|
 Old Binsby posted:Did you remove the X500 address value from the AD proxyaddresses attribute or did you empty the ExchangeLegacyDN for the user? I didn't empty the legacyexchangedn although it did apparently CHANGE (the last CN, which is hexstring-username -- the hex string changed). The proxyaddress is what was removed, and then re-added. For troubleshooting I did two things, added the old legacy dn from the on-prem (pre migration) server, and also added the old legacy dn from office 365 that apparently changed. I don't know why that changed. For all my testing I've been doing online mode no caching.
|
#
?
Aug 23, 2017 21:30
|
|
. 
|
|
| # ? Apr 24, 2024 06:51 |
|
|
Exchange Online issue I have a user nevergirls@butts.com on exchange online, and I'm a member of a mailing list shsc@somethingawful.com. When I send a message to the list, I get a copy of it sent to me, but because it's saying it's from @butts.com but using @somethingawful.com as the sender I get: "This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing" at the top of my message. This is obviously a false positive. Looking it up, everyone says "make sure your SPF is set correctly" but I'm obviously not going to add somethingawful.com to my SPF, because I'm a member of a ton of mailing lists and I'm not gonna do that for each one. So what do I do?
|
|
#
?
Sep 7, 2017 19:18
|
|
|
You either add it to your SPF record or use a proper ListServ that doesn't try to send as someone's domain that you don't own.
|
|
#
?
Sep 8, 2017 00:25
|
|
|
I think you can forward messages as long as the original DKIM certificate is still valid and it will pass DMARC even if the SPF is now wrong. Mailing lists tend to add a load of poo poo to the messages though so you're going to fail on SPF as well as DKIM. It's a problem for the mailing list provider to resolve, either doing a "on behalf of" for the from address, or similar.
|
|
#
?
Sep 8, 2017 00:46
|
|
|
Internet Explorer posted:You either add it to your SPF record or use a proper ListServ that doesn't try to send as someone's domain that you don't own. mailing lists are outside of my control unforch. I would love to be able to list domains that can bypass fraud/spoof detection.
|
|
#
?
Sep 8, 2017 13:33
|
|
|
In those cases I just offer to get in touch with the other sides IT and tell them that it's the year 2017 and doing what they're doing isn't acceptable. If they won't work to fix the problem I just explain to the end user that they are trying to impersonate us and due to security concerns we do not allow it. In Mimecast you have the ability to do spoof bypasses based on the Header or Envelope from. No idea in O365. At least it sounds like it gets delivered with a warning, with Mimecast it gets blocked completely.
|
|
#
?
Sep 8, 2017 14:19
|
|
|
Internet Explorer posted:In Mimecast you have the ability to do spoof bypasses based on the Header or Envelope from. No idea in O365. At least it sounds like it gets delivered with a warning, with Mimecast it gets blocked completely. Yes my clients with mimecast we do a spoof bypass.
|
|
#
?
Sep 8, 2017 15:22
|
|
|
It's an amazing looking Saturday, so this is totally the best time to post an inane "can someone check my math?" request .. Background: We are still on Exchange 2010 SP3 (2016 is on the "to do" list) running four mailbox servers with honestly too much loving mail in a DAG configuration. MB01 and MB02 are one DAG pair, while MB03 and MB04 are in a second DAG. For both, odds are active evens are passive. It all runs virtual with UCS for compute and NetApp cluster for SAN. Query: Mid-August some junior twit was performing some regular maintenance applying windows updates to MB04 (the passive). He took a snapshot because why not be cautious? He then promptly FORGOT TO DELETE THE loving SNAPSHOT WHEN FINSHED. I discovered this /[yesterday afternoon]/ much to my horror and chagrin. I promptly kicked off the remove snapshot task in VMWare but holy gently caress that will probably take awhile. We are "safeish" considering that MB04 is the passive and it's not like I'm getting reports that backups have been failing. Still, it's got me anxious because if MB04 starts having space issues on any one drive before the VMWare handles the snapshot then I am RIGHTLY hosed. Right now all my google-fu says that I should really just let that snapshot removal task bake until it finishes or errors out. However, it's been going for a good 24 hours now and while I'm pretty sure I'm seeing some progress (comparing datastore files between yesterday and today) there's not really much of an indicator since it's just sits at 99% until finally complete. So, if I want to get ahead of something truly awful occurring would spinning up an MB05 and adding it to the 2nd DAG group so it could also do the mailbox database copy dance with MB03 be a completely horrible idea? Granted, I end up using a LOT of storage since MB03 has multiple drives but would it work the way I think it would in my head meaning MB03 starts replicating with MB05 and after some MS fuzzy time I have to good replicas of the active MB03 server? Ultimately, I could even kill of MB04 if VMWare really takes a dump and errors out on the snapshot removal. Feel free to laugh and ridicule. I'll take all comers. However, honest advice or suggestions would be most cool.
|
|
#
?
Sep 16, 2017 19:39
|
|
|
My up my Exchange goons: iOS 11 breaks ActiveSync. Conditions: Exc2016 on Server 2016. HTTP/2 fuckery. incoherent fucked around with this message at 21:07 on Sep 18, 2017 |
|
#
?
Sep 18, 2017 21:03
|
|
|
incoherent posted:My up my Exchange goons: iOS 11 breaks ActiveSync.
|
|
#
?
Sep 18, 2017 21:15
|
|
|
Is it this maybe? https://support.apple.com/en-us/HT207459
|
|
#
?
Sep 18, 2017 21:19
|
|
|
anthonypants posted:I've been running the iOS 11 beta for months now and haven't had any issues with the mail app connecting to Office 365. If you're not seeing it, I suspect that o365 is using HTTP/1.0 (or their OS basecode is older). This only effects on prem on 2016 (very small pool tbh). Thanks Ants posted:Is it this maybe? https://support.microsoft.com/en-us/help/4032720/how-to-deploy-custom-cipher-suite-ordering-in-windows-server-2016 This will help you change the cipher to force a 1.0 connection. incoherent fucked around with this message at 22:17 on Sep 18, 2017 |
|
#
?
Sep 18, 2017 22:15
|
|
|
incoherent posted:If you're not seeing it, I suspect that o365 is using HTTP/1.0 (or their OS basecode is older). This only effects on prem on 2016 (very small pool tbh).
|
|
#
?
Sep 19, 2017 01:30
|
|
|
Yeah don't use EAS and iOS. Ever. Just don't. Tell them to use the Outlook app or gently caress off. Seriously.
|
|
#
?
Sep 19, 2017 04:28
|
|
|
Ranter posted:Yeah don't use EAS and iOS. Ever. Just don't. Tell them to use the Outlook app or gently caress off. Seriously. Why? iOS native client works great on my iPhone, in fact better than outlook app (for example - can do tasks, syncs drafts)
|
|
#
?
Sep 19, 2017 14:31
|
|
|
NevergirlsOFFICIAL posted:Why? iOS native client works great on my iPhone, in fact better than outlook app (for example - can do tasks, syncs drafts)
|
|
#
?
Sep 19, 2017 17:24
|
|
|
I thought we determined that the Outlook (iOS) app was bad? Was that not this thread? Something about uploading your email to Microsoft and then you connect to Microsoft. My biggest problem with mail.app is that sometimes, randomly, I'll stop getting push updates. I'll look at Mail and see that it hasn't updated in like 12 hours. I'm not sure if this is an Exchange issue, an iOS issue, or if we're doing something specifically here to break it. I didn't like the Outlook app when I tried it because it didn't show folders (or something similarly basic, I don't remember exactly what)
|
|
#
?
Sep 19, 2017 17:52
|
|
|
Some people aren't going to like the Outlook app. That's fine; there are other apps on the app store that can connect to an Exchange server. The fact is, the stock iOS mail/contacts/calendars apps, when connected to Exchange, will break in strange and mysterious ways, and Apple will fix those problems when they feel like it in an iOS point release down the line. I don't know what "uploading your email to Microsoft and then you connect to Microsoft" means, but without having done any research I'd put more faith in the Outlook app than a third-party mail app.
|
|
#
?
Sep 19, 2017 18:09
|
|
|
I would love to use the outlook app instead of mail.app but our moron mdm admin set it for mail.app access only.
|
|
#
?
Sep 19, 2017 18:47
|
|
|
There's a few problems I have with the Outlook App. The biggest one is when you get a notification for a new mail, see the shortened preview in your notifications, and then can't actually open it for 30 seconds or a minute because it just doesn't show up in the app. Also it likes to sign people out, and require account resets randomly. Meanwhile nobody using iOS mail has any issues with our 365 accounts. I came from using Touchdown with Exchange 2003 just a couple years ago, so it's hard to complain about Outlook's quirks.
|
|
#
?
Sep 19, 2017 19:03
|
|
|
anthonypants posted:I don't know what "uploading your email to Microsoft and then you connect to Microsoft" means, but without having done any research I'd put more faith in the Outlook app than a third-party mail app. IIRC the Outlook app used to be a non-Microsoft application, and would store the credentials for your Exchange account in their  , sync mail to that, then push it down to your app. I have no idea how it functions now. Our recommendation for iPhone users is to use it over Mail.app.
|
|
#
?
Sep 19, 2017 19:44
|
|
|
Thanks Ants posted:IIRC the Outlook app used to be a non-Microsoft application, and would store the credentials for your Exchange account in their It still does that, though I'm unsure if it currently stores all your and mail credentials. It needs significant parts of it anyway for focused inbox functionality so if you can't have cloud-hosted anything don't use the Outlook app E. Eh I'm actually not a 100% sure that was the reason, come to think of it. But anyway it does still store your stuff on servers other than your own Old Binsby fucked around with this message at 20:23 on Sep 19, 2017 |
|
#
?
Sep 19, 2017 20:05
|
|
|
NevergirlsOFFICIAL posted:Why? iOS native client works great on my iPhone, in fact better than outlook app (for example - can do tasks, syncs drafts) https://support.microsoft.com/en-us/help/2563324/current-issues-with-microsoft-exchange-activesync-and-third-party-devi My favorite is an all-hands company meeting + out of office for an iOS user = spamming the entire company with meeting updates for past meetings. It gets even more fun when the C-levels are using iPhones and their delegates are whining about missing meetings to us. But we have official buy in now to say "Tell them to use Outlook". So that's nice. Bald Stalin fucked around with this message at 05:05 on Sep 20, 2017 |
|
#
?
Sep 20, 2017 05:01
|
|
|
The most frustrating thing is that if a user has Exchange setup on their iPhone but iCloud is set as their default calendar, accepting a meeting on the phone that was sent to the Exchange account will send the acceptance message, and then put the meeting on the iCloud calendar and not the Exchange one. I have no idea if this behaviour has been fixed yet, but our blanket 'use Outlook' policy prevents support getting tied up trying to walk people through default calendar/contacts settings.
|
|
#
?
Sep 20, 2017 07:59
|
|
|
Ranter posted:https://support.microsoft.com/en-us/help/2563324/current-issues-with-microsoft-exchange-activesync-and-third-party-devi sounds horrible but surprisingly haven't come across this and I work with a lot of different environments
|
|
#
?
Sep 20, 2017 20:25
|
|
|
NevergirlsOFFICIAL posted:sounds horrible but surprisingly haven't come across this and I work with a lot of different environments
|
|
#
?
Sep 21, 2017 02:16
|
|
|
So you tell all your users "yeah now you can go to iOS native email/calendar and it's all good!" then Apple release an update and its super loving broken again and will take another year for them to give a poo poo. I wouldn't. Until we are done migrating to Google....
|
|
#
?
Sep 21, 2017 02:56
|
|
|
Ranter posted:So you tell all your users "yeah now you can go to iOS native email/calendar and it's all good!" then Apple release an update and its super loving broken again and will take another year for them to give a poo poo. Ranter posted:Yeah don't use EAS and iOS. Ever. Just don't. Tell them to use the Outlook app or gently caress off. Seriously.
|
|
#
?
Sep 21, 2017 02:58
|
|
|
? You said it was fixed right?
|
|
#
?
Sep 21, 2017 02:59
|
|
|
For now, until Apple breaks it again.
|
|
#
?
Sep 21, 2017 03:02
|
|
|
Wilford Cutlery posted:For now, until Apple breaks it again. Right, hence Ranter posted:So you tell all your users "yeah now you can go to iOS native email/calendar and it's all good!" then Apple release an update and its super loving broken again and will take another year for them to give a poo poo. Bald Stalin fucked around with this message at 03:05 on Sep 21, 2017 |
|
#
?
Sep 21, 2017 03:03
|
|
|
https://support.microsoft.com/en-us/help/4043473/you-can-t-send-or-reply-from-outlook-com-office-365-or-exchange-2016-i
|
|
#
?
Sep 21, 2017 14:35
|
|
|
Thanks Ants posted:https://support.microsoft.com/en-us/help/4043473/you-can-t-send-or-reply-from-outlook-com-office-365-or-exchange-2016-i Ranter posted:Yeah don't use EAS and iOS. Ever. Just don't. Tell them to use the Outlook app or gently caress off. Seriously.
|
|
#
?
Sep 21, 2017 17:33
|
|
|
Thanks Ants posted:https://support.microsoft.com/en-us/help/4043473/you-can-t-send-or-reply-from-outlook-com-office-365-or-exchange-2016-i
|
|
#
?
Sep 21, 2017 19:07
|
|
|
I was going to say that I've not had any issues on iOS 11 and Mail.app, maybe it only applies to accounts added after the upgrade 
|
|
#
?
Sep 21, 2017 19:16
|
|
|
I get this for some emails and not others. What the gently caress Apple, ms, get your poo poo together I don't want the outlook app
|
|
#
?
Sep 24, 2017 21:38
|
|
|
Thanks Ants posted:https://support.microsoft.com/en-us/help/4043473/you-can-t-send-or-reply-from-outlook-com-office-365-or-exchange-2016-i oh good! my original warning of "Edge case 2016+2016" has grown full blown nuclear with 0365 and outlook.com fails. I guess iOS beta seeds don't get the latest mail.app.
|
|
#
?
Sep 25, 2017 23:00
|
|
|
incoherent posted:oh good! my original warning of "Edge case 2016+2016" has grown full blown nuclear with 0365 and outlook.com fails. 
|
|
#
?
Sep 25, 2017 23:19
|
|
|
A nice long recurring meeting on a room resource and the meeting is gone from the organizers calendar. Would like to know since Outlook doesn't let you delete without sending cancellation.
|
|
#
?
Sep 28, 2017 17:31
|
|
|
|
| # ? Apr 24, 2024 06:51 |
|
|
Ranter posted:A nice long recurring meeting on a room resource and the meeting is gone from the organizers calendar. Would like to know since Outlook doesn't let you delete without sending cancellation. Sure it does. You just delete without sending a cancellation.
|
|
#
?
Sep 29, 2017 16:42
|
|
