Hi,

Is it possible to block users that have full mailbox access from opening/reading IRM protected email in the mailbox they have access to?

Celtic

Hi,

Is there any way to disable Duplicate Message Detection?

I have a user that modified a meeting request that was initially sent by her boss.  She has rights to her boss' calendar.  After modifying the meeting request, she received the following undeliverable.  Any idea where to start troubleshooting? 

Thanks

Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept email from certain senders, or another restriction may be preventing delivery.<o:p></o:p>

"domain name" gave this error:
Command not allowed <o:p></o:p>

I have seen some threads about exception in transport rules not working. I have Exchange 2010 and now migrating mailboxes to Exchange 2013. I have a rule running with exceptions but the same rule now does not work on the mailboxes I have migrated to Exc 2013. So I decided to create a similar rule in EAC but still the exception does not. Is this kind of bug or what. Actually what I have done is created a rule to append the Disclaimer in the emails sent, but when an internal user receives the email and replies, it should not append the email again, and this has and is working with my users still in Exchange 2010 mailboxes.

Dear Exchange Server Expert,

I am being requested to create a rule that will only allow that specific internal mailbox to be able to receive email from certain external domain email addresses. For instance, my company is hhh.com and that specified email address istest@hhh.com. now I want to create a rule at exchange server that this mailbox is only able to receive email from jjj.com domain email addresses. what transport rule should I configured? I know it should be under the transport rule, but what conditions that should I configured.  Please advise.

FYI, our exchange server is actually Exchange Server 2010 SP1.

Thanks so much.

Regards,

H

Hi everyone,
I'm trying to manage a large whitelist of more than 160 domains of our customers.

I think that i read somewhere that there is a limit of 100 entries.

I did this for each domain:      Set-ContentFilterConfig -BypassedSenderDomains domain.com

and now, after a week, i found some SPAM of one of the whitelisted domains.

Someone knows an explanation for that?

how can we get the whole whitelist?

Thank you very much in advance.

Our agency currently uses MS Exchange Server 2007 on-site and we recently migrated over to Office 365 Pro Plus. Our current encryption is TLS for internal e-mails, and for external, we use Sophos with 'encrypt' in '[]" . With the intent to migrate our exchange server to be at version 2013 on-site, we were hoping to have the following: 

internal and external email containing Protected Health Information (PHI) be encrypted to a FIPS 140-2 standard, minimum 128 bit, possibly 256 bit. Also, other counties and government agencies have solutions that will automatically encrypt emails with any string of over 5 digits, formatted like an SSN (xxx-xx-xxxx), or with trigger words “ePHI”, “PHI”, “Secure”, or “confidential”.

Is this possible with 2013 or are we in the realm of exploring 3rd party solutions to obtain this level of security/encryption ?

Exchange 2010 latest service pack and rollup. I would like to grab metrics on how many emails that are sent that are encrypted. I see that in Exchange 2003 this was possible, but don't see the same information in 2010.

Exchange 2003 info:https://support.microsoft.com/kb/246965?wa=wsignin1.0

hi everyone,

We are running Exchange 2013 in a multi-tenant environment. I want to know if it is possible, for each tenant's domain, can I allocate a different IP (internal) for both send and receive connector that is different than the IP of Exchange server?

My plan is to allocate a public IP for each tenant, and NAT to different Internal IP, associate with the corresponded send and receive connector.

Is that even a possible option to do?

Thank everyone!

Hieu

we have applied DLP policy its working fine but only issue when reply this message : From: Microsoft Outlook

how to change default : from Microsoft Outlook

Sent to scope Outside the organizatin
Add condition
Apply this rule if recipient is located outsit the organization
the message contains sensitive information 
Do the following 
Generate incident report and send it to salected group or DL its working fine,

when i received this notification from field show  From: Microsoft Outlook how can change it,

From: Microsoft Outlook how to change or customize From field and add any other reciepent or admin

Please suggest any way is possible or not ,

When i trace this message : sender id address  show <> 

 I think this is Sender Policy Framework (SPF) how change for DLP only,

Hi All,

1, we are facing issue between mail routing between two  AD site normal mail routed via AD site Link but when put an attachment it stuck in to site queue.

we have two AD site Site "A" has exchange 2007 SP-3 and Site "B" has exchange 2010 SP-3.

2, when we are migrating 2007 user's mailbox 2010 after mailbox migration user get a popup " Administrator has made  some changes ......................." after this when user restart his outlook client user can not connected as his mail server settings are still older.

this is working properly for sites having Exchange, rest 2 sites not having any exchange, there we are getting this issue.

Please help.......

Thank You

Vinod

Vinod Kumar Dhiman

Dear Community,

We have an on-prem exchange 2013 server and an office 365 account which is completly standalone.

Whilst the office 365 account is standalone, it does feature the email address we use for on-prem (Ie. the domain name in office 365 account is not active for any office 365 services however has passed ownership verification thus it's just sitting there)

We DON'T use EOP nor do we have any connector rules on our on-prem system that go to office 365 however when I randomly went into the 'Message Flow Trace' section in our office 365 account, there is recorded outbound mail which was sent from our On-prem server.

The ONLY mail that was recorded in the message Trace in Office 365 was emails we had sent from On-prem to other office 365 accounts (For example btconnect.com, and some of our clients whom also use office 365) .

How is office 365 picking up mail we've sent from our On-Prem server? Is there integration out of the box in exchange 2013 which auto interfaces with office 365? What on earth has happened here?

I'm really confused.

-------- For troubleshooting purposes...

Headers in the email which arrived in my personal office 365 account from the ON-PREM SERVER

Received: from AMSPR05MB065.eurprd05.prod.outlook.com (10.242.89.142) by

DBXPR05MB079.eurprd05.prod.outlook.com (10.242.138.22) with Microsoft SMTP

Server (TLS) id 15.1.93.16 via Mailbox Transport; Thu, 5 Mar 2015 16:16:31

+0000

Received: from DBXPR05CA0014.eurprd05.prod.outlook.com (10.255.178.14) by

AMSPR05MB065.eurprd05.prod.outlook.com (10.242.89.142) with Microsoft SMTP

Server (TLS) id 15.1.99.14; Thu, 5 Mar 2015 16:16:30 +0000

Received: from DB3FFO11FD028.protection.gbl (2a01:111:f400:7e04::145) by

DBXPR05CA0014.outlook.office365.com (2a01:111:e400:9434::14) with Microsoft

SMTP Server (TLS) id 15.1.106.15 via Frontend Transport; Thu, 5 Mar 2015

16:16:29 +0000

Received: from emea01-am1-obe.outbound.protection.outlook.com (157.56.112.128)

by DB3FFO11FD028.mail.protection.outlook.com (10.47.217.59) with Microsoft

SMTP Server (TLS) id 15.1.99.6 via Frontend Transport; Thu, 5 Mar 2015

16:16:28 +0000

Received: from DB4PR04CA0010.eurprd04.prod.outlook.com (25.160.41.20) by

DB3PR04MB236.eurprd04.prod.outlook.com (10.242.130.24) with Microsoft SMTP

Server (TLS) id 15.1.99.14; Thu, 5 Mar 2015 16:16:26 +0000

Received: from DB3FFO11FD040.protection.gbl (2a01:111:f400:7e04::184) by

DB4PR04CA0010.outlook.office365.com (2a01:111:e400:9852::20) with Microsoft

SMTP Server (TLS) id 15.1.106.15 via Frontend Transport; Thu, 5 Mar 2015

16:16:26 +0000

Received: from mail.localdomainhere (<IP OF OUR ON-PREM SERVER GOES HERE>) by

DB3FFO11FD040.mail.protection.outlook.com (10.47.217.71) with Microsoft SMTP

Server (TLS) id 15.1.99.6 via Frontend Transport; Thu, 5 Mar 2015 16:16:25

+0000

Received: from INT-EX-01.localdomainhere (192.168.142.20) by

INT-EX-01.localdomainhere (192.168.142.20) with Microsoft SMTP Server (TLS) id

15.0.913.22; Thu, 5 Mar 2015 16:15:55 +0000

Received: from INT-EX-01.localdomainhere ([fe80::aca4:88cf:3eaf:57dc]) by

INT-EX-01.localdomainhere ([fe80::aca4:88cf:3eaf:57dc%12]) with mapi id

15.00.0913.011; Thu, 5 Mar 2015 16:15:55 +0000

From: Jake Ives <Jake.Ives@domain.com>

To: Jake Ives <jake@ives.gb.net>

Subject: Test01

Thread-Topic: Test01

Thread-Index: AdBXX6dyI5u99OGoSKmXroKKyMA3Tg==

Date: Thu, 5 Mar 2015 16:15:54 +0000

Message-ID: <081f834d85b7436193fa887613b9dac7@INT-EX-01.localdomainhere>

Accept-Language: en-US, en-GB

Content-Language: en-US

X-MS-Has-Attach: yes

X-MS-TNEF-Correlator:

x-originating-ip: [192.168.142.73]

Content-Type: multipart/related;

            boundary="_004_081f834d85b7436193fa887613b9dac7INTEX01localdomainhere_";

            type="multipart/alternative"

MIME-Version: 1.0

Return-Path: jake.ives@domain.com

X-EOPAttributedMessage: 1

Received-SPF: Pass (protection.outlook.com: domain of domain.com

designates <IP OF ONPREM SERVER HERE> as permitted sender)

receiver=protection.outlook.com; client-ip=<IP OF OUR ON-PREM SERVER GOES HERE;

helo=mail.domain.co.uk;

Authentication-Results: spf=pass (sender IP is <IP OF OUR ON-PREM SERVER GOES HERE>)

smtp.mailfrom=Jake.Ives@DOMAIN.co.uk; ives.gb.net; dkim=none (message not

signed) header.d=none;ives.gb.net; dkim=none (message not signed)

header.d=none;ives.gb.net; dmarc=none action=none header.from=domain.com;

X-Forefront-Antispam-Report-Untrusted: CIP:<IP OF ON PREM SERVER HERE>;CTRY:GB;IPV:NLI;EFV:NLI;BMV:0;SFV:NSPM;SFS:(10019020)(438002)(189002)(199003)(71364002)(87936001)(2656002)(98436002)(92726002)(102836002)(108616004)(19625215002)(19618635001)(512954002)(92566002)(229853001)(107886001)(66926002)(18206015028)(84326002)(16796002)(19300405004)(450100001)(19580395003)(2900100001)(77156002)(15974865002)(62966003)(5250100002)(5310100001)(99936001)(15395725005)(16236675004)(110136001)(17760045003)(67866002)(86362001)(19617315012)(19627595001)(15975445007)(19580405001)(54356999)(22756005)(50986999)(6806004)(46102003)(74482002)(106466001)(33646002)(7099025)(24736002)(15669805003);DIR:OUT;SFP:1102;SCL:1;SRVR:DB3PR04MB236;H:mail.domain.co.uk;FPR:;SPF:Pass;MLV:ovrnspm;MX:1;A:1;PTR:mail.domain.co.uk;LANG:en;

X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB3PR04MB236;UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AMSPR05MB065;

X-Microsoft-Antispam-PRVS: <DB3PR04MB2361563F5226475182B0CCD8C1F0@DB3PR04MB236.eurprd04.prod.outlook.com>

X-Exchange-Antispam-Report-Test: UriScan:;UriScan:;

X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(5001007)(5005006);SRVR:DB3PR04MB236;BCL:0;PCL:0;RULEID:;SRVR:DB3PR04MB236;BCL:0;PCL:0;RULEID:(601004);SRVR:AMSPR05MB065;BCL:0;PCL:0;RULEID:;SRVR:AMSPR05MB065;

X-Forefront-PRVS: 05066DEDBB

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR04MB236

X-MS-Exchange-Organization-MessageDirectionality: Incoming

Received-SPF: Fail (protection.outlook.com: domain of domain.com does not

designate 157.56.112.128 as permitted sender)

receiver=protection.outlook.com; client-ip=157.56.112.128;

helo=emea01-am1-obe.outbound.protection.outlook.com;

Authentication-Results: spf=fail (sender IP is 157.56.112.128)

smtp.mailfrom=jake.ives@DOMAIN.co.uk;

X-Forefront-Antispam-Report: CIP:157.56.112.128;CTRY:US;IPV:NLI;IPV:NLI;EFV:NLI;SFV:NSPM;SFS:(339900001)(489007)(189002)(71364002)(199003)(102836002)(92726002)(15975445007)(92566002)(17760045003)(62966003)(106466001)(15395725005)(16236675004)(77156002)(110136001)(107886001)(450100001)(5310100001)(229853001)(22756005)(98436002)(2900100001)(5250100002)(19625215002)(66926002)(99936001)(33646002)(15974865002)(19617315012)(19627595001)(67866002)(54356999)(108616004)(19300405004)(19618635001)(87836001)(2656002)(18206015028)(85426001)(512954002)(86362001)(6806004)(46102003)(74482002)(84326002)(19580395003)(50986999)(19580405001)(7099025)(24736002)(15669805003);DIR:INB;SFP:;SCL:1;SRVR:AMSPR05MB065;H:emea01-am1-obe.outbound.protection.outlook.com;FPR:;SPF:Fail;MLV:ovrnspm;MX:1;A:1;PTR:mail-am1on0128.outbound.protection.outlook.com;LANG:en;

X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB3FFO11FD028.protection.gbl

X-MS-Exchange-Transport-CrossTenantHeadersPromoted: DB3FFO11FD028.protection.gbl

X-MS-Exchange-Organization-Network-Message-Id: 927151e3-02c4-4c46-5539-08d22576df82

X-MS-Exchange-Organization-AVStamp-Service: 1.0

X-MS-Exchange-Organization-SCL: 1

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Mar 2015 16:16:28.9728

(UTC)

X-MS-Exchange-CrossTenant-Id: cd52bfe2-da2e-446d-b8f1-e78db861d489

X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bfa61dad-1543-4f3b-8075-03498e9f4fcb;Ip=[IP OF ON PREM SERVER HERE]

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: AMSPR05MB065

X-MS-Exchange-Organization-AuthSource: DB3FFO11FD028.protection.gbl

X-MS-Exchange-Organization-AuthAs: Anonymous

X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.5565465

We recently moved our users to new Exchange servers and have been seeing intermittent bouncebacks after going through our relay provider. We're not on any blacklists, nor blocked by external recipients SPAM provider. Our relay provider is having trouble figuring out why this is happening. Some intermittent bounceback examples:

- user reply's to external recipient message and gets bounceback

- users sends a single email with multiple recipients in the same domain and gets a bounceback from one of the users

- user gets bounceback from an external user he has mailed successfully many times before (and even within the hour)

Running Exchange 2010 SP3 RU8. All mail flows from the same IP and configuration (we moved from physical servers to virtual but the virtual have new name and IP). We're setup correctly with our Relay with login and have updated our SPF record. 99.99% of external mail goes through fine. I can see our message gets handed to our relay provider. 

Any suggestions or ideas on what to look at appreciated.

I have implemented an Edge Transport Server; but I think there is a lot of setup guidance missing from documentation.

From what I can tell, many of the Anti-SPAM agents use RBL's to contribute to their processing, not just the connection filter.

There does not seem to be any guidance on which RBL's to implement.  It seems logical to me that with this Server Role; and the dependency on these DNS databases (RBL's); compiled with each RBL's connection policies, and limits; that Microsoft would have a deployment guide on using a Microsoft housed DNS Server via DNS Server Conditional Forwarding; or something internal to the Edge Transport Role to ensure reliable access to RBL's for processing.

In Forefront for Exchange 2010; many RBL's were included in the product; and had from my testing built-in access to the RBL's absent from a dependency on internal DNS Servers.

If you need specifics, Google Public DNS does not resolve zen.spamhaus.org (the largest).  dnsbl.invaluement.com is not publically accessible, dnsbl.sorbs.net and b.barracudacentral.org are not resolvable from my ISP's DNS Server, my primary DNS forwarder.

Seems logical to me that the Exchange 2013 SP1 Edge Transport Role's Anti-SPAM Agents should somehow use a Microsoft DNS Server to resolve all the DNSBL's that Microsoft uses in it's Cloud/EOP services.

Technology Administrator Erie County (Career and) Technical School.

Hello everybody,

after migration from exchange 2003 to exchange 2010, I see a new folder created automatically on my outlook, it names "Top of information store ". All my new emails come into this folder, all my sent items are in "deleted items" folder,... I want to have my outlook back to the normal arrangement. Please someone can help me to fix this problem. Many users have this same problem. I think that I will find a solution in this forum.

Thank you 

Have an exchange 2013 CU7 setup with the anti-spam stuff turned on and i was looking at the get-transportService output today when i saw 'AntispamUpdatesEnabled' was set to false. How do i turn that to true / can i turn it to true? I have gotten the impression that the spam updates come down with the malware updates but its not clearly stated anywhere i have seen. set-transportservice doesnt seem to provide a way of setting it, the command 'Enable-AntispamUpdates' tells me that is has been deprecated. So... how do i set that value.

thanks

tim

hi,

I'm not enjoying Exch2013, the lack of a "proper" admin console is a pain and I'm having trouble getting the required diagnostic/tracking information out of PShell to fix my problem.

I've installed Exch2013 RC1 on a new 2012r2 Domain, the install went OK and there were no obvious issues however internal email's wouldn't deliver, they appear in Sent Items but aren't received in the internal rcpt's inbox.

while trying to fix the problem, I installed ExchCU7 and bingo everything sprang to life and mail was working, inbound/outbound & internally - so I assumed the service pack/update had fixed it but the next day I rebooted the server and to my horror, I'm back where I started - no mail flow.

One single test message which I sent outbound using the Web mail, rather than Outlook did arrive but hours after I sent it?  confused.com

this is running on a HV-2012r2 as a VM, with a dedicated Nic and plenty of Fixed VD storage.

Any help/advice would be greatly appreciated.

I'm very close to removing Exch2013 and re-installing but I worry this would cause more issues.

Thanks Iain

At our site we had this problem before we upgraded to Exchange 2013 CU6 after was installed problem was fixed.  About one month ago we applied some Windows Updates to the Exchange Farm 1 CAS Server, 2 Mailbox Server running in a DAG, all servers are Windows 2012.  After the windows updates were applied the Remote Server returned '532 5.3.2 STOREDRV.Deliver; Missing or bad StoreDriver MDB properties'Remote. error has come back.  Is there a known issue with a windows update that would cause this?  Would upgrading to CU7 fix the issue again?

I am running Exchange 2010 on-prem with a 2013 Hybrid (including a 2013 Edge Transport server for message handling between on-prem and the o365 tenant) connecting to an o365 tenant. I use EMC's SourceOne for archiving running on-prem. The o365 tenant points to a mailbox on my on-prem Journaling server.

What I am seeing is that when o365 forwards emails as attachments from the cloud back to the on-prem Journaling server it is examining the subject line of the message and making a decision to strip the attachment based upon the very end of the subject line.

Example: A simple text message with a subject line of: "Check out the new web site at www.xyz.com"

The Edge transport server is seeing this as being a ".com" attachment and stripping it off before it gets to the Journaling server. So it does not appear to be looking inside the message to see what it actually is and figure out that it is not a ".com" file but a simple text message.

I have seen this with other file extension types as well. Such as ".exe" . It is also stripping off ".zip" attachments as well, but I understand that and not sure how to deal with it.

Has anyone else experienced this and how have you dealt with it? Microsoft wants me to take the Edge out of play and go directly to from the cloud to an on-prem Exchange server. But that is not an option as the on-prem servers are not exposed to the internet.

Thanks, Bob