Quantcast
Channel: Exchange Previous Versions - Mail Flow and Secure Messaging forum
Viewing all 533 articles
Browse latest View live

Can an Exchange 2010 edge server replace my old windows 2003 iis smtp and also provide me opportunistic tls ?

April 24, 2015, 1:30 pm
$
0
0

Lets talk about my domain, for privacy sake, lets call it xyz.com

MX records: 
MX 10 points to public IP address 1 using Internet Provider 1 (This is NAT'ed with a DMZ based host1) (this is a Barracuda SPAM appliance)
MX 20 points to public IP address 2 using Internet Provider 2 (This is NAT'ed with a DMZ based host2) (this is a windows 2003 IIS SMTP)


The Barracuda usually gets all the emails
- then checks the AD by querying AD servers located in the private network for user validation
- then it checks for VIRUS/SPAM

The Windows 2003 box does ocassionally get some email
- it simply accepts emails for the domain xyz.com and forwards to a smart host (which is nothing but the barracuda box)
- The barracuda then does the user validation, virus and spam check.

Barracuda then sends the email to an exchange 2010 (all roles on 1 server) which is located in the private network.

When Exchange wants to send an outbound email to the Internet, it simply sends to a smarthost which is the same barracuda box.
Barracuda then checks for SPAM/VIRUS for that Internet bound email and sends it out.


Issue:
Recently we enabled TLS on the barracuda.
In doing so 2-3 things happened:
1. This allows the barracuda to accept emails from the Internet using TLS (if requested by sender).
   If the sender does not want to use TLS to send, barracuda still accepts the email in clear text.
2. Now the barracuda also uses TLS to send emails to our exchange.
3. Exchange also now uses TLS to send emails to barracuda
4. Barracuda now tries sends emails to Internet using TLS, if available, or else uses clear text.

As you can see its opportunistic TLS.
If its there it will use it.

However the Windows IIS box does not support TLS.
Even if I get a certificate and enable TLS, TLS is forced on all connections.
I dont want TLS to be forced, because I will miss a lot of emails.
Many of our clients may not be able to send emails.

I want the Windows IIS box to work like how the barracuda does, in matters of TLS.

Can I remove that Windows 2003 box and replace it with a Windows 2008 with Exchange 2010 edge server?
I dont want the edge server to talk to my AD for user validation.
I dont want the edge server to do any SPAM or VIRUS check (i am okay if it forces me to use that bit)
All I want from that edge server is to 
- accept emails from Internet for my domain
- allow inbound and outbound TLS (NO FORCING)
- and send that incoming email straight to the barracuda, which will do user validation and spam/virus checks.

As you can see i just want it as a better IIS SMTP replacement?
Can this be done?

Can someone guide me?
It will help me a lot.
Thanks in advance!


konkani



Search

how mail flow work in 2010 in details?

April 28, 2015, 10:15 am
$
0
0
how mail flow work in 2010 in details?

like when we send email then email went to outbox and store.exe scan the message and then submit it to submission queue. then categorizer come into picture..

like this full steps for mail flow in internal\external in exchange 2010?

Exchange system 2010 delay receiving mail from outside

April 25, 2015, 12:43 am
$
0
0

Hi Experts,

Recently, some users in my company reported that when a outside user (domain xxx@pmpc-pvc.com) send mails to our users, maybe have attachments or not, some of them were delayed for a half of day. For example, yesterday, customer send mail at 1:00pm but our user has received it at 4:00am today.

Before that, because our user reported that problem so i suggest her to require customer send mail to both our exchange system and a personal mail (yahoo mail). So today, our user said that she recieved mail in yahoo on time, but delaying in exchange. She sends/recieves with other users in my company and other customers ok.

My topo: Mailbox - ClientAccess/HubTransport - Fortimail - Internet.

I checked my fortimail and see that fortimail server also received mail at 4:00am.

I think that:

- If customer mail system has error. Why they still send mail to yahoo ok? They use promailserver.

- If our system has error. Why we still receive mails from other customers.

- I don't know if we have any problem with our physical connections but if that, we must have more reports than that (we only have 2 or 3 users reported delaying mail).

May anyone know the reason or have any advices for me in this case? Thanks in advanced.

Exchange 2003 mail delay

April 28, 2015, 2:46 am
$
0
0

Hi everyone

We had a message delayed via our Exchange 2003 server. I tracked the e-mail and found the following entries...

31/03/2015 11:32 Message transferred to through SMTP

27/04/2015 10:04 SMTP: Started Message Submission to Advanced Queue

Can anyone help explain why the e-mail was delayed?

Thanks

Simon

Shared Mailboxes in Outlook 2010, PKI encrypted emails.

April 29, 2015, 5:38 am
$
0
0

Hello all,

My agency has been having an issue with a public email box.  When we get emails from outside agencies, which are directed to digitally sign and encrypt the email..  we are unable to open due to the "Cannot open this item.  Your Digital ID name cannot be found in the underlying security system."

The sending agency policy is to send them encrypted, to a mailbox where there is no certificate because it is a shared public folder.  Are there any solutions other than having them email our team directly (which consist of hundreds of emails)?  We all have shared certificates with the users sending us emails to the public box several times.

I believe the issue to be that the public shared folder does not have a cert attached to it... the question is, how do I get around this problem?

Thanks,

--Scott

EdgeSync service cannot connect to this subscription because of error "No EdgeSync credentials were found for Edge transport server

April 27, 2015, 2:35 pm
$
0
0

When checking Edge Synchronization on our Exchange 2010 HUB server (Test-EdgeSynchronization) I get SyncStatus "Failed".  I suspect this failed after we had moved all of our Exchange 2010 servers (Except the Edge server which not member of any domain or site) to a new site.      In hopes to resolve this, I did the following:

  1. Removed the Edge Subscription from our HUB server using the EMC. 
  2. Deleted the cert used by ADAM on our Exchange 2010 Edge server (using the Certificates MMC).
  3. On the Exchange 2010 Edge server created a new Edge subscription file using: “New-EdgeSubscription –FileName "C:\EdgeSubscription20150424.XML"
  4. Restarted the "Microsoft Exchange ADAM" service on our Edge server.
  5. Copied the "EdgeSubscription20150424.XML" to our HUB server.  Then completed the New Edge subscription import on our HUB server using the MMC (specifying the AD site and location/name of the XML).

After this, I still get syncstatus failed on our HUB.   Thought to check the certificate using "Get-ExchangeCertificate | FL" but that results in:  "Get-ExchangeCertificate : The Exchange Certificate operation has failed with an exception.  The error message is: Access is denied".   I tried to create a new certificate on our HUB serve using "New-ExchangeCertificate", but get the exact same "Access is denied" error message again. 

I believe we never noticed that the Edge sync wasn't working because we only use our Edge server when our hardware email filter fails (Symantec Message Gateway).  Our Edge server has a lower priority in our MX record and lower priority in our send connectors on our HUB servers.  The Edge server though does receive email from internal email relay from some servers for notifications.  These do get delivered unless the user mailbox is new (suspect ADAM isn't updating - that's why I started looking into this).

This should be simple!   What am I missing???   Thanks in advance for any feedback.

PS - this is my first posting here.... I apologize if I posted this in the wrong forum or category.  :)

Exchange Transport Rule - Move inbox item to sent items

May 5, 2015, 8:25 am
$
0
0

Hi,

I was wondering if someone could tell me how to move an incoming email to the sent items folder, or if it is even possible with a exchange transport rule?

We use Mimecast which allows users to send emails from the Mimecast could and bcc themselves into the email. We use this as a backup mail system.

What I would like to do is move this email into their sent items so it appears like they sent it from Outlook. I couldn't see any option to move emails using the wizard, but I'm guessing there's a lot more functionality using EMS.

Thanks,

Dave

554 5.2.0 STOREDRV.Deliver.Exception:MessageSubmissionExceededException.MapiExceptionMaxSubmissionExceeded; Failed to process message due to a permanent exception with message

April 28, 2015, 8:40 am
$
0
0

Hi,

So far, only one user seems to have this problem.

When the server receive a message with around 20Megs attachment, we receive the following error massage:

USER@company.com
#554 5.2.0 STOREDRV.Deliver.Exception:MessageSubmissionExceededException.MapiExceptionMaxSubmissionExceeded; Failed to process message due to a permanent exception with message Impossible d'achever le traitement de remise. 16.55847:FD0C0000, 17.43559:000000009E020000000000000D00000000000000, 255.23226:00000000, 255.27962:0A000000, 255.27962:0E000000, 255.27962:0A000000, 255.27962:9E000000, 255.17082:DA040000, 0.18273:00000000, 4.21921:DA040000, 255.27962:FA000000, 255.1494:2C000000, 255.1238:13800000, 6.15604:0F0104800201520000800800, 6.14164:1DFAFFFF020151000F010480, 6.8660:0F010480020151000F010480, 0.18658:0300DD3F, 6.11956:0F010480020151000F010480, 6.15604:0F010480020151000F010480, 6.21970:0F010480B084A28040001900, 6.21970:0F010480020113100F010480, 1.64319:00280000, 1.39743:A84C0000, 4.45016:DA040000, 0.57304:0F010480, 4.5041:DA040000, 4.4465:DA040000, 4.6833:DA040000, 0.50217:0F010480, 4.5093:DA040000, 4.5318:DA040000, 4.10104:DA040000, 0.57449:0F010480, 4.6025:05000780, 4.5257:05000780, 4.4606:DA040000, 255.1750:00000000, 0.26849:00000000, 255.21817:DA040000 ##

-------------------

I have done some tests using always the same attachments (around 19Megs reported by Outlook):

From outside (gmail.com) to USER@company.com ->  fail

From outside (gmail.com) to Any-Other-USER@company.com ->  OK

Foward original message received from gmail byAny-Other-USER@company.com to USER@company.com -> fail

Foward original message received from gmailby Any-Other-USER@company.com  toAny-Other-USER@company.com -> OK

I have pushed the limits for the user account as follow: 

MaxSendSize              : 58.59 MB (61,440,000 bytes)
MaxReceiveSize           : 58.59 MB (61,440,000 bytes)
ProhibitSendReceiveQuota : 97.66 GB (104,857,600,000 bytes)

mailbox stats:

TotalItemSize      : 5.023 GB (5,393,778,739 bytes)
ItemCount          : 34804
StorageLimitStatus : BelowLimit

Running Small Business Server 2014 (Exchange 2010)

I have search the net  a lot and so far, didn't find anything worth.

Thank you for your help/idea

Have a nice day

Francois Cote

Search

Cannot send emails to external accounts

May 4, 2015, 7:07 am
$
0
0

Hi,

I have made an Exchange 2013 installation and although I can send emails to internal Exchange users, I cannot send or receive emails from external accounts (gmail, hotmail, etc).

The deployment consists of, one CAS server, one Mailbox server and an Edge server. The Edge server is located at the DMZ. I have exported the Edge subscription and installed it at the Mailbox role and the connectors have been created successfully but email traffic to the outside world cannot be send or received. The Edge server has one network card and is NATed to a public IP address. Also when i connect through telnet to the exchange server, I get an "220 **********" message instead of the mail server response name. I read somewhere that this is caused due to Cisco devices but I am not sure.

I have attached a pic that shows the EdgeSync - outbound send connectorAny ideas on why this does not work?I have opened the following ports to the firewall:

Internet ß–> EDGE Transport Server

SMTP Port 25

             EDGE Transport Serverß–>Intranet

           SMTP Port 25 and 2525 – Mailflow

           DNS TCP/UDP – 53 – DNS Resolution

           RDP TCP 3389 – Remote Desktop

           LDAP – 50389 – locally to bind to the AD LDS instance – There is no need to open this port on perimeter firewall.

           Secure LDAP – 50636 – Directory synchronization from Mailbox servers to AD LDS

Thanks in advance,

Argi

Pop-up's

May 4, 2015, 3:17 am
$
0
0
I need to block pop-up's and clean my pc

Blacklisted by MSN / Hotmail Live - Emails not delivered - 550 SC-001

May 12, 2015, 5:19 am
$
0
0

We are having a problem with our email not being delivered to MSN / Hotmail / Live accounts. Following is the error I am receiving in the automated reply from MSN server.

SMTP error from remote mail server after MAIL FROM:<xxxxxx@xxxxxx.com> SIZE=3031:
   host mx2.hotmail.com [65.54.188.72]: 550 SC-001 (BAY004-MC1F21) Unfortunately, messages from 198.154.247.42 weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors.

I browsed through the contact page of microsoft but none of them lead to an actual contact form.

I also contacted microsoft on +44(0)344 800 2400 but again that doesn't have an option for my query.

What can I do to get my IP Whitelisted?

We host our own email server and have no issues sending out emails to any of our customers except for customers with accounts with hotmail.com, msn.com and live.com.

Here is the response from HELO

This is an SMTP protocol error log for virtual server ID 1, connection #120. The remote host "65.55.37.88", responded to the SMTP command "mail" with "550 SC-001 (COL0-MC2-F42) Unfortunately, messages from our domain IP weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors.  ". The full command sent was "MAIL FROM:<Sue@grahamcstores.com> SIZE=63950  ".  This will probably cause the connection to fail.

For more information, click http://www.microsoft.com/contentredirect.asp.

I have contacted our ISP "Comcast" and they said we are not globally blacklisted so there should not be an issue with sending email to hotmail.

This started happening last Wednesday! I need this resolved today!

SMTP Server Email Count Infomration Window Server 2003

May 18, 2015, 9:03 pm
$
0
0

Hi All ,

I have Win 2003 R2 standard Edition and SMTP server Configured on IIS 6.0 ,

I need to how many Emails was sent by SMTP server last month ? Is there any way to check that ?

Many Thanks

Acceptmessagesonly from multiple users

May 20, 2015, 8:37 pm
$
0
0

Hi,

I have a DL and i want to add multiple users in Acceptmessagesonlyfrom. I have saved the mutiple users in .txt.  Is there a command to do that ?

how to unlist my ip from microsoft?

May 21, 2015, 2:11 am
$
0
0
How to unlist my ip from microsoft? Do i send them an email?

Spam filtering preventing legitimate mails getting through - trying to find source of filter.

May 22, 2015, 2:43 am
$
0
0

We have an exchange 2010 server with forefront protection for exchange installed and are having problems with certain legitimate emails not being downloaded.

I can see in by logging onto Horde on our hosting company that some emails are not being downloaded usually spam, but occasionally legitimate emails from clients and not being downloaded. These clients are not always being blocked so something in those particular emails are causing them to be marked as spam. I have added them to the whitelist in forefront, because the dns of mail.mycompany.com is pointing to our exchange server the hosting company say that their email spam filters are not in effect. So I'm hoping someone can help direct me to what else might be blocking emails from being downloaded or somehow allowing ALL emails to be downloaded and letting forefront deal with the filtering.

Thanks.

Search

Received E-mail content (body) repeating/duplicating

May 22, 2015, 3:13 am
$
0
0

Hello all

  having some issues with our emails lately. every once in a while, an e-mail reply i get seems to get its content duplicated one over the other a few hundred times and enlarges the size of the e-mail to an extent where it is impossible to open sometimes. exchange 2003. I have not seen this as much but the issue is getting more and more frequent. for example i sent a simploe hello e-mail, but the reply message i get has its body repeating over and over to an extend where the reply emails is almost 30MB.

please help

thnx

V.

Exchange Certificate Renewal with SHA1 to SHA2

May 22, 2015, 8:19 am
$
0
0

Hi, 

I have GODaddy certificate which is about to expire. Someone in my organization generated the certificate from GoDaddy and i have 2 certificate files now. I follow instructions and request new certificate from Exchange. So i am at stage where it is saying COMPLETE PENDING REQUEST. I tried to provide the certificate there, it is successfull but i am still seeing pending request message. I tried from EMS, Import was fine but when i enable certificate it says private key missing although private key should be on server where i generated request. 

The thing is that i don't know who generated certificate from GoDaddy, i have the certificate now. But there was no pending request on server so i had to initiate one. So i am using certificate which was generated by someone else and there was no pending request on server. 

Also, the old certificate is SHA1 and the new certificate is SHA2. How should i go from here? Should i regenerate a CSR and request new certificate from GoDaddy. I even tried to re-key with new CSR but it doesn't help either. 

Hasan

Exchange 2010 contacts not forwarding gmail meeting requests

May 26, 2015, 4:11 am
$
0
0

Hi,

We're working on an Exchange 2010 to gmail migration and  noticed some odd behaviour with meeting requests and responses between Google and Exchange, I’m wondering if anyone has seen this behaviour before, the problem can be summarised as below:

 -When a user (let’s say user A) who has migrated to Gmail (has a contact setup in Exchange for the equivalent @gtarget.domain.com account) schedules a meeting in Outlook and sends that meeting to another user who has migrated to Gmail (let’s say user B who also has an Exchange contact).

-If user B accepts the meeting request in gmail (not Outlook\Exchange) user A does not receive a meeting response.

- If user A repeats the first meeting request and sends it to a generic gmail account, i.e. someone@gmail.com, user A again does not receive the meeting response.

 This seems to be happening a narrow set of circumstances affecting users with contacts setup using Outlook to schedule meetings with other gmail users. 

 In addition troubleshooting this is tricky as the calendar responses do not appear in the gmail sent items.

Has anyone seen this behaviour before?

Thanks 

IT Support/Everything

Splitting 2 mail domains now unable to send to the removed domain space from the original

May 25, 2015, 6:57 pm
$
0
0

Hi all,

I have recently split 2 companies who were sharing the same server for a long time, lets call them abc.com and xyz.com

Original scenario -

mail.abc.com had an additional authoritative domain name in the accepted domains called xyz.com

Company xyz.com have now got their own email server on their own public IP address so I have deleted the accepted domain xyz.com from abc.com's Exchange 2007 server but now no-one at abc.com can send emails to xyz.com. When I try it I am now getting

#554 5.4.4 SMTPSEND.DNS.MxLoopback; DNS records for this domain are configured in a loop ##

I am able to telnet by MX record name from abc.com's mail server to xyz.com's email server so I am pretty sure that the DNS settings are correct but when I try sending an email from Outlook on the terminal server that is the error I am getting. All the Exchange services (except the store) have been restarted, the only thing I have not been able to do is restart the whole server (it's SBS 2008 so running everything on their domain, this would have to be done out of hours).

Anyone able to shed some light on this?

Odd SMTP issue

May 19, 2015, 1:24 pm
$
0
0

I have 2 Cisco UCS environments on the same subnet; call it 10.10.0.x...so a firewall is likely not the problem.  The UCS sends out emails using a function called 'CallHome' when there are issues so I've attached each environment to the same SMTP host [an Exchange 2010 server].

My problem is that one UCS sends emails perfectly while the other fails with;

"problem in transporting the message Error in transporting email message for CiscoTAC-1 SMTPclient: sockfd opened...:5  SMTPclient: smtp2.XXXXXXX.com --> 421 4.3.2 Service not available^M  SMTPclient: unexpected reply: 421 4.3.2 Service not available^M".  

I've verified that the Exchange server lists all the necessary IPs allowed to send email via that server/SMTP host.  Both Cisco and my Exchange guys are stumped.  HELP!!!

----- Michael W. Oehlert, Network Engineer, GIS


Viewing all 533 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>