Removing mail stuck in retry queue in Exchange


Per-Torben Sørensen

Everyone working with mail has seen this, messages and NDRs stuck in retry queues mostly thanks to spam and malware.

These fine lines of Powershell will remove all messages from retry queues without sending NDR for each message.


# Empty Exchange retry queues without NDR
# Written by Per-Torben Sørensen (per-torben.sorensen@evry.com)
#
# Version: 1.0
#*********************************************************************************************
# Change the settings below
#
$Servers = "CAS01","CAS02" # Enter the name of all CAS servers
#*********************************************************************************************
# Variables below
#
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010
#*********************************************************************************************
foreach ($server in $servers)
{
$retryqueues = get-queue -Server $server -filter {Status -eq "Retry"}
foreach ($queue in $retryqueues)
{
Get-Message -Queue $queue.identity | Remove-Message -WithNDR $false -Confirm:$false
}
}

View original post

SPF 1-2-3


Here is a quick intro to SPF and how to configure it:

SPF (Sender Policy Framework) is a countermeassure for beeing an unwilling wictim of spam sending. Using SPF you can approve from what SMTP servers email from @yourdomain.com will be sent from. This will make it harder to spoof your e-mail adrress, as long as the receipient server checks the SPF record.

For Office365 you need to update your DNS zone with SPF records to fully validate the domain. Here is an example of how the SPF record shuld look like:

v=spf1 include:spf.protection.outlook.com -all

If you are using some system to send out e-mails outside Office365 you need to add those servers to you SPF record.
If you just want to add a IP adresse this is how your record shuld look like:
v=spf1 include:spf.protection.outlook.com ip4:11.11.11.18 -all

And if you want to use a hostname (and a IP address) it could be like this:
v=spf1 include:spf.protection.outlook.com ip4:11.11.11.18 a:mail.sender.com -all

Note that using include will require the domain (ie_ spf.protection.outlook.com) to have its own SPF record to be valid.

IPconfig is blank (Windows IP Configuration)


Recently I found that a server lost it’s IP configuration, or so it looked like.

When runnin the ipconfig command the only output is this line:
Windows IP Configuration

All info about IP adresses, netmask, gateways, dns servers and all other info are gone.

I fixed this problem by restarting the TCP/IP Netbios Helper service.

In other blogs I have found that the same problem can be fixed by runnin the command:
netsh int ip reset
This command had no effect on mye problem, but might help others.

Since this problem where reoccuring on my server I created a scheduled task for restarting the service once pr day. This completly mends this problem (at least so far).

Powershell: Exchange – Check database size


Here is a one liner to check the database size for exchange databases.

Start Exchange management shell. Then run the following command:

Get-MailboxDatabase | foreach-object {add-member -inputobject $_ -membertype noteproperty -name mailboxdbsizeinGB -value ([math]::Round(([int64](get-wmiobject cim_datafile -computername $_.server -filter (‘name=”’ + $_.edbfilepath.pathname.replace(“\”,”\\”) + ””)).filesize / 1GB),2)) -passthru} | Sort-Object mailboxdbsizeinGB -Descending | format-table identity,mailboxdbsizeinGB

Source:
http://blogs.technet.com/b/gary/archive/2009/08/11/get-exchange-mailbox-database-size-one-liner-version-2.aspx

Java security settings


Java 7u51 has been a headache so far with security settings, especially on a terminalserver. I needed to adjust the security setting for Java for all users on the terminalserver and add a website (example.com) to the exception site list in Java.

The solution was to create 3 text files and place them all in the folder C:\Windows\Sun\Java\Deployment

filename: Deployment.config

deployment.system.config=C:\WINDOWS\Sun\Java\Deployment\deployment.properties
deployment.system.config.mandatory=true

filename: deployment.properties

deployment.security.level=MEDIUM
deployment.security.level.locked=
deployment.user.security.exception.sites=C\:\\WINDOWS\\Sun\\Java\\Deployment\\exception.sites

filename: exception.sites

https://www.example.com

After these 3 textfiles are created, the new java settings till take effect at next logon, and you can verify it by looking at the security tab in java control panel.