Hi,

We recently added an Exchange Server 2013 in our 2010 environment to achieve a hybrid setup for a multi organization 0365 migration.

Since we installed Exchange 2013, we are experiencing some issues with email headers being rewritten to the default email adresses.

for example:

When I email to kristof1@mydomain.com, the TO field in the header changes to kristof@AD-domain.com causing the mail rules to not match the emailaddress specified in the rule. (looking for email address in to filed of the header)

The email address has several aliases and the rule is always looking for the email address in the TO field of the header.

External mail is working just fine.

Does anyone has a clue how to troubleshoot this issue?

Thanks in advance,

Hi Team

I have made a Journal Rule to move all the mails coming to inbox to a local PST. When i checked Outlook Inbox it's showing empty , but when checking OWA some mails are still showing in inbox. This mailbox will be receiving copy of all the mails that is send and received in organisation. Huge number of mails are still showing in OWA. Please help to resolve the issue. 

Hi all,

One of our Exchange 2013 CU9 user systematically receives an error 550 5.1.1 when an incoming email arrives whereas OOF activated.

This error is about an email deliver failure to a recipient that has been deleted.

When I look for a possible email rule, I find nothing. In addition, this issue occurs only when OOF is activated.

Any idea about that ?

Thank you.

FXE

Users are getting ERROR:0x80070005-00000000-00000000 while replying to an email in Outlook 2013 (Exchange 2013).

Have tried to remove the permission and re-added it, Still get this error.

Getting Undeliverable message while sending Non SMTP(fax addressing format ex:[RFAX:test@/FN=444]) address format from the desktop outlook client in enabled Use cached exchange mode setting of the user account like below screenshot 

if we disabled (uncheck) the above setting then i can able to send the Non SMTP(fax addressing format ex:[RFAX:test@/FN=444]) address format from the desktop outlook client.

our requirement is to send Non SMTP fax addressing format in Enabled "Use Cached Exchange Mode" setting of the User account from the desktop outlook client.

Could you please suggest any solution for resolving above problem.

Thanks in advance.

Regards,

Prasad.

Hi

Exchange 2013

I have Site A and Site B, two different AD sites configured with EDGE SYNC, both are internet facing sites. There is a activity in site B, SO I need to shutdown all EDGE servers in site B. Mailbox and CAS servers will be up and running in site B only. How to i make the changes so that external Mails from site B users goes via site A.

Hi,

We have a forest that contains Exchange 2013 and the bulk of our users, we have a forest trust to a domain that contains more users that is separate for political reasons.  I have a pki setup in the primary forest and is working as expected for all users.

I'd like for users at both sides to be able to encrypt and send emails to each but at the moment outlook complains that it can't find the certificates for those on the other domain.

Is this possible?

I have a mail universal distribution group alias@domain.com on a Exchange 2013 server. Later, otheralias@domain.com was added as address and configured as primary SMTP address. External senders are, however, permitted; an e-mail address policy is not enabled nor is moderation.

RunspaceId                             : d2c70b0f-ed57-4b30-bc55-d2a33b1d8545
GroupType                              : Universal
SamAccountName                         : ***
BypassNestedModerationEnabled          : False
ManagedBy                              : ***
MemberJoinRestriction                  : Closed
MemberDepartRestriction                : Closed
ExpansionServer                        :
ReportToManagerEnabled                 : False
ReportToOriginatorEnabled              : True
SendOofMessageToOriginatorEnabled      : False
AcceptMessagesOnlyFrom                 : {}
AcceptMessagesOnlyFromDLMembers        : {}
AcceptMessagesOnlyFromSendersOrMembers : {}
AddressListMembership                  : {\Groups(VLV), \All Groups(VLV), \All Recipients(VLV), \All Distribution
                                         Lists, \Default Global Address List}
Alias                                  : ***
ArbitrationMailbox                     : ***
BypassModerationFromSendersOrMembers   : {}
OrganizationalUnit                     : ***
CustomAttribute1                       :
CustomAttribute10                      :
CustomAttribute11                      :
CustomAttribute12                      :
CustomAttribute13                      :
CustomAttribute14                      :
CustomAttribute15                      :
CustomAttribute2                       :
CustomAttribute3                       :
CustomAttribute4                       :
CustomAttribute5                       :
CustomAttribute6                       :
CustomAttribute7                       :
CustomAttribute8                       :
CustomAttribute9                       :
ExtensionCustomAttribute1              : {}
ExtensionCustomAttribute2              : {}
ExtensionCustomAttribute3              : {}
ExtensionCustomAttribute4              : {}
ExtensionCustomAttribute5              : {}
DisplayName                            : ***
EmailAddresses                         : ***
GrantSendOnBehalfTo                    : ***
ExternalDirectoryObjectId              :
HiddenFromAddressListsEnabled          : False
LastExchangeChangedTime                :
LegacyExchangeDN                       : ***
MaxSendSize                            : Unlimited
MaxReceiveSize                         : Unlimited
ModeratedBy                            : {}
ModerationEnabled                      : False
PoliciesIncluded                       : {}
PoliciesExcluded                       : {{26491cfc-9e50-4857-861b-0cb8df22b5d7}}
EmailAddressPolicyEnabled              : False
PrimarySmtpAddress                     : ***
RecipientType                          : MailUniversalDistributionGroup
RecipientTypeDetails                   : MailUniversalDistributionGroup
RejectMessagesFrom                     : {}
RejectMessagesFromDLMembers            : {}
RejectMessagesFromSendersOrMembers     : {}
RequireSenderAuthenticationEnabled     : False
SimpleDisplayName                      :
SendModerationNotifications            : Always
UMDtmfMap                              : {emailAddress:732877161, lastNameFirstName:732877161,
                                         firstNameLastName:732877161}
WindowsEmailAddress                    : ***
MailTip                                :
MailTipTranslations                    : {}
Identity                               : ***
IsValid                                : True
ExchangeVersion                        : 0.10 (14.0.100.0)
Name                                   : ***
DistinguishedName                      : ***
Guid                                   : ca7230e2-dbb1-497d-8e1d-443893397314
ObjectCategory                         : ***
ObjectClass                            : {top, group}
WhenChanged                            : 28.10.2015 15:39:17
WhenCreated                            : 09.06.2015 16:54:08
WhenChangedUTC                         : 28.10.2015 14:39:17
WhenCreatedUTC                         : 09.06.2015 14:54:08
OrganizationId                         :
Id                                     : ***
OriginatingServer                      : ***
ObjectState                            : Changed

The problem occurring now is that I can send mails to alias@domain.com from within and outside the organisation. I can also send mails to otheralias@domain.com from within the organisation. However, I cannot sendto otheralias@domain.com from outside the organisation. The server creates an NDR with

Diagnostic-Code: smtp;550 5.1.1 RESOLVER.ADR.RecipNotFound; not found

How can I fix that?

Thanks in advance,
Christoph

Hi Guys,

My company is moving away from Notes to Office 365/Hybrid. The time has come to implement the On-Prem portion of the solution and we have run into a couple of issues setting up message classification/OME.

We have successfully implemented OME using message classification and transport rules for our Exchange Online users (20,000 E3 and counting). This configuration is working well.

I've copied the Exchange Online message classification details and associated IDs. Applying basic On-Prem transport rules work perfectly however I can't seem to get the following working:

1. External mail which routes via Exchange Online isn't being encrypted using existing transport rules (this works perfectly for O365 users) 

2. Above applies for On-Prem users mailing 365 users (mail with message classification applied)

2. What is the best way to apply OME for mail that doesn't leave the On-Prem solution?? (On-Prem to On-Prem)

- All users will have an E3 license

- Exchange 2013 CU8

Many thanks,

Matt

We need a way to send out an automated email (not sent from someone's outlook client) that has information that we do not want forwarded, copied, or printed.  Can this be done with Exchange 2013? The messages will be generated from SharePoint and the messaging system is Exchange 2013.  We have onpremise AD RMS.

ms

Hi!

Two days ago I installed the second exchange server – Exc02. Currently Exc02 has no user mailboxes at all.

Both of my Exchange servers are 2013CU9 without DAG and Shadow Resilience.

Today I have noticed that some internal emails go through my new Exchange server. 

I can’t figure out why Mailbox Transport Service on Exc01 sends email via exc02 so far as recipient‘s mailbox is on the same server (Exc01)?

Here are output from Get-MessageTrackingLog, Delivery report from ECP and a message header.

Timestamp           Source      EventId   ConnectorId                           ClientHostname      ServerHostname
---------           ------      -------   -----------                           --------------      --------------
28.10.2015 18:52:21 STOREDRIVER RECEIVE                                          Exc01  		Exc01
28.10.2015 18:52:22 SMTP        RECEIVE   Exc02\Default Exc02                	 Exc01  		Exc02
28.10.2015 18:52:22 AGENT       AGENTINFO                                        Exc02
28.10.2015 18:52:22 STOREDRIVER SUBMIT                                           Exc01                  Exc02
28.10.2015 18:52:22 STOREDRIVER DELIVER                                          Exc02 			Exc01
28.10.2015 18:52:22 SMTP        SEND      Intra-Organization SMTP Send Connector Exc02                  Exc01  	 

Delivery Report for  User2 ‎(user2@contoso.com)‎
Submitted
10/28/2015 18:52 Exc01
The message was submitted to Exc01.contoso.com.
Pending
10/28/2015 18:52 Exc02.contoso.com
Message was received by Exc02.contoso.com from Exc01.contoso.com.

10/28/2015 18:52 Exc02.contoso.com
The message has been transferred from Exc02.contoso.com to Exc01.contoso.com.
Delivered
10/28/2015 18:52 Exc01.contoso.com
The message was successfully delivered.

Received: from Exc02.contoso.com (10.117.1.19) by
 Exc01.contoso.com (10.117.1.18) with Microsoft SMTP Server (TLS) id
 15.0.1104.5 via Mailbox Transport; Wed, 28 Oct 2015 18:52:21 +0300

Received: from Exc01.contoso.com (10.117.1.18) by
 Exc02.contoso.com (10.117.1.19) with Microsoft SMTP Server (TLS) id
 15.0.1104.5; Wed, 28 Oct 2015 18:52:21 +0300

Received: from Exc01.contoso.com ([::1]) by Exc01.contoso.com
 ([::1]) with mapi id 15.00.1104.000; Wed, 28 Oct 2015 18:52:21 +0300
From: User1 <User1@contoso.com>
To: User2 <user2@contoso.com>
Date: Wed, 28 Oct 2015 18:52:21 +0300

Btw, is it possible to sort output from Get-MessageTrackingLog command in a horological order? TimeStamp is not suite because it has no milliseconds.

Hi,

We have a mixed environment Exchange 2007 + Exchange 2013.

I need some clarification on "source server" in the send connector properties of Exchange 2013.

We have a (only one) connector configured like below:

Mail destined to internet should go via our smart host which is send mail.

As you know, the domain name would be "*" and the smart host would be send mail.

We have added all Exchange 2013 Mailbox Servers to the Source Server list.

I understand that this connector can be used ONLY by 2013 servers but it can't be used by Exchange 2007 servers as we don't have 2007 servers listed in the "Source Servers".

But my friend says - If an email is sent from an 2007 mailbox destined to Internet, then Exchange 2007 routes the email to 2013 Mailbox servers because 2013 servers are in the Source Servers list.

So, we have two different opinions on the purpose of the option - Source Server..

Can some one help us with exact clarification on what is right ?

We have Exchange 2010/Exchange 2013 in a coexistence setup and mail has been working fine for a few years.  We're making some changes to our edge, removing the current SMTP Relay Device and replacing it with an Exchange 2013 Edge Server.  I've installed the edge server and Start-EdgeSyncronization shows a success result and Test-EdgeSyncronization shows SyncStatus: Normal.

Additionally I can connect to port 25 from a PowerShell window just fine.  For test purposes, I've limited the EdgeSync - site to Internet connector to a single domain.  When I try to send mail to a user in that domain I can see the mail stuck in a queue:

Next Hop                                                 Delivery Type                                                                        Status

EdgeSync - site to Internet connector        SMTP Relay in Active Directory Site to Edge Transport Server     Retry

The last Error is:

451 4.4.0 Primary target IP Address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.

I've tried searching on that but I haven't found anything relevant to my situation (i.e. a lot of Solutions referencing prior versions of Exchange but none that I can make work for me).

Any suggestions?

Hello Community:

We recently migrated all users (150) to Exchange 2016 from 2013.  We have retired all 2013 servers and are a single-server Exchange 2016 environment. We have enabled MAPI over HTTP on the organization and on the MapiVirtualDirectory we have set both internal and external URLs along with the IISauthenticationMethods to NTLM, Negotiate. Based on what I can tell, this is working correctly. Autodiscover works fine, Outlook anywere works with no issues. New domain joined and external Outlook clients find the server and connect with no issues. Connection status shows protocol HTTP and Encrypt SSL.  However, we are having various performance issues with mailboxes and on a number of occasions we are getting a popup message stating : "Changes made to the item were lost because of a reconnect with the server."  I have ensured these users have new Outlook profiles and have in a few cases upgraded to Outlook 2016 from Outlook 2013 to no avail.  No strange server event log errors.  If I disable MAPI over HTTP and go back to using RPC/HTTP things seem to be fine.

Thoughts on what could be causing this?

JC

Hi,

from some of our users we got complains that the SMTP send process on port 587 is sometimes quite slow, taking about 5 seconds before the message is sent.

After analyzing the SMTP receive logs on the Exchange 2010 CAS/HTS server with latest Rollup and updates on up-to-date Windows Server 2008 R2 Enterprise, I noticed that on many client connections the initial "[Set Session Permissions]" operation takes 5 seconds while on other connections it takes 0 seconds. This is even before the server sends the first 220 to the client. For example:

18:53:24.659  None  [Set Session Permissions]
18:53:29.667  220 <FQDN omitted> Microsoft ESMTP MAIL Service ready at Wed, 28 Oct 2015 18:53:24 +0100
18:53:29.713  EHLO <client omitted>
18:53:29.713  250-MSX-CAS1.w2k.biochem.mpg.de Hello [141.61.32.80]
18:53:29.713  250-SIZE 41943040
18:53:29.713  250-PIPELINING
18:53:29.713  250-DSN
18:53:29.713  250-ENHANCEDSTATUSCODES
18:53:29.713  250-STARTTLS
18:53:29.713  250-AUTH GSSAPI NTLM
18:53:29.713  250-8BITMIME
18:53:29.713  250-BINARYMIME
18:53:29.713  250 CHUNKING
18:53:29.760  STARTTLS
18:53:29.760  220 2.0.0 SMTP server ready
18:53:29.760  [Sending certificate]

The receive connectors are configured as follows:

RunspaceId                              : <omitted>
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {0.0.0.0:587}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
AdvertiseClientSettings                 : False
Fqdn                                    : <omitted>
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : 20
MessageRateSource                       : User
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 50
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize                           : 64 KB (65,536 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 40 MB (41,943,040 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : ExchangeUsers, Custom
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : Verbose
RemoteIPRanges                          : {0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : True
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : <omitted>
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Client
DistinguishedName                       : <omitted>
Identity                                : <omitted>
Guid                                    : <omitted>
ObjectCategory                          : <omitted>/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 10.12.2014 14:51:25
WhenCreated                             : 13.05.2013 14:00:11
WhenChangedUTC                          : 10.12.2014 13:51:25
WhenCreatedUTC                          : 13.05.2013 12:00:11
OrganizationId                          :
OriginatingServer                       : <omitted>
IsValid                                 : True

For the network setup: the SMTP access is routed through a web application firewall and KEMP load balancer to the CAS/HTS servers, so all client connections come from the same remote IP (the WAF). The delay is however definitely on the Exchange servers, as visible from the SMTP receive logs.

From the SMTP logs I can rule out the tarpit. Although configured with default 5 seconds, the tarpit is not invoked on affected connections.

There are custom permissions set on the receive connector and custom permissions inherited, but the operation does not take so long on every connection.

Is it possible that "MaxInboundConnectionPerSource" of 50 can cause this? How would the server react, if the threshold is exceeded?

Is there some way I can identify what makes the system take so long on setting the session permissions for about 30 to 50% of the connections? It's always a delay of nearly exactly 5 seconds.

Thanks in advance for any hints on how to further debug this issue.

Gregor

Hello,

We are in process of migrating from Exchange 2010 to 2013. We have number of applications that are sending email through Exchange server. When those application servers point to Exchange 2013 we are experiencing "5.7.1. Client was not authenticated" errors occasionally.

This is really weird issue as we have about 75% success rate and 5.7.1 is intermittent issue that I can't figure it out. I also have ticket opened with Microsoft support. Microsoft support technician made some changes through adsiedit but this did not resolve the issue. It is rather difficult to troubleshoot because it is intermittent issue and while testing with Microsoft we do see success but being about 75% working and 25% not it is difficult to reproduce the issue with MS support technician on the phone. Also, it is not one specific application server that is causing this issue but more or less all of them.

Our setup is:

2 CAS servers and 2 MBX servers (Exchange 2013 Enterprise RU8) - Anonymous authentication is enabled on the connector - CAS servers are load balanced through A10 same as our Exchange 2010

SMTP Relay was created and all servers IP's that need to send email (even just internal within exchange organization were added to the list - in Exchange 2010 we didn't need to add servers that route email internally to the SMTP relay)

Tracing successful messages I can see that all servers are delivering email so I can't pinpoint to specific server causing this failure. I reopened case with Microsoft and am waiting for their reply.

Has anybody experienced similar issue? Any suggestions would be more than welcome.

Thanks,

Vic

Vic Sabljic Sr. Data Centre Analyst

At my current employer I can't get them to approve locking down all company e-mails. What I'd like to do since I can't lock it down is create a transport rule to take the "TO: All Company" and replace it with "BCC: All Company". This would help all reply's to all company. I'm having a hard time figuring out if this is possible with a Transport Rule.

Anyone have experience with this?

Good afternoon, all!

We have a new Exchange 2013 installation and have run into a minor roadblock.  

We're using a site-to-site VPN for mail to & from a major customer.  The new Exchange servers don't know about this and are routing mail over the Internet.  I suspect the customer is blocking that Internet mail because of the VPN tunnel that took production and legacy email.

I have two datacenters with Edge Transport servers in each DC sending out mail.  They connect to either of the Mailbox/CAS servers in the production environment so either server can respond to either Edge Transport server.

I found this document from Exchange 2007 that shows the outline for doing this.  Has anything significant changed between Exchange 2007 and 2013 in this arena?  

Thanks for looking!

Gregg

Hi

i can not remove my server from spamhaus blacklist for 1 week. (in http://www.spamhaus.org/lookup/), when i enter my server's ip address, it says that this ip is not listed in XBL or PBL or SBL, but messages have been rejected by spam error.

what can i do ?

thanks