my client want to disable password complexity so that users cannot have any hassle in setting their passwords
still it gets the password more unsecured . It’s an client request .
Start – Group Policy management
Right Click on Default Domain Policy – Click Edit
Computer Configuration – Policies – Windows Settings – Security Settings – Password Policy – Disable the “Password Must meet Complexity Requirements”
Now mailbox can have Passwords without complexity.
We had a issue where exchange 2013 server was receiving a lot of spam emails and tried configuring inbuilt anti spam
and it doesn’t seem to fix the issue, I had to search a cheap anti spam software which will resolve our issue.
In my search . I had to try Hexamail which was cheap reliable, if you find any other reliable ones , drop the name in the comments.
lets see how to install and configure it.
Hexamail Guard Basic – Which stops spam emails alone
http://www.hexamail.com/download.html
Register it and download a trial version.
Installing it on the exchange 2013 CAS Server itself, Add the domains and choose the primary domain
Add the email address where if more mails are in the quarantine list . It will be emailed to you.
Choose integrate with Incoming SMTP email
Choose automatically integrate with Exchange2013
Now Hexamail has to use the Port 25 to receive email so that it can scan and drop emails to Exchange Server.
Exchange server also receive email on port 25, so Change that to port 2500 so that both applications can work together.
EAC – > Mailflow –> Receive connectors –> Default Frontend “Servername”
Make sure anonymous users are checked.
In remote network settings add 127.0.0.1
And Change the port to 2500 in Network adapter bindings
Now open Hexamail admin console. Make sure ACtive directory settings looks good.
Now import the users you want to configure and license them.
I added the users in the pane. Choose Apply – ok
For rough estimation for 150 users it was 1000 USD.
A.com and B.com
We had to migrate few Exchange servers of A.com to different location , So we had to change the Public IP , and Public DNS replication didn’t work as expected due to a SQL database issue in our Public DNS servers.
So Our new public IP of A.com has been black listed , We didn’t have time to white list all of them and even after whitelisting some banking domains keep on rejecting our new public IP of A.com.
We decided to relay the emails on another exchange server in a different domain B.com, so that production is up and mail is flowing smoothly.
So lets see how to create a relay connector in the B.com Exchange server
Goal – A.com will relay emails using B.com Exchange Server
Logged into B.com Server
Server Configuration – Hub Transport – New Receive Connector
Type a Friendly name – Choose Custom
Choose Next
Please take off All IP range . So that your Server don’t act as open Relay,
Specify an remote IP of A.com , so that B.com Server remains secured
Choose New to Get the Connector Created
Now, Right Click on the Relay Connector you Created . Make Sure Transport Layer Security (TLS) is checked
Make sure anonymous users are checked
Now add the required Ad permission using the below command .
Open Exchange Management Shell and Run
Get-ReceiveConnector "ServerName\Anonymous Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient"
Now Relaying Server is ready , As it will accept emails from A.com .
Now Redirect the A.com mail flow via B.com Server
Logging into A.com Server
Organization Configuration – Hub Transport – Send Connectors
Open the Internet Connector – Enter the Remote ip of B.com Server
(Restart Transport Service if required)
Now A.com Emails are Relaying via B.com Server.
I got a request recently. Due to audit purposes, they gave me like 100 keywords and delete those emails where ever they are in the server.
Exchange 2010/2013/2016 and Office365 is much powerful and easy to do such tasks. We can use the discovery search feature to accomplish it.
Click the below Link – Make sure the Admin has appropriate Permissions
https://www.azure365pro.com/deleting-a-specific-email-from-entire-organization-in-exchange-2010-2/
$search = '"expenses" OR "credit" OR "tax audit" OR "Payment"'
Saved the 100 Keywords to $search in the above format.
To move Content to a Specific Mailbox –
This example searches all mailboxes in your organization for messages that contain the words in $search . The search results are copied to the administrator Mailbox in the folder Exportedmailbox
Get-Mailbox "EntermailboxName" | Search-Mailbox -SearchQuery $search -TargetMailbox "administrator" -TargetFolder "ExportedMailbox" -LogLevel Full
To Delete Content
For Specific mailbox
Get-Mailbox "EntermailboxName" | Search-Mailbox -SearchQuery $search –DeleteContent
For All mailbox
Get-Mailbox | Search-Mailbox -SearchQuery $search –DeleteContent
To Estimate how much mails you are going to delete (Logonly Switch)
Get-Mailbox "EntermailboxName" | Search-Mailbox -SearchQuery $search -TargetMailbox "administrator" -TargetFolder "ExportedMailbox" –LogLevel Logonly
Add on –
Deleting a Subject from all mailboxes – But Excluding a Specific Sender (Logonly Switch)
Get-mailbox -Resultsize Unlimited | search-mailbox -searchquery {Subject:"Welcome to dubai" NOT from:"administrator"} -Logonly -Targetmailbox administrator -Targetfolder Inbox
Clearing Dumpster of a Specific Mailbox – (Clearing DeletedItemsSize to 0)
search-mailbox MAILBOXNAME -SearchDumpsterOnly -DeleteContent
I had to redirect http to Https in Exchange 2013 OWA
Open IIS, Right Click – Explore
Take a Backup of web.config file
add the below content between –
</location>
Add Content in this space
</configuration>
And Paste it with –
<system.webServer>
<httpErrors>
<error statusCode=”403″ subStatusCode=”4″ path=”https://mail.azure365pro.com/owa” responseMode=”Redirect” />
</httpErrors>
</system.webServer>
Now it should redirect all http to Https . Where the URL has been defined above.
How to host Exchange 2013 with Minimised Cost ?
I just tried to find some answers for that . and create a step by step procedure
Step 1:
Find the best Location – With Good Power , Can Withstand disaster
If you don’t have a good infrastructure . Never worry , There are Cloud Servers you can rent .
There are many providers in the Market.
Step 2:
Choose a good Control Panel to Server the clients
There are good Software’s in the market.
Citrix
http://www.ems-cortex.com/
If you feel you don’t want to invest on a huge licensing cost for a Control panel. There are open source Control Panels available in the market
WebsitePanel
Note : No much documentation available , You may need to spend much money on Support in fixing some issues
Choose Simplest Architecture – With Good High availability and Best options to Expand
Step 3:
Purchasing Part
Required Hardware –
64Bit Servers – 5
1 hardware load balancer – It can be Cisco ACE , F5 , Kemp
Windows server 2012 licences – 5
Required Public IP – 2
Required Public DNS records – 4 ( As per diagram )
Exchange SSL Cert from Digi Cert, Go Daddy with those DNS entries
Exchange Servers Will need 16GB Ram Each , with high Processor Range
Domain Controllers will require 8 GB Ram Each
Websitepanel Server will require 16GB Ram
All Servers are High availability Configured with this configuration
Website panel Portal server will be single point failure (As is not going to disrupt the service even when it goes down)
Step 4:
Promote 2 Machines as Domain Controllers
https://www.azure365pro.com/how-to-promote-windows-server-2012-as-a-domain-controller/
Step 5:
Install Exchange 2013 all roles on 2 Servers
https://www.azure365pro.com/how-to-install-exchange-2013-on-windows-server-2012/
Step 6:
Configure Database Availability Group for MBX Role
https://www.azure365pro.com/how-to-create-a-database-availability-group-in-exchange-2013/
Step 7:
Configure Client Access High Availability for CAS Role
Step 8:
Configure your Public DNS records to VIP
https://www.azure365pro.com/configuring-public-dns-and-mx-records-for-exchange-2013/
Step 9:
See How to Install and Configure Open source Control panel for Exchange 2013
https://www.azure365pro.com/how-to-install-website-panel-2-1-windows-server-2012/
https://www.azure365pro.com/how-to-configure-website-panel-2-1-for-exchange-server-2013/
Step10:
Test the High Availability
Step 11:
Buy a SSL Cert from anyone of the Certificate Providers like Digi Cert,Go Daddy
https://www.azure365pro.com/configuring-3rd-party-ssl-exchange-certificate-in-exchange-2013/
Step 12:
Find a Client – Start Selling mailboxes
Tough part
Hope Its helpful guide to start from scratch.
Satheshwaran Manoharan - Microsoft MVP - Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.
Contact : Info@Azure365Pro.com
© Azure365Pro.com