Email Servers





Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. A MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol (SMTP). The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.

Share tech news, updates, or what's on your mind.

Sign up to Post

Some mailservers do not support sender verify, My EXIM system is configured to use sender verify.

Some  email addresses on servers not suporting sender/verify are know to be valid but fail when my server receives them because the mail server does not respond to my outgoing sender/verify request .

I'm sure there is a way to whitelist certain email addresses in EXIM by SSH to the server, and editing the exim.conf and editing the exim_whitelist_senders file, because I have done so several years ago.

However this does not apear to work anymore, or I'm not doing it correctlty.

Could one of you experts please  assist ..

Many, Many Thanks.
Active Protection takes the fight to cryptojacking
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

I am getting a "421 4.4.2 Connection dropped due to connection reset" and " 421 4.4.2 Connection dropped due to ConnectionAborted" on a few messages.  Message is going from my exchange server to an smtp gateway in the dmz.  I have noticed that this is only happening to emails with zipped attachment.  If I attach those same files unzipped, the message is relayed without an issue. I first noticed this with a specific address, but I have been able to replicate it to my yahooo and msn accounts with the compressed attachment.  There is a PaloAlto firewall between the server smtp gateway.  Here are some logs:

Without Attachment

Identity: EX2010XXXXX\1123444\43962205
Subject: Data 00000160526US01 520789US
From Address:
Status: Ready
Size (KB): 27
Message Source Name: FromLocal
Source IP:
SCL: -1
Date Received: 3/14/2019 3:16:17 PM
Expiration Time: 3/16/2019 3:16:17 PM
Last Error:
Queue ID: EX2010XXXX\1123444
Recipients:;2;2;;0;CN=EX2010_to_XXXdaemon,CN=Connections,CN=Exchange Routing Group (XXXXXXX),CN=Routing Groups,CN=Exchange Administrative Group (XXXXXXXXX),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=XXXX,DC=lan;2;2;;0;CN=EX2010_to_XXXdaemon,CN=Connections,CN=Exchange Routing Group (XXXXXXXXXXX),CN=Routing Groups,CN=Exchange Administrative Group …
In regards to email antispoofing: In the SPF query below. What does the "?ALL" indicate?

v=spf1 ip4: ?all
Going to be migrating to Exchange 2016 (from EX2010) and need some advice on External URL's and SSL Certs.  On my Exchange 2010 I was using the host name of both my Internal & External URL's for Virtual Directories (ActiveSync, OWA, AOB, ..etc).  I was told that it is recommended to not use the host name on these external url's.  I should use ex.: (use just general mail name instead of my host name).  So should i just use this on my External URL's or both Internal and External?

When creating my new SSL Cert for EX2016 would I still need to put my host name on this Cert?  My current SSL Cert (EX2010) has the following:;, legacy,;

I would like to use as minimal amount of SAN names as possible.
I am trying to find an application that will produce the following functionality.  Basically, i would like for this application to be able to monitor a sql database and send an email based on a record update.   I don't want to use sql mail because these emails need to be highly formatted and possibly contain attachments.


We provide inspections of buildings.   An inspector will use the application and "result" an inspection.  Once this result is submitted to a certain column in the database table, i will need the application to recognize a result has been submitted.  I will then want the application to pick up the applicant email address for this inspection and roll up the violations... again, submitted to the database in a formatted way and possibly attach a pdf that is generated by our SSRS reporting server.  Does anybody know an application that can do that?
I have exchange 2016.  I have a user that receives payroll info that is encrypted.  Those emails are not being delivered.  The spam company says they have handed it off.  I check the message tracking logs and that email doesn't exist there.  How can I verify the email was actually received or not during the transport from the Spam host to my exchange server?
Hello Experts.
I am having a tough Friday.
I have a client with an old exchange 2010 server and a new exchange 2016 Server.
The old server is supposed to be just holding space because I am unable to remove it.  all email boxes are on the new server.

This environment has been working for over 2 years.

Today, we moved the office to a new location.  Same firewall (sonicwall).  Nothing changed on the internal network.

Now I am unable to send email from one internal email address to another.  There is nothing in any queue.  No rejections.
External email does not work either.  Again, no queue, no NDRs.  But let's just focus on one thing and maybe the other will work itself out.

Exchange 2010 installed on Server 2008 R2 - This server has issues looking for an old domain controller?1? (again, this has been working in the exact same configuration for several years.)
Exchange 2016 installed on Server 2016 standard.
I am going through troubleshooting but this is going to be a time sensitive issue very soon.

If I try to telnet to the exchange 2016 server and send an email to a local user, I get an invalid address, 501 5.1.3

Let me know what other information is needed.  every user seems to be able to log into their exchange account fine using outlook on the local network or OWA from outside the network.  they are just not able to send/receive email.
We are deploying Office 365 and setting up a new domain for a new company. There is an on-site AD using the Sync program to sync accounts to O365.

We have a problem whereby everyones default outbound email address is not using our own domain name but is using the one.

In the AD users, the UPN is set to use the correct domain name, in O365 it wont allow us to update the priamry email address, but says to update it on the AD. im not sure where to update this, or waht to do to fix it?

Any help appreciated.

I am running the enterprise version of exchange 2013 on prem.  I am trying to get information on the public folder white space and full database size.  I ran the following command which returned with no errors and no data.  Does this not work anymore in exchange 2013?

get-publicfolderdatabase -status | fl AvailableNewMailboxSpace, databasesize

Mark Magnus
I have perflib event errors after a fresh install of Server 2016 and Exchange 2016. I have re-installed the performance counters for Exchange. Commands in text file attached.
I have these event logged in eventviewer.
Event ID 1023
Attached text file for more information.

Appreciate your help.
Price Your IT Services for Profit
Price Your IT Services for Profit

Managed service contracts are great - when they're making you money. Yes, you’re getting paid monthly, but is it actually profitable? Learn to calculate your hourly overhead burden so you can master your IT services pricing strategy.

IS there a way to export multiple mailboxes out of Exchange Server 2010?
CONNECTIVITY TEST FAILED:  Testing RPC over HTTP connectivity to server
       RPC over HTTP connectivity failed.

We're in process of preparing to migrate our Exchange 2010 email server to the Microsoft Cloud, and we're getting this error when we do a connectivity test.  We have our SSL cert in place, and we've opened the required ports (TCP/UDP 6000-6004) on our firewall, as well as verified 443 is open.  In spite of this, we get this error above.  I'm looking for anyone who has maybe experienced this same error and worked thru it.  I did find this suggestion online, but am not sure if I need to mess with my server's "External Hostname".  I found it on Technet:

"The ExRCA tool will check the connection by external settings in Exchange.
And, I suppose that the host name of Outlook Anywhere, run "Get-OutlookAnywhere | FL Identity,*Host*" to check it.

If the ExternalHostName is server.domain.local, change it to and retest ExRCA again. "

Anybody try this with good results?

Thanks for your help.
We are on O365 and have noticed that internal emails sent using this method, mostly option 2 (, are sent to the junk mail folder. On most occasions we right click and tell it to trust our domain. However on a certain email they keep going to the junk mail folder even though we tell it to trust the domain. I am going to double check with the person who handles the script/application that sends the email to see how they are doing it because the strange thing i see is that it says its coming from,, but when i do a message trace on the O365 admin side it shows the person who initiated the script/application.

The way the script application works it we are using sharepoint and our sharpoint admin created a page/site that allows a user to request a check. They fill out a form and then when they hit submit it goes to the person they request the check from.

So if Bob Smith is the one doing the check request it's sent to the person he choose from the drop down and when that person sees the email it looks like it's coming from the message trace shows the person who initiated the check request.  

I don't know where on the O365 admin side i look at for internal rules. I'm thinking since its uses the smtp relay it seeing it as an outside email? But I am not sure.
We’ve recently worked with our email provider (we outsource) to create and add DKIM, SPF, and DMARC records in an effort to improve our domain’s email reputation, specifically, with Google as email to gmail accounts have been getting denied as of late. I will say that it’s made a significant improvement in mail getting through.

However, in one dmarc report from Google, there are blocks of IPs in Hong Kong and other countries spoofing our domain. I thought about editing the SPF record with a “-all” in order to “Hard Fail” any servers that aren’t in our list of approved senders, but given my inexperience, I’m concerned about False Positives. Currently, we are “Soft Failing” with “~all”. Any recommendations here?
We are on Exchange 2010 onsite, and I have been asked a question to see if I can find emails from a certain person (email address) and we have 35 some odd users, they want me to see if I can scan any and all emails to see if there are emails from this person either going out or coming in?
Is there a way I can run a scan of some sort on the Exchange Server?
is there an easy way via any of the default exchange powershell cmdlets to get a count of how many items are in each folder of a mailbox (e.g. inbox, sent, deleted etc), the mailboxes total size (MB/GB), and ideally the crucial metric of the number of unread emails in the mailbox?
Good morning,
                  I need to configure an exchange 2010 (SBS 2011 product) with two ISP providers to send and recieve mails from. Send part is easy because i add a second A record on my AD DNS and it works. But i don't know how i can recieve from second ISP because i can't use 587 port for both ISP. Should i create a FW rule on my router? External record are created with both MX records.

Thank you very much,
Martín Averame
We recently moved from an in house exchange over to office 365 and I want to decommission my exchange server. I read online that I need to go through and uninstall exchange from the server so that it removes the entries out of Active Directory but when I try to uninstall my readiness check fails because I still have a public folder database. I was able to use tools under EMC and remove all the public folders except for Internet Subscriptions. I researched online and it looks I can use ADSIedit.msc to remove that database, but my server has a problem with opening MSC. I get an error, is there any other way to remove that database? I do not need anything in that public folder but cant continue with the uninstall unless that database is gone.
Hi One of my bigger clients had an outside firm come in and check out the network for things I was doing wrong.  One thing they found was two email addresses that were for sale on the dark web.  They just suggested changing the password and all would be fine.

Question: how do you search the "Dark Web" for emails on one of my domains that are for sale?  

Thanks all
Cyber security certifications or degree?
Cyber security certifications or degree?

Cyber security is in demand—big-time. So what do you need to build a career in this lucrative field? Is a degree a must-have, or are industry-leading certifications more sought-after? Is it possible to break into cybersecurity without a bachelor’s or master’s degree in the field?

I am doing some analysis of shared mailboxes and I am getting confused how some mailboxes are being monitored/accessed, if at all, due to who has access to them, or the lack of people who have access to them should I say.

For example, I ran this query to get a list of mailbox permissions:

Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITYSELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv -NoTypeInformation mailboxpermissions.csv

Open in new window

which works great, and gives me who has full control, sendas etc to all mailboxes. However, on a couple there is literally nobody bar a standard exchange admin account with access. So I cannot see how anyone is monitoring these mailboxes. So my query is - is this command giving me a true picture of who can access the mailbox, or are there alternative ways of granting access to a mailbox that the output of this command does not reveal? The server is exchange 2010.
The organization that I work for uses outside firms to conduct email-based surveying and research. We're also hit constantly with phishing attempts and have worked to make sure our users understand that official emails will always come from our domain.

A research firm that I have been recently working with sent me the SPF record they maintain for their clients to include in their own SPF records to allow the firm's servers to send emails on behalf of their domains. However, when I checked the SPF record they want me to include I noticed that it has several includes of its own. When I checked those out, I found that one of the includes ends with "?all". I checked to make sure it would neutral-mark every email by sending myself a spoofed email using research firm's domain and an unsecured smtp sever, and it worked.

Obviously I don't want to include "?all" in my SPF record because it would (seemingly) undo any good the record was doing to begin with. It's not hard to check SPF records, and wouldn't take an attacker long to figure out they could send emails as my domain.

Am I being dense here? The vendor with the "?all" in their SPF record is a nationwide leader in providing survey logistics, and is extremely widely used; I can't imagine that I'm the only customer with concerns about this practice. Is using "?all" more common/reasonable than my understanding of it?
looking for a minimal C or other compiled program that can act as a replacement for the "sendmail -ti" command

it would write mail files read on STDIN to a maildrop directory in a well known or configurable location.
recipients will be extracted from the headers.
replacements that send the mail over smtp DO NOT qualify. please do no suggest mini_sendmail

it needs to be compiled/compilable for linux and opensource. no perl, no shell, ...
if it comes in a debian existing package, all the better.

i'm currently looking into adapting postfix's but i'd rather use something minimal that does not require so many config files and dynamic libs.

My Exchange 2016 seems to be unable to sends email to a compagny and I notice that it could be because of the header which is different then others:
Total retry attempts: 16
Server returned '400 4.4.7 Message delayed'

Here's the header in question:
[Contacting []...]
[Connected] ESMTP Exim 4.91 #1 Thu, 14 Feb 2019 16:37:13 -0500
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
is there a way in exchange server to get a full report of all mailboxes, which AD account they are associated with (mailbox owner?), and all distribution groups. Just a really basic list of all mailboxes and distribution groups in a single report, showing type, e.g. this is a mailbox, this is a distribution list, written to CSV. Similar I suppose to a full version of the global address list in outlook but also showing hidden entries, but to easily show which items are mailboxes and which are distribution lists.
Dear Experts, I got this error when attach a file in OWA Exchange 2016, what should I do? Many thanks!

MS Outlook is still normal

Email Servers





Within Internet message handling services (MHS), a message transfer agent or mail transfer agent (MTA) or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture. A MTA implements both the client (sending) and server (receiving) portions of the Simple Mail Transfer Protocol (SMTP). The terms mail server, mail exchanger, and MX host may also refer to a computer performing the MTA function. The Domain Name System (DNS) associates a mail server to a domain with mail exchanger (MX) resource records containing the domain name of a host providing MTA services.