successfully migrated mailboxes from the 2010 server to 2013- I just can't send any mail there. I've set up the Send and Receive Connectors on the 2013 server, and they're configured pretty much identically to the connectors on our 2010 box.

Messages sent from an account on the 2013 server simply sit in the drafts folder. Looking at the logs on that server, I don't see anything happening at all. For example, the logs at ~\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpSend and SmtpReceive haven't been updated since the initial install of Exchange. No logs have yet been created under ~\Exchange Server\V15\TransportRoles\Logs\Hub\ProtocolLog\SmtpSend and SmtpReceive.

On our 2010 server, messages I try to send to a mailbox on the 2013 server get stuck in the queue with the error presented being451 4.4.0 Primary target IP address responded with: 
"421 4.4.2 Connection dropped due to SocketError." There shouldn't be anything preventing communication on the 2013 server- no antivirus running, and I've got the firewall disabled while I troubleshoot this issue.

Additionally, DNS seems to be working fine on both machines. Both can resolve the other's name, and addresses on the internet.

Just for background, our environment consists of a single Exchange 2010 server at version 14.3 (Build 123.4) and a single Exchange 2013 server at Version 15.0 (Build 847,32).

Any help would be much appreciated. Thanks!

Do any services require a restart after changing Message Retry Interval?

August 23, 2014, 12:01 pm
$
0
0

I'm trying combat a "grey-list" issue by changing the Message Retry Interval to 15 min from 1 min. I did this change about 12 hours ago and I my test messages are still sitting in queue. I suspect a service restart is needed. Any ideas?

 

Set-TransportServer SAC79906MAILP01 -MessageRetryInterval 00:15:00

Thanks much! :-)

Disable duplicate message detection

August 20, 2014, 12:39 pm
$
0
0

Hi Folks

there is a way to disable duplicate message detection feature?

I need to deliver emails with same MessageID and Date.

Thanks in advance

Luca

Exchange and External Domains

August 27, 2014, 2:46 pm
$
0
0

Dears 

I have Exchange Server 2013 and 2010 both of them on different forests.

I need to set 2013 send to external domains through 2010, i received error NDR when sending to external.

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.

not receiving emails from internet to email ids of exchange 2013

August 26, 2014, 3:21 am
$
0
0

hi

1) i installed exchange 2013 , mails going out well, coming well, but from internet mails r not receieving to email ids of exchange 2013, i added receive connnector also, but not working.

2) how to take backup of exchange 2013 & individual mailbox of mail id

pls

Dynamic Group members error

July 20, 2014, 11:43 pm
$
0
0
I create 5 Dynamic Group and 1 Universal Distribution Group. I add 5 Dynamic Group in 1 Universal Distribution Group. If i view members in every all correct, but if i run in powershell Get-DynamicDistributionGroup/Get-Recipient -recipientPreviewFilter - i view all users in domain with mailbox. How fix this?
Search

Exchange 2013 sp1 smtp NTLM auth for child domain users

April 23, 2014, 5:35 am
$
0
0

i have exchange organization with exchange 2007 sp 3 & exchange 2013 sp1.

there are  all users in Exchange 2013 server (mail flow is through Exchange 2013 server)

i have single forest, 2 site (site1, site2), root domain root.local and 1 child domain ch.root.local

DC  for child domain is located in site2 (dc.ch.root.local)

multirole exchange 2013 server is installed in root domain.

i am traing to configure smtp receive connector with NTLM auth and have one problem.

when user in child domain try send email through this receive connector i see in log

<,AUTH NTLM,

>,334 <authentication response>,

*,SMTPSubmit SMTPAcceptAnyRecipient BypassAntiSpam AcceptRoutingHeaders,Set Session Permissions

*,CH\user1,authenticated

*,,Setting up client proxy session failed with error: 535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user

*,,"Setting up client proxy session failed with error: 451 4.4.0 Primary target IP address responded with: ""535 5.7.3 Unable to proxy authenticated session because either the backend does not support it or failed to resolve the user."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 192.168.1.15:465"


but authentication is succesfull for users from root domain.


why do it can be?
Thanks.






Smart Hosts & DNS records

September 16, 2014, 5:09 am
$
0
0

Hi All.

I hope someone could assist me as I have been struggling with mail flow issues for a long time.

We have our own in house exchange server and internal mail as well as incoming mail is 100 %.

We have always used our ISP smart host to send email and started getting email flow issues a couple of months ago.

I then switched over to sending email via DNS. I setup the correct DNS records eg Reverse Lookup record and SPF records as i thought this might be an issue. I have also cleared our domain off one or 2 blacklists. (We had a user account compramised and spammers were using that account to send email)

This is now all cleared up and general outbound email flow is going great, but once again we are now experiencing issues with all clients filtering with Mail Marshall.. Message as below:

Your message did not reach some or all of the intended recipients.

 

     Subject:    Email

     Sent:2014/09/16 09:02 AM

 

The following recipient(s) cannot be reached:

 

     example@example.co.za on 2014/09/16 09:02 AM

           There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.

           <example.example.org.za #5.5.0 smtp;550 Message refused by MailMarshal SpamProfiler>

Has anyone got any advice on what I can do. The failed report doesnt give much help. I have also sent an email with just text to see if maybe its the email signature but still no luck.

I'm thinking of switching back to the ISP as a smart host but I'm not sure if the SPF and reverse DNS records would cause an issue now.

Would our clients not look at the reverse and SPF record and see that the IP (ISP Smarthost) doesn't match our IP lised in the public DNS ?

Much Appreciated.


Shaun


Forward Emails - Distribution group setup Question

September 15, 2014, 5:20 pm
$
0
0

Using Exchange 2013. We have a user in AD called Purchasing User that has email address ofpurchasing@domain.com and mailbox in Exchange. We want any emails that go topurchasing@domain.com to be forwarded to (3) other recipients in the same AD (internal users).  In Exchange we tried creating a Distribution Group with those 3 members, that we could forward to, but when that Group gets created it automatically created an email address called purchasing2@domain.com  (that does not exist at our Email host) and the forwarding failed.

1. Are we instead supposed to create the group in AD?

2. When the recipients get the email, will they see the sender's information or will they see the DG info--we want them to see the sender's info.

Thanks!

TLS Not Working On One Of Our Servers

September 17, 2014, 4:24 am
$
0
0

Below are my telnet sessions for each server. For some reason TLS is working on one, but not the other and I can't for the life of me figure out why. The configurations look exactly the same and they are using the same certificate. Does anyone have any ideas, I would really appreciate any asistance. (Some irrelevant information has been removed from the below output for privacy)

220 server1 Microsoft ESMTP MAIL Service ready at Wed, 17 Sep 201
4 07:22:40 -0400
ehlo
250-server1 Hello [10.40.3.57]
250-SIZE 37748736
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 XRDST

220 server2 Microsoft ESMTP MAIL Service ready at Wed, 17 Sep 201
4 07:23:05 -0400
ehlo
250-server2 Hello [10.40.3.57]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING

Encrypted file deleted from edge servers

September 17, 2014, 12:54 pm
$
0
0

when any user try to send encrypted files as attachment from internal to external

edge server stripe the attachment.

and there is no attachment filter entry for encrypted files in the attachmentfilterconfiguration.

Mailflow

September 17, 2014, 7:32 pm
$
0
0

Hi,

We have setup office365 hybrid configuration on exchange 2010 sp3 cas/hub server. We can move mailbox from exchange to office365 successfully. But we are facing mail flow problem. We have selected option "Route all Internet-bound messages through on-premises Exchange servers" in hybrid configuration. We have xxxx.onmicrosoft.com domain as default.

1. We cannot send mail from on premise mailbox to office365 mailbox. We get NDR with like Mail is looping.

2 Office365 mailbox cannot send or receive mail to external domain.(like yahoo mail, Gmail)

3. Office365 mailbox cannot send mail to on premise mailbox.

4. Office 365 mailbox sends mail to another office365 mailbox.

Please help me to troubleshoot this. This is very critical.

Thanks & Regards

Problems when forwarding NDR's the get translated to Chinese garble (if it is Chinese :) )

September 17, 2014, 11:50 pm
$
0
0

Hi There

We're running on an Exchange 2013 server. When users get a NDR (look OK at this time), but when forwarding the NDR to system admin, they get garbled into Chinese (or what looks like Chinese). Any ideas on solving this ?

Kind Regards
Kim

Kind Regards Kim

Search

Live exchange server

September 17, 2014, 11:53 pm
$
0
0

Hi

I have install exchange server 2013 and i have configure and able to send and received mail in local domain. Please provide step how to send and received mail all domain ( like yahoo, rediffmail). and how to make  2 or 3 domain in  my exchange server 2013 and each domain configure own user mail id.

Unable to telnet to localhost after CU5

September 18, 2014, 3:51 am
$
0
0

Hi

We upgraded E2013 to CU5 on Sat 13 - On Thu 18 at 9:12 all 4 CAS servers stopped processing mail

error from smarthost:

421 4.3.2 The maximum number of concurrent connections has exceeded a limit, closing transmission channel

unable to telnet locally: telnet localhost 25 

421 4.3.2 Service not available

netstat -an | find "25" shows port is listening

Test-SmtpConnectivity shows success

Any ideas appreciated

shapi

SMTP Routing for Coexistence Exchange Server and Lotus Domino

September 17, 2014, 9:18 pm
$
0
0

Hi,

I have plan to do migration from Lotus Domino to Exchange Server 2013, because we can do big bang migration, we need to do migration with coexistence schema. But now i have question about the SMTP routing from external. By now, the existing mail system had mail gateway connection to Lotus Domino server. When I have my Exchange Server ready, what should I do to the SMTP routing? Can I set mail gateway to send email to both Lotus Domino and Exchange Server? Or just let the existing routing where mail gateway only send email from external to Lotus server and then it works with the Internal Relay that has been set?

Thanks before for all your respons

Regards,

Exchange 2013 isn't receiving email from the Internet

September 17, 2014, 8:46 pm
$
0
0

Hi everyone,

I'm a student and am learning Exchange.  I have a legitimate copy of Exchange 2013 and I set it up to where I can send outbound email but cannot receive email.  My ISP blocks 25 in/out.  I'm using a smart host to go through 587 and an SMTP relay service that will send email down through 587.  I know Exchange is blocking it and not my UTM. 

This is the message I receive from the SMTP relay service:

Delivery to the following recipient failed permanently:

 

     Administrator@domain.com

 

Technical details of permanent failure:

Google tried to deliver your message, but it was rejected by the server for the recipient domain example.com by smtp.relay.com. [IP Address].

 

The error that the other server returned was:

550 Requested action was not taken because this server doesn't handle mail for that user

 

 

----- Original message -----

 

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

        d=gmail.com; s=20120113;

        h=from:to:references:in-reply-to:subject:date:message-id:mime-version

         :content-type:thread-index:content-language;

        bh=0IFe5TYY5TlycliLGXTpFWA1cwTiEftud99knp8frtw=;

        b=Wq/H3kaWraaPvoYL4d5wP8O3cE9tsjA9JZq5n4kTxuL0YEUupI0PGdpLiIhzKuPKsk

         DRZjYz8wiWdWwqAb+Vl4bxktue3CnNtI9krZCnUbxa+tiynHMxeYPEOFrSxRRB84xvhI

         kY3sAdtjTqpi/t1Dod2mWVrmSoGlx3O9Hf49MG0mNfudejMDXmQed5XauMWsKkPhqdAi

         +W7x0OlTO4Up3u0NR4G5JmrorKCmavc8jKW3dpZtxDMRVtJjZmqQiAuaYEmGUF1VkgKJ

         AggYJHHXssh/8MWWa8TDv0vD1H7rYVrY0VzidGw825t64a8GIH1fUXfe52K2DdarZ0Pn

         b9zQ==

X-Received: by 10.50.43.233 with SMTP id z9mr43490961igl.41.1411008578071;

        Wed, 17 Sep 2014 19:49:38 -0700 (PDT)

Return-Path:

Received: from

        by mx.google.com with ESMTPSA id ij9sm1119684igb.10.2014.09.17.19.49.36

        for

        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);

        Wed, 17 Sep 2014 19:49:37 -0700 (PDT)

From:

To:

References: <b8b7413f69404e49adb90ec73567160d@MyServer.local>

In-Reply-To: <b8b7413f69404e49adb90ec73567160d@MyServer.local>

Subject: RE: test

Date: Wed, 17 Sep 2014 21:48:56 -0600

Message-ID: <006d01cfd2f3$79f6b150$6de413f0$@gmail.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

               boundary="----=_NextPart_000_006E_01CFD2C1.2F5D79D0"

X-Mailer: Microsoft Outlook 15.0

Thread-Index: AQHDJyvS03SDEpIFiHrLDEkd8AnvSZwfmJMA

Content-Language: en-us

Every time I try to modify the default Front End receive connector, I receive a warning that says:

error

The values that you specified for the Bindings and RemoteIPRanges parameters conflict with the settings on Receive connector "Server\Client Frontend Server". A Receive connector must have a unique combination of a local IP address, port bindings, and remote IP address ranges. Change at least one of these values.

I've been trying to figure this out for the last three weeks.  Any help would be greatly appreciated.

Increase Receive size of Mail-enabled Public Folder

September 18, 2014, 9:42 am
$
0
0

Public Folder Name (Publicfolder@domain.com)The recipient won't be able to receive this message because it's too large.The maximum message size that's allowed is 100 KB. This message is 14077 KB.

So I get this error when trying to send an attachment over 100KB...  All my mail rules are set to 100MB, even on the tab of the public folder it show's Max send and Max receive as 100MB.  (I'm wondering if there is a disconnect between PowerShell and ECP in this specific case (I've already proven in other cases there is) we're running Exchange 2013 CU3. (775.38)

I'm stuck... any ideas?

Viewing all 3660 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>