Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6241
  • Last Modified:

Exchange 2010 strips certain attachments

Hi
I have a new Exchange 2010 server that strips some attachments. It only strips a certain type of attachment sent from an application to external users. The exchange server is a combined mbx, client and hub. there is no edge transport. The only agents are those listed below (no attachment filter)
--------------------------------------------------------------
[PS] C:\Windows\system32>Get-TransportAgent

Identity                                                        Enabled                   Priority
--------                                                          -------                        --------
Connection Filtering Agent                         True                             1
Transport Rule Agent                                 True                             2
Text Messaging Routing Agent                   True                             3
Text Messaging Delivery Agent                  True                             4
Sender Id Agent                                        True                              5
Sender Filter Agent                                    True                             6
Recipient Filter Agent                                 True                             7
-----------------------------------------------------------------------------------------

For troubleshooting i have removed forefront as i originally thought it was this but it is not

The send connector has a transport rule that appends a disclaimer only

The attachments are basicly an encrypted text file.

any help in figuring out why this application has its attachments stripped would be appreciated
0
PACSAdmin
Asked:
PACSAdmin
  • 14
  • 12
1 Solution
 
sunnyc7Commented:
can you run
Get-AttachmentFilterEntry | FL

and output the results here

thanks
0
 
PACSAdminAuthor Commented:
That command does not work on this server as it does not have the edge transport role installed
0
 
sunnyc7Commented:
a) What type of attachments are getting stripped.
b) How is your exchange configured ? Please clarify

Internet > Firewall/Router > Switch > Exchange

thanks

0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
PACSAdminAuthor Commented:
The attachments are HL7 Files (basicly a text file) no bigger than 1kb

These files are only stripped when sent from the application that picks up the hl7 files and attaches them to an email to be transmitted to recipients. I have  a receive connector setup for this server that allows relay and can send emails from it OK. HL7 files just get stripped if attached.

If i attach the file manually using outlook it arrives OK.

Only pre reqs that work in older versions of exchange are the Application needs POP3 service enabled, content filtering disabled, and plain text authentication.

exchange is configured as a combined MBX, CAS, HUB that connects to the Internet through a send connector. I have disabled all anti spam filtering for troubleshooting

0
 
proadminCommented:
Your looking for this article:
http://technet.microsoft.com/en-us/library/aa997139.aspx

In the Shell:
Add-AttachmentFilterEntry -Name *.HL7 -Type FileName
0
 
sunnyc7Commented:
proadmin
if get-attachmentfilterentry doesnt work - chances of that working is less - unless there was a typing mistake made earlier.

0
 
PACSAdminAuthor Commented:
Agree sunnyc i ignored the comment above for that very reason.
0
 
PACSAdminAuthor Commented:
better say nothing against you proadmin thanks for your input anyway
0
 
sunnyc7Commented:
what antivirus anti-spam do you have ?

This is what I understand
a) when you email from the application - it strips HL7 attachment.
b) when you email form outlook - HL7 attachment goes through.

Please confirm.
0
 
PACSAdminAuthor Commented:
I was using forefront but disabled it for troubleshooting. i originally thought this was the culprit.

what you understand is correct
0
 
sunnyc7Commented:
I keep going back to this everytime.

Did you grant permission to anonymous users to relay in your default receive connector ?

Check in the end @ add-adpermission
http://msexchangeteam.com/archive/2006/12/28/432013.aspx
0
 
PACSAdminAuthor Commented:
forgot to add... and this is probably important. The file when sent from the application is encrypted
0
 
PACSAdminAuthor Commented:
its not a relay issue as several other servers that use the same connector can relay.
0
 
sunnyc7Commented:
its probably important @ encrypted.

brb
0
 
sunnyc7Commented:
Get-AttachmentFilterListConfig | fl

please output the result.
0
 
sunnyc7Commented:
also let me know what transport-rule is running

get-transportrule | fl

thanks
0
 
PACSAdminAuthor Commented:
[PS] C:\Windows\system32>Get-AttachmentFilterListConfig | fl
The term 'Get-AttachmentFilterListConfig' is not recognized as the name of a cmdlet, function, script file, or operable
 program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:31
+ Get-AttachmentFilterListConfig <<<<  | fl
    + CategoryInfo          : ObjectNotFound: (Get-AttachmentFilterListConfig:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

0
 
sunnyc7Commented:
0
 
PACSAdminAuthor Commented:
2 transport rules

rule 1 gets fields from AD and creates a signature
rule 2 adds a disclaimer

to verbose to paste here
0
 
PACSAdminAuthor Commented:
No we are not running SP1
0
 
sunnyc7Commented:
sorry @ wrong link :(

Check this guide
http://www.expta.com/2010/09/how-forefront-protection-2010-for.html

Can you check if Forefront Exchange Agent is still running ?
Check form the console if it's configured like this.
If so - uncheck that

0
 
PACSAdminAuthor Commented:
forefront was uninstalled

no sign of an agent in processes or services
0
 
sunnyc7Commented:
Did you restart the exchange server after uninstalling forefront

Go to Org config
Hub transport
Anti spam Tab

Right click on sender filtering
Properties
Go to Blocked senders
> check if reject messages from blank senders is checked ?
Uncheck that

Check the action.

Restart hub transport -- see if that works.

---
Troubleshooting
you can try disabling transport agents one by one and see if that works and try to isolate the cause.

On the face of it - looks like a forefront problem
or a transport agent attachment filtering
> but you dont have any of the above.


also
0
 
PACSAdminAuthor Commented:
Yes i restarted

I have all the options under anti spam disabled

will try the transport agents but for the moment but need to arrange downtime to do.

will keep looking
0
 
PACSAdminAuthor Commented:
This is what i have done and its working now

added an additional IP to the exchange Server
Created a receive connector with the following powershell Command
---------------------------------
new-ReceiveConnector -Name 'RelayConnector' -Usage 'Custom' -Bindings 'xxx.xxx.xxx.xxx:25' -RemoteIPRanges 'xxx.xxx.xxx.xxx'
-Server 'SERVERNAME' -permissiongroups ExchangeServers
-AuthMechanism ‘TLS, ExternalAuthoritative’
----------------------------------
This bound the receive connector to the additional I.P Address and set the problem server as the only server that can use it. Set it as a trusted server so anti spam filters were bypassed and no authentication required

With the send connector i changed it to route through a smarthost which is a server with SMTP installed that just relays the emails.

Now i did both at the same time so i am not sure which one fixed the issue. I am leaning towards the smarthost as the receive connector should not do spam filtering

sunnyc can you give any insight as to why this works now (old receive connector was configured the same only it was bound to exchange servers original I.P)  I am going to give you the points for all your help anyway.

0
 
sunnyc7Commented:
I am leaning towards a smarthost too.
0
 
PACSAdminAuthor Commented:
thanks for the help
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 14
  • 12
Tackle projects and never again get stuck behind a technical roadblock.
Join Now