|
I ended up finding a workflow so it appears to do nothing per: https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-user-mailboxes/enable-or-disable-single-item-recovery Thankfully this means I'm getting this off my plate asap since I don't have perms to modify our mailDBs. Don't really want to touch hundreds of mailboxes either way!
|
#
?
May 9, 2019 16:46
|
|
|
|
| # ? Apr 18, 2024 12:34 |
|
|
Question: are you guys still doing quarantining if you purchase or use ATP?
|
|
#
?
May 15, 2019 22:23
|
|
|
yeah, defanged and wrapped in five flashing banners are all nice and good but theres some stuff the user doesn’t need to see. it removes the opportunity to panic or do something else dumb or did you mean as opposed to just > dev/null-ing everything it finds? don’t do that
|
|
#
?
May 16, 2019 04:36
|
|
|
No i'm not looking to trash messages. Quarantine was previous used for all attachments, if I've got ATP running (which sandbox, opens , checks the links and provides a detailed report) of the attachment wouldn't quarantine just be redundant? e: or attempt to significantly dial it back to new email addresses or unknown senders. incoherent fucked around with this message at 19:15 on May 16, 2019 |
|
#
?
May 16, 2019 19:12
|
|
|
Is a batch of 2000 outgoing mails the kind of mail volume that could put my company on a spam list? A department wants to send out a notification to customers (not advertising, it's related to a change in their accounts), and they are currently planning to do it through our internal mail system. They want to send the mails in one or two large batches, and are asking me to temporarily change rate limit controls for the account that will be sending them. I've never dealt with this kind of request before. Is that the kind of mail volume that would merit using a mass-mail service? capitalcomma fucked around with this message at 00:26 on May 25, 2019 |
|
#
?
May 25, 2019 00:23
|
|
|
Yes, do not send mass mailings from your email server.
|
|
#
?
May 25, 2019 00:43
|
|
|
yeah the companies that specialize in this gently caress it up often enough that i wouldnt dream of diy'ing mass mailings. If its a single time event you probably might be able to squeeze it in a free trial of one. If you don't get budget or whatever, just rate limit it to very very few, 100 an hour or so and explain you're going to take all day to send out 2000 messages extra.
|
|
#
?
May 25, 2019 07:55
|
|
|
I did our exchange upgrade yeeearrrrsss ago and they had an access program that mass emailed, and worked fine with exchange 2003 and the mass mailings were small enough to not trigger people spam services. On 2010, it poo poo the bed and emailed one client 43,000 times. I didn't get on any block lists, but I was really loving pissed at my boss who never disclosed this app to me at any part during the migration process. His boss was pissed at him, so it was nice seeing the diamond pressure process unfold in real time. We've not done campaigns since, because I will gently caress them hard if they suggest one.
|
|
#
?
May 25, 2019 08:01
|
|
|
The corporate email server is for emails from people, and a relay for stuff going to internal destinations (notifications, scan to email etc). All mass mailings go through SES, Mailgun, whatever. Office 365 is quite sensitive to locking down accounts that it thinks are sending outbound transactional email, which is preferable to being blacklisted by a third party but still not great. You don't want marketing screwing up a newsletter to result in your C-levels seeing their emails bounce.
|
|
#
?
May 25, 2019 11:43
|
|
|
incoherent posted:I did our exchange upgrade yeeearrrrsss ago and they had an access program that mass emailed, and worked fine with exchange 2003 and the mass mailings were small enough to not trigger people spam services. On 2010, it poo poo the bed and emailed one client 43,000 times. I didn't get on any block lists, but I was really loving pissed at my boss who never disclosed this app to me at any part during the migration process. His boss was pissed at him, so it was nice seeing the diamond pressure process unfold in real time. had one like this recently but even worse, an in house app lost contact with the relay server for sending out mailings and instead of queueing those messages and dropping them after a period of time it just kept trying. It also kept generating message delayed/undeliverable notifiations to the admin of the app but also couldnt deliver those for about a month. Email sent out by this mailer app is entirely broken without anyone noticing. Then one Friday night a bit flips somewhere and it regained connectivity to a relay host. Blasted 250k messages out over the course of a weekend, ruined the newsletter.main-domain.org reputation forever. Got me out of a scheduled performance assessment because that's over twice what I scaled Exchange for at that org and things went swimmingly
|
|
#
?
May 26, 2019 14:56
|
|
|
I'm not sure if this belongs here but I couldn't find a more general email thread. My email provider lets me write custom Sieve code for filtering emails and I was wondering if it's possible to write one that does the following: code:
|
|
#
?
May 30, 2019 10:39
|
|
|
There is an extension that can do body searches listed so that's probably possible. Not sure about the custom subject in the notification mail, none of the examples do anything like that. I don't use it so I'm not going to suggest any examples but the tutorial provides a nice starting point and there's a ton of 3rd party sieve management GUIs here... maybe one has a decent editor that will show syntax errors and such. Don't consider the RFC the user documentation, they always suck.
|
|
#
?
May 30, 2019 16:16
|
|
|
quote:We are starting to roll out several capabilities Outlook for iOS and Android that address the email and calendar needs for Enterprise customers. 
|
|
#
?
Jun 6, 2019 12:37
|
|
|
loving. finally.
|
|
#
?
Jun 7, 2019 20:08
|
|
|
Old Binsby posted:There is an extension that can do body searches listed so that's probably possible. Not sure about the custom subject in the notification mail, none of the examples do anything like that. I don't use it so I'm not going to suggest any examples but the tutorial provides a nice starting point and there's a ton of 3rd party sieve management GUIs here... maybe one has a decent editor that will show syntax errors and such. Don't consider the RFC the user documentation, they always suck. Thanks! I gave it a shot but couldn’t get regex match groups to work—they just stayed as a literal “$1” no matter what combination of escape characters I used so I gave up and set up something with Zapier.
|
|
#
?
Jun 8, 2019 12:09
|
|
|
Boris Galerkin posted:Thanks! I gave it a shot but couldn’t get regex match groups to work—they just stayed as a literal “$1” no matter what combination of escape characters I used so I gave up and set up something with Zapier. cool that you figured something out. in the spirit of the thread i should add that exchange (administrators) can do what you wanted to do natively using transport rules  Woah, i remember when this was put on their roadmap. But only just, it's been that long. Nice
|
|
#
?
Jun 9, 2019 06:07
|
|
|
Exchange/Office related question thats stumping me a bit here trying to clean up some of my predecessors leftover poo poo. Office People Pane - I've got some users who can't see emails from the user in question at all. They can also see emails from some users that weren't even sent to them. Trying to figure out how to resolve this. Example: I sent an email to one of my helpdesk guys. If he selects my name down in the people pane, he can't see anything from me, not even emails he was copied on or sent. Example 2 (The one that concerns me): If said helpdesk guy opens up our directors name on the people pane, he can see dozens and dozens of emails that he wasn't copied on which is obviously a huge problem. He doesn't have delegation rights or access to that mailbox, so thats not it. Anyone point me in the direction of somewhere I can gander? Google-Fu is getting me a ton of "Turn the people pane on or off" or "Why the people pane doesn't work" but not much "Why you can read the CIO's email when they didn't send it to you".
|
|
#
?
Jun 12, 2019 14:09
|
|
|
Digital_Jesus posted:Exchange/Office related question thats stumping me a bit here trying to clean up some of my predecessors leftover poo poo. Are you sure this person doesn't have access to the mailbox? While you have probably checked for a direct delegation assignment, this smells to me like a security group delegation has been done and the person in question is apart of it. I would check the CIO mailbox for all delegation. If there is a group delegation there of any kind that is the issue.
|
|
#
?
Jun 12, 2019 14:15
|
|
|
The CIO has no group delegation, or any delegation at all except one specific user who is not the person in question. I've gone through this dudes security groups too. Other users mailboxes are doing this too, but there doesn't seem to be a pattern across departments or anything. Is it possible the users who's email can be read have accidentally enabled something stupid in their outlook profiles? Digital_Jesus fucked around with this message at 14:27 on Jun 12, 2019 |
|
#
?
Jun 12, 2019 14:24
|
|
|
Digital_Jesus posted:The CIO has no group delegation, or any delegation at all except one specific user who is not the person in question. The first thing I would do is test. Can this user open owa and open the CIO mailbox? Once that is ruled out, you know its for sure a feature issue you have to get fixed. I would also take a quick look at the admin log report. Lets say the helpdesk person in question has been snooping and the data in the peoples tab was cached when he delegated himself access and snooped previously. That would also explain why its inconsistent. And just to be clear, the people's pane should ONLY show the mail that exists in that persons mailbox. Showing other peoples mail and such leads me to believe that the data exists in the OST and someone has just gotten caught. Sickening fucked around with this message at 14:53 on Jun 12, 2019 |
|
#
?
Jun 12, 2019 14:51
|
|
|
I think I figured it out. Previously what was done when someone was terminated here was access was granted to a specific user to that persons old mailbox (rather than giving them a pst archive export). This is stupid and has since been fixed and the relevant parties clubbed. However, it looks like it you had access to a mailbox at any point in time, even if that access has since been revoked, any emails your outlook profile cached during the time period you *had* access stays put, even if you didn't open or read any of them. Again I verified this guys mailbox access in exchange and the management shell reports he can't do poo poo except to his own mailbox, so as a test I had him blast his outlook profile away and re-sync with the server. Now he can only see the emails he's been sent that are still in his mailbox. So it appears that its just a side effect of the cache functionality in outlook, but even so I'm just going to disable this stupid rear end plugin across the org. Thanks E: For reference the helpdesk guy hasn't been snooping and doesn't have the access to do so even if he wanted to, aside from the fact he isn't that kind of person. All of the HD permissions have been adjusted to what they actually need instead of the previous Admins policy of "gently caress it whatever heres domain admin and exchange org rights". Hes the one that brought the problem to my attention going "Yo why can I see this poo poo?". E2: Basically the previous network administrator here was real real bad at security and gave people too much access and a lot of bad habits on how to do things like pull out emails, files, or grant other users access or copies to data. I don't believe any of this is malicious, its just a compounded case of stupidity. Digital_Jesus fucked around with this message at 15:07 on Jun 12, 2019 |
|
#
?
Jun 12, 2019 15:00
|
|
|
Finally! https://support.office.com/en-us/article/add-a-shared-mailbox-to-outlook-mobile-f866242c-81b2-472e-8776-6c49c5473c9f
|
|
#
?
Aug 18, 2019 22:02
|
|
|
Thanks Ants posted:Finally! Wow.. that's actually awesome.
|
|
#
?
Aug 19, 2019 02:06
|
|
|
Outlook Mobile is so good, but we can't use it. They aren't too up front about it, but Microsoft pulls and caches your email internally and then pushes down to the device. That makes some people anxious.
|
|
#
?
Aug 19, 2019 17:47
|
|
|
I assume you aren't using Office 365 if that is people's objection to it
|
|
#
?
Aug 19, 2019 19:01
|
|
|
Thanks Ants posted:I assume you aren't using Office 365 if that is people's objection to it We are not! For, I assume, similar reasoning.
|
|
#
?
Aug 19, 2019 20:31
|
|
|
There are far worst threats than microsoft MITMing your email.
|
|
#
?
Aug 22, 2019 21:53
|
|
|
incoherent posted:There are far worst threats than microsoft MITMing your email. I would assume that any org that chooses on prem vs cloud email are idiots at this point even from a security aspect of things.
|
|
#
?
Aug 23, 2019 00:21
|
|
|
We have O365 hybrid with two on prem mail servers - Exchange 2010 as a hub transport and Exchange 2016 just as a mailbox server (with no mailboxes). I need to decommission the older server. I'll have to add the hub transport role to the new server, are there any gotchas that I need to watch out for? I've never done any serious heavy lifting in Exchange and it would suck if I inadvertently break all the email that comes from our on prem apps.
|
|
#
?
Oct 14, 2019 21:16
|
|
|
Happiness Commando posted:We have O365 hybrid with two on prem mail servers - Exchange 2010 as a hub transport and Exchange 2016 just as a mailbox server (with no mailboxes). I need to decommission the older server. I'll have to add the hub transport role to the new server, are there any gotchas that I need to watch out for? I've never done any serious heavy lifting in Exchange and it would suck if I inadvertently break all the email that comes from our on prem apps. Besides the Edge role Exchange 2016 kind of did away with the whole concept of roles compared to 2010. All of the old roles are wrapped up in what's now called the Mailbox server. So you don't need to install anything but you might break all the email coming from on prem apps anyway if you don't recreate receive connectors used for relaying on the 2010 box on the 2016 server. Depending on how those apps are configured to submit mail you also might need to adjust the DNS entry for that or the app configuration (if they were using the mail server host name directly).
|
|
#
?
Oct 14, 2019 21:46
|
|
|
incoherent posted:There are far worst threats than microsoft MITMing your email. Well, Microsoft also has cached credentials so they can MITM the email as well, afaik. It doesn't keep me up nights, but it makes some people unreasonably anxious.
|
|
#
?
Oct 23, 2019 20:48
|
|
|
i wish someone'd read my mail, honestly it's comforting to know ms might be I'm currently working the most conservative and security-oriented gig right now I've ever done. Data so well protected the user experience is slow and garbage enough for a hacker to just go away out of frustration. Also i am very much aware of the actual end of support date for exchange 2013 and how far away that is as a result
|
|
#
?
Oct 24, 2019 00:30
|
|
|
Speaking of Exchange 2013, I've been tasked with implementing DKIM on an on-prem exchange 2013 shop. They only have one CAS server and two mailbox servers. I assume I have to install the DKIM tool @ https://github.com/Pro/dkim-exchange/ on the two mailbox servers as the CAS: quote:Front End Transport service on Client Access servers: This service acts as a stateless proxy for all inbound and (optionally) outbound external SMTP traffic for the Exchange 2013 organization. The Front End Transport service doesn't inspect message content, doesn't communicate with the Mailbox Transport service on Mailbox servers, and doesn't queue any messages locally.
|
|
#
?
Nov 12, 2019 16:49
|
|
|
The most angozing part of moving o365 is setting up an relay praying all my customer emails (the automated ty for your order nonsense) don't trip the "reasonable" transaction limits. Users, emails, mail flow was super easy.
|
|
#
?
Jan 23, 2020 03:56
|
|
|
Is it possible in Exchange to push a folder to a set of users? We have incident plans that are supposed to be pushed to appropriate people's mailboxes (you get the cyber security plan if you are on the cyber security team, that kind of thing) so they can have a copy of the plan on their email (and on their phone) and it can be updated with new updates to the plan without requiring an email be sent every time We use(d) Code Two Exchange Sync (I think it's called that...something similar to that) but it somehow broke and the fix looks to be turn of SSL or something--we haven't looked super far in-depth at fixing it because my boss swears there is a built-in way to do this in Exchange that since we now have Enterprise licensing we can use. When the C2 thing worked it seemed to work fine, although it was a bit janky. You could delete the plan and it would just show back up in your mailbox, new ones could be published pretty easily, etc I don't know if he imagined it or if I'm just not coming up with the correct search terms but I can't find anything like it. I thought he was talking about Public Folders but we had our weekly meeting today and I said "hey you can't access public folders on your phone" and he was kinda lovely about it and said "well I'm not talking about public folders this is something else" so I kinda just want to prove him wrong Edit: exchange 2016, on prem
|
|
#
?
Feb 25, 2020 07:59
|
|
|
There are some crack pot ways to. Search-mailbox from a source mailbox and target whatever departments/groups. Pstimport, but the process of creating or modifying the PST every time seems like a huge pita. Shared mailbox?
|
|
#
?
Feb 25, 2020 14:25
|
|
|
Submarine Sandpaper posted:There are some crack pot ways to. I wonder if this isn't what we end up going with. I asked him directly what feature he was talking about and of course he couldn't come up with the name of it. Then he said he saw an article before that was like 4 steps of things you had to do, but we couldn't do it because of licensing--but of course couldn't find the article anymore. So then we decided to go back to the Code 2 product. Now it looks like it stopped working because of Exchange 2016, not really for anything else. Then he said "well maybe we just send them an email and make it so they can't delete it" I also wonder if the solution is just "email the document, tell them to be a responsible adult and not delete it" but of course that's fantasy. The C2 thing was nice because even if you deleted it, it was coming back.
|
|
#
?
Feb 26, 2020 16:42
|
|
|
Before I started here, an Exchange 2016 server was added to the existing 2010 server, and mailboxes were migrated over etc. Everything was working properly, the 2010 server was really doing anything but was still part of the setup. After trying to remove Exchange 2010 from that server, a couple other things were found to be still running, so the uninstaller of course would stop and give an error. After resolving those issues (a mail connector and then like an address book and one or two other things), the uninstaller would proceed but then stopped because it couldn't find some files from the SP3 install files (they were no longer on the server). So the server uninstalled.....mostly. We're having a couple odd things happen now, like a few people's email wouldn't refresh until we re-created their outlook profile, just a couple weird goofy things. Part of me wants to remove the references to the old server using ADSI edit, but the smart side of me wants to just spend a couple hundred bucks on having an 'expert' clean it up. I don't want to risk knocking out mail for a few hours or worse, a day. I've used Microsoft Professional Support before for things like recovering from corrupted information stores and things like that, it's $499. Are there any other suggested go-to experts for something like this? I don't want to call a local MSP because I have a feeling they're going to just go through some standard troubleshooting steps and charge us for 5 hours of research, we might get a green tech....
|
|
#
?
Apr 29, 2020 18:55
|
|
|
they're basically going to go through this list, which you can also do (might have already). I'd prefer ponying up for MS support over ADSI editing a server out of a production environment. https://techcommunity.microsoft.com/t5/exchange-team-blog/best-practices-when-decommissioning-exchange-2010/ba-p/1247559
|
|
#
?
Apr 29, 2020 20:38
|
|
|
|
| # ? Apr 18, 2024 12:34 |
|
|
Alternatively you can install and un-install a 2010 server with the same name/role. That should remove anything from AD that shouldn't be there.
|
|
#
?
Apr 30, 2020 00:13
|
|