MS has recently released the Service Pack 2 for the Exchange Management Pack, and the same has been now temporarily removed from the Download Center due to the issue of mailbox quarantining when the free space availability on the Transaction Log Drive is low.
You may see the following entries on your event log, if you are affected with this issue.
Log Name: Application
Event ID: 10018
Task Category: General
The mailbox for user <guid>: /o=Contoso /ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=UserMailbox has been quarantined. Access to this mailbox will be restricted to administrative logons for the next 6 hours.
Log Name: Microsoft-Exchange-Troubleshooters/Operational
Source: Database Space
Event ID: 5410
The database space troubleshooter quarantined mailbox <guid> in database <DBName>.
To know more about this issue, read the below blog from Exchange Team.
When you try to run the new-TestCasConnectivityUser.ps1 script to create the test user account for the Test-OutlookWebservice and other tests in your Exchange 2010, the below error may be occure.
"CreateTestUser : Mailbox could not be created. Verify that OU ( Users ) exists and that password meets complexity requirements"
The error will continue to generate even though if you give complex password. This is because, there could be another OU exists in your organization with the name "Users" and which creates issue to the script.All you need to do is to update the assigned value to the $OrganizationalUnit variable with "domain.local/Users" in the new-TestCasConnectivityUser.ps1.
Run the script again, and it should create the test user successfully.
You may receive NDR something similar to below when sending emails from your Outlook 2007/2010.
If you give a close look, you can see mailto parameter in those emails are creating issues.
When we type an email address inside the square brackets after the Mailto: header, the email address is displayed as an incorrect hyperlink which causes the NDR to generate.
Microsoft has released hotfix for this issue and is available to download here,
Office 2010 - http://support.microsoft.com/kb/2597052
Office 2007 - http://support.microsoft.com/kb/2475888
Microsoft has released a fix to resolve the issue for "EMC (Ex 2010 / 2007) fail to close with the error "You must close all dialog boxes before you can close Exchange Management Console" when IE9 is installed. The issue details have already discussed in the below post.
Below blog can direct you to obtain the hotfix from Microsoft support, currently it is not available for public download.
There was a blog from Exchange Team about this issue last day, it normally appears after you install IE9 on the machine where you have the Exchange 2010 or Exchange 2007 management tools installed. The error message is,
“You must close all dialog boxes before you can close Exchange Management Console”, though there are no property windows left open.
There is no solution/workaround has been really in place now, however the team is working on to provide us with a fix on this as soon as possible.
Read Exchange Team post for more updates on this
I have seen few queries on exchange forums about this issue on exchange 2010.
The scenario is,
An external user (e.g. “email@example.com”) is able to send email to all users of the organization but not to a specific user "firstname.lastname@example.org". At the same time some other user from the same external domain (e.g. "email@example.com") can send email to the specific user, "firstname.lastname@example.org".
This scenario happens when you have an edge server present in your messaging infra or the anti-spam agents installed on your hub transport server.
You may look/try one of the below reasons/options to work around or fix this issue (go one by one),
Now little more details on the point 1 & 2, which normally creates these kinds of issues more often. And it is important to understand the reason.
GFI Software has a cloud-based solution for anti-spam, anti-malware, anti-phishing and more. It’s called GFI MailEssentials Complete Online (MEO) and it promises to save you money, give your business email continuity, and protect your mailboxes better than you can do it yourself. With the bar set so high, we wanted to give MEO a try to see if it lived up to the hype.
MEO offers a free 30-day-trial, and implementing the service is incredibly easy, so the try before you buy approach works well here. MEO can filter both your inbound and your outbound mail, so there are two steps you need to take. Once you sign up for a trial, reconfigure your MX records to point to MEO, and configure your outbound mail to use MEO as a smart host. That’s it. With two simple configuration changes that won’t even interrupt message flow, you are up and running. That gets you complete mail hygiene, including anti-spam, anti-malware, and anti-phishing, on both your inbound and outbound messaging. And it gives you built-in email continuity -- so that if your mail server is ever down, you can still continue to receive and send email.
Managing the service
If you want or need to do any customization, including setting up whitelists or blacklists, MEO is easy to work with.
Application management is through a web browser. The portal is well laid out, with an intuitive tab-based approach that makes it very easy to learn your way around quickly and easily. The portal avoids the temptation to make things too flashy by avoiding Flash entirely, which makes it quick and responsive, and easy to use across practically any platform or browser. In addition to traditional whitelists and blacklists, you can configure how aggressive spam suppression is, and whether to block, quarantine, or reroute suspicious messages.
There are several benefits to routing all your outbound mail through MEO. Your messages are scanned for malware and to make sure they don’t look like spam. In the event that spam is ever sent out from your network, as can easily happen if a user’s workstation gets infected with a worm or virus, MEO’s outbound filtering can prevent your domain or mail server from being blacklisted. You can also configure MCO to append outbound messages with a standard disclaimer or signature. This can be companywide, set per user, or group.
At present, this is limited to plaintext, but you can always add your company logo in an Outlook signature if you need to. We noticed no delay at all when routing outbound mail through the service.
Here’s a feature your helpdesk is going to love, together with your users. Each user, once or more each day, can receive their own digest report on messages blocked by the service. Users can quickly scan this digest and can release any potentially legitimate message simply by clicking a link. Additionally, at any time, any user can log on to MEO’s web portal to check their own personal quarantine folder, which means no more tickets asking you to check the firewall to see if it blocked an email. Your users get immediate results, and your help desk can concentrate on more important things.
MEO comes with a great feature called Email Continuity. Whether you have a circuit outage, your mailserver is down for patching, or there is a software or hardware problem with your mail server, as long as your users have Internet access they can log onto the MEO portal to view and respond to any queued messages. It’s a great way to keep critical communications going even when something is down, and doesn’t require you to invest in a DR site.
If you are not yet archiving, it’s probably only a matter of time before you do. Compliance, legal requirements, and corporate security are all starting to look at archiving, and with all your email flowing through MEO, it’s a natural option that is offered with the product. Archiving is easy to set up, and is fully featured. You can set up one or more retention policies for your domain, to store messages for as short as three months or as long as 10 years. Messages are encrypted and then stored in multiple, geographically distributed datacenters, which means the data is secure even in the event of a natural disaster affecting one geographic location. Other features include delegated access control, automated tagging of messages, a simple but powerful search mechanism, and full support for journaling. And perhaps best of all, you can archive an unlimited quantity of messages, without having to purchase or maintain any additional hardware or software.
Overall, we found GFI MailEssentials Complete Online to be an effective and easy-to-use product. The idea of blocking spam before it even gets to our border is very appealing, and during our tests, we didn’t see a single spam message get through. With the added benefits of robust antivirus defense, email continuity, and optional integrated archive, it’s a great solution for protecting your users and their mailboxes.
If there’s one thing an Exchange admin is used to doing, it’s monitoring disk utilization on their mailbox servers. Users hoard email like gold, and as mailbox databases increase in size, backups take longer, restores can exceed recovery time objectives (RTO), and servers can run out of disk space. Admins might look to quotas to reign in runaway mailbox sizes, but those that implement quotas soon find that all this does is force users to move email to PST files, which brings a whole new crop of problems. Performance problems, corrupt files, and data loss all pop up, all that email is still consuming disk space; they’ve simply shifted the load from the mailbox servers to the fileservers. Fortunately, there’s a better answer to the problem of email storage. Email archiving can solve all of these issues without introducing any of the problems associated with other ways to manage email storage. By bolting on email archiving to an existing Exchange infrastructure, users can continue hoarding email, database sizes can remain manageable, and admins can focus on more important issues. Let’s look at three of the best reasons why you need email archiving.
According to the recent update from Microsoft, they has made the decision not to deliver any further full version releases of Forefront UAG. This news has posted in Microsoft's Official Server & Cloud Blog.
As per the update from Microsoft,
Microsoft customers continue to have access to select remote access and secure application publishing capabilities through Windows Server 2012 R2. Windows Server is not a complete replacement for all UAG scenarios, but it does provide:
Customers will be granted a Windows Server 2012 Standard server license for each UAG server license with active Software Assurance to allow them to make the transition. For customers who wish to continue using Forefront UAG, Microsoft will provide maintenance and support through the standard Microsoft support lifecycle. Mainstream support will continue through April 14, 2015, and extended support will continue through April 14, 2020. Customers with active Software Assurance on UAG as of Dec. 1, 2013 may also add new UAG server instances, users, and devices without any requirement to order additional licenses.
Please See Important Changes to the Forefront Product Line for complete notification.