During a migration recently, we came across another internal mail routing issue. The symptoms were identical to my previous post about Exchange internal mail routing. Mail was flowing from 2010 to 2003, from 2010 to the internet, but not from 2003 to 2010. I went through the normal check list looking at permissions, DNS, and the routing group connectors. I verified that both servers listed in the routing group connectors were the routing master in their respective routing groups through the 2003...
Recently for a customer with a rather large exchange environment, we implemented multiple CAS Arrays across various sites in the network. The customer decided that all external access to OWA would come into once Internet entry point and that Array would proxy OWA request to the other CAS Arrays to retrieve the user mailbox. We found out quickly that this does not work straight off. When you create a new CAS array in PowerShell, it repopulates all the local URLs for the web services, autodiscover,...
Microsoft introduced TCP/IP Auto tuning with Vista and Windows 2008 server. Its also a part of Windows 7 and 2008 R2. This feature resizes IP packets which can improve network performance. Older network devices, however, like Cisco PIX firewalls do not support Auto tuning and can cause connection issues. I had a client that was getting email undeliverable errors from a certain domain while successfully sending to various others. After investigating OBL listings and various other possible culprits,...
As I talked about in a previous post, a common solution for companies running Exchange is to use redirection to dump all incoming user request to the OWA sub directory on the CAS server. HTTP to HTTPS redirection is also commonly implemented. Recently I found a gotcha to this configuration. When a user connected with Outlook Anywhere does a Send/Receive, it will hang on the Offline Address Book, sometimes permanently until either the task is cancelled or Outlook is restarted. After a long while of...
SharePoint sends outgoing email as anonymous SMTP. Under Exchange 2003 this wasn’t much of an issue as all you had to do was allow the SharePoint server IP as an allowed relay under the SMTP virtual server. In Exchange 2007, however it becomes a bit trickier since Exchange 2007 has built-in security to make it more difficult to create open relays. First you have to create a custom receive connector with the IP addresses of your SharePoint front ends listed as allowed relays. Set your authentication...
In many larger environments, Exchange 2007 may be deployed with multiple Client Access Servers (CAS) across the AD site boundaries. The common configuration is to have users access one CAS server from the Internet and it proxy the request to a different CAS in the AD site where the user’s mailbox is located. The Internet facing CAS server should have the Internal URL populated with Forms Based Authentication (FBA) and Basic Authentication enabled. The External URL is optional. The authentication...
Http to Https redirection is commonly a preferred configuration for Outlook Web Access for most organizations. The challenges presented in IIS7 are that the built-in redirection feature only allows relative redirection without a full URL entered. To perform Http to Https, the full URL is required. This becomes an issue when organizations are trying to redirect for both internal and external users who commonly are using different URLs to access the server. The solution is 2 fold. First, turn on relative...
This week, I had a pretty strange request. An organization wanted to host multiple Email domains in their Exchange environment while keeping it hidden from external mail users and outside parties. Same organization was ok, same AD and Exchange servers were not. The mail flow portion was pretty simple. Added a new accepted domain to Exchange 2007, to the spam filter appliance, configure LDAP for this new SMTP domain, and change the primary email address for certain users. I used an email policy that...
Recently while performing the initial steps for an Exchange 2003 to 2007 migration, I ran into one of the more frustrating issues with Exchange 2003 to 2007 transitions. Broken inter-organization mail flow. After banging my head against the wall for a few hours, and sending enough test emails to get added to who knows how many OBLs, I finally stumbled on the answer. Exchange 2007 could talk to the 2003 environment as well as route mail outbound to the Internet, however all 03 to 07 mail was getting...
Recently after deploying a highly available Exchange 2007 solution for a customer, I had to test recovery procedures and create a recovery document. Since I was already documenting my steps, I figured I’d share them here as well. NOTE: This environment consists of a CCR mailbox cluster and a MS NLB cluster with the Hub Transport and Client Access Roles at the production site. The DR site has a server containing the mailbox role and an a server with the Hub Transport and Client Access Roles. 1. First...