I have a fresh install of 2 2013 servers  Front CAS and Back MBX role coexistent with 2007.

It was working fine until this weekend when we moved the DNS names to 2013. Meaning we moved owa/ol etc site names in DNS  and adjusted the virtual directories on both 2007 to legacy.xxx.com and mail.xx.com to the new 2013.

What now is happening is the 2 services "microsoft Exchange mailbox transport submission and microsoft exchange mailbox transport delivery services are not starting.. The only error i get is the standard "the service did not respond to the start or control request in a timely fashion."e

Its preventing any 2013 mialbox from send/recieve.  

I have checked and IPv6 is ON, the connectors are scoped ONLY to the IPv4 address. The MBX server is configured with internal/external DNS and the send connector is using external DNS.  I found that here http://social.technet.microsoft.com/Forums/exchange/en-US/26cc797d-6a40-4e18-bdb9-0e0387a12da1/the-microsoft-exchange-mailbox-transport-submission-service-terminated-unexpectedly 

Need help resolving this as its preventing moving anymailboxes to it.. All other services are working OWA proxy to 2007 etc and mail flow to and from 2007 are all working..

Thanks, Grady Vogt

Hi all,

I've got an issue with Exchange 2007 and an Exchange Online mail service (Office365). I was pointed here for additional assistance. The issue is Exchange 2007 users cannot mail Office365 users. I have verified it's not on the Office365 end as I can send and receive emails from other services such as Google Mail.

Background:

We have 3 domains, I'll name them as colors to distinguish them and for privacy reasons. Here's the list with their purpose:

• white.local.lan - internal domain
  
• red.com - Faculty Email Domain (Exchange 2007) and Website Domain
  
• blue.com - Students Email Domain (Exchange Online via Office365)

We have created a UPN suffix of blue.com in order to match them with the Office365 domain. All students are assigned this suffix. We have created records in the proxyAddresses attribute of Active Directory for the purpose of DirSync via Forefront Identity Manager. This is working well.

Every time we send an email to an address in the proxyAddresses attribute we get bounce messages as follows:

Delivery has failed to these recipients or distribution lists:

{EMAIL ADDRESS}

There's a problem with the recipient's mailbox. Microsoft Exchange will not try to redeliver this message for you. Please try resending this message, or provide the following diagnostic text to your system administrator.

_____

Sent by Microsoft Exchange Server 2007 

Diagnostic information for administrators:

Generating server: {INTERNAL EXCHANGE SERVER}

{EMAIL ADDRESS}

#550 5.2.0 RESOLVER.ADR.BadPrimary; recipient primary SMTP address is missing or invalid ##

We have set up the following in Exchange 2007:

[Organization Configuration] -> [Accepted Domains]

Accepted Domain: blue.com
Default: False
After MSEXCH Accepts: External Relay Domain

[Organization Configuration] -> [Send Connectors]

GENERAL
Protocol Logging Level: None
Specify the FQDN this connector will provide in response to HELO or EHLO:<blank>
Max Message Size (KB): 10240

ADDRESS SPACE
Type: SMTP
Address: blue.com
Cost: 1
Scoped Send Connector: unchecked / no

NETWORK
Select how to send mail with this connector: Use domain name system (DNS) "MX" records to route mail automatically
Enable Domain Security (Mutual Auth TLS): unchecked / no
Use the External DNS Lookup Settings on the transport server: checked / yes

SOURCE SERVER
Name:<Exchange Hostname>
Site: <Site Name>
Role: Mailbox, Client Access, Hub Transport

Hi there,

I am struggling with understanding security implication of the anonymous permission on the default receive connector. I am looking for a steer in the right direction:)

I have exchange 2010 SP3 stand alone server with hub transport behind a firewall (no edge). We do have a 3rd party service (spam filter) that relays clean emails to our exchange server.

Currently i have a default setup receive connector that is configured to receive emails for any IP and a rule in the firewall to relay traffic on port 25 to the exchange server.

Recently i came to realization that all of my internal devices such as multi functional printers, UPS, NAS, etc are able to send notification emails to me without any authentication involved. That would mean, if say a virus hit any of my client computers, it would have a green light to spam everyone internally or externally without much effort!

Is this correct?

Obviously, if i uncheck anonymous permission in default receive connector, my server won't be able to receive anything at all.

Are there any best practices to secure this flaw? limit which anonymous INTERNAL devices can use my exchange as a relay? how about External anonymous clients, is it a concern?

#554 5.4.4 SMTPSEND.DNS.NonExistentDomain; nonexistent domain ##<o:p></o:p>

Original message headers:<o:p></o:p>

Received: from HPSERVER.STINDIA.COM (192.168.0.200) by HPSERVER.STINDIA.COM<o:p></o:p>

 (192.168.0.200) with Microsoft SMTP Server (TLS) id 15.0.516.32; Thu, 22 Aug<o:p></o:p>

 2013 13:22:31 +0530<o:p></o:p>

Received: from HPSERVER.STINDIA.COM (192.168.0.200) by HPSERVER.STINDIA.COM<o:p></o:p>

 (192.168.0.200) with Microsoft SMTP Server id 15.0.516.32 via Frontend<o:p></o:p>

 Transport; Thu, 22 Aug 2013 13:22:24 +0530<o:p></o:p>

Received: from 203.201.252.2 ([203.201.252.2])       by HPSERVER.STINDIA.COM<o:p></o:p>

 (HPSERVER.STINDIA.COM)        (MDaemon PRO v13.0.0)  with MultiPOP id<o:p></o:p>

 md50000007628.msg     for <>; Thu, 22 Aug 2013 13:19:27 +0530<o:p></o:p>

X-Spam-Processed: HPSERVER.STINDIA.COM, Thu, 22 Aug 2013 13:19:27 +0530     (not<o:p></o:p>

 processed: domain stindia.co.in is excluded from spam filtering)<o:p></o:p>

X-MDMultiPOP: <o:p></o:p>

X-Rcpt-To: <o:p></o:p>

X-MDRcpt-To: <o:p></o:p>

X-MDRemoteIP: 203.201.252.2<o:p></o:p>

X-Envelope-From: <o:p></o:p>

Received: from in.outbound.mailhostbox.com ([115.114.58.25]) by<o:p></o:p>

 rapidwebdns.com with MailEnable ESMTP; Thu, 22 Aug 2013 13:18:06 +0530<o:p></o:p>

Received: from kamlesh (static-mum-59.181.158.178.mtnl.net.in<o:p></o:p>

 [59.181.158.178])     (Authenticated sender:      by<o:p></o:p>

 in.outbound.mailhostbox.com (Postfix) with ESMTPA id 91D5D1680260   for<o:p></o:p>

<>; Thu, 22 Aug 2013 07:48:19 +0000 (GMT)<o:p></o:p>

Message-ID: <o:p></o:p>

Reply-To: "Steel Tubes India - Kamlesh D. Jain" <o:p></o:p>

From: "Steel Tubes India - Kamlesh D. Jain" <o:p></o:p>

To: "Steel Tubes [India] - Sales" <<o:p></o:p>

Subject: EMAL<o:p></o:p>

Date: Thu, 22 Aug 2013 13:18:53 +0530<o:p></o:p>

Organization: Steel Tubes India - Kamlesh D. Jain<o:p></o:p>

MIME-Version: 1.0<o:p></o:p>

Content-Type: multipart/mixed;<o:p></o:p>

        boundary="----=_NextPart_000_00FC_01CE9F3A.25E61BC0"<o:p></o:p>

X-Priority: 3<o:p></o:p>

X-MSMail-Priority: Normal<o:p></o:p>

Importance: Normal<o:p></o:p>

X-Mailer: Microsoft Windows Live Mail 15.4.3555.308<o:p></o:p>

Disposition-Notification-To: "Steel Tubes India - Kamlesh D. Jain"<o:p></o:p>

      <o:p></o:p>

X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3555.308<o:p></o:p>

X-CTCH-RefID: str=0001.0A0C0207.5215C244.0108,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0<o:p></o:p>

X-CTCH-VOD: Unknown<o:p></o:p>

X-CTCH-Spam: Unknown<o:p></o:p>

X-CTCH-Score: 0.000<o:p></o:p>

X-CTCH-Rules:<o:p></o:p>

X-CTCH-Flags: 0<o:p></o:p>

X-CTCH-ScoreCust: 0.000<o:p></o:p>

X-CTCH-SenderID: <o:p></o:p>

X-CTCH-SenderID-TotalMessages: 1<o:p></o:p>

X-CTCH-SenderID-TotalSpam: 0<o:p></o:p>

X-CTCH-SenderID-TotalSuspected: 0<o:p></o:p>

X-CTCH-SenderID-TotalBulk: 0<o:p></o:p>

X-CTCH-SenderID-TotalConfirmed: 0<o:p></o:p>

X-CTCH-SenderID-TotalRecipients: 0<o:p></o:p>

X-CTCH-SenderID-TotalVirus: 0<o:p></o:p>

X-CTCH-SenderID-BlueWhiteFlag: 0<o:p></o:p>

X-ME-Bayesian: 15.583860<o:p></o:p>

X-MDRedirect: 1<o:p></o:p>

X-MDRedirect_From:<o:p></o:p>

X-Return-Path:<o:p></o:p>

X-MDaemon-Deliver-To: <o:p></o:p>

Return-Path: <o:p></o:p>

Greetings everyone,

First, my apologies for posting a 2003 question in a 2013 forum, but the categories provided are 2013-only.

I have a standalone Windows 2008 R2 server with SMTP services and a custom app that generates email.  I would like to create a domain entry on the SMTP service so messages that are destined for corporate recipients get sent from the DMZ directly to the corporate Exchange 2003 server.  The Exchange server seems to be refusing connections from the standalone server even if I add its IP to the relay list; I don't get an error, the connection seems to timeout.  Does anyone know how would I go about getting this working with some security?

Thanks in advance for your help,

S_B

I think I can change it through ECP on Send/Receive Connectors, right? I know that's for Message Size Limit, not for Attachment, but I think there's not a big difference as for my case.

After changing it, what services I need to restart to make it work?

Thanks.

Lawrence Fung

We recently upgraded from an Exchange 2007 server to an Exchange 2013 server. We recreated the relays as best we could and now we have a couple of our users that are experiencing issues. They use an outside bulk email web service when they have to send updates to many of their clients (usually @ 100 - 300) and they can now only send to 5 clients at a time.

The way it works is they input their email address through the web service, our SMTP address, and authenticate through us. It then sends out the emails using our relay so it goes out as them and provides the delivery report of who was sent the email. Since the move to Exchange 2013 they are now limited to 5 at a time and show "Delivery successful" while the rest show as:

"Delivery Failure, Expected "250", Instead Reported 421 4.4.2 Message submission rate for this client has exceeded the configured limit"

I have made changes using the Get-ReceiveConnector and changed the MessageRateLimit from 5 to 50 and it still does not work. I even changed them all (unnecessary, but getting desperate) to unlimited at one point to test and it still only allows 5 at a time.

I realize this is a configuration setting somewhere, I just can't find it. Any direction on this would be appreciated.

~Rick

I am planning a migration from a Lotus Notes to Exchange 2013 environment that is site resilient. I understand that there will be a migration period and that the mail routing design will look different during that time of the migration. I have been researching the architecture of Exchange 2013 and I feel I have a pretty good understanding of most features in the CAS and DAG roles but it is really unclear how inbound/outbound external mail routing is configured. In previous versions many people used the Edge Transport server and I can still use the Exchange 2010 Edge Transport server in 2013 as one option. I am also finding information that I can setup send and recieve connectors on the Exchange 2013 CAS servers to do this task too. Below are my questions about this topic.

1. Am I right that Exchange 2013 CAS or Exchange 2010 Edge Transport are options for this service?
2. Are there other option for Inbound/Outbound External mail routing with Exchange 2013? Third party or otherwise?
3. Of all my options what are the pros/cons to using each one.
4. I have heard rumors of an Exchange 2013 Edge Transport service that is planned for future release? Are there any details on what this will feature, when it will be released, or how it will work?

I just configured my intranet exchange server alongside Server 2012.

Presently, I can successfully send mail to public web mails but on the other hand,

my web mail cant receive mail from the public. I even tried giving it a public IP; still nothing happens.

From my gmail account, error generated is this:

Technical details of permanent failure:
DNS Error: Domain name not found.

Can anyone help, please

In a new Exchange 2013 deployment I am trying to understand my options for Spam/AV Filtering for email.  I have read that there is a feature on the Exchange 2013 Mailbox server role that will catch spam. I also read that Microsoft offers a cloud based spam filtering/av scanner service for purchase. Exchange 2010 Edge Transport server appears to be an option yet too. I also know there are many 3rd party tools that can be utilized as well.

Are my research results for my options above correct? Are there any other options I am missing.

How good of a spam filter tool comes with the Exchange 2013 mailbox role?

Hi all,

I have the situation that is:

There is one mail server in form of hosting, and there are five clients at my site using outlook to send and receive mails, my domain is amtech.com. I want to set up a seperate filter service that only allow my client send and receive with domain "amtech.com" without configuring on mail server at hosting site. Is there any way to do that? Thank you

Hi Guys,

We got NDR for some domains with error code #550 4.4.7 QUEUE.Expired; message expired ##;

So i go to the queue viewer and see some queue stuck there with last error

1. 451 4.4.0 Primary target IP address responded with : "421 4.2.1 unable to connect";

2. 451. 4.4.0 DNS query failded;

Any suggestions for troubleshooting?
If the mails and queues keep failing, will them be deleted or moved to somewhere finally?
As i monitor the queue recently and the queue is always changing, not one specific queue stuck there all the time.

Thanks!

Weicong888

mx.google.com rechazó su mensaje a las siguientes direcciones de correo electrónico:

mx.google.com produjo este error: [2002:ba65:44b2::ba65:44b2 16] The sender does not meet basic ipv6 sending guidelines of authentication and rdns resolution of sending ip. Please review more information. do3si4234734vcb.123 - gsmtp

El mensaje no se entregó debido a un problema de seguridad o con los permisos. Puede que lo haya rechazado un moderador, que la dirección sólo acepte correo electrónico de determinados remitentes o que haya otra restricción que impida la entrega.

Información de diagnóstico para los administradores:

Generando servidor: SRVDC01.veraquintana.local

 mx.google.com #550-5.7.1 [2002:ba65:44b2::ba65:44b2 16] The sender does not meet basic 550-5.7.1 ipv6 sending guidelines of authentication and rdns resolution of 550-5.7.1 sending ip. Please review 550 5.7.1 more information. do3si4234734vcb.123 - gsmtp ##

I have a Microsoft Small Business Server 2011. About four months ago the OWA stopped working and MS Support had to be called to get it fixed since nothing we did resolved the issue. However after the OWA was repaired we started noticing excessive amounts of email bounce backs occurring, but only during a "reply". In otherwords, if we replied to the sender we would get a bounce back, but if we created a new email with the senders address it went through. This is just totally bizzare. Micorosft Support personnel have looked at this sideways and at this time can't resolve the problem. Yes before anyone askes, we have checked our static IP and domain for blacklists, checked reverse DNS and just about everything external imagineable and it all checks out good. The error message which is contained here thinks we are running POP3 email accounts, when in fact all our email goes through an Exchange Server. So the message is really not helpful at all. Here is the most common of the bounce backs:

Please turn on SMTP Authentication in your mail client, or login to the IMAP/POP3 server before sending your message.  [********]:46408 is not permitted to relay through this server without authentication.

A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Our ISP as well as other IT folks have looked at this and are puzzled, if you Google the error you get tons of crap that has nothing to do with Exchange Services, but most reference POP3. We have POP3 and IMAP turned off we don't use a Smart Host and everything was fairly fine until the OWA issue occurred.

Everyone I've talked to so far has no clue. I can't be the only one in the known Exchange universe that has run into this before? Any one have any ideas?

Hi,

I setup a rule to silently delete  message from a specific sender which is working fine.
My issue is, I'm not able to evaluate how many time this specific rule has been triggered. In exchange 2007, there was the possibilty to create an event when a rule was triggered, it disappeared from the gui but there is still-logeventtxt parameter that exist. Unfortunately, I didn't manage to make it works.

From get-messagetracking, I can only see from the source (agent),sourcecontext(transport rule agent) that a message has been processed by a rule, I change the loglevel but it seems I can't identify  nor the rule, nor the frequency of the rule usage. Am I missing something ?

best regards,

Mikaël

We have a server that is setup to relay e-mail through Exchange to students that sign up for classes.  They are e-mailed their username/password to the e-mail address they enter on a web form that the server processes and then sends the e-mail.

If a student enters their e-mail address incorrectly, is there a way to generate an NDR and send it to an Administrator?  Trying to think through this scenario, maybe asking students to enter their e-mail address twice to make sure they've entered it correctly.

I've read some about enabling protocol logging and/or message tracking but that seems tedious and reactive instead of proactive.

Just curious what other options are available...

Hi friends, I need to protect content from the organization: I want to apply a Not-Forward rule to mails or Meetings with certain subjects, but I don't know (and I can't find any information about this) if this rule can be applied to a meeting invitation (from Outlook clients is not possible, the "permision" button don't appear when I'm Schedule a meeting), and I need to know if the rule apply to meeting invitations, we want that a meeting invitation can't be forwarded.

Can help me with this? I'm looking for several documents but I can't find anything

Germán Ruiz -- Infrastructure Architect -- Speaker TechNet LATAM -- http://germanruizp.blogspot.com