Update RU3 being offered after RU6 installed
Hi all I think this is to do with WSUS, but I'm not entirely sure. I've installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update - WSUS - is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I've installed recently (mailbox role) was patched straight to SP1 RU6 and isn't offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Named Property Limit
I agree about it getting worse as it gets better. I was shocked by the whole powershell thing. I know some people love it, but I think it stinks. Hello 1960's. I had to move a mailbox in the lab the other day from Exchange 2007 back to Exchange 2003 to do an old restore, and the GUI move failed. I then had to type out a 212 character PowerShell command to get it to work. Some Improvement over 2003. HA! Can somebody dumb this Named Property thing down for me in 2007? I'm not understanding here. What is the Named Property list actually used for? What are the consequences for not being able to add to it? It looks like we hit our 16,000 limit over 3 months ago, but nobody has reported any problems sending or receiving email??? -Original Message- From: Steve Moffat [mailto:st...@optimum.bm] On Behalf Of Exchange (Sunbelt) Sent: Tuesday, March 17, 2009 5:44 PM To: MS-Exchange Admin Issues Subject: RE: Named Property Limit Is it just me, or is Exchange getting worse as it gets better..;) S -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 6:31 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit I don't have an answer for you on that. I suppose a mail gateway between your Exchange box and the Internet could do some whitelisting, and discard any unrecognized headers, but I wouldn't have a good guess as to how to go about it. Kurt On Tue, Mar 17, 2009 at 13:43, McCready, Robert rob.mccrea...@dplinc.com wrote: Is there a way to limit these X-headers, or find out what is causing so many? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 4:30 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit One of the things that seems to contribute are X- headers on inbound mail - each new X-header is a new named property. Want to DoS someone? Send them emails with new X-headers - lots of different ones. Spam seems to accumulate them, for one. Just looking at your message from the list, I see 4 different X-headers: X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ems-proccessed: jxfyzdhlyVyYF5VF4W3Asg== x-ems-stamp: sLcJ9ri/feAlRgbRlwdyOA== Kurt On Tue, Mar 17, 2009 at 13:20, McCready, Robert rob.mccrea...@dplinc.com wrote: I'm not sure I understand this named property quota thing or how we reached our limit... (http://technet.microsoft.com/en-us/library/bb851492.aspx) but my question is, how big of a deal is it really��� We apparently reached our 16,000 limit back in December, yet nobody has had any trouble sending/receiving email. From: McCready, Robert [mailto:rob.mccrea...@dplinc.com] Sent: Monday, March 16, 2009 2:41 PM To: MS-Exchange Admin Issues Subject: Event 9667 Quota Limit on Named Property We are running Exchange 2007 SP1.�� Apparently, we have reached our named property quota (which I do not completely understand) on one of our storage groups. Event ID: 9667 Source: MSExchangeIS Compute�� Exchange 2007 mailbox clustered server Failed to create a new named property for database SGx\MDBx because the number of named properties reached the quota limit (9274�� User attempting to create the named property: Hub Transport Server Named property GUID: ----xx Named property name/id: pipe-summary All the fixes I read say to either.. Modify the registry and dismount/remount the database. Create a new Storage Group and move all the mailboxes there. We've only been running Exchange 2007 for about 18 months� Is this a common occurrence (reaching the quota limit Is there any way to find out if there's a particular violator that may have caused us to reach this quota��� Would you recommend Fix number 1 or �� Enough questions? Thanks. Robert ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ � http://www.sunbeltsoftware.com/Nin��~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Named Property Limit
It's typical of Microsoft, putting in an arbitrary limit in a world where anyone can create any number of X- headers. It's one of those unintended consequences of treating email as a database, I guess. *sigh* Cheers, Phil -- Phil Randal | Networks Engineer Herefordshire Council | Deputy Chief Executive's Office | I.C.T. Services Division Thorn Office Centre, Rotherwas, Hereford, HR2 6JT Tel: 01432 260160 email: pran...@herefordshire.gov.uk Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Herefordshire Council. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it. From: McCready, Robert [mailto:rob.mccrea...@dplinc.com] Sent: 19 March 2009 12:27 To: MS-Exchange Admin Issues Subject: RE: Named Property Limit I agree about it getting worse as it gets better I was shocked by the whole powershell thing I know some people love it, but I think it stinks. Hello 1960' I had to move a mailbox in the lab the other day from Exchange 2007 back to Exchange 2003 to do an old restore, and the GUI move failed I then had to type out a 212 character PowerShell command to get it to work. Some Improvement over 2003 HA! Can somebody dumb this Named Property thing down for me in 200 I'm not understanding here. What is the Named Property list actually used for? What are the consequences for not being able to add to it? It looks like we hit our 16,000 limit over 3 months ago, but nobody has reported any problems sending or receiving email??? -Original Message- From: Steve Moffat [mailto:st...@optimum.bm] On Behalf Of Exchange (Sunbelt) Sent: Tuesday, March 17, 2009 5:44 PM To: MS-Exchange Admin Issues Subject: RE: Named Property Limit Is it just me, or is Exchange getting worse as it gets better..;) S -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 6:31 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit I don't have an answer for you on that. I suppose a mail gateway between your Exchange box and the Internet could do some whitelisting, and discard any unrecognized headers, but I wouldn't have a good guess as to how to go about it. Kurt On Tue, Mar 17, 2009 at 13:43, McCready, Robert rob.mccrea...@dplinc.com wrote: Is there a way to limit these X-headers, or find out what is causing so many? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 4:30 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit One of the things that seems to contribute are X- headers on inbound mail - each new X-header is a new named property. Want to DoS someone? Send them emails with new X-headers - lots of different ones. Spam seems to accumulate them, for one. Just looking at your message from the list, I see 4 different X-headers: X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ems-proccessed: jxfyzdhlyVyYF5VF4W3Asg== x-ems-stamp: sLcJ9ri/feAlRgbRlwdyOA== Kurt On Tue, Mar 17, 2009 at 13:20, McCready, Robert rob.mccrea...@dplinc.com wrote: I'm not sure I understand this named property quota thing or how we reached our limit... (http://technet.microsoft.com/en-us/library/bb851492.aspx) but my question is, how big of a deal is it really? We apparently reached our 16,000 limit back in December, yet nobody has had any trouble sending/receiving email. From: McCready, Robert [mailto:rob.mccrea...@dplinc.com] Sent: Monday, March 16, 2009 2:41 PM To: MS-Exchange Admin Issues Subject: Event 9667 Quota Limit on Named Property We are running Exchange 2007 SP1. Apparently, we have reached our named property quota (which I do not completely understand) on one of our storage groups. Event ID: 9667 Source: MSExchangeIS Compute Failed to create a new named property for database SGx\MDBx because the number of named properties reached the quota limit (9274 User attempting to create the named property: Hub Transport Server Named property GUID: ----xx Named property name/id: pipe-summary All the fixes I read say to either.. Modify the registry and dismount/remount the database. Create a new Storage Group and move all the mailboxes there. We've only been running Exchange 2007 for about
RE: Suggestions if Roaming Profiles is the Answer
Terminal Server? That way no matter where they are, they have their own desktop. -Original Message- From: Dennis Rogov [mailto:dennis_rogov2...@yahoo.com] Sent: Thursday, March 19, 2009 6:12 AM To: MS-Exchange Admin Issues Subject: Suggestions if Roaming Profiles is the Answer Hi Everyone: i currently have 10 employees that are using outlook in 3 multiple locations. We currently don't have roaming profiles implemented which is why when the sign in another location they dont see their updated emails and use a local pst that is on that machine. I need to come up with a strategy where all these 10 employee can log into any windows XP machines across all 3 sites and alot of times they don't have a dedicated machine at either sites . Now here is the dilemma we don't have an exchange server we use outlook with POP connectivity to network solution mail server. We also use mix of LDAP and personal address books. We do have two DC's out of the 3 sites. One of the Dc's is 2000 and the other 2003.. The connection between site A and Site B is T1 1MB and the connection between site B and site C is 10 MB. Traffic that needs to get from C to A is routed through B first. With all of the above information what would be the most effecient plan? ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Suggestions if Roaming Profiles is the Answer
TS would be the way to go. PST files are not supported on a network drive so you are just asking for problems there. Can they use IMAP instead of POP if TS is not an option. On Thu, Mar 19, 2009 at 9:30 AM, Martin Blackstone mblackst...@gmail.comwrote: Terminal Server? That way no matter where they are, they have their own desktop. -Original Message- From: Dennis Rogov [mailto:dennis_rogov2...@yahoo.com] Sent: Thursday, March 19, 2009 6:12 AM To: MS-Exchange Admin Issues Subject: Suggestions if Roaming Profiles is the Answer Hi Everyone: i currently have 10 employees that are using outlook in 3 multiple locations. We currently don't have roaming profiles implemented which is why when the sign in another location they dont see their updated emails and use a local pst that is on that machine. I need to come up with a strategy where all these 10 employee can log into any windows XP machines across all 3 sites and alot of times they don't have a dedicated machine at either sites . Now here is the dilemma we don't have an exchange server we use outlook with POP connectivity to network solution mail server. We also use mix of LDAP and personal address books. We do have two DC's out of the 3 sites. One of the Dc's is 2000 and the other 2003.. The connection between site A and Site B is T1 1MB and the connection between site B and site C is 10 MB. Traffic that needs to get from C to A is routed through B first. With all of the above information what would be the most effecient plan? ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Dumb question - Contacts
The delete key is your friend for errors or useless addresses in your NK2 file. When a bad or obsolete address shows up in the autofill, just use the arrow key to highlight the bad one and hit the delete key. Gone until the next time you type the whole thing in. Bill From: Steve Szabo [mailto:steve...@gmail.com] Sent: Wednesday, March 18, 2009 4:38 PM To: MS-Exchange Admin Issues Subject: RE: Dumb question - Contacts We have contact info all over the place, so you can eventually find it g. We each have our own contacts in Outlook's contact folder, of which mine is probably the most extensive with regard to clients and vendors. We also have a public folder called Clients, and one called Vendors (oh, we are so original) and under these are subfolders of each client and vendor we have had email communication with. When we went to Exch2007, we just migrated everything over, and create new public folders as needed. You are definitely asking for trouble if the auto-complete is the only address book. I just gave myself a new (used really-there is no such thing as a new machine in our environment unless it is for a client) and left my *.NK2 file behind. Too many errors and useless addresses in it. Was glad to be rid of it, but now, I need to remember enough of the address for the contact search to kick in with any degree of accuracy. A couple of weeks, and I'll have a decent list from my new *.NK2 file. You'll need to get your people using their Outlook Contact folders at least-they are good for lots of things, not only e-mail addresses, but physical addresses, phone numbers, notes for that person, etc. If necessary, though I have never found it to be so, you can create a public folder of contacts as well, for those contacts that everyone needs. \\Steve// From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Wednesday, March 18, 2009 12:58 PM To: MS-Exchange Admin Issues Subject: Dumb question - Contacts Been a while since I've made a fool of myself* and I hate to disappoint my fans, so We're running a pretty small environment.. Exchange Server 2003 Enterprise and maybe 20 users. For years, peoples' address book has consisted of just using the auto-complete in Outlook 2003 (and now Outlook 2007 in some cases.) But now, I'm growing more and more concerned about that technique and would like an easy and reliable way to have a central repository of contacts that everyone can use and update. My question is, what is everyone doing? I would assume a public folder that contains contacts and then is assigned as an address book in people's Outlook configurations, but then I've also heard that public folders don't exist in E2K7, which I may upgrade to at some point, so I'm not sure how to proceed. So, is there a third party solution that people know of and use, or is it just a public folder filled with contacts? Thanks, Evan * on this list, anyway. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: SMTP server in DMZ
Thanks for the advice. I'm making progress. I'm trying to setup a relay now between the IIS SMTP and the Exchange Server. I can successfully send from the DMZ to the Exchange and deliver mail to my local authoritative domain. When I try to actually (relay) deliver mail to a remote domain I'm getting a unable to relay 550 5.7.1 error. I have set up a new receive connector on the Hub transport that only accepts connections for the specific IP address of the DMZ SMTP server. Do I need to do anything else? I'm sure I must be missing another piece of the puzzle. Greg -Original Message- From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Wednesday, March 18, 2009 5:16 PM To: MS-Exchange Admin Issues Subject: RE: SMTP server in DMZ I prefer not to use the IIS's SMTP whenever possible, instead just relay to the eSMTP engine when possible. A full blown SMTP engine is overkill just for relaying messages. I am having my ASP code queue and relay the messages over a unique port (Not 25) and using authentication to my Exchange/SMTP gateway. (On my eSMTP gateway I created another Virtual SMTP server that listens on that random port, and only accepts authenticated connections). You could also create a vpn tunnel between the 2 routers. Sam -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, March 18, 2009 3:57 PM To: MS-Exchange Admin Issues Subject: Re: SMTP server in DMZ On Wed, Mar 18, 2009 at 4:15 PM, Lewin, Greg le...@infimed.com wrote: I currently have a Windows 2003 server running IIS in the DMZ and it is stand alone machine. We are looking to add the ability to send email to both external recipients and internal users from this machine. We do have Exchange 2007(no edge transport) running internally. Can I just install IIS SMTP services on the Web server to accomplish this? Roughly speaking, that should work. By default, IIS SMTP will use DNS to look up the MX (Mail Exchanger) records for all destination mail, and then make TCP connections to port 25 directly to the destination mail exchangers. You may need to modify your firewall rules to allow outbound TCP/25. That could be considered a security exposure. If your web server is hijacked by a spammer, now they can use it to send their spam everywhere. However, if you want to send mail, you pretty much have to do this. Do I need to relay mail through the Exchange server to make it appear as if it came from my domain name or can I send directly from the web server and accomplish this? This depends. It's fairly easy to configure your DMZ IIS to report itself as whatever domain you want. However, mail sent from DMZ IIS will have a different fingerprint than mail from your regular mail server. This may trigger some mail filtering (anti-spam) systems. You *may* want to configure IIS SMTP to relay mail through your main mail server (smart host) for that reason. Likewise if you have mail archiving/retention/logging/etc systems in place. Is this even a good idea ... Mail can be complicated in practice, but so far, nothing leaps out as wrong. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Update RU3 being offered after RU6 installed
That is weird. What happens when you try to check for updates directly from the Ex Server itself? That would tell if it's WSUS or something else. Also, RU7 was released yesterday. http://support.microsoft.com/kb/960384 - John Barsodi From: Sobey, Richard A [mailto:r.so...@imperial.ac.uk] Sent: Thursday, March 19, 2009 4:14 AM To: MS-Exchange Admin Issues Subject: Update RU3 being offered after RU6 installed Hi all I think this is to do with WSUS, but I'm not entirely sure. I've installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update - WSUS - is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I've installed recently (mailbox role) was patched straight to SP1 RU6 and isn't offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Update RU3 being offered after RU6 installed
One of my Ninja crazy smart Engineers discovered a bug in the Roll up 7 already.. We are filing a bug with MS as we speak, I wonder if we can get a RU7.1 out of it = ] When you send mail from a user that is hidden from the GAL after RU7 is installed the reply to address is the legacy exchange DN for that user. When sending from a user that is not hidden everything works fine. ~Kevinm WLKMMAS My life http://www.hedonists.cahttp://www.hedonists.ca/ From: Barsodi.John [mailto:john.bars...@igt.com] Sent: Thursday, March 19, 2009 9:31 AM To: MS-Exchange Admin Issues Subject: RE: Update RU3 being offered after RU6 installed That is weird. What happens when you try to check for updates directly from the Ex Server itself? That would tell if it's WSUS or something else. Also, RU7 was released yesterday. http://support.microsoft.com/kb/960384 - John Barsodi From: Sobey, Richard A [mailto:r.so...@imperial.ac.uk] Sent: Thursday, March 19, 2009 4:14 AM To: MS-Exchange Admin Issues Subject: Update RU3 being offered after RU6 installed Hi all I think this is to do with WSUS, but I'm not entirely sure. I've installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update - WSUS - is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I've installed recently (mailbox role) was patched straight to SP1 RU6 and isn't offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: SMTP server in DMZ
On Thu, Mar 19, 2009 at 11:36 AM, Lewin, Greg le...@infimed.com wrote: successfully send from the DMZ to the Exchange and deliver mail to my local authoritative domain. When I try to actually (relay) deliver mail to a remote domain I'm getting a unable to relay 550 5.7.1 error. You have to tell Exchange to allow anonymous relaying from the IP address of your DMZ box. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: SMTP server in DMZ
Yep. To add: make sure you give it the IP of the internal address of your DMZ box. Don't open up a relay to the WAN. I would use authentication too, not annon, if possible. An IP can be spoofed. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, March 19, 2009 1:11 PM To: MS-Exchange Admin Issues Subject: Re: SMTP server in DMZ On Thu, Mar 19, 2009 at 11:36 AM, Lewin, Greg le...@infimed.com wrote: successfully send from the DMZ to the Exchange and deliver mail to my local authoritative domain. When I try to actually (relay) deliver mail to a remote domain I'm getting a unable to relay 550 5.7.1 error. You have to tell Exchange to allow anonymous relaying from the IP address of your DMZ box. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: SMTP server in DMZ
I was able to make it work using your advice and this article I found. http://msexchangeteam.com/archive/2006/12/28/432013.aspx Get-ReceiveConnector Connector Name | Add-ADPermission -User NT AUTHORITY\ANONYMOUS LOGON -ExtendedRights ms-Exch-SMTP-Accept-Any-Recipient Until I issued this command from the Exchange Shell it would not work. Thanks for the help. Greg -Original Message- From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Thursday, March 19, 2009 3:04 PM To: MS-Exchange Admin Issues Subject: RE: SMTP server in DMZ Yep. To add: make sure you give it the IP of the internal address of your DMZ box. Don't open up a relay to the WAN. I would use authentication too, not annon, if possible. An IP can be spoofed. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, March 19, 2009 1:11 PM To: MS-Exchange Admin Issues Subject: Re: SMTP server in DMZ On Thu, Mar 19, 2009 at 11:36 AM, Lewin, Greg le...@infimed.com wrote: successfully send from the DMZ to the Exchange and deliver mail to my local authoritative domain. When I try to actually (relay) deliver mail to a remote domain I'm getting a unable to relay 550 5.7.1 error. You have to tell Exchange to allow anonymous relaying from the IP address of your DMZ box. -- Ben ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Update RU3 being offered after RU6 installed
Isn't one of the fixes in RU specifically to do with legacyExchangeDN attribute? Hmm yes: http://support.microsoft.com/kb/954898/ But not something that relates to hidden users :) Anyway, to John - yes, I was looking at the Windows Update on the server, but we have a WSUS deployment so I assumed any available updates would be coming from that. Cheers Richard (I'll try and dupe that bug, it sounds like it could easily fit our environment..thanks for the tip Kevin) From: bounce-8461908-8066...@lyris.sunbelt-software.com [bounce-8461908-8066...@lyris.sunbelt-software.com] On Behalf Of KevinM [kev...@wlkmmas.org] Sent: 19 March 2009 17:24 To: MS-Exchange Admin Issues Subject: RE: Update RU3 being offered after RU6 installed One of my Ninja crazy smart Engineers discovered a bug in the Roll up 7 already.. We are filing a bug with MS as we speak, I wonder if we can get a RU7.1 out of it = ] When you send mail from a user that is hidden from the GAL after RU7 is installed the reply to address is the legacy exchange DN for that user. When sending from a user that is not hidden everything works fine. ~Kevinm WLKMMAS My life http://www.hedonists.cahttp://www.hedonists.ca/ From: Barsodi.John [mailto:john.bars...@igt.com] Sent: Thursday, March 19, 2009 9:31 AM To: MS-Exchange Admin Issues Subject: RE: Update RU3 being offered after RU6 installed That is weird. What happens when you try to check for updates directly from the Ex Server itself? That would tell if it’s WSUS or something else. Also, RU7 was released yesterday. http://support.microsoft.com/kb/960384 - John Barsodi From: Sobey, Richard A [mailto:r.so...@imperial.ac.uk] Sent: Thursday, March 19, 2009 4:14 AM To: MS-Exchange Admin Issues Subject: Update RU3 being offered after RU6 installed Hi all I think this is to do with WSUS, but I’m not entirely sure. I’ve installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update – WSUS – is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I’ve installed recently (mailbox role) was patched straight to SP1 RU6 and isn’t offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Update RU3 being offered after RU6 installed
Is it possible that RU3 was applied, but did not take completely, so the machine is seen as needing RU3? \\Steve// From: Sobey, Richard A [mailto:r.so...@imperial.ac.uk] Sent: Thursday, March 19, 2009 7:14 AM To: MS-Exchange Admin Issues Subject: Update RU3 being offered after RU6 installed Hi all I think this is to do with WSUS, but I'm not entirely sure. I've installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update - WSUS - is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I've installed recently (mailbox role) was patched straight to SP1 RU6 and isn't offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: Dumb question - Contacts
Yes, I know that. I just don't do it often enough, and, after a while, it seems that every batch of those addresses listed has an error or no longer needed address in it. \\Steve// From: Bill Songstad (WCUL) [mailto:administra...@waleague.org] Sent: Thursday, March 19, 2009 11:11 AM To: MS-Exchange Admin Issues Subject: RE: Dumb question - Contacts The delete key is your friend for errors or useless addresses in your NK2 file. When a bad or obsolete address shows up in the autofill, just use the arrow key to highlight the bad one and hit the delete key. Gone until the next time you type the whole thing in. Bill From: Steve Szabo [mailto:steve...@gmail.com] Sent: Wednesday, March 18, 2009 4:38 PM To: MS-Exchange Admin Issues Subject: RE: Dumb question - Contacts We have contact info all over the place, so you can eventually find it g. We each have our own contacts in Outlook's contact folder, of which mine is probably the most extensive with regard to clients and vendors. We also have a public folder called Clients, and one called Vendors (oh, we are so original) and under these are subfolders of each client and vendor we have had email communication with. When we went to Exch2007, we just migrated everything over, and create new public folders as needed. You are definitely asking for trouble if the auto-complete is the only address book. I just gave myself a new (used really-there is no such thing as a new machine in our environment unless it is for a client) and left my *.NK2 file behind. Too many errors and useless addresses in it. Was glad to be rid of it, but now, I need to remember enough of the address for the contact search to kick in with any degree of accuracy. A couple of weeks, and I'll have a decent list from my new *.NK2 file. You'll need to get your people using their Outlook Contact folders at least-they are good for lots of things, not only e-mail addresses, but physical addresses, phone numbers, notes for that person, etc. If necessary, though I have never found it to be so, you can create a public folder of contacts as well, for those contacts that everyone needs. \\Steve// From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Wednesday, March 18, 2009 12:58 PM To: MS-Exchange Admin Issues Subject: Dumb question - Contacts Been a while since I've made a fool of myself* and I hate to disappoint my fans, so.. We're running a pretty small environment.. Exchange Server 2003 Enterprise and maybe 20 users. For years, peoples' address book has consisted of just using the auto-complete in Outlook 2003 (and now Outlook 2007 in some cases.) But now, I'm growing more and more concerned about that technique and would like an easy and reliable way to have a central repository of contacts that everyone can use and update. My question is, what is everyone doing? I would assume a public folder that contains contacts and then is assigned as an address book in people's Outlook configurations, but then I've also heard that public folders don't exist in E2K7, which I may upgrade to at some point, so I'm not sure how to proceed. So, is there a third party solution that people know of and use, or is it just a public folder filled with contacts? Thanks, Evan * on this list, anyway. ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Smart Host vs SMTP connector
Folks I have installed an additional Exchange 2003 server into our environment for a specific role of mailboxes that will be created on this server will have a completely different smtp address and inbound and outbound routing of mail will go via a separate link. i.e. via a third party who are doing some filtering and AV/Content/Spam scanning etc I have created an additional recipient policy and set the filter to pick up users created on this new server. However, regarding the routing of the outbound mail, I don't want it to use the SMTP connector that is already installed for the other servers in the existing routing group. I want to ensure that it passes outbound through the to the third party server. Would I just add the fqdn or IP address in the smart host on the smtp virtual server on this new server or will the SMTP connector over-ride it and take precedence. I have read somewhere that it does. Can anyone explain the best way forward for this? Thanks John ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Update RU3 being offered after RU6 installed
Jeez...we've been waiting for RU7 because an IMAP patch that we require was not rolled into RU6. Any word back from MS? On Thu, Mar 19, 2009 at 10:24 AM, KevinM kev...@wlkmmas.org wrote: One of my Ninja crazy smart Engineers discovered a bug in the Roll up 7 already.. We are filing a bug with MS as we speak, I wonder if we can get a RU7.1 out of it = ] *When you send mail from a user that is hidden from the GAL after RU7 is installed the reply to address is the legacy exchange DN for that user. When sending from a user that is not hidden everything works fine.* ~Kevinm WLKMMAS My life http://www.hedonists.ca *From:* Barsodi.John [mailto:john.bars...@igt.com] *Sent:* Thursday, March 19, 2009 9:31 AM *To:* MS-Exchange Admin Issues *Subject:* RE: Update RU3 being offered after RU6 installed That is weird. What happens when you try to check for updates directly from the Ex Server itself? That would tell if it’s WSUS or something else. Also, RU7 was released yesterday. http://support.microsoft.com/kb/960384 - John Barsodi *From:* Sobey, Richard A [mailto:r.so...@imperial.ac.uk] *Sent:* Thursday, March 19, 2009 4:14 AM *To:* MS-Exchange Admin Issues *Subject:* Update RU3 being offered after RU6 installed Hi all I think this is to do with WSUS, but I’m not entirely sure. I’ve installed a dev CAS server into the organization and got it fully patched (Windows Server 2008 and Exchange Server 2007 SP1 RU6). However, Windows Update – WSUS – is telling me that RU3 should also be applied. Has anyone seen this behaviour before? Another server I’ve installed recently (mailbox role) was patched straight to SP1 RU6 and isn’t offering to install RU3. The only difference between the servers is that one (the CAS) is a VM running on ESX, the mailbox server is physical. Richard ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
Re: Named Property Limit
Seems this turned into a b-ch fest rather than answering your original question...;-) While I agree this is a ridiculous characteristic in the design and one that opens us up for DoS attacks (eventually), it is what it is and we need to figure out how to work around it. You have a few options; increase the limit, move users off, or find out what is causing it and stop it. My first suggestion is to take inventory of where your databases are as far as named props are concerned, you need to expose some IS counters to see this info, but it'll give you an understanding on whether it's widespread or concentrated on a set of databases (or users). Next start monitoring your event logs. An event ID is logged by default each time a new named prop is added (event id 9873 I believe) and when the quota's been reached (9666, 7, 8, 9). This can help you track down the culprit. Note, the initial limit reached is the default quota...not the limit. My understanding is that when the hard limit (32k) is reached the database will dismount and you will have to restore from backup and move users off. In my situation I found that less than a dozen users were creating hundreds of named props daily for weeks. This was the result of an open source imap client called offlineIMAP. This client is used to bidirectionally synch messages via IMAP. It does this by creating a unique X-header for EVERY message that comes in, as opposed to a single X-header with a specific value. After finding this out I reached out to the users, and being the ridiculously intelligent (and curious) crew they are they crafted a patch for offlineIMAP (http://software.complete.org/software/issues/show/114). Hope this helps. -alex On Thu, Mar 19, 2009 at 5:27 AM, McCready, Robert rob.mccrea...@dplinc.comwrote: I agree about it getting worse as it gets betterĸĸ I was shocked by the whole powershell thingĸĸ I know some people love it, but I think it stinks.ĸ Hello 1960'ĸĸÂ I had to move a mailbox in the lab the other day from Exchange 2007 back to Exchange 2003 to do an old restore, and the GUI move failedĸĸ I then had to type out a 212 character PowerShell command to get it to work.ĸ Some Improvement over 2003ĸĸ HA! Can somebody dumb this Named Property thing down for me in 200ĸĸÂ I'm not understanding here.ĸ *What is the Named Property list actually used for?* *What are the consequences for not being able to add to it?* It looks like we hit our 16,000 limit over 3 months ago, but nobody has reported any problems sending or receiving email??? -Original Message- From: Steve Moffat [mailto:st...@optimum.bm] On Behalf Of Exchange (Sunbelt) Sent: Tuesday, March 17, 2009 5:44 PM To: MS-Exchange Admin Issues Subject: RE: Named Property Limit Is it just me, or is Exchange getting worse as it gets better..;) S -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 6:31 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit I don't have an answer for you on that. I suppose a mail gateway between your Exchange box and the Internet could do some whitelisting, and discard any unrecognized headers, but I wouldn't have a good guess as to how to go about it. Kurt On Tue, Mar 17, 2009 at 13:43, McCready, Robert rob.mccrea...@dplinc.com wrote: Is there a way to limit these X-headers, or find out what is causing so many? -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, March 17, 2009 4:30 PM To: MS-Exchange Admin Issues Subject: Re: Named Property Limit One of the things that seems to contribute are X- headers on inbound mail - each new X-header is a new named property. Want to DoS someone? Send them emails with new X-headers - lots of different ones. Spam seems to accumulate them, for one. Just looking at your message from the list, I see 4 different X-headers: X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ems-proccessed: jxfyzdhlyVyYF5VF4W3Asg== x-ems-stamp: sLcJ9ri/feAlRgbRlwdyOA== Kurt On Tue, Mar 17, 2009 at 13:20, McCready, Robert rob.mccrea...@dplinc.com wrote: I'm not sure I understand this named property quota thing or how we reached our limit... (http://technet.microsoft.com/en-us/library/bb851492.aspx) but my question is, how big of a deal is it really? We apparently reached our 16,000 limit back in December, yet nobody has had any trouble sending/receiving email. From: McCready, Robert [mailto:rob.mccrea...@dplinc.com] Sent: Monday, March 16, 2009 2:41 PM To: MS-Exchange Admin Issues Subject: Event 9667 Quota Limit on Named Property We are running Exchange 2007 SP1.ĸĸ―ĸĸ― Apparently, we have reached our named property quota (which I do not completely understand) on one of