home




Exchange Server System Management:
Administration & Guidance


In this section, you will learn how to administer and take advantage of the powerful capabilities of Microsoft Exchange Server. Want to add an additional SMTP domain in your organisation? Or increase the storage capacity of Exchange Server 2003 (with SP2) to allow your database to grow up to 72GB (Standard Edition) from 18GB! Perhaps you just want to protect your organisation from being an "Open Relay" - a common cause for spam abuse on your servers.

You will also learn how to fix common troubleshooting issues with Microsoft Exchange. Do you have you have Exchange installed on a Domain Controller? Do you find that the services do not start correctly on reboot when on a domain controller? If so, read more!

Whatever the case may be, read on to learn more from Guru Guy!


Adding an additional SMTP domain to your organisation via Exchange Recipient Policies

So has your company recently bought another email domain that you would like to start using in Exchange/Active Directory? Or perhaps you would like to give another email address to all of your domain users automatically? Do you want to enforce initial dot surname as an email address automatically as your email account policy for users? Well, Guru Guy explains all...

Recipient Policies are what tells your Exchange Server what domains you own and what policies to do with them; and replace the function of site addressing in Exchange Server 5.5, with a little more flexibility. Site addressing applied proxy addressing rules to all users in a site, whereas recipient policies give more flexibility on how you group the users to whom the addressing rules apply.

  1. The first thing you need to do, is make sure the domain you wish to add to your organisation points to your Exchange/SMTP mail server. When you purchase a domain, you configure A records (which specify the website IP address of the www domain, amongst other things) and MX records, or Mail Exchange records which tell the DNS Servers around the world who is responsible for mail for that domain. Make sure at this stage, your MX records point to your Exchange server's public IP address. Make sure you have not configured your Exchange Server as an Open Relay however!
  2. You can use policies to add SMTP addresses to your users accounts. Alternatively, you can administer any of these properties individually
    by accessing the user object from the Active Directory Users and Computers; but this guide will assume you shall use a recipient policy. It is important whether you wish to deploy a new email  address via a recipient policy or not, that the SMTP domain is listed as an available domain in the recipient policy. If not, the Exchange Server is not aware of this being a domain your organisation is responsible for.
  3. You can define a policy that states that all users with the company name
    Guru Guy Ltd have an SMTP address of alias@guruguy.com. 
  4. Start the Microsoft Exchange System Manager;
  5. Expand Organisation ->Recipients, and then click "Recipient Policies" (as below);
    Microsoft Exchange System Manager
  6. Right-click "Recipient Policies" -> New, and then click Recipient Policy, or you can modify the default domain policy (which applies to all).
  7. Specify an LDAP filter (that is, to whom the policy applies) and the e-mail addresses for these recipients.
  8. If you would like to add a new domain to your organisation to support one you recently purchased, add it here so Exchange knows it is now under its control. You can specify a policy on how email generation applies. For example, if you would like Guru Guy to have a policy of initial.surname, (g.guy@) you enter: 
    %1g.%s@domain.com
  9. Anything you specify in the recipient policy is applied immediately and will be enforced within an hour.

Increase the Database Size Limit in Exchange 2003 SP2

Microsoft Exchange Server 2003 Standard Edition allowed only an 16GB database size limit. In the modern world, this limit would be reached a little too quickly for any administrator's liking. You know when you reached this limit, as your Exchange Database Store dismounts with an event log error 1112, "The database Mailbox Store (Server Name) has reached the maximum allowed size. Attempting to unmount the database." from the ExchangeIS Service.

Fortunately, since Microsoft released Exchange Server 2003 Service Pack 2, both versions of Exchange Server 2003 with SP2 have the ability to configure a higher database limit, a warning threshold, and a warning interval set through registry keys.

The database size limit registry keys are read when the database mounts (not when the Exchange service starts up), and when each limit check task runs. If you modify the database limit value in the registry you must reset the registry keys manually if the server has to be rebuilt using the /disasterecovery setup switch.

Step-by-Step Instructions:

  1. Open the Windows Registry Editor (Regedit);
  2. Navigate to:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\<SERVER
    NAME>\Private-013e2e46-2cd7-4a8e-bfec-0e4652b94b00
    (Private GUID will be unique to your system)
    Microsoft Exchange Registry Settings for Database Limits
  3. Create or Modify the following REG DWORD registry keys (in Decimal) to enable your new database limit:
Database Size Limit in GB
The Database Size Limit in GB setting is the configurable maximum size of a database. For Standard Edition, you can set the database size limit between 1 and 75 GB. For Enterprise Edition you can set the database size limit between 1 and 8,000 GB.
Database Size Buffer Warning in Percentage
The Database Size Buffering in Percentage setting is a configurable error threshold that will warn you with an event log entry when your database is at or near capacity, and will shut down within 24 hours of the event being logged. By default, Exchange Server 2003 SP2 logs events when the database has grown to within 10 percent of the configured database size limit. This threshold is configurable.
4. Once you've entered your new registry values, dismount the Exchange Store (the Information Store service) via the Exchange System Manager and re-mount the store. Voila!

How to configure your Exchange Server/IIS SMTP Service to prevent it from being an Open Relay.

Exchange Server 2000, 2003 and IIS 5 (Windows 2000) and IIS 6, by default, are not set up sufficiently to protect themselves from being an Open Relay.

So what's an open relay? An Open Relay is an SMTP server that is used for relaying (forwarding) unsolicited commercial e-mail messages, or spam. An organisation may find their internet/email server being extremely slow and their own email being blocked with bounce-back messages as their IP address is "known to originate spam". 

Guru Guy has detailed the steps you need to take to lock down your Server from being an open relay to protect you and your organisation from spam abuse.

  1. There are two Exchange Server components that permit SMTP relaying to be turned on or off:
    The Default SMTP Virtual Server
    The SMTP Connector
    Depending on whether you have Exchange Server installed will depend on where you shall find these items. (IIS configuration is under Computer Management -> Internet Information Services -> SMTP Service)
    SMTP Protocol found in Exchange System Manager
  2. Load the Microsoft Exchange System Manager.
  3. Expand Servers, Servername, Protocols, and then expand SMTP.
  4. Right-click Default SMTP Virtual Server and then click Properties.
  5. Click the Access tab.
  6. Click the Relay button at the bottom.
  7. The default settings block open relay. The default settings are as follows:
    • Select Only the list below.
    • The Computers dialog box shows Access Granted to the Internal IP address of the Small Business Server network and to the external IP address (if the server has more than one network card.)
    • Make sure that Allow all computers which successfully authenticate to relay, regardless of the list above is selected.
      SMTP Configuration: Relay Authentication
  8. OK out of all open dialogues - your SMTP service changes have been made. Restart the SMTP Service to ensure your changes have immediate affect and test to see if you are an Open Relay from below.

How to test if you are an Open Relay

  1. Start -> Run, type telnet, and then click OK.
  2. At the Telnet command prompt, type set local_echo, and then press ENTER.
  3. At the Telnet command prompt, type open Exchange-IP-address 25, and then press ENTER (where Exchange-IP-address is the external public IP address of the Exchange/SMTP Server computer).

    The output is similar to the following:
    220 server.smallbusiness.local Microsoft ESMTP MAIL Service, Version: X.XXXX.XXX ready at "date" -0500

  4. Type ehlo google.com, and then press ENTER. Make sure that the last line is:
    250 OK
  5. Type mail from:youremail@anydomain.com, and then press ENTER (where youremail@anydomain is an SMTP address that is not hosted on the Exchange Server computer). Make sure that the result is:
    250 2.1.0 youremail@anydomain.com....Sender OK
  6. Type rcpt to:user@fakedomain.com, and then press ENTER (where user@fakedomain is not your e-mail domain). Make sure that the result is one of the following two responses:
    550 5.7.1 Unable to relay for user@fakedomain.com
    -or-
    250 2.1.5 user@fakedomain.com
  7. If the result is "550 5.7.1 Unable to relay for user@fakedomain.com," the Exchange server is not an open SMTP relay. If the result is "250 2.1.5 user@fakedomain.com," then the Exchange server is an open SMTP relay

Alternatively, you can perform these tests from third party websites if your exchange server is an "Open Relay" by going to:
http://www.spamhelp.org/shopenrelay/
http://www.checkor.com/
http://www.abuse.net/relay.html


Exchange Server Troubleshooting & Tips

Many people run Microsoft Exchange on a Domain Controller. Perhaps it is because they are running Small Business Server where everything is installed on the same server. Or perhaps the Organisation can't afford to separate the services across two different servers. Either way, it can be troublesome and presents some problems, particularly when you reboot the server.

Problem 1: When you reboot Server 2003 the Exchange Information Store service fails to start

If you find in the Exchange Information Store fails to start automatically on boot, it is usually relating to problems with DNS and/or TCP/IP.
  1. First, ensure DNS service is running correctly, check for errors - particularly with server name resolution. (Does your Exchange Server name resolve correctly?) For a thorough guide on DNS resolution and troubleshooing, visit the Microsoft webpage on common issues and Server 2003 DNS Issues.
  2. Another common TCP/IP misconfiguration which can cause self-DNS name resolutions, particularly around bootup, is to make sure you have enabled NETBIOS over TCP/IP. 

    To enable this, right-click on the Local LAN Adapter in Network Connections of Control Panel, select Properties, and then click on the TCP/IP protocol in the list you see:Local Area Connection Properties
    1. Click Properties of the Internet Protocol (TCP/IP);
    2. Click on the "Advanced" button at the bottom of the properties window to bring up "Advanced TCP/IP Settings";
    3. Select the "WINS" tab;
    4. Under "NETBIOS Setting", make sure the option is "Default". This will make sure that if a Static IP address is used (as most servers do!) or the DHCP Server does not provide NETBIOS Settings (which by default they don't) to enable NETBIOS over TCP/IP.
      TCP/IP Advanced Settings - WINS Tab
Between a healthy DNS Server and NETBIOS over TCP/IP, you should find that upon reboot your Exchange Information Store service should start with the reboot of Windows automatically. (If the problem was to do with DNS e.g. errors "Can't resolve the domain" or "Could not lookup a DNS server" etc.)

Problem 2: Exchange Database reaches its limit, and you have already increased it to the maximum size permitted. (Assuming you've already followed Guru Guy's Database Limit Increase)

Are you getting the errors similar to below? 

Event Type: Error
Event Source: MSExchangeIS
Event Category: General
Event ID: 1112
Description: The database "Mailbox Store (Server Name)" has reached the maximum allowed size. Attempting to unmount the database.

Event Type: Warning
Event Source: ESE
Event Category: Space Management
Event ID: 445
Description: Information Store (3160) The database C:\Program Files\Exchsrvr\MDBDATA\priv1.edb has reached its maximum size of 16383MB. If the database cannot be restarted, an offline defragmentation may be performed to reduce its size.

Say, for example, you have either already increased the Exchange Database Limit, or you cant for server disk space is at capacity, or you find on restarting the Mailbox Database it fails to start, you have a couple of options left for things you can carry out...
  • Selectively remove unnecessary database content.
  • Defragment the database to reduce the database to a level that is in the defined boundaries of the database size.
Remove data from your mailbox store. To do this, use one of the following methods:
  • Use Microsoft Outlook to delete unnecessary e-mail items from individual inboxes, sent items and other folders. Particularly large emails with attachments (do a folder search for large email);
  • Use Outlook to empty the Deleted Items folder.
  • If a deleted item retention is set, you may want to temporarily reduce retention to zero (0) days:
a. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
b. Right-click Mailbox Store, and then click Properties.
c. Click the Limits tab, and then type 0 in the Keep deleted items for days box.
  • Delete mailboxes that are no longer used.
  • Use the Move Mailbox tool to move mailboxes to a mailbox store that is on another server that is running Microsoft Exchange Server.
  • Have users create personal folder (.pst) files on their local hard disk drives. Then, have the users archive content from the mailbox store database to their local hard disk drives.
  • Use the Mailbox Merge Wizard (ExMerge) tool to archive content from the mailbox store database into personal folder (.pst) files. The ExMerge tool can archive the content by mailbox folder or by date range.

Defragment the Exchange Database to reduce the size
After you remove data from your mailbox store, you must let online maintenance run so that items are marked for permanent deletion before you run an offline defragmentation.

1. By default, online maintenance is scheduled to run every night from 1:00 AM to 5:00 AM. To force online maintenance to run immediately, follow these steps:
a. Open Exchange System Manager.
b. Navigate to Microsoft Exchange Server server, and then double-click Storage Group.
c. Right -click Mailbox Store, and then click "Properties".
d. Click the Database tab, and then click Customize to modify the schedule to run immediately.
The following event ID message is logged in the Application event log:
Event Type: Information
Event Source: ESE
Event Category: Online Defragmentation
Event ID: 700
Description: MSExchangeIS (170) Online Defragmentation is beginning a full pass on database 'C:\Program Files\exchsrvr\mdbdata\priv1.edb'.
e. View the Application event log to verify that online maintenance of your mailbox store is finished. (This may be several hours afgter you first run the maintenance). Event ID1221 indicates that online maintenance is finished. This event ID message also indicates how much free space there will be on your mailbox store after offline defragmentation. Event ID 1221 appears similar to the following event ID:
Event Type: Information
Event Source: MSExchangeIS Mailbox Store
Event Category: General
Event ID: 1221
Description: The database Storage Group Name\Mailbox Store has 565 megabytes of free space after online defragmentation has terminated.

2. Run an offline defragmentation of your mailbox store by using the Eseutil tool (Eseutil.exe).
a. You must dismount the mailbox store before you run an offline defragmentation. Additionally, you must have free disk space equal to at least 110 percent (%) of the database size to run eseutil /d. If you do not designate a temporary location for the database file by using the t command, the temporary location is automatically set to the Exchsrvr/Bin folder.
In this example, X is a temporary drive letter location for the defragmented database on the hard disk drive or on a network drive. After you run the eseutil /d command on your mailbox store, you must dismount all the stores in the storage group and remove any log files in the Mdbdata folder before you remount the database. The time to complete an offline defragmentation varies depending on factors such as the hardware involved or whether the temporary database is redirected to a network drive. The following command is an example of the command line that you use to run the Eseutil tool:
exchsrvr\bin\eseutil /d "location of .edb file" /tX:\tempdfg.edb
Note: When you defragment an .edb database file, the associated .stm file is defragmented also.
b. Mount your databases, and make backups.

Related Guides:

Like what you've read? Was this of help? Contact Guru Guy to let him have your feedback!

Now why not visit Guru Guy's Vintage Computer Webshop to grab classic Vintage Computer Server Software!
 
  Copyright © Guru Guy 2009. All Rights Reserved. SITEMAP | DISCLAIMER