I have a client who has multiple sites. Their exchange server receives "scan to email" emails from a Canon C2020 Digital Multifunction on a different site. To stop the Exchange 2013 Spam filter blocking the emails, I set up a Transport Rule.

The rule has the following properties

1. If the Sender Address matches canon.device@gmail.com
2. Set the SCL to 3
3. Generate an incident report and email to the system admin, and inlcude the original email
4. Is the 3rd of 3 rules (the prior 2 add Disclaimers to outgoing emails depending on who the sender is)

Simple enough right.

Wrong - some staff scan to email repeatedly and the scan arrives ok in their inbox.  Others, it simply will not let the email thru, and instead places the email into the Spam Mailbox.  I open the blocked email, click on Send Again and it arrives for the user.

Is the Transport Rule functionality buggy or prone to odd behaviour.  I have sat and read through the Rule so many times it is tattooed onto my retina.

The Email addresses for all users are created by an Email address policy so all are a consistent format = Firstname + Surname 1st Initial@contoso .com.

There have been times where I have wondered if the rules are case sensitive when assessing the email addresses.

Any thoughts to put me out of my misery, please show me where I have done wrong....

Get-TransportRule returns

[PS] C:\Windows\system32>Get-TransportRule "[Cust-sos-IN] Reset SCL on Scanner emails" | Format-List

RunspaceId                                   : 7f9c4f6e-7d35-409e-acf9-cbb272720b8c
Priority                                     : 2
DlpPolicy                                    :
DlpPolicyId                                  : 00000000-0000-0000-0000-000000000000
Comments                                     :
ManuallyModified                             : False
ActivationDate                               :
ExpiryDate                                   :
Description                                  : If the message:
                                                   Is sent to 'Accounts@contoso.com' or
                                              'Administration@contoso.com' or'Allan@contoso.com' or
                                              'FredaM@contoso.com' or 'Client.Services.Manager@contoso.com' or
                                              'DonnyY@contoso.com' or 'ElenB@contoso.com'or...
                                                   and Includes these patterns in the From address:
                                              'canon.device@gmail.com'
                                               Take the following actions:
                                                   Set the spam confidence level (SCL) to '3'
                                                   and Send the incident report to SharonK@contoso.com, Include
                                               original mail

RuleVersion                                  : 15.0.2.0
Conditions                                   : {SentTo, FromAddressMatches}
Exceptions                                   :
Actions                                      : {SetSCL, GenerateIncidentReport}
State                                        : Enabled
Mode                                         : Enforce
RuleSubType                                  : None
UseLegacyRegex                               : False
From                                         :
FromMemberOf                                 :
FromScope                                    :
SentTo                                       :{Accounts@contoso.com, Administration@contoso.com,
                                              AmandaC@contoso.com, AshleyM@contoso.com,
                                              Client.Services.Manager@contoso.com,DonnaY@contoso.com,
                                              EbonieB@contoso.com, FranR@contoso.com, Intake@contoso.com,
                                              JoP@contoso.com, LenoreL@contoso.com, MarinaL@contoso.com,
                                              NatashaS@contoso.com, NiamhS@contoso.com, UnaG@contoso.com,
                                              Helpdesk@Acontoso.com...}
SentToMemberOf                               :
SentToScope                                  :
BetweenMemberOf1                             :
BetweenMemberOf2                             :
ManagerAddresses                             :
ManagerForEvaluatedUser                      :
SenderManagementRelationship                 :
ADComparisonAttribute                        :
ADComparisonOperator                         :
SenderADAttributeContainsWords               :
SenderADAttributeMatchesPatterns             :
RecipientADAttributeContainsWords            :
RecipientADAttributeMatchesPatterns          :
AnyOfToHeader                                :
AnyOfToHeaderMemberOf                        :
AnyOfCcHeader                                :
AnyOfCcHeaderMemberOf                        :
AnyOfToCcHeader                              :
AnyOfToCcHeaderMemberOf                      :
HasClassification                            :
HasNoClassification                          : False
SubjectContainsWords                         :
SubjectOrBodyContainsWords                   :
HeaderContainsMessageHeader                  :
HeaderContainsWords                          :
FromAddressContainsWords                     :
SubjectMatchesPatterns                       :
SubjectOrBodyMatchesPatterns                 :
HeaderMatchesMessageHeader                   :
HeaderMatchesPatterns                        :
FromAddressMatchesPatterns                   :{canon.sos@gmail.com}
AttachmentNameMatchesPatterns                :
AttachmentExtensionMatchesWords              :
HasSenderOverride                            : False
MessageContainsDataClassifications           :
SenderIpRanges                               :
SCLOver                                      :
AttachmentSizeOver                           :
MessageSizeOver                              :
WithImportance                               :
MessageTypeMatches                           :
RecipientAddressContainsWords                :
RecipientAddressMatchesPatterns              :
SenderInRecipientList                        :
RecipientInSenderList                        :
AttachmentContainsWords                      :
AttachmentMatchesPatterns                    :
AttachmentIsUnsupported                      : False
AttachmentProcessingLimitExceeded            : False
AttachmentHasExecutableContent               : False
AnyOfRecipientAddressContainsWords           :
AnyOfRecipientAddressMatchesPatterns         :
ExceptIfFrom                                 :
ExceptIfFromMemberOf                         :
ExceptIfFromScope                            :
ExceptIfSentTo                               :
ExceptIfSentToMemberOf                       :
ExceptIfSentToScope                          :
ExceptIfBetweenMemberOf1                     :
ExceptIfBetweenMemberOf2                     :
ExceptIfManagerAddresses                     :
ExceptIfManagerForEvaluatedUser              :
ExceptIfSenderManagementRelationship         :
ExceptIfADComparisonAttribute                :
ExceptIfADComparisonOperator                 :
ExceptIfSenderADAttributeContainsWords       :
ExceptIfSenderADAttributeMatchesPatterns     :
ExceptIfRecipientADAttributeContainsWords    :
ExceptIfRecipientADAttributeMatchesPatterns  :
ExceptIfAnyOfToHeader                        :
ExceptIfAnyOfToHeaderMemberOf                :
ExceptIfAnyOfCcHeader                        :
ExceptIfAnyOfCcHeaderMemberOf                :
ExceptIfAnyOfToCcHeader                      :
ExceptIfAnyOfToCcHeaderMemberOf              :
ExceptIfHasClassification                    :
ExceptIfHasNoClassification                  : False
ExceptIfSubjectContainsWords                 :
ExceptIfSubjectOrBodyContainsWords           :
ExceptIfHeaderContainsMessageHeader          :
ExceptIfHeaderContainsWords                  :
ExceptIfFromAddressContainsWords             :
ExceptIfSubjectMatchesPatterns               :
ExceptIfSubjectOrBodyMatchesPatterns         :
ExceptIfHeaderMatchesMessageHeader           :
ExceptIfHeaderMatchesPatterns                :
ExceptIfFromAddressMatchesPatterns           :
ExceptIfAttachmentNameMatchesPatterns        :
ExceptIfAttachmentExtensionMatchesWords      :
ExceptIfSCLOver                              :
ExceptIfAttachmentSizeOver                   :
ExceptIfMessageSizeOver                      :
ExceptIfWithImportance                       :
ExceptIfMessageTypeMatches                   :
ExceptIfRecipientAddressContainsWords        :
ExceptIfRecipientAddressMatchesPatterns      :
ExceptIfSenderInRecipientList                :
ExceptIfRecipientInSenderList                :
ExceptIfAttachmentContainsWords              :
ExceptIfAttachmentMatchesPatterns            :
ExceptIfAttachmentIsUnsupported              : False
ExceptIfAttachmentProcessingLimitExceeded    : False
ExceptIfAttachmentHasExecutableContent       : False
ExceptIfAnyOfRecipientAddressContainsWords   :
ExceptIfAnyOfRecipientAddressMatchesPatterns :
ExceptIfHasSenderOverride                    : False
ExceptIfMessageContainsDataClassifications   :
ExceptIfSenderIpRanges                       :
PrependSubject                               :
SetAuditSeverity                             :
ApplyClassification                          :
ApplyHtmlDisclaimerLocation                  :
ApplyHtmlDisclaimerText                      :
ApplyHtmlDisclaimerFallbackAction            :
ApplyRightsProtectionTemplate                :
SetSCL                                       : 3
SetHeaderName                                :
SetHeaderValue                               :
RemoveHeader                                 :
AddToRecipients                              :
CopyTo                                       :
BlindCopyTo                                  :
AddManagerAsRecipientType                    :
ModerateMessageByUser                        :
ModerateMessageByManager                     : False
RedirectMessageTo                            :
RejectMessageEnhancedStatusCode              :
RejectMessageReasonText                      :
DeleteMessage                                : False
Disconnect                                   : False
Quarantine                                   : False
SmtpRejectMessageRejectText                  :
SmtpRejectMessageRejectStatusCode            :
LogEventText                                 :
StopRuleProcessing                           : False
SenderNotificationType                       :
GenerateIncidentReport                       :SharonK@contoso.com
IncidentReportOriginalMail                   : IncludeOriginalMail
RouteMessageOutboundConnector                :
RouteMessageOutboundRequireTls               : False
Identity                                     : [Cust-sos-IN] Reset SCL on Scanner emails
DistinguishedName                            : CN=[Cust-sos-IN] Reset SCL on Scanner
                                               emails,CN=TransportVersioned,CN=Rules,CN=Transport
                                               Settings,CN=Contoso,CN=Microsoft
                                               Exchange,CN=Services,CN=Configuration,DC=CONTOSO,DC=LOCAL
Guid                                         : 5d1dbc9b-3718-4874-9552-296e8b98d874
ImmutableId                                  : 5d1dbc9b-3718-4874-9552-296e8b98d874
OrganizationId                               :
Name                                         : [Cust-sos-IN] Reset SCL on Scanner emails
IsValid                                      : True
WhenChanged                                  : 17/03/2015 2:37:06 PM
ExchangeVersion                              : 0.1 (8.0.535.0)
ObjectState                                  : Unchanged

I need to know what happened with this connector, i put all the permissions on my smart host same as MBX 2010, but not function.

i prove sending with a telnet through Exchange MBX and result message is:

451 4.7.0 Temporary server error. Please try again later. PRX1

Hi

Exchange server(CAS and mailbox) stops sending emails,  all messages are sitting in the users outbox during this period, Inbound emails however continues to work and the outbound does not start until transport services has been restarted. I have noticed that most of the time around that period one of the users would have sent a large attachment in an email ( <100MB checked at the email firewall ). however when we checked the outbound queue we don't see the large email.

We have recently migrated from Lotus to Outlook, we did not have this kind of issue when we were in lotus ie sending emails with large attachments

is there a way to avoid this kind of behavior

thanks in advance

Anand

flavio

Having many of these below:

Event ID 16028 A forced configuration update for Microsoft.Transport.TransportServerConfiguration has successfully completed.

Followed by this every few hours.

Event ID 15004 Resource Pressure Increased from Medium to High

Version buckets =219

Did not have this issue before CU5 update.  Updated from CU5

We recently moved our users to new Exchange servers and have been seeing intermittent bouncebacks after going through our relay provider. We're not on any blacklists, nor blocked by external recipients SPAM provider. Our relay provider is having trouble figuring out why this is happening. Some intermittent bounceback examples:

- user reply's to external recipient message and gets bounceback

- users sends a single email with multiple recipients in the same domain and gets a bounceback from one of the users

- user gets bounceback from an external user he has mailed successfully many times before (and even within the hour)

Running Exchange 2010 SP3 RU8. All mail flows from the same IP and configuration (we moved from physical servers to virtual but the virtual have new name and IP). We're setup correctly with our Relay with login and have updated our SPF record. 99.99% of external mail goes through fine. I can see our message gets handed to our relay provider. 

Any suggestions or ideas on what to look at appreciated.

Hi Guys,

I wonder if someone can point me in the right direction.

I have just installed my first Windows Server 2012 R2 , which went fine, then Exchange 2013 and installation went fine. have setup one user on the system and connected Exchange to the user, also setup in mail flow send connectors as well not an issue.(We do have internet on the server)

But when I try and send email using OWA they seat in the Draft folder, for the life on me I can't find why the emails are not going out.

Can some point me in the right direction as to what I have missed out.

Many Thanks.

JP

JP

Hi Techies

I'm currently running running 2 VMs Win Server 2012 and would like to test Failover Clustering for one of our FTP server

I've added on both servers an additional partition, formatted and Online, but cannot bring the disk online from the cluster manager

Assistance would be greatly appreciated

Thank you
Jabu

Hello all,

I have Edge transport server 2013

Also there are 3 Exchange servers installed

Ex01(Exchange 2010)

Ex02(Exchange 2013)

Ex03(Exchange 2013)

In the near future I will migrate all Databases from Ex01(Exchange 2010) and dismout the server and there will be Ex02(Exchange 2013) and Ex03(Exchange 2013) servers only

For now everything is working well, incoming/outgoing e-mails etc. but when I disable Ex01(Exchange 2010) I cannot send any external e-mails from mailboxes which located in Exchange 2013 servers(no problems with receiving e-mails appear)

When look in the queue of Exchange 2013 servers I can see all e-mails which got stuck in the queue.

What might that be? Please, help to resolve the issue.

I have implemented an Edge Transport Server; but I think there is a lot of setup guidance missing from documentation.

From what I can tell, many of the Anti-SPAM agents use RBL's to contribute to their processing, not just the connection filter.

There does not seem to be any guidance on which RBL's to implement.  It seems logical to me that with this Server Role; and the dependency on these DNS databases (RBL's); compiled with each RBL's connection policies, and limits; that Microsoft would have a deployment guide on using a Microsoft housed DNS Server via DNS Server Conditional Forwarding; or something internal to the Edge Transport Role to ensure reliable access to RBL's for processing.

In Forefront for Exchange 2010; many RBL's were included in the product; and had from my testing built-in access to the RBL's absent from a dependency on internal DNS Servers.

If you need specifics, Google Public DNS does not resolve zen.spamhaus.org (the largest).  dnsbl.invaluement.com is not publically accessible, dnsbl.sorbs.net and b.barracudacentral.org are not resolvable from my ISP's DNS Server, my primary DNS forwarder.

Seems logical to me that the Exchange 2013 SP1 Edge Transport Role's Anti-SPAM Agents should somehow use a Microsoft DNS Server to resolve all the DNSBL's that Microsoft uses in it's Cloud/EOP services.

Technology Administrator Erie County (Career and) Technical School.

Hello,

I have a newly-installed Exchange 2013 SP1 server (all roles installed on one server) that I installed CU6 on, and now the incoming mail flow has stopped.  Incoming mail is rejected at SMTP time with the following message:

"451 4.7.0 Temporary server error. Please try again later. PRX5"

From the logs, I traced it back to the Transport Service "Default SERVERNAME" receive connector, which is configured to listen on 0.0.0.0:2525.  Here are the relevant log snippets:

D:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpReceive\RECV20150321-1.LOG:
2015-03-21T17:13:07.697Z,excambio\Default Frontend EXCAMBIO,08D2320EEE2DB8E8,30,127.0.0.1:25,127.0.0.1:23768,*,,Proxy destination(s) obtained from OnProxyInboundMessage event
2015-03-21T17:13:07.697Z,excambio\Default Frontend EXCAMBIO,08D2320EEE2DB8E8,31,127.0.0.1:25,127.0.0.1:23768,*,,NextHopFqdn property is null or whitespace when creating InboundProxyLayer
2015-03-21T17:13:08.743Z,excambio\Default Frontend EXCAMBIO,08D2320EEE2DB8E8,32,127.0.0.1:25,127.0.0.1:23768,*,,"Message or connection acked with status Retry and response 441 4.4.1 Error encountered while communicating with primary target IP address:""Failed to connect. Winsock error code: 10061, Win32 error code: 10061."" Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts. The last endpoint attempted was 192.168.27.25:2525"
2015-03-21T17:13:08.743Z,excambio\Default Frontend EXCAMBIO,08D2320EEE2DB8E8,33,127.0.0.1:25,127.0.0.1:23768,>,451 4.7.0 Temporary server error. Please try again later. PRX5 ,

D:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\ProtocolLog\SmtpSend\SEND20150321-1.LOG:
2015-03-21T17:08:07.749Z,Inbound Proxy Internal Send Connector,08D2320EEE2DB8E2,0,,192.168.27.25:2525,*,,attempting to connect
2015-03-21T17:08:08.778Z,Inbound Proxy Internal Send Connector,08D2320EEE2DB8E2,1,,192.168.27.25:2525,*,,"Failed to connect. Winsock error code: 10061, Win32 error code: 10061, Error Message: No connection could be made because the target machine actively refused it 192.168.27.25:2525"
2015-03-21T17:08:12.397Z,Client Proxy Send Connector,08D2320EEE2DB8E4,0,,192.168.27.25:465,*,,attempting to connect. Client proxy session for HealthMailbox9301776481cb41068c2afd4f62f32744@jonheese.com

D:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\Connectivity\CONNECTLOG20150321-1.LOG:
2015-03-21T17:13:07.697Z,08D2320EEE2DB8E9,SMTP,internalproxy,+,Undefined 00000000-0000-0000-0000-000000000000;QueueLength=<no priority counts>
2015-03-21T17:13:07.697Z,08D2320EEE2DB8E9,SMTP,internalproxy,>,excambio.jonheese.local[192.168.27.25]
2015-03-21T17:13:08.743Z,08D2320EEE2DB8E9,SMTP,internalproxy,>,Failed connection to 192.168.27.25:2525 (ConnectionRefused:0000274D)[TargetHost:excambio.jonheese.local:2525|MarkedUnhealthy|FailureCount:5|NextRetryTime:2015-03-21T17:13:08.778Z][TargetIPAddress:192.168.27.25:2525|MarkedUnhealthy|FailureCount:5|NextRetryTime:2015-03-21T17:13:08.778Z]
2015-03-21T17:13:08.743Z,08D2320EEE2DB8E9,SMTP,internalproxy,-,Messages: 0 Bytes: 0 (Retry : Unable to connect)

When I try telnet'ing to localhost:2525 (or the actual IP of the exchange server), I either get an initial connection that drops after I hit any key, or I get connection refused.

I have confirmed that the "Default SERVERNAME" connector is configured appropriately, under the HubTransport role, listening on 0.0.0.0:2525:

[PS] C:\Windows\system32>Get-ReceiveConnector "excambio\Default EXCAMBIO" | fl


RunspaceId                              : 73ca4d69-3185-41ac-abff-a82be444730c
AuthMechanism                           : Tls, Integrated, BasicAuth, BasicAuthRequireTLS, ExchangeServer
Banner                                  :
BinaryMimeEnabled                       : True
Bindings                                : {[::]:2525, 0.0.0.0:2525}
ChunkingEnabled                         : True
DefaultDomain                           :
DeliveryStatusNotificationEnabled       : True
EightBitMimeEnabled                     : True
SmtpUtf8Enabled                         : False
BareLinefeedRejectionEnabled            : False
DomainSecureEnabled                     : False
EnhancedStatusCodesEnabled              : True
LongAddressesEnabled                    : False
OrarEnabled                             : False
SuppressXAnonymousTls                   : False
ProxyEnabled                            : False
AdvertiseClientSettings                 : False
Fqdn                                    : excambio.jonheese.local
ServiceDiscoveryFqdn                    :
TlsCertificateName                      :
Comment                                 :
Enabled                                 : True
ConnectionTimeout                       : 00:10:00
ConnectionInactivityTimeout             : 00:05:00
MessageRateLimit                        : Unlimited
MessageRateSource                       : IPAddress
MaxInboundConnection                    : 5000
MaxInboundConnectionPerSource           : 20
MaxInboundConnectionPercentagePerSource : 2
MaxHeaderSize                           : 128 KB (131,072 bytes)
MaxHopCount                             : 60
MaxLocalHopCount                        : 12
MaxLogonFailures                        : 3
MaxMessageSize                          : 35 MB (36,700,160 bytes)
MaxProtocolErrors                       : 5
MaxRecipientsPerMessage                 : 200
PermissionGroups                        : ExchangeUsers, ExchangeServers, ExchangeLegacyServers
PipeliningEnabled                       : True
ProtocolLoggingLevel                    : Verbose
RemoteIPRanges                          : {::-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff, 0.0.0.0-255.255.255.255}
RequireEHLODomain                       : False
RequireTLS                              : False
EnableAuthGSSAPI                        : False
ExtendedProtectionPolicy                : None
LiveCredentialEnabled                   : False
TlsDomainCapabilities                   : {}
Server                                  : excambio
TransportRole                           : HubTransport
SizeEnabled                             : Enabled
TarpitInterval                          : 00:00:05
MaxAcknowledgementDelay                 : 00:00:30
AdminDisplayName                        :
ExchangeVersion                         : 0.1 (8.0.535.0)
Name                                    : Default EXCAMBIO
DistinguishedName                       : CN=Default EXCAMBIO,CN=SMTP Receive
                                          Connectors,CN=Protocols,CN=excambio,CN=Servers,CN=Exchange Administrative
                                          Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=JonHeese,CN=Microsoft
                                          Exchange,CN=Services,CN=Configuration,DC=jonheese,DC=local
Identity                                : excambio\Default EXCAMBIO
Guid                                    : 018e86b8-351e-4ba5-92f9-f527f8200c36
ObjectCategory                          : jonheese.local/Configuration/Schema/ms-Exch-Smtp-Receive-Connector
ObjectClass                             : {top, msExchSmtpReceiveConnector}
WhenChanged                             : 3/21/2015 12:43:50 PM
WhenCreated                             : 3/21/2015 11:57:44 AM
WhenChangedUTC                          : 3/21/2015 4:43:50 PM
WhenCreatedUTC                          : 3/21/2015 3:57:44 PM
OrganizationId                          :
OriginatingServer                       : artemis.jonheese.local
IsValid                                 : True
ObjectState                             : Unchanged

And I've already tried the hosts file trick, with no change to this behavior.

It's probably worth noting too that this is *not* intermittent behavior -- this happens with every single email that is sent to the frontend (TCP/25) receive connector.

I've also confirmed that my components are all active:

[PS] C:\Windows\system32>Get-ServerComponentState excambio

Server                                  Component                               State
------                                  ---------                               -----
excambio.jonheese.local                 ServerWideOffline                       Active
excambio.jonheese.local                 HubTransport                            Active
excambio.jonheese.local                 FrontendTransport                       Active
excambio.jonheese.local                 Monitoring                              Active
excambio.jonheese.local                 RecoveryActionsEnabled                  Active
excambio.jonheese.local                 AutoDiscoverProxy                       Active
excambio.jonheese.local                 ActiveSyncProxy                         Active
excambio.jonheese.local                 EcpProxy                                Active
excambio.jonheese.local                 EwsProxy                                Active
excambio.jonheese.local                 ImapProxy                               Active
excambio.jonheese.local                 OabProxy                                Active
excambio.jonheese.local                 OwaProxy                                Active
excambio.jonheese.local                 PopProxy                                Active
excambio.jonheese.local                 PushNotificationsProxy                  Active
excambio.jonheese.local                 RpsProxy                                Active
excambio.jonheese.local                 RwsProxy                                Active
excambio.jonheese.local                 RpcProxy                                Active
excambio.jonheese.local                 UMCallRouter                            Active
excambio.jonheese.local                 XropProxy                               Active
excambio.jonheese.local                 HttpProxyAvailabilityGroup              Active
excambio.jonheese.local                 ForwardSyncDaemon                       Active
excambio.jonheese.local                 ProvisioningRps                         Active
excambio.jonheese.local                 MapiProxy                               Active
excambio.jonheese.local                 EdgeTransport                           Active
excambio.jonheese.local                 HighAvailability                        Active
excambio.jonheese.local                 SharedCache                             Active

Any assistance at this point is greatly appreciated.  I've spent 3-4 days just getting this system up and importing 37GB of mailboxes to it -- reinstalling at this point is not something I'm looking forward to doing (not to mention the fact that all incoming email is just queuing up at a backup MX while I'm waiting for this to go live...).  Thanks!

Regards,

Jon Heese

Hi,

We have exchange server 2013. The issue is that emails are stucked in queue for one domain. We have no issue sending emails to all other domains i.e gmail, yahoo etc'

Users are getting the following messages:

Remote
Server at mail.server.com (xxx.xxx.xxx.xxx) returned '400 4.4.7 Message
delayed'

3/22/2015 2:26:30 AM - Remote Server at mail.server.com
(xxx.xxx.xxx.xxx) returned '451 4.4.0 Primary target IP address responded with:
"421 4.4.5 Service not available, connection deferred." Attempted
failover to alternate host, but that did not succeed. Either there are no
alternate hosts, or delivery failed to all alternate hosts. The last endpoint
attempted was xxx.xxx.xxx.xxx:25'

Any thoughts please?

Regards,

Anees

Hello,

I wanted to know how I can setup a mail flow so every one in our organization who sends an email dont have this OH NO!! moment after sending an email out, I know I can do this via Outlook, but I wanted to know if this can be done via exchange powershell or ecp so its setup globally.

Delay emails by like 2 minutes for emails going out.

Thank you for your time and your assistance.

Exchange 2013 w/Dag Windows 2012 Server Standard MBX1 MBX2 FWS CAS1 CAS2 I use ZenLoad balancer

Hello All -

I recently migrated our company to Exchange 2013 and noticed that our email was leaving through the mailbox server. I put a check mark in the Send Connector where it says "Proxy through Client Access Server" and my mail is still coming from the mailbox server. How can I go about fixing this problem?

Environment:

1 CAS Server
1 Mailbox Server

Both server are behind the firewall with only port 25 opened to the CAS. The CAS has a Send Connector to a smart host for all messages.

Thank you!

Ryan

Dears

Recently I have deployed 4 node exchange environment and the details as below;

Exchange 2013 CU7 on Windows 2012 R2

2 CAS Role Servers with NLB

2 Mailbox Role Server with DAG.

No Smart Host used on the Send Connector

No Edge Server deployed.

In order to simplify the firewall rules and force the outbound e-mail flow through the CAS server I have enabled the "Proxy through Client Access Server" . on the send connector.

But when I test it the mail flow it shows the mailbox IP.

Can anybody help me on this?

Best regards

Muralee

Good Day all 

A user in our domain is currently experiencing issues in receiving spam mails with Chinese Character it is surely bypassing the Spam filter. Is there a way I can can block mails on exchange Server Transport rule with Chinese Character that are coming in. I have checked the transport rule configuration and I don't see a valid condition for this issue. 

Hi,

i have the following situation with an exchange 2010/2013 coexistence scenario:

3 Servers, 1 2008 R2 Server as DC with Exchange 2010, 1 2012 Server as DC, 1 2012 Server with Exchange 2013. The Problem is that the mailflow on the 2013 Exchange is simply not working, and I have tried all suggested solutions i could find in the last 2 days without success. 
Test-Mailflow fails while Test-SmtpConnectivity succeeds, but 2013-mailboxes cannot receive any mail. SmtpReceive Logs are like this:

2013-04-13T16:41:12.526Z,EX01\Default Frontend EX01,08D004497C6E9CC3,25,127.0.0.1:25,127.0.0.1:61348,*,,Message or connection acked with status Retry and response 451 4.4.0 DNS query failed. The error was: DNS query failed with error ErrorRetry
2013-04-13T16:41:12.526Z,EX01\Default Frontend EX01,08D004497C6E9CC3,26,127.0.0.1:25,127.0.0.1:61348,>,451 4.7.0 Temporary server error. Please try again later. PRX2 ,

i get the same errors when i telnet from the 2010 to the 2013 server.
so it seems like a DNS related problem, but i cannot figure out whats the problem. the ex2013 has the 2 DCs as internal DNS servers and i tried all 3 possible options of the DNS lookups setting in the server properties in ECP. i can resolve all servers without problems on any server, so i really dont understand whats the problem here...

any ideas? somebody? please  ;)

edit:

heres another snippet from the connectivity-log:

2013-04-13T23:59:44.720Z,08D006869E9DDB49,SMTP,internalproxy,>,DNS server returned ErrorRetry reported by 0.0.0.0. [Domain:Result] = EX01.xyz.priv:ErrorRetry;
2013-04-13T23:59:44.720Z,08D006869E9DDB49,SMTP,internalproxy,-,Messages: 0 Bytes: 0 (The DNS query for  'Undefined':'internalproxy':'00000000-0000-0000-0000-000000000000' failed with error : ErrorRetry)
2013-04-14T00:00:46.316Z,08D006869E9DDB4C,SMTP,internalproxy,+,Undefined 00000000-0000-0000-0000-000000000000;QueueLength=0
2013-04-14T00:01:46.404Z,08D006869E9DDB4C,SMTP,internalproxy,>,DNS server returned ErrorRetry reported by 0.0.0.0. [Domain:Result] = EX01.xyz.priv:ErrorRetry;
2013-04-14T00:01:46.404Z,08D006869E9DDB4C,SMTP,internalproxy,-,Messages: 0 Bytes: 0 (The DNS query for  'Undefined':'internalproxy':'00000000-0000-0000-0000-000000000000' failed with error : ErrorRetry)

so the dns queries for 'undefined' and 'internalproxy' are failing, but i really don't know what that means.

Hi Everyone

i am having a issue with my exchanger server where it is stripping all incoming and outgoing emails of attachments, i have tried running the command "Disable-TransportAgent "Attachment Filtering Agent" but when i do and i confirm with a "Y" it get a error back saying Transport agent "attachment filtering agent isn't found".

is there something else i can try?

Hello everyone,

I recovered the exchange 2013 C7 and now I'm receiving a message error when I try to open the admin ECP page, Mail flow, Rules.I get the message error: "Your request couldn't be completed. Please try again in a few minutes." If I try to create a new rule, I get an error message "access denied". However, I'm able to created a new transportule through powershell.

I'm accessing ECP from IE. All services are started and running.Im also accessing Exchange server with Domain\Administrator account and the administrator have the following group membership:

Domain Admins

Schema Admins

Enterprise Admins

Organization Management

below is what I get on the file log:

Current user: 'mydomain.local/MyBusiness/Users/Admin'

Web service call 'https://exchangeserver.mydomain.local:444/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.(https://remote.mydomain.com/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.)' failed with the following error:

System.Security.SecurityException: Request for principal permission failed.

at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()

at System.Security.Permissions.PrincipalPermission.Demand()

at Microsoft.Exchange.Management.ControlPanel.WebServiceParameters.set_Item(String cmdletParameterName, Object value)

at Microsoft.Exchange.Management.ControlPanel.ResultSizeFilter.set_ResultSize(Int32 value)

at ReadTransportRuleFilterFromJson(XmlReaderDelegator , XmlObjectSerializerReadContextComplexJson , XmlDictionaryString , XmlDictionaryString[] )

at System.Runtime.Serialization.Json.JsonClassDataContract.ReadJsonValueCore(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)

at System.Runtime.Serialization.Json.JsonDataContract.ReadJsonValue(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)

at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator reader, String name, String ns, Type declaredType, DataContract& dataContract)

at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator xmlReader, Type declaredType, DataContract dataContract, String name, String ns)

at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)

at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)

at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader, Boolean verifyObjectName)

at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.PartInfo.ReadObject(XmlDictionaryReader reader, XmlObjectSerializer serializer)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameterPart(XmlDictionaryReader reader, PartInfo part)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameters(XmlDictionaryReader reader, PartInfo[] parts, Object[] parameters, PartInfo returnInfo, Object& returnValue)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBodyCore(XmlDictionaryReader reader, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBody(XmlDictionaryReader reader, MessageVersion version, String action, MessageDescription messageDescription, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeBodyContents(Message message, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.DemultiplexingDispatchMessageFormatter.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.UriTemplateDispatchFormatter.DeserializeRequest(Message message, Object[] parameters)

at Microsoft.Exchange.Management.ControlPanel.DiagnosticsBehavior.SerializationPerformanceTracker.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.DispatchOperationRuntime.DeserializeInputs(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)

The action that failed was:

Demand

The type of the first permission that failed was:

System.Security.Permissions.PrincipalPermission

The first permission that failed was:

<IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

version="1">

<Identity Authenticated="true"

Role="Get-TransportRule?ResultSize@R:Organization"/>

</IPermission>

The demand was for:

<IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

version="1">

<Identity Authenticated="true"

Role="Get-TransportRule?ResultSize@R:Organization"/>

</IPermission>

The assembly or AppDomain that failed was:

mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()

at System.Security.Permissions.PrincipalPermission.Demand()

at Microsoft.Exchange.Management.ControlPanel.WebServiceParameters.set_Item(String cmdletParameterName, Object value)

at Microsoft.Exchange.Management.ControlPanel.ResultSizeFilter.set_ResultSize(Int32 value)

at ReadTransportRuleFilterFromJson(XmlReaderDelegator , XmlObjectSerializerReadContextComplexJson , XmlDictionaryString , XmlDictionaryString[] )

at System.Runtime.Serialization.Json.JsonClassDataContract.ReadJsonValueCore(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)

at System.Runtime.Serialization.Json.JsonDataContract.ReadJsonValue(XmlReaderDelegator jsonReader, XmlObjectSerializerReadContextComplexJson context)

at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator reader, String name, String ns, Type declaredType, DataContract& dataContract)

at System.Runtime.Serialization.XmlObjectSerializerReadContext.InternalDeserialize(XmlReaderDelegator xmlReader, Type declaredType, DataContract dataContract, String name, String ns)

at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)

at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)

at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader, Boolean verifyObjectName)

at System.ServiceModel.Dispatcher.DataContractSerializerOperationFormatter.PartInfo.ReadObject(XmlDictionaryReader reader, XmlObjectSerializer serializer)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameterPart(XmlDictionaryReader reader, PartInfo part)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeParameters(XmlDictionaryReader reader, PartInfo[] parts, Object[] parameters, PartInfo returnInfo, Object& returnValue)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBodyCore(XmlDictionaryReader reader, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.DataContractJsonSerializerOperationFormatter.DeserializeBody(XmlDictionaryReader reader, MessageVersion version, String action, MessageDescription messageDescription, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeBodyContents(Message message, Object[] parameters, Boolean isRequest)

at System.ServiceModel.Dispatcher.OperationFormatter.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.DemultiplexingDispatchMessageFormatter.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.UriTemplateDispatchFormatter.DeserializeRequest(Message message, Object[] parameters)

at Microsoft.Exchange.Management.ControlPanel.DiagnosticsBehavior.SerializationPerformanceTracker.DeserializeRequest(Message message, Object[] parameters)

at System.ServiceModel.Dispatcher.DispatchOperationRuntime.DeserializeInputs(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(MessageRpc& rpc)

at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean isOperationContextSet)

Demand: <IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

version="1">

<Identity Authenticated="true"

Role="Get-TransportRule?ResultSize@R:Organization"/>

</IPermission>

First Failed Demand: <IPermission mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"

version="1">

<Identity Authenticated="true"

Role="Get-TransportRule?ResultSize@R:Organization"/>

</IPermission>

Url: https://exchangeserver.mydomain.local:444/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.(https://remote.mydomain.com/ecp/RulesEditor/TransportRules.svc/GetList?msExchEcpCanary=p2Zp1y_1kESsrueBkDB6T1r0z46NLdII4Q_D6294gRCkKBixfp0OnWr9OfSQ9SO205BuS7NQnns.)

Flight info: Features:[[Global.DistributedKeyManagement, False],[Global.GlobalCriminalCompliance, False],[Global.MultiTenancy, False],[Global.WindowsLiveID, False],[Eac.AllowMailboxArchiveOnlyMigration, True],[Eac.AllowRemoteOnboardingMovesOnly, False],[Eac.BulkPermissionAddRemove, True],[Eac.CmdletLogging, True],[Eac.CrossPremiseMigration, False],[Eac.DevicePolicyMgmtUI, False],[Eac.DiscoveryDocIdHint, False],[Eac.DiscoveryPFSearch, False],[Eac.DiscoverySearchStats, False],[Eac.DlpFingerprint, False],[Eac.EACClientAccessRulesEnabled, False],[Eac.GeminiShell, False],[Eac.ManageMailboxAuditing, False],[Eac.ModernGroups, False],[Eac.Office365DIcon, False],[Eac.OrgIdADSeverSettings, False],[Eac.RemoteDomain, False],[Eac.UCCAuditReports, False],[Eac.UCCPermissions, False],[Eac.UnifiedAuditPolicy, False],[Eac.UnifiedComplianceCenter, False],[Eac.UnifiedPolicy, False],[Eac.UnlistedServices, False],], Flights:[], Constraints:[[LOC, EN-US],[MACHINE, EXCHANGESERVER],[MODE, ENTERPRISE],[PROCESS, W3WP],[USER, TECHSUPPORT@],[USERTYPE, BUSINESS],], IsGlobalSnapshot: False

flavio

Hello Guys,

I need some help as I have already tried the procedure to block zipped files in exchange online (Office 365).

I assume the content filtering policy or malware policy is overtaking in someway, but I cannot get the outcome as mentioned in the above scenario.

My goal is to trap all the emails with attachments containing .zip, .exe, .bat and .rar extensions to be moved to the quarantine mailbox.