Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a fully patched Exchange 2016 server on Windows 2012. I want to close these vulnerabilities found using Qualys scans, but I don't know how to do it without breaking OWA and whatever other features are affected in Exchange. I cannot find any articles for 2016 out there to do it safely. Can anyone point me toward specific steps to do it safely? Thanks!
Has Powershell sent you back into the Stone Age?
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

I have one user who cannot view Public Folders.

For their Outlook client they are using Outlook 2010 SP2 (14.0.7172.5000)  MSO (14.0.7177.5000)

Also, when connecting via the O365 portal I cannot view the public folders either.

In the Outlook client I am getting the message "Cannot display the folder".

If I go onto the O365 Admin Portal and add his mailbox to the root of the permissions of the Public Folder, the error changes to "Cannot expand the folder.  The attempt to log on to Microsoft Exchange has failed."  The weird thing is that this user is already a member of the O365 users, so adding him should have no effect, but the error message changes when I do this.

Public folders are not viewable in in the Web Portal.  If I try to add a public folder to favorites, I get .."We couldn't add the public folder to Favorites.  Please try again later."

This is only happening with one user.  All other users can view public folders with no issues.  This user is not a new user.  We recently moved them from on-prem to Exchange Online.

We are experiencing a problem with autodiscover popups for outlook clients.

We have a multiple domain setup and host exchange onsite.  Our Autodiscover is setup using the redirection method and works fine with the redirect using a wildcard * certificate.

The problem however, is that when setting up outlook profiles we get the correct popup but we also get another popup for which is another domain we have.  This happens for every account we setup for any of our clients on various domains.

If anyone can offer some advice as to why we might be getting a popup for a secondary domain we have alongside the correct clients domain autodiscover and how it might be linked to every client domain we have I'd appreciate it.

For reference we are running Exchnage 2013

Thank you!
Hi All, when trying to use an application which relays through our exchange 2010 environment I am having trouble with the following error reported in event viewer on the CAS:

"The maximum number of connections per source (unlimited) for this connector has been reached by this source IP address."

I've checked the properties of the receive connector and added the incoming IP to the receive mail from remote servers that have these IP addresses section, I have also increased the max connections from 20 to unlimited as the error reports.

Has anyone seen this before?  I'm confused as to why if it has been configured as unlimited why it still appears to be applying a limit to the amount of connections.
Is it really necessary to take all the following steps to put the Exchange 2016 Server into maintenance mode in order to run windows patches and updates. If you were performing an Exchange CU like from CU 4 to CU 5 I could see performing all the steps but just doing windows updates are the following steps needed:

Set the HubTransport component to “Draining”
Suspend-ClusterNode (DAG only)
Disable database copy auto-activation
Set database copy auto-activation policy to "Blocked"
Put server in maintenance mode (Set-ServerComponentState)

This seem to be take alot of time and once you are complete with your maintenance you have to go back an undo all this.

Can't you just move all the active DBs off the servers needing the maintenance and then start your maintenance on those servers.
This is too cumbersome, but if this is necessary I understand but it seems that once all the active DBs are off the servers requiring maintenance, you can state your updates and Exchange will prepare itself to reboot clean.

Exchange 2010 didn't require all this, just move the active DBs and run the StartDagServerMaintenance.ps1 and you were good. I understand that the architecture between 2010 and 2016 are different, so it makes sense on 2016 why you drain the HubTransport component, but is all this truly necessary.

Is my proposal a safe option:

Do this to all the servers requiring maintenance.
Move-ActiveMailboxDatabase -Server <currentserver (this server will require maint.)>…
I have just added 3 additional domains to our Exchange server.

I then added an address policy, with the format of alias@"3 new domains" then applied the rule to a specific department.

one of the domains within the policy had the option "make this the format the reply email address" - does this mean this will become the default reply address for the account this is applied too?

How do i go about creating a distribution group for one of the newly added domains, as at the moment when i try to create one, exchange default the group to the primary domain an not any of the 3 newly added domains.

i hope all of this makes sense?


Our all auto reply is going in spam. Any auto reply at GMAIL.COM, OUTLOOK.COM and are going in spam only.

I tested it in my domain, it works good. Can anyone suggest how to fix this.

Why is this message in Spam? It has a from address in but has failed's required tests for authentication.  Learn more

Further on this question:

Can anyone here please share some best practice and also recommendations or what's the best way of deploying 5x nodes IP-less DAG on Exchange server 2013 Standard Edition ?

Because from what I can see here: and most of the blogs, just consist of 2 node DAG with File Share Witness.

Any help and suggestion would be greatly appreciated.

I did a Veeam Exchange restore and exported the three pst files to the desktop.  I then copied the files to my computer so that I could open them in Outlook 2016.  Unfortunately I get an error message saying "File access is denied. You do not have the permission required to access the file Blah Blah.pst".  

I edited the files and added full permissions for myself and even the "Everyone" group but still get the same message, any ideas please?
Is the Migration Wiz website ( able to completely and fully migrate Google calendars & contacts into Office 365?

Is this all done during the email portion of the migration or does it need to be done separately?
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Hi, does anyone use this software before?

Do you know how to calculate the amount of license which need to be covered? And is there any risk if I install both Kaspersky Endpoint Security and Mail Security on the same server?

We have 6 Exchange Mail Servers.

Many thanks!
Hello everyone

Our company is merging with another company very soon and i need to put together a plan to migrate everything into one IT infrastructure. The management priority is to have New agency email address ready for all employees as soon as possible. So I was trying to find a best way to merge everything into one.

here is some information about both company.

Company A
Windows server 2012 AD domain :
Uses office 365 with Azure AD connect to sync password and users between on site AD and Office 365.
Approximate 150 employees.

Company B
Windows server 2012 AD domain :
Uses office 365 with Azure AD connect to sync password and users between on site AD and Office 365. Also have Exchange 2010 to manage users with Office 365.  (I am not 100% sure if they use Azure AD connect or not, but will know soon.)
Approximate 90 employees.

Company A will be surviving organization after merger.  Once both company merges, merged company will have new name and new email address.

New Company after merger:

Management wants both agency staff to have new email at as soon as possible.  

Currently I am working on putting VPN between both companies and to setup Forest level trust between both forest. This should be done within one week or so. But I am having little hard time in putting together plan to merge both forest and both Office 365 tenants.

Should i start with creating brand new Forest with and then create 3 …
Have an issue where some recipients, and they're recipients at like or, cannot receive calendar invites from senders of our Exchange 2010 server.
We have played with all the HTML format e-mail settings and still the same results.
Other recipients on the invitation will receive it just fine, although they are on different e-mail systems respectively.
Is this really likely an Exchange issue, or something on sbcgloval or AOL's end?
The recipients in question too appear to just be using their phone for e-mail, so I'm wondering if it's converting the attachments upon receipt.
I've even created and sent an invite to myself and it came through as an ics in the webmail, but I was able to open it, so I'm not able to re-create it.
For AOL test account, I don't even see an invite or winmail.dat come through for that matter.
I am trying to set up a help desk ticket system with an outside service, and if a user sends a ticket request via email which has an embedded image (like a screenshot), it makes it into the ticket system just fine (FreshDesk), but when I reply from FreshDesk, the email the user gets has the image empty. When testing, I saw one user had this pop up when the email opened in their Outlook:

Bottom Line: I need any images in emails sent from to show up in the emails.

btw, I already had the user uncheck the box in Tools > Trust Center > Automatic Download, and then had user log off and log back in, but no difference.

I also wanted to do this, but I see no option to do this:

"Unblock picture downloads for all messages from a particular email address or domain

In an open message that was sent from a particular email address or domain, right-click a blocked item.

Do one of the following:

Click Add Sender to Safe Senders List.

Click Add the Domain @domain to Safe Senders List."
We have a hybrid Exchange environment, Exchange 2016.

I need to be able to relay messages to external recipients, but I do not want an open relay.

I have a receive connector setup as
port 25
TLS, Basic Auth, Exchange auth
permissions to Exchange servers and anonymous user (for testing)
Allow mail from all servers (0-255) (for testing)

I have a send connection setup as
Proxy through client server
route mail to MX record (or smarthost for filtering)
Address space SMTP *

I am still receiving the error
550 5.7.54 SMTP; Unable to relay recipient in non-accepted domain

Please help me find what I am missing and get the relay working.
I have a client that have just setup a new office.

They utilize a shared mailbox between the five of them that they put common emails in so they can all review the contents. We'll call that mailbox 'Filing@'

They have an issue when replying. They sometimes don't catch that they are SENDING from that common mailbox and the recipient then gets an email from 'filing@' instead of the person who sent it.

They want us to come up with a system that will prevent them from doing that (I.E. sending from filing@)

No problem, we just removed the 'Send on Behalf' right and now they get an NDR.

However, the client is reporting at their previous office they got a notification immediately (a pop up of some sort, that's all the details I have).

They are currently on Office 365.

We can't find any method to duplicate what she is describing, a notification of some sort saying 'Don't do this' or 'Can't do this'.

One of my techs is suggesting they had in-house Exchange at their last place and perhaps you could do something like that there.

Helpful ideas appreciated.


We would like to setup an a rule on the backend where whenever members of different groups email each other a auditing mailbox gets CC'ed. Is this at all possible?
I have exchange 2010 STD with few Databases. I create new database and move all mailbox from one of the older Database to a new one.
Dismounted old database but can't remove it. Error message says there is either a mailbox, or archive or an arbitration on it.
I do see 3 items under arbitration
do I need them? DB is dismounted for a couple of weeks. how to I move or remove such item
please see screenshot attached.
is it related to mailbox indexes?
just recently some of our users are coming up with this error when trying to add a new outlook profile

The error says: We're sorry, we couldn't set up your account automatically. To try setting up the account yourself.

I looked up this error and what i tried did not work.

i tried the fixes on this page and nothing worked. There is not much out there for this problem.

Anyone had this issue before?
Problems using Powershell and Active Directory?
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

I need to search all mailboxes for mail containing 1 of 2 phrases.

My environment:

Hybrid exchange / Office 365 setup.
I need to search from January 1, 2015 - present,
I do NOT need to search student accounts. (student accounts have a "." in their name. "" Staff have "")

I attempted to run this search on premise using ECP Multi-Mailbox Search. It failed because the estimated size of the search was 173.2 GB when the discoverysearchmailbox only has 49.48 GB space.
Attempts at running this in the cloud using in-place eDiscovery & hold fail because the search includes too many mailboxes.

I suspect there is a powershell solution for this,  but am open to any other options as well.

we have exchange server 2013 , mails which we are sending to gmail are not going to the gmail account
We are using Exchange 2010.   We have it set up so that I can access any of the email accounts via my admin account in order to troubleshoot.   To do this, I type in the URL

By using this URL it allows me to log in using my admin account to gain access to jsmith's email.   This works on about 90% of the email.   However in troubleshooting, I found that if the person (in this case, JSmith) hasn't yet logged into OWA, then I get an error and it won't let me in.   But I found that once JSmith has logged in using OWA, then it works fine.

Any idea what this person logging in does that now allows me to connect?  I would like to correct this without asking everyone to make sure they log onto OWA at least once.
Hi all,

We have a very very strange behavior on our phyiscal Exchange Servers in one dedicated environment.

We have 3 physical Exchange Nodes HP DL380 G9.
2x in a DAG, 1x Single Node

We had on all 3 hosts the same behavior that the time changed few times a day + 1 Month + 2hours ahead.
The PDC is configured correctly with an NTP source, the hosts are also configured correctly (both verified by MS Support).
The time change only happen on the Exchange Nodes, where Mailboxes are located - means only where' s a load ongoing.
So it does not happen during night, not on weekend, only during business hours.
We have also other physical HPDL380 G9 hosts without any time issues (fileserver cluster, db cluster, ...).

What is installed on theses servers?
- Windows 2016
- Exchange 2016 CU5
- TrendMicro Scanmail
- HP SSP with all updated drivers and firmwares

What we checked already:
- PDC / Domain clock is synchronizing correctly
- Affected hosts are correctly get the time from the PDC/DC
- BIOS / ILO clock are correct (UTC)
- W32tm debugging activated / EventLog ID1 checked, but cannot find the source of the time change

What happen in case of a failure:
Timeclock on the Exchangehost is moving forward +1 Month +2hours (always the same).
Exchange stops working (make sense)
The system time has changed to ‎2017‎-‎07‎-‎18T03:24:39.541000000Z from ‎2017‎-‎07‎-‎18T03:24:39.541767700Z.
The system time has changed to ‎2017‎-‎08‎-‎18T08:07:55.753000000Z
I have exchange 2010 on sbs 2011. I accidentally deleted a users inbox, went to try to recover the orphaned inbox but exchange did not save the orphaned inbox. I found a back up of the edb file and want to try to retrieve the users inbox from it. is it possible to mount the old edb file and export his inbox to a pst so I can import it into his new inbox? can this be done without causing issues on the current live mailbox?
I have increase the AD and the Exchange server memory . In the exchange store.exe will take the added memory also  ? is it normal ? in sql database will take the entire physical memory and then release  ? is that the same  ?






Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.