Exchange 2007 Blog

Newest entries first

6/17/09

We were investigating a complaint that e-mail sent from UConnect (Microsoft Live) to UCMAIL bounced. Because we are suppressing NDRs, he did not get an error notification. His e-mail bounced because of a property in Exchange called Named properties that has exceeded its limit.

To fix this we are going to install Exchange roll-up 8 tonight (6/17/09). The roll-up prevents Internet e-mail from creating named attributes. We will move mailboxes to a new database on the same server to reset the Named attributes value. The Mailbox moves will be from the original database to a new database on the same server and will be conducted overnight. Users will only notice something if they are actively working with their mailboxes when the mailboxes are moved or if they try to access a mailbox while it is moving.

Anyone who  wants to dive in deeper to this may check the following resources:

How to Configure Named Properties and Replica Identifier Quotas for Exchange 2007 Databases
http://technet.microsoft.com/en-us/library/bb851493(EXCHG.80).aspx

Understanding the Impact of Named Property and Replica Identifier Limits on Exchange Databases
http://technet.microsoft.com/en-us/library/bb851492(EXCHG.80).aspx

Events 9666, 9667, 9668, and 9669 Received When Named Properties or Replica Identifiers Are Depleted for An Exchange Database
http://technet.microsoft.com/en-us/library/bb851495(EXCHG.80).aspx

3/11/09

I want to explain what happened to one of our Exchange servers last week (3/3). Users whose mailboxes are on UCMAILBE1 and using Outlook, were experiencing Outlook locking up and seeing a message that the connection to the server was lost. They would get a short reconnection, and then get another lock up. A particular error was associated with this. The cause ended up being a corrupted mailbox in the database that houses the Generic (departmental) accounts. We ended up repairing the corrpution by running an Exchange Information store integrity tool. This corruption could reoccur because it seems to be associated with an IMAP client accessing a mailbox.

Microsoft has a patch for this issue, but because we were able to repair the database without the patch, Microsoft recommended that we hold the patch and only install it if the problem occurs again.  Their justification for this action is that the patch needs to be rolled back when update rollup 7 is installed, and apparently uninstalling a patch has more potential for disaster than just installing a patch.

1/9/09

Global Address List (GAL):  We imported all of the Raymond Walters e-mail system users into the Central GAL. They are showing up as “RWC-<email address>.” We have been made aware that this has caused some duplicate entries for RWC employees  who have both RWC and UCMAIL accounts. We have had reports of unreceived mail when a user is not aware of having more than one account. We are working with the RWC team to sort out this issue and ensure that only the preferred e-mail address shows up in the GAL.

Important information for Outlook Users:  Outlook has a helpful feature called “autocomplete” which will match up recently used e-mail addresses with the letters typed in the “To:” line. When an entry in the Global Address List changes, that AutoComplete address that shows up, becomes invalid. So you may “send” e-mail and get a message back that it was undeliverable to an address you successfully used yesterday. The solution:  resend the e-mail, either typing in the full name or selecting it from the GAL, ignoring Outlook’s suggested entry.

Should your e-mail be returned undeliverable again, you may need to download a new copy of the address book if you are using cached Exchange mode. Cached Exchange mode keeps a copy of the Global Address Llist on your machine. To download the new copy select  “Tools,” “Send/Receive,” and then  “Download Address Book." If you still receive the e-mail back, please call the Help Desk (6-4357) so we can look at it.

12/02/08

Wow:  did our delivery percentage drop since we started dropping the NDRs! Over the Thanksgiving weekend, we got a lot of "Returned mail" from the Mail Delivery Subsystem. This is backscatter from other systems. A spammer is using our names in the Reply To: field and when a system finds that it accepted e-mail for an account that does not exist, it sends a Non Delivery Report (NDR) back to the Reply To: address. With our current system we cannot do a whole lot about it --- unless we were to block all messages of this type. But then our users would not know if a legitimate message was delivered because the e-mail account no longer exists or the mailbox is full. With the current economy where people are being laid off at an alarming rate, we feel that it is better to deliver NDRs. 

11/12/08

We made a change to the system so that we are blocking NDRs from Exchange to external systems. We did this to reduce the total SMTP messages and reduce the number of deferrals that pile up on the ZIX Machines. This was a new occurance for us once we moved to Exchange 2007. We were producing backscatter. This occurs when we accept a message before checking to make sure it is addressed to a “real account.” The best practice is that the system looks at the recipient field before accepting the e-mail delivery connection. This ability used to exist on the Exchange 2003 servers but in Exchange 2007, this ability exists on the Edge transport server. We did not deploy the edge transport receiver because the Mirapoint servers support this role. We had a situation this week where we found a few loops where e-mail mssages were bouncing back and forth.

8/26/08

The actual mailbox moves have been going quite well. There have been some issues with getting client configured properly to work. There have been a few clients that we have not been able to get to work. It seems they cannot support the Secure POP or IMAP setting the Exchange server is now requiring.

Try as we can, we have not been able to get Eudora for Macintosh to connect to Exchange 2007. It appears as if this version of Eudora cannot negotiate the Secure POP protocol that Exchange now requires. (The Mac version of Eudora is version 6.2.4 and was released 10/11/2006.)

We no longer recommend Eudora as an e-mail client. Qualcomm decided to end their association with Eudora as of 10/11/2006 and moved Eudora to an open source product. This means that Qualcomm no longer provides critical security updates or patches and will not offer technical assistance for Eudora.

We have been able to get the Windows version 7.1.0.9 to work (released 10/11/2006, also). We recommend that users who insist on using Eudora with their Windows machines upgrade to 7.1.0.9 in order to be supported by the Help Desk. There is a beta version of Eudora 8.0. This is very new, still an open source product and is being merged with the Thunderbird e-mail client. The e-mail team is putting together screen shots for configuring Eudora 7.1.0.9.

Mac Users can be encouraged to use Mac Mail, which is built into the Mac and thus requires no downloads.

Outlook Express is does not work either (outside the UC Network). Microsoft has documented the problem and has no intentions on fixing it because they have developed Windows Mail as the replacement.

The e-mail team recommends that our users use the following clients.

Windows XP, Vista:

1.       Outlook 2007

2.       Outlook 2003

3.       Windows Mail (Vista only)

4.       Thunderbird 2.0 or later

5.       Eudora 7.1.0.9

Mac OS X, 11.0, 11.5:

6.       Entourage 2008 (with SP1, it’s necessary for Auto configure to work)

7.       Entourage 2004

8.       Mac Mail

8/13/08

The first two evenings of migrations have gone very smoothly. All new e-mail accounts are being created on Exchange 2007.

We have heard that upon migration, smart phone users are being asked to resynchronize their folders.
 

8/07/08

So we have staff vacations out of the way. Backups are working fast, we are currently testing the Voice Mail integration. We have all of our Archived mail moved back into the inboxes.

We are on track to begin migrations Monday, 8/11. Today, I plan to finalize the schedule and publish it here.

Fri., 7/11/08

The 6 Exchange Mailbox servers are ready and the e-mail team is installing Exchange on them as I type this. Five servers will be active and the 6th will be a hot failover server.

Next week we will move some mailboxes over to the new servers and begin testing. Here are the bullets on our test plan:

IMAP

POP

Active Sync

UM/Voice mail

Outlook

Entourage

OWA

Outlook Anywhere

Confirm Connectivity from UCP & THA to UC accounts

Open Text

Backup and recovery

I welcome any other suggestions and/or volunteers to help.

We did create a small Exchange 2007 server and moved a couple of mailboxes with it. My personal mailbox is there. (Yes, I am living dangerously because this server is not being backed up). But my experience has been good. I was one of the lucky ones whose Active Sync process on the smart phone did not stop working. (Maybe I have a later version of Windows Mobile?) Then, on Tuesday afternoon I switched to a Blackberry device. All is well.

I did notice that my junk mail filter had a lot more items in it. A lot of the server notification e-mails I get were marked as spam by the smart Junk Mail filter. I had to go in and mark some of the senders as “not junk.” So be aware that that functionality might change.

The most exciting thing is that I got Outlook Anywhere to work. Outlook Anywhere, a feature of Exchange 2007 that we have enabled, allows Outlook to connect to our mailboxes from a machine that is 1.) Not on the UC Network or 2.) Not connected via a VPN. In Techie-speak, it encapsulates the Exchange commands in a HTTPS Wrapper. HTTPS is a secure connection that web browsers use to communicate with servers. The new Exchange 2007 front ends “speak” HTTPS and will “interpret” between the Outlook Client and the Exchange server. The Front Ends server is the only pathway from the Internet to the Exchange mailbox servers.

Outlook Anywhere works with Outlook 2007 or Outlook 2003. Outlook 2007 will actually configure itself. You will need to enter the server name ucmail.uc.edu and your mailbox name and your password --- and it will actually find the server and configure Outlook for you. It is slick.

I do encourage every Windows user to give Outlook a try. I realize in an environment like the university that there are members of the community who do not trust the Outlook software. I want to remind everyone that we are getting close to the 10th Anniversary of the disaster caused by the Melissa Virus. Microsoft has heard the demands that they do a better job of securing their products. Also, the catch rate of spam filters has greatly reduced the outbreak of viruses. 

7/2/07

Outlook Web Access (OWA) /Front end server deployment

We had submitted a Change Management request to deploy the new front ends for this morning. We did test this change in our test bed, but we ran into issues we did not see in the test bed becasue we were unable to simulate the load our production servers experience.

The first issue is the matter of bookmarked favorite shortcuts to the OWA server. When you connect to the server, simply entering ucowa.uc.edu into your browser, translates into a more specific location such as https://ucmail.uc.edu/exchweb/bin/auth/owalogon.asp?url=https://ucmail.uc.edu/exchange&reason=0&replaceCurrent=1. This is the information that is bookmarked. When we changed over to the Exchange 2007 server, we did not tell people that they needed to reset their bookmarks until after the deployment.

The second issue we ran into was intermittent problems using OWA to access mailboxes on UCMAIL6 or UCMAIL8. It turns out that Exchange 2007 Client access servers (known as Front end servers in Exchange 2003) have higher resource demands on the backend/mailbox servers. Once we allocated more resources to the web application on those servers, OWA worked fine.

There is also an issue with Palm Treo wireless devices. The Active Sync application on those devices requires an increase in resources.

I promise, no more changes without letting the entire Exchange user base receive an e-mail. We will also ask you to send us any personal information.

6/16/07

The front end deployment has been postponed until 6/28. We did not have all of the necessary pieces to bring them online. The weekend of the 21st, we will be applying Windows updates to the current server.

On the good news front, we are exploring different options for backups. That has been the long pole in the tent. We need to make sure we have reliable backups during and after the migration. We are currently maintaining over 30 GB of backed-up data. We need to expand this capacity as part of the move to Exchange 2008. 

We are looking to begin migrations the week of 7/28.

6/5/07

We have the hardware in the racks. There are currently two components to the hardware, two front end servers and six back end servers. There are some hardware issues that are being resolved for the backend servers.

The front end servers are ready to deploy. We are going to test Outlook Web Access with these new front ends. They present different web sites for mailboxes that are on Exchange 2003 and Exchange 2007. We need to determine how they will work and create docuemtnation.

We have plans to bring them online on 6/14.