Link to home
Start Free TrialLog in
Avatar of PACSAdmin
PACSAdminFlag for Australia

asked on

Exchange 2010 strips certain attachments

I have a new Exchange 2010 server that strips some attachments. It only strips a certain type of attachment sent from an application to external users. The exchange server is a combined mbx, client and hub. there is no edge transport. The only agents are those listed below (no attachment filter)
[PS] C:\Windows\system32>Get-TransportAgent

Identity                                                        Enabled                   Priority
--------                                                          -------                        --------
Connection Filtering Agent                         True                             1
Transport Rule Agent                                 True                             2
Text Messaging Routing Agent                   True                             3
Text Messaging Delivery Agent                  True                             4
Sender Id Agent                                        True                              5
Sender Filter Agent                                    True                             6
Recipient Filter Agent                                 True                             7

For troubleshooting i have removed forefront as i originally thought it was this but it is not

The send connector has a transport rule that appends a disclaimer only

The attachments are basicly an encrypted text file.

any help in figuring out why this application has its attachments stripped would be appreciated
Avatar of sunnyc7
Flag of United States of America image

can you run
Get-AttachmentFilterEntry | FL

and output the results here

Avatar of PACSAdmin


That command does not work on this server as it does not have the edge transport role installed
a) What type of attachments are getting stripped.
b) How is your exchange configured ? Please clarify

Internet > Firewall/Router > Switch > Exchange


The attachments are HL7 Files (basicly a text file) no bigger than 1kb

These files are only stripped when sent from the application that picks up the hl7 files and attaches them to an email to be transmitted to recipients. I have  a receive connector setup for this server that allows relay and can send emails from it OK. HL7 files just get stripped if attached.

If i attach the file manually using outlook it arrives OK.

Only pre reqs that work in older versions of exchange are the Application needs POP3 service enabled, content filtering disabled, and plain text authentication.

exchange is configured as a combined MBX, CAS, HUB that connects to the Internet through a send connector. I have disabled all anti spam filtering for troubleshooting

Your looking for this article:

In the Shell:
Add-AttachmentFilterEntry -Name *.HL7 -Type FileName
if get-attachmentfilterentry doesnt work - chances of that working is less - unless there was a typing mistake made earlier.

Agree sunnyc i ignored the comment above for that very reason.
better say nothing against you proadmin thanks for your input anyway
what antivirus anti-spam do you have ?

This is what I understand
a) when you email from the application - it strips HL7 attachment.
b) when you email form outlook - HL7 attachment goes through.

Please confirm.
I was using forefront but disabled it for troubleshooting. i originally thought this was the culprit.

what you understand is correct
I keep going back to this everytime.

Did you grant permission to anonymous users to relay in your default receive connector ?

Check in the end @ add-adpermission
forgot to add... and this is probably important. The file when sent from the application is encrypted
its not a relay issue as several other servers that use the same connector can relay.
its probably important @ encrypted.

Get-AttachmentFilterListConfig | fl

please output the result.
also let me know what transport-rule is running

get-transportrule | fl

[PS] C:\Windows\system32>Get-AttachmentFilterListConfig | fl
The term 'Get-AttachmentFilterListConfig' is not recognized as the name of a cmdlet, function, script file, or operable
 program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:31
+ Get-AttachmentFilterListConfig <<<<  | fl
    + CategoryInfo          : ObjectNotFound: (Get-AttachmentFilterListConfig:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

2 transport rules

rule 1 gets fields from AD and creates a signature
rule 2 adds a disclaimer

to verbose to paste here
No we are not running SP1
sorry @ wrong link :(

Check this guide

Can you check if Forefront Exchange Agent is still running ?
Check form the console if it's configured like this.
If so - uncheck that

forefront was uninstalled

no sign of an agent in processes or services
Did you restart the exchange server after uninstalling forefront

Go to Org config
Hub transport
Anti spam Tab

Right click on sender filtering
Go to Blocked senders
> check if reject messages from blank senders is checked ?
Uncheck that

Check the action.

Restart hub transport -- see if that works.

you can try disabling transport agents one by one and see if that works and try to isolate the cause.

On the face of it - looks like a forefront problem
or a transport agent attachment filtering
> but you dont have any of the above.

Yes i restarted

I have all the options under anti spam disabled

will try the transport agents but for the moment but need to arrange downtime to do.

will keep looking
This is what i have done and its working now

added an additional IP to the exchange Server
Created a receive connector with the following powershell Command
new-ReceiveConnector -Name 'RelayConnector' -Usage 'Custom' -Bindings '' -RemoteIPRanges ''
-Server 'SERVERNAME' -permissiongroups ExchangeServers
-AuthMechanism ‘TLS, ExternalAuthoritative’
This bound the receive connector to the additional I.P Address and set the problem server as the only server that can use it. Set it as a trusted server so anti spam filters were bypassed and no authentication required

With the send connector i changed it to route through a smarthost which is a server with SMTP installed that just relays the emails.

Now i did both at the same time so i am not sure which one fixed the issue. I am leaning towards the smarthost as the receive connector should not do spam filtering

sunnyc can you give any insight as to why this works now (old receive connector was configured the same only it was bound to exchange servers original I.P)  I am going to give you the points for all your help anyway.

Avatar of sunnyc7
Flag of United States of America image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
thanks for the help