26 December 2017

Outlook 2013/2016: Types of connections to Microsoft Exchange

In this post, I would like to make out the types of Microsoft Outlook 2013/2016 connections to the Microsoft Exchange Server 2016, depending on the type of mailbox (personal, archive, shared or Public Folders).
There are 2 main types of connections: cached and online. The online mode is simple, but the cache mode is more complex. To learrn more what is Cached Mode go to TechNet.

07 December 2017

Exchange 2016: setup tried to install wrong CU version

Recently faced an interesting feature on the start at installation of Cumulative Update.

When starting CU setup from the command line, the installation of the current version can start.

An example:
[PS] C:\Windows\system32>cd d:\
[PS] D:\>setup /PrepareSchema
Microsoft Exchange Server 2016 Cumulative Update 6 Unattended Setup


15 November 2017

Exchange 2016: How to force it use UTF-8 encoding

In order to minimize the number of possible problems with message encode (e.g. "?" instead of Cyrillic symbols), I recommend to set up an unified universal encoding in the Exchange - UTF-8.

Quotation from the TechNet article regarding choosing encoding for outgoing emails:
"Exchange uses the order of precedence as described in the following list to determine the message encoding options for outgoing messages sent to recipients outside the Exchange organization"

1. Mail user or mail contact settings

There are no specific attributes to determine encoding for MailContact and MailUser.

14 October 2017

Exchange 2016: How many attachments may be in the email?

Have you ever wondered how many files you may attach to an email?
For Microsoft Exchange 2016 (CU6) is 249 (250 MIME parts). And it is an unchangeable parameter. Not so much, isn't it?

MaxBodyPartsTotal
This limit specifies the maximum number of message parts that can be used in a MIME multipart message. The value is 250.
https://technet.microsoft.com/en-us/library/bb397226(v=exchg.150).aspx
In the RFCs I can't find any mention of maximum number of MIME parts or attachments. Also I found information that in Gmail there is no limitation to number of files attached, only message size (300 files was delivered perfectly). Feel free to correct me if I'm wrong.

23 August 2017

Exchange 2016: How to move system mailboxes

Exchange 2016 has 5 types of system mailboxes: Discovery Search (1 mbx), Arbitration (6 mbx), AuditLog (1 mbx), Public Folder (not created by default) and Monitoring (the number depends on the number of databases). All of them are necessary for full-fledged Exchange's work.

You can't delete the first mailbox database (or another one) until all system mailboxes migrate to a new database.

12 July 2017

Brief of email anti-spoofing technologies: SPF, DKIM, DMARC, SIDF, DK, ADSP

For a few years unhurriedly I have been discovering features to protect emails from spoofing. Here I briefly collect information about all current standards, their functionality and an example with one main domain and two subdomains. It is not a complete guide, please read the RFCs and special guides for each standard.

Standards

Acronym
Definition
Official website
RFC
IETF Status
Short description
SPF
Sender Policy Framework
Standards Track RFC
Defines who (which servers) could send emails from domain and what to do with “bad” emails.
Works with «RFC5321.MailFrom» and «HELO» identities.
DKIM
Domain Keys Identified Message
Standards Track RFC
Sign an email by private key to identify the sender.
DMARC
Domain-based Message Authentication, Reporting, and Conformance
Informational RFC, Working Group
The policy that unites the SPF and DKIM to define what should do receivers with «bad» emails.
SIDF
Sender ID Framework
-
Experimental (2006)
Analog SPF, but works with «RFC5321.MailFrom» and «RFC5322.From».
ADSP
Author Domain Signing Practices
-
Historic (2014)
Extension to DKIM allowing domain owner to specify whether or not they signed all outgoing mail.
DK
DomainKeys
Historic
Analog of DKIM. This standard was superseded by DKIM (RFC4871).


09 July 2017

Email: Eliminate confusion between the concepts of «MAIL FROM» and «From»

Looking through various articles I was confused by different names of From-headers of email. Now I want to put all aliases of FROM and TO headers into one table.
First of all it is necessary to understand that email consists of two parts: «envelope» and «content». Quotation from RFC5322:
«In the context of electronic mail, messages are viewed as having an envelope and contents. The envelope contains whatever information is needed to accomplish transmission and delivery. (See [RFC5321] for a discussion of the envelope.)  The contents comprise the object to be delivered to the recipient.  This specification applies only to the format and some of the semantics of message contents.  It contains no specification of the information in the envelope.»

Each of parts contains its own FROM and TO headers/fields. In fact, there are many other headers (sender, cc, bcc and etc.), I will not consider them all, so read the RFC.
A content part consists of two sections: «header» and «body». Quotation from RFC5321:
«The SMTP content is sent in the SMTP DATA protocol unit and has two parts: the header section and the body. If the content conforms to other contemporary standards, the header section consists of a collection of header fields, each consisting of a header name, a colon, and data, structured as in the message format specification (RFC 5322 [4]); the body, if structured, is defined according to MIME (RFC 2045 [21]).»

08 March 2017

A bit more about Tarpit Interval in Exchange

I want to show the reasons why in the SMTP logs report of delays the delivery of emails.
Tarpitting is an artificial delay in server responses in SMTP for several reasons (preventing spam, directory harvest attack, high server load and etc.).
For convenience, I presented the information about log records, features (that responsible for the delay), delay values and etc. in the tables.

Feature Recipient Lookup
Log Tarpit for '0.00:00:05' 550 5.1.1 User unknown
Applicable Exchange 2007 - 2016 on Edge Role
Delay default value 00:00:05
Delay minimum value 00:00:00
Delay maximum value 00:10:00
How to change delay value Set-ReceiveConnector "Default" -TarpitInterval 00:**:**
Default feature state Disabled. Need to enable Recipient Filter agent.
How to enable feature Set-RecipientFilterConfig -Enabled $true
How to disable feature Set-RecipientFilterConfig -Enabled $false
Disable-TransportAgent "Recipient Filter Agent"
Comments Authenticated connections are never delayed.
Technet https://technet.microsoft.com/en-us/library/bb123891(v=exchg.160).aspx

14 February 2017

Exchange 2016: Do I need update AD schema?

Not each Cumulative Update of Microsoft Exchange 2016 contains updates to the AD schema. I decided to present it in the simple table.
Hope it will useful to someone.



FROM
RTM
CU1
CU2
CU3
CU4
CU5
CU6
CU7
CU8
CU9
CU10
CU11
CU12
CU13
CU14
TO
RTM
CU1
Yes
CU2
Yes
Yes
CU3
Yes
Yes
Yes
CU4
Yes
Yes
Yes
No
CU5
Yes
Yes
Yes
No
No
CU6*
Yes
Yes
Yes
Yes*
Yes*
Yes*
CU7
Yes
Yes
Yes
Yes
Yes
Yes
Yes
CU8
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
CU9
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
CU10
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
CU11
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
No
CU12
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
No
No
CU13
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
No
No
No
CU14
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
No
No
No
No

* Increased only the version number. Officially CU6 does not contain AD Schema update.


I am finished updating this article because Microsoft built perfect tool to help with Exchange updates - Exchange Update Wizard.