Category Archives: Exchange

Exchange Microsoft PowerShell

Use the Exchange Management Shell to set up mail forwarding

This example delivers email to the mailbox of Douglas Kohn and, at the same time, forwards all mail sent to Douglas Kohn to douglaskohn.parents@fineartschool.net.

Set-Mailbox -Identity "Douglas Kohn" -DeliverToMailboxAndForward $true -ForwardingSMTPAddress "douglaskohn.parents@fineartschool.net"  

 

This example forwards all email sent to the mailbox of Ken Sanchez, an employee of Contoso Suites, to one of his coworkers, pilarp@contoso.com.

 
Set-Mailbox -Identity "Ken Sanchez" -ForwardingSMTPAddress "pilarp@contoso.com"
 

For detailed syntax and parameter information, see Set-Mailbox.

 

Note:
-ForwardingsmtpAddress to multiple addresses Shell script

The parameter “ForwardingSmtpAddress” only allow to setup one SMTP address.
To work around this issue, you can setup the mailbox forwarding to a distribution group, you need to add the users you want to forward message to this distribution group.

 

link:
https://docs.microsoft.com/en-us/exchange/recipients/user-mailboxes/email-forwarding?view=exchserver-2019

Exchange Microsoft Office365

Email Forwarding on an on-prem mailbox to Office 365 mailbox

 

 Configure email forwarding for a mailbox

Set-Mailbox -Identity “OnPrem mailbox” -ForwardingSMTPAddress “Office 365 mailbox”

Exchange Microsoft Tips & tricks Tutorials Utils

How to prevent internal email spoofing in an Exchange organization

Ensuring email security might be one of the most important and most difficult tasks an administrator must face. Every day, servers process thousands of emails and controlling such a big mail flow is not easy. No wonder hackers focus on this channel when they plan attacks. They use various tricks to make users think that opening a suspicious attachment is a good idea.

One of the tricks they use is email spoofing.

Prevent Internal Spoofing in Exchange organization

What is email spoofing?

Email spoofing is a very popular attack method. The sender modifies message headers so that emails appear as sent from someone else. Hackers use it, for example, to impersonate employees of a company to obtain login credentials, personal data, or other confidential information. Two most common ways to protect your organization from external spoofing attacks are:

  • An SPF record – a list of IP addresses which are authorized to send emails from a domain.
  • DKIM check – an email authentication method. It enables you to sign and verify email messages using public and private keys. The public keys, published in the DNS records are used to verify if the message comes from the original sender. You cannot configure it on the Exchange Server natively – you require a plugin for SMTP gateway.

Both ways give good results when fighting with external spoofing. The problem starts when we come across internal spoofing when one employee tries to impersonate a colleague. It might be a joke, or to achieve some benefits – either way, it can sabotage a company in a number of ways:

  • Cause chaos,
  • Induce material damage,
  • Harm data integrity,
  • Damage the company reputation.

 

 

See Full article in https://www.codetwo.com/admins-blog/how-to-prevent-internal-email-spoofing-in-exchange/

 

Exchange Office365 Tips & tricks

MRS Proxy Error “The connection to the server could not be completed”

Check MRS endpoint user and password.

read more »

Exchange Microsoft

Exchange 2013 not receiving external emails

Backpressure,  check for free space on the disks.

 

read more »

Exchange Microsoft Office365

Remote Server returned ‘550 5.1.8 Access denied, bad outbound sender

Remote Server returned ‘550 5.1.8 Access denied, bad outbound sender’

Solution:

Non-Office 365 user use this https://sender.office.com (self-service delisting portal) to remove themselves from the blocked senders list.

Office 365 user, as an admin you can unblock your blocked Office 365 email account via using Exchange admin center.

• Go to the EAC, navigate to protection > action center.
• Select the Search icon and enter the SMTP address of the blocked user.
• Click Unblock Account in the description pane.
• Click Yes to confirm the change.

For more detailed information, please refer to the article: Removing a user, domain, or IP address from a block list after sending spam email

Exchange Microsoft

421 4.4.2 message submission rate for this client has exceeded the configured limit

Solved after run the command Set-receiveconnector “Server Name\Client Connector” -Messageratelimit 100.

Exchange Tutorials

550 5.7.1 Message rejected as spam by Content Filtering

Content Filtering has been enabled on the recipients’ mail server. This configuration is incompatible with GFI MailEssentials when installed as a relay server, all email filtering should happen on the relay server. For more information on Content Filtering and how to disable it, please see the following:

If the mail server is Microsoft Exchange 2013 and 2016 server:

If the mail server is Microsoft Exchange 2010 server:

If the mail server is Microsoft Exchange 2007 server:

Exchange Microsoft PowerShell

Enable antispam functionality on Mailbox servers

Applies to: Exchange Server 2016

Topic Last Modified: 2016-03-28

Use the Install-AntispamAgents.ps1 PowerShell script to install and enable the built-in Exchange antispam agents on a Mailbox server.

The following antispam agents are available in the Transport service on Exchange 2016 Mailbox servers, but they aren’t installed by default:

  • Content Filter agent
  • Sender Filter agent
  • Sender ID agent
  • Protocol Analysis agent for sender reputation

You can install these antispam agents on a Mailbox server by using an Exchange Management Shell script, which is important if these agents are your only defense to help prevent spam. Typically, you don’t need to install the antispam agents on a Mailbox server when your organization uses other types of antispam filtering on incoming mail.

noteNote:
Although the Recipient Filter agent is available on Mailbox servers, you shouldn’t configure it. When recipient filtering on a Mailbox server detects one invalid or blocked recipient in a message that contains other valid recipients, the message is rejected. The Recipient Filter agent is enabled when you install the antispam agents on a Mailbox server, but it isn’t configured to block any recipients. For more information, see Recipient filtering procedures on Edge Transport servers.
  • Estimated time to complete this task: 15 minutes
  • You can only use PowerShell to perform this procedure. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Exchange Management Shell.
  • The Connection Filtering agent and the Attachment Filtering agent aren’t available on Mailbox servers. They’re only available on Edge Transport servers, and they’re installed and enabled there by default. However, the Malware agent is installed and enabled by default on Mailbox servers. For more information, see Anti-malware protection.
  • If you have other Exchange antispam agents operating on the messages before they reach the Mailbox server (for example, an Edge Transport server in the perimeter network), the antispam agents on the Mailbox server recognize the antispam X-header values that already exist in messages, and those messages pass through without being scanned again.
  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Transport configuration” entry in the Mail flow permissions topic.
  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

 

tipTip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

read more »

Code Snippets Exchange PowerShell

Turn Exchange Anonymous Relay On or Off or View Connector Status

This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only

Toggle-ExternalRelayReceiveConnectors


C:\_tmp>.\Toggle-ExternalRelayReceiveConnectors.ps1

Toggle External Relay

1 - SRV-EXCH2\Client Frontend EXSERVER1
2 - SRV-EXCH2\Default Frontend EXSERVER1
3 - SRV-EXCH2\Outbound Proxy Frontend EXSERVER1
X - Exit

Which Receive Connector to toggle:

This EMS script for Exchange 2007-2016 allows Exchange Administrators to toggle anonymous external relay permissions on front-end Receive Connectors. Connectors listed in Yellow allow anonymous SMTP emails to any internal or external recipients. Connectors listed in White only allow SMTP emails to internal recipients. Run this script from the Exchange Management Shell.

See my blog for more information: http://www.expta.com/2016/01/turn-exchange-anonymous-relay-on-or-off.html

read more »