Hi All,
According to below article , MS released 2 security updates for Exchange 2013 CU 20/21
https://support.microsoft.com/en-us/help/4340731/description-of-the-security-update-for-microsoft-exchange-server-2013
I would like to know that it is applicable to old CU as well , I am running Exchange 2013 CU11/12 ?
Regards
Usman
Usman Ghani - MCITP Exchange 2010
once upon a time, probably exchange 2003 and 2007, I used to be able to see copies of the NDRs that internal users received when email failed to outside email address, usually due to type in the email address.
I have been asked to set that up again.
so correct me if I am wrong , but to setup the postmaster mailbox to receive a copy of any NDR the users would receive, I just need to configure the external postmaster address? (currently it is blank) using powershell command below?
Set-TransportConfig -ExternalPostmasterAddress postmaster@mydomain.com
also, if that works, do the users still get a copy of the NDR?
Hi,
I am using Exchange 2013 on Windows Server 2012. Currently, we got issue when trying to access the mailbox from OWA. At the first login, we cannot access to the mailbox. At second attempt, we can access it with the same credential without any problem. So, whenever we intend to access the mailbox, we have to fail purposely on first login. Does anyone ever experience this issue and know how to rectify it?
Thanks.
In case you missed this information, Microsoft released fix for Exchange 2013 and 2016 to resolve the security vulnerability described in CVE-2018-8302 and CVE-2018-8374.
Description of CVE-2018-8302:
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited
the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view, change, or delete data; or create new accounts.
Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Exchange server.
The security update addresses the vulnerability by correcting how Microsoft Exchange handles objects in memory.
Description of CVE-2018-8374:
A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data.
To exploit the vulnerability, an attacker would need to be authenticated on an affected Exchange Server. The attacker would then need to send a specially modified request to the server, targeting a specific user.
The security update addresses the vulnerability by modifying how Microsoft Exchange Server handles profile data.
Download Security update:
For Exchange 2016 CU10:https://www.microsoft.com/en-us/download/details.aspx?id=57217
For Exchange 2016 CU9:https://www.microsoft.com/en-us/download/details.aspx?id=57215
For Exchange 2013 CU21:https://www.microsoft.com/en-us/download/details.aspx?id=57218
For Exchange 2013 CU20:https://www.microsoft.com/en-us/download/details.aspx?id=57216
PS: Keep in mind toRun the security update as administrator. We have received multiple reports that ECP and OWA stops working after installing KB4340733, as the security update does not correctly
stop certain Exchange-related services.
References:
CVE-2018-8302 | Microsoft Exchange Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8302#ID0EUGAC
Please remember tomark the replies as answers if they helped.
Hi,
all of sudden i'm getting the below msg on exchange server 2013 when external users & from gmail to our domain gets struck giving below errors .
Error 421 4.7.11 message deferred.failure message body FIPS failed to get text from message body tenant.kindly any one know the solution for this issue .please let me know.
421.4.7.11 message deferred the attempt to extract text timed out with queue timeout tenat
Thanks
Ahmed
I have a question about Enterprise CALs and Archiving.
As I understand it, to add an archive mailbox to a user, they need an Enterprise CAL to access the archive mailbox via Outlook. However, I noticed that they are able to access the archive mailbox via OWA.
I am in the process of upgrading my customers from Office 2007/2010 Standard to Office 365 Business, however, this will be a slow process due to Office Documents that aren't compatible with Office 365, I am also wanting to implement Mailbox Archiving.
My question is, from a licensing point of view, is it okay to create an archive mailbox for a user on the understanding that they will only be able to access it via OWA (until they are upgraded to Office 365)?
I believe that Office 365 Business includes an Exchange Enterprise CAL, so I don't want to have to pay for two CALs for the one user.
In one of our PF Mailbox all new mails come in to the inbox and shows that they are read/opened even though no one has opened them yet.
Our Environment: Hybrid Exchange 2013 and Office 365 Exchange Online
Public Folders are in Exchange 2013 Housing Server and users from O365 access the public folder using PF AD Object synced with AADirectory.
Please help
I am trying to create a dynamic distribution group for all users under a specific manager based purely on his name, not his dn. For instance, I can create one with the following command
new-dynamicdistribution list -name "Bobs Employees" -RecipientFilter {manager -eq 'CN=Bob Smith,OU=Corp,DC=contoso,DC=com'}
But I can't create one one for anyone who has a Manager attribute with the words "Bob Smith" or even "Smith"
The -like condition does not work for this field as I have tried the following and many others.
new-dynamicdistribution list -name "Bobs Employees" -RecipientFilter {manager -like '*Smith*'}
Hell, I can't even get it to work with a simple get-user function like
get-user -filter {Manager -like '*Bob*'} or get-user -filter {manager -like 'cn=bob*'}
Any help out there would be awesome!!!
Hello everybody.
We have an Exchange 2013 on-premise environment in our company. We created a retention policy that were applied to all mailboxes. The RP keeps items in user mailbox for 30 days, and all items that are older than 30 days are moved to the online archive and are kept for 2 years. . That works perfect. The problem that we found is that items inside "Deleted Items" folder are also being moved to the archive after 30 days and being kept for 2 years too! How can we exclude "Deleted Items" Folder from being archived? We don't want to archive items that were deleted by the users.
Thanks a lot for your help.
I've come across a weird instance where the journaling account we use to archive our email offsite has ballooned up the database but when you look at the mailbox statistics the mailbox size is normal but the AttachmentTableTotalSize is gigantic. We have the mailbox policy set to purge Deleted Items every day but it doesn't seem to be clearing out attachments somehow. I've tried googling what exactly the AttachmentTableTotalSize is but the results seem pretty limited. Currently the only way I have been able to purge the mailbox is to migrate it do a different database and then migrate it back. I'm running Exchange 2013 CU 20 and we first noticed the behavior back in CU 19. I'm wondering if anyone else has come across this and has a better solution than just migrating the mailbox back and forth between databases.
DisplayName : ArchiveHi,
I currently have an Exchange 2013 environment.
1 x CAS/MBX server per site, 3 sites (different countries)
I have recently configured Exchange Hybrid and migrate all site 1 users to O365.
Site 2 and 3 users will remain on-premises.
I would like to upgrade my Hybrid Server on Site 1 to Exchange 2016.
This would leave:
My concerns:
Best practice states most recent version of Exchange in the environment (2016) should handle client connections
Best practice states most most recent version of Exchange in the environment (2016) should be responsible for EWS and Autodiscover.
QUESTION 1: How should my end solution look for Client Access i.e. AD sites will take care of Autodiscover? I need to ensure Site 1 users connect to O365 mailbox, and Site 2 and Site 3 connect to on-premises. Where should my SCP point? Where should my external Autodiscover DNS point?
QUESTION 2: If 2016 handles client connections (as per best practice with it being the most recent) my Site 2 and Site 3 users will have to traverse the WAN to the 2016 server to get proxied back to their own 2013 server. Can I keep my local Site 2 users client connections being handled by local 2013 server instead?
QUESTION 3: How should mail flow look in this Hybrid solution at the end. Should mail all go to EOP then to Office365 or on premises mailbox, or should mail go to on-premise first (via third party spam filter) then to Office 365.
Hello,
I was re-directed to this forum; should my question not fit here, please let me know or move it.
We are evaluating the use of the Outlook mobile app with an on-premise Exchange server. According to the "Passwords and security" documentation, the credentials are transferred to the cloud service encrypted, which is fine. However, I am concerned about the decrypted password being stored in the memory for up to three days. What protection mechanisms are in place to safeguard this decrypted password?
Thank you.
Nora
Looking for the easiest way to import a dump of our users GMail mailbox archives into the new Office 365 Exchange Online Archive mailboxes for the users.
We have 11 TB of data and Google gave it to us in Mbox format.
Any suggestions much appreciated.
Some of my users send emails as our shared mailbox, but I need to be able to CC a repository I have setup which is a public folder. It appears that this shared mailbox does not have "create" access, even if I set anonymous to "create".
(I tried to remove the anonymous account then re-add it with "create items":
Add-PublicFolderClientPermission "\Repository" -AccessRights CreateItems -User Anonymous
Remove-PublicFolderClientPermission "\Repository" -User Anonymous
I'm still not able to email into this public folder when I send "from" one of my shared mailboxes.
Any Ideas?
I've stood up a test CAS/MBX server (MBX has single database with no mailboxes) in our production environment to test a 2-factor authentication tool for OWA. I was hoping to keep this server isolated so that users would not connect to it. I have not included it in our load balancer pool of CAS servers, and have given it a unique, separate internal and external host name for Outlook Anywhere.
Users do not connect to it via OWA which is great and allows us to test our 2FA, but I am finding that Outlook on client machines are connecting and using this server and mail is sometimes routing through it as well.
Is there a way to completely isolate this server so that mail does not flow through it and users do not connect to it?
hi every one ,
is there's a way to find how many messages sent last year ? or at least during past 6 months ?
i need only the total of the messages , no need for size or sender ....
i have exchange 2010
Osma Othman
I was just alerted by the Dept. of Homeland Security with this:
The Microsoft Exchange Client Access Server (CAS) is affected by an information disclosure vulnerability.
They also indicate:
There is no known fix at this time.
Anyone have any information on this?
Jason Meyer
Hi,
I would like to disable the 3DES 186 cipher in Exchange Server 2013 Standard to fence off "SWEET32" attack. Is it recommended for me to do it on this server? Please advise.
Mohamed Ismail Bin Abdul Rahim