Johnny Yao WorkSpace

  http://www.msdigest.net/2014/04/how-to-export-messages-from-a-mail-queue-on-exchange/   #Suspend all messages in the queue get-queue ExchangeServer\663 | Get-Message | Suspend-Message #Get all messages from the queue $array = @(Get-Message -Queue "ExchangeServer\663" -ResultSize unlimited) #Export all messages from the queu $array | ForEach-Object {$i++;Export-Message $_.Identity | AssembleMessage -Path ("E:\Mailqueue\"+ $i +".eml")}

  Troubleshoot: UM voice mails not submitted to Hub Transport UMService EventID 1082 "The Unified Messaging server was unable to submit messages to a Hub Transport" Authentication failure UM Voicemail delivery fails - SMTP error TargetUnknown on UM Event Type:    Warning Event Source:    MSExchange Unified Messaging Event Category:    Disk Event ID:    1185 Date:        11/24/2010 Time:        3:22:41 PM User:        N/A Computer:    OCS-UM Description: The Unified Messaging server was unable to submit a message to Hub Transport server "EXCH-CAS" because the following error occurred: 意外的 SMTP 伺服器回應。預期: 235，實際: 454，整個回應: 454 4.7.0 Temporary authentication failure   Event Type:    Error Event Sourc...

  smtp relay in active directory site  451 4.4.0 Understanding Message Routing 瞭解訊息路由

    傳輸伺服器的負載平衡及容錯 內部郵件路由 容錯: 系統自動允許單點失敗 負載平衡: 自動依各項機制分散loading 以下內容為Exchange 2007 適用 1. 同一AD site 中組織組態的to internet connector 會自動進行容錯及負載平衡 同一 Active Directory 站台 的傳送連接器上指定了多個來源傳輸伺服器的郵件轉送 在連接器上指定多個來源傳輸伺服器時，連線會分散給多個來源伺服器，以用循環配置方式達到負載平衡。當該連接器無法使用某個來源伺服器時，就會容錯移轉至下一個替代來源伺服器以達到容錯。 在下圖中，傳送連接器 C1 設定為使用 Hub Transport Server A 及 Hub Transport Server B 作為來源伺服器。當 Hub Transport Server C 路由傳送郵件至傳送連接器 C1 時，會在 Hub Transport Server A 與 Hub Transport Server B 之間進行郵件分散的負載平衡。 同一 Active Directory 站台的傳送連接器上多個來源傳輸伺服器 如果轉送郵件的伺服器也設定為所選連接器的來源傳輸伺服器，則不會進行負載平衡。在這樣的情況下，鄰近本機伺服器會比鄰近本機 Active Directory 站台更佔優勢，而一律使用本機伺服器來路由傳送郵件。 在此圖中，如果 Hub Transport Server C 也設定為傳送連接器 C1 上的來源傳輸伺服器，則從 Hub Transport Server C 轉送的郵件會透過傳送連接器 C1 來路由傳送，而不是負載平衡至 Hub Transport Server A 與 Hub Transport Server B。 2. 不同AD site 使用的to internet connector 不會自動進行負載平衡，但可以設定容錯!! 不同 Active Directory 站台中的來源傳輸伺服器 如果正在用來路由傳送電子郵件的傳送連接器的來源傳輸伺服器位於不同的遠端 Active Directo...

  http://technet.microsoft.com/zh-tw/magazine/ff626260.aspx Q: I’m planning to upgrade our environment from Microsoft Exchange 2007 to Exchange 2010. This im plementation has to be fully redundant on all levels.Because our organization has about 3,000 users, I plan to install Exchange on two machines initially. Each will have the Hub Transport (HT), Client Access Server (CAS) and Mailbox (MB) server roles. Both will also be members of a Database Availability Group (DAG), so the servers will replicate databases between themselves . From our experience with the current Exchange environment, I know that if the HT and MB roles are on the same machine, the Microsoft Exchange Mail Submission service always prefers the local HT server. It doesn’t use other HT servers in the Active Directory site in a round robin fashion, as do MB servers that don’t have the HT server role. If this is the same in Exchange 2010, we have an issue. Keeping the transport dumpster on a DAG member doesn...

  Back pressure is a system resource monitoring feature of the Microsoft Exchange Transport service that exists on Microsoft Exchange 2010 Hub Transport and Edge Transport servers . Exchange Transport can detect when vital resources, such as available hard disk drive space and available memory, are under pressure, and take action in an attempt to prevent service unavailability. Back pressure prevents the system resources from being completely overwhelmed and Exchange server tries to deliver the existing messages. When utilization of the system resource returns to a normal level, the Exchange server gradually resumes normal operation. In Exchange 2007, when a Hub or Edge server is under resource pressure, it rejected incoming connections. In Exchange 2010, incoming connections are accepted, but incoming messages over those connections are either accepted at a slower rate or are rejected . When an SMTP host attempts to make a connection to a Hub or Edge server that is in back...

  背壓 (Back Pressure) 是 Microsoft Exchange Transport 服務的系統資源監視功能，存在於執行 Microsoft Exchange Server 2007 且已安裝 Hub Transport server role 或 Edge Transport server role 的電腦上 。其會監視重要系統資源 (例如可用硬碟空間及可用記憶體)。如果系統資源的使用量超過指定的限制， Exchange 伺服器就會停止接受新的連線及郵件 。這樣可防止系統資源不堪負荷，並讓 Exchange 伺服器傳遞現有的郵件。當系統資源的使用量恢復正常水準時，Exchange 伺服器就會接受新的連線及郵件。 使用背壓功能時，會監視下列系統資源： 硬碟上用來儲存訊息佇列資料庫的可用空間。 硬碟上用來儲存訊息佇列資料庫交易記錄的可用空間。 記憶體中未認可的訊息佇列資料庫交易數。 EdgeTransport.exe 處理程序使用的記憶體。 所有處理程序使用的記憶體。 Hub Transport Server 或 Edge Transport Server 上每個受監視的系統資源都會套用下列三種資源使用量層級之一： 一般    資源未使用過度。伺服器會接受新的連線及郵件。 中    資源稍微使用過度。會對伺服器套用有限的背壓。可以傳送來自授權網域之寄件者的郵件。但伺服器會拒絕其他來源的新連線及郵件。 高    資源嚴重使用過度。會套用完整背壓。所有訊息流程都會停止，而且伺服器會拒絕所有新的連線及郵件。 強烈建議不要在生產伺服器上的 EdgeTransport.exe.config 檔案中，對背壓設定做任何修改。修改背壓設定可能會導致效能不佳或資料遺失。建議您遭遇背壓事件時，先不要修改背壓設定，而是調查起因並做更正。 背壓的組態選項全是在 C:\Program Files\Microsoft\Exchange Server\Bin 目錄內的 EdgeTransport.exe.config 應用程式組態檔中設定。EdgeTransport.exe.config 檔案是與 EdgeTrans...

  所有的新安裝Exchange 2007 & 2010 都會遇到的自簽憑證問題, 且可能每年都會遇到一次, 除非改為內部CA, 且內部CA 到期期限還得先延長, 其中以有起EdgeSync 的架構更新憑證會更麻煩 E2K7 E14   Event Type:    Warning Event Source:    MSExchangeTransport Event Category:    TransportService Event ID:    12015 Date:        10/1/2009 Time:        9:00:57 AM User:        N/A Computer:    mail-hub1 Description: An internal transport certificate expired. Thumbprint:B727A44820E85C4D9A205DAA5316D81C2C3049ED Event Type:    Error Event Source:    MSExchangeTransport Event Category:    TransportService Event ID:    12014 Date:        10/1/2009 Time:        8:55...

    1. 2. 用child domain\admin 安裝失敗 3. 改用Corp\admin 來安裝 4. Receive Connectors     Blog Extended Reading More Information & Reference

    Send and Receive Connectors Exchange Server 2003 uses SMTP virtual server interfaces for each protocol to send and receive messages between Exchange servers. Configuration is required only when you modify the default values or create connectors that are specific to another organization. The Exchange 2010 Hub Transport servers use an implicit connector to route messages between sites. This connector is called the intra-organization Send connector. During installation, explicit Receive connectors are automatically created on each Hub Transport server. One Receive connector is configured to receive SMTP traffic from all sources by listening on port 25. A second Receive connector is configured to receive SMTP traffic from non-MAPI clients by listening on port 587. Explicit Send connectors and Receive connectors are created on Hub Transport servers only when you want to create a connector that sends messages to a specific address space or receives messages from a specif...

  組織內傳送連接器  Intra-organization Send Connector 組織內傳送連接器是隱含且隱藏的傳送連接器 ， 是由 Exchange Server 2007 自動計算而來，而且會讓相同組織中的 Hub Transport Server 彼此轉送郵件，而不需要使用明確的傳送連接器 。因為 Edge 訂閱的 Active Directory 中內含具有 Active Directory 站台關聯的組態物件，所以也可以使用組織內傳送連接器將郵件轉送至該 Edge Transport Server。 只有位在已訂閱 Edge Transport Server 之相同 Active Directory 站台中的 Hub Transport Server，才可以直接與已訂閱 Edge Transport Server 進行電子郵件的傳送及接收。如果您擁有多站台樹系，而且 Exchange 2007 已部署在多個站台中，則非訂閱站台中的 Hub Transport Server 會將輸出電子郵件路由傳送至已訂閱站台。已訂閱站台中的 Hub Transport Server 會將輸出電子郵件路由傳送至 Edge Transport Server。 下圖顯示來自 Exchange 組織中之非訂閱 Active Directory 站台的輸出郵件流程。具有兩個站台的 Active Directory 樹系就已經建立 Edge 訂閱與站台 A 的關聯。如果郵件是從站台 B 傳送給網際網路收件者，則會先將郵件轉送至站台 A。而站台 A 中的接收 Hub Transport Server 會使用組織內傳送連接器將該郵件轉送至 Edge Transport Server。Edge Transport Server 接著會將郵件路由傳送至自動建立的 EdgeSync - Site-A to Internet 傳送連接器，以傳遞至收件者網域。   Blog Extended Reading 1. REF: Exchange 2010 - Upgrading from Exchange 2003 Transport (Part1) 2. REF: Exchange 2010 - Upgrad...

  1. E2K3 使用 link state routing table 2. E14 則不使用，採HUB直接對連 3. HUB 直接對連不通時，Exchange HUB 會去參考 IP site link costs 來找尋最接近目的的site 來暫存郵件 ---> queue at point of failure 4. 這邊又再次提到， 抑制連結狀態更新 的重要，避免E2K3重新計算Routing 及不斷重送 (意思就是說，現在最低成本的路由不通，先queue 信等路由通了再重送吧，不要重新計算路由到處重送) 5. 最後一段的意思還要再了解 Link State Updates in a Coexistence Environment When connecting the Exchange 2010 routing group to the Exchange Server 2003 organization, you must consider the behavior of link state routing . Exchange Server 2003 servers maintain a link state routing table that is updated through communication with the Routing Group master. Each connector that has been created between Exchange Server 2003 routing groups is considered a link. Exchange Server 2003 servers determine how a message is routed inside the organization by using the cost that is assigned to these links. If a particular routing group is inaccessible by using the lowest cost route, the link state table is updated by ...

  1. 重點就是不要用Exchange 2003 的管理介面來建立E14 & E2K3 間的RGC 2. 使用 New-RoutingGroupConnector 來建立RGC 3. 先去了解 抑制連結狀態更新 **(多個E2K3 routing group 與E14 的連接方式) If your existing Exchange environment includes more than one routing group, you may want to create additional connection points between Exchange 2003 and Exchange 2010 to optimize mail flow. To create additional connection points, you follow these steps: Determine how you will upgrade the organization to Exchange 2010. The order in which you decommission routing groups will determine which Exchange 2003 routing groups should connect directly with Exchange 2010. **Modify the registry to suppress minor link state updates on all the Exchange 2003 servers . This configuration change prevents connector state messages from being relayed throughout the organization by using link state updates, but does not prevent configuration change messages from being relayed. For more information, see Suppress Link Stat...

  1. Site to Site 間的HUB傳輸是透過 intra-organization Send connector to route 2. 承上，base on Active Directory site and IP site link 3. 混合模式下，AG及RG 會自動建立 4. E14 的AG & RG及成員不要亂動，更別透過ESM 來操作   Upgrading from Exchange 2003 Transport [This is pre-release documentation and subject to change in future releases. This topic's current status is: Editing .] Applies to: Exchange Server 2010 Topic Last Modified: 2009-08-19 When upgrading from Exchange 2003 to Exchange 2010, there will be a period of time where both versions coexist in production. This topic provides information to help you make sure that the message flow isn't negatively affected during this period of coexistence. Important: If you deploy Exchange 2010 as a new organization, you cannot later install Exchange 2003 in the Exchange 2010 organization. This is not a supported scenario. If you anticipate requiring Exchange 2003 fun...

  如何抑制連結狀態更新 Applies to: Exchange Server 2010 Topic Last Modified: 2009-05-01 當 Exchange 組織中的電腦上安裝第一個 Hub Transport server role 時會建立第一個路由群組連接器。在建立其他路由群組連接器之前，請先在組織中的每個 Exchange 2000 和 Exchange 2003 伺服器上執行此程序。 當您抑制少量連結狀態更新時，執行 Exchange 2000 和 Exchange 2003 的伺服器不會將連接器標示為關閉。此程序可確保舊版的 Exchange 只使用最低成本的路由，且不會嘗試計算替代路由。 此程序的目的是確保不會發生路由迴圈。Exchange 2007 不使用連結狀態路由表，也不支援轉送連結狀態資訊。如果不抑制少量連結狀態更新，則可能發生路由迴圈 。如需在包含 Exchange 2007 伺服器和 Exchange 2003 或 Exchange 2000 伺服器的 Exchange 組織中如何發生路由迴圈的相關資訊 This topic explains how to use Registry Editor to suppress propagation of minor link state updates between routing groups in Microsoft Exchange Server 2010 and Exchange Server 2003. We recommend that you perform this procedure if the following conditions are true: You have installed the Exchange 2010 Hub Transport server role in an existing Exchange 2003 organization. For more information about this step, see Installing Exchange 2010 in an Existing Exchange 2003 Organization . Th...

1. E2K7/ E14  <-------自動建立RGC-------->   E2K3 (Site A BHS ) <------手動建立RGC----> (Site B BHS ) 2. E2K7/ E14 (Site A HUB ) <------自動判斷AD Site Link -------> E2K7/E14 (Site B HUB ) 問題1 (待確認): 若我們初期是mixed 的環境，則site A中E2K3 應該需保留 BHS ，提供site A E14 及其他 Site 的 E2K3 轉送 ? 問題 2 (待確認): 就當初site A佈署E2K7 時，是自動建立 site A中的 E2K3 <--> E2K7 RGC，將來逐漸佈署後，每個site 建立E14時，應該都自動會跟自己site 中的E2K3 建立RGC；若某一site 間的E2K3全部移除了，和其他 site 的E2K3 路由時， 應該會透過現有相同版本的 E14  其 site link 轉送到還保留 E2K3 BHS 的 site ?

Disable TLS (原討論) Reply: I would like to disable TLS, as I would like to disable the encryption between Hub Transport server for some reason. 1. What is the best approach if I have three Hub Transport servers? Mailbox Server A using Hub Transport Server A Mailbox Server B using Hub Transport Server B Mailbox Server C using Hub Transport Server C 1. Disable Opportunistic TLS on your Receive Connectors.  Your Receive Connectors don't "require" TLS either way as -RequireTLS is set to $false.  Opportunistic TLS just attempts TLS first and if TLS is not possible, it accepts the mail anyways. 2. Do have have to disable both "Send Connector" and "Receive Connector" on all Hub Transport servers? 2. No, just Receive Connector due to what I said in #1 . 3. What about Mailbox Servers, do I have to disable it on all Mailbox servers as well? 3. No, all my flows through Hub Transports and gets delivered right to th...

如何停用Exchange 2007 HUB 間的 SMTP TLS? (Part 1)   資料路徑安全性參照 Hub Transport Server 間的所有流量都會使用含有自行簽署憑證的 TLS 進行加密 ，這些憑證是由 Exchange 2007 安裝程式預設安裝的。 Hub Transport Server 之間的流量是使用 Kerberos 驗證來驗證。 選擇輸出匿名 TLS 憑證 Hub Transport Server 之間的 SMTP 工作階段，目的在於只以公開金鑰加密。 對於 Hub Transport Server 之間的通訊，會使用 匿名 TLS 和憑證的公開金鑰來加密工作階段 。但接下來的驗證是 Kerberos 驗證。 在建立 SMTP 工作階段時，接收伺服器會初始化憑證選擇程序，以決定在 TLS 交涉時要使用的憑證。接收伺服器也會執行憑證選擇程序 。 相關的討論 1. Hub Transport routing between servers 2. Disable TLS 3. How to disable Exchange 2007 SMTP X-ANONYMOUSTLS encryption? 4. Exchange 2007 HUB to HUB 传输 傳輸層安全性 在 SMTP 通訊協定交談期間， 用戶端會發出 SMTP STARTTLS 命令 ，來要求針對此工作階段交涉 TLS。用戶端在 TLS 通訊協定交涉過程中會從伺服器接收 X.509 憑證。接著用戶端驗證原則會決定是否應該驗證接收伺服器憑證，以及是否應該將其他任何準則套用至憑證 (如名稱比對)。 TLS 交涉過程中可選擇讓接收伺服器也向傳送伺服器要求憑證。如果傳送伺服器將憑證傳送給接收伺服器，則接收伺服器上的本機原則會決定如何驗證憑證 ，以及因驗證而授與傳送伺服器的權限。 將 TL...