I had to do this today and realised, it’s been so long since I did it last, I’d forgotten how to do it. Before we go forward, please be clear, I’m talking about MAIL CONTACTS, these are Active Directory Objects that have an Email address, but DO NOT have a mailbox in your Exchange Organisation, and DO NOT have an Active Directory User. I point this out because you can have MAIL USERS that have an Active Directory User Object and have an External Email address (i.e. a Gmail or Hotmail address) associated with the MAIL USER object.
Traditionally mail contacts are used for listing outside mail addresses in your global address list, (like mail users do) but are also used to forward mail to as well.
Solution
I was exporting from Exchange 2010, from the EMC run the following command;
You can see my exported CSV list in, DisplayName, Name, PrimarySmtpAddress format. You will need to do some work with it in Excel to get it in > Name, Firstname, Lastname, ExternalEmailAddress format.
Once you have you CSV file ready, import it into the Target Exchange Server with the following command;
“I seem to get a lot of spam”, and “I get a lot more spam than I used to” are right up there with “My computer is running slow”. It’s a problem that, eats up users time and fills your mail stores with junk, and time/disk space costs money.
SEM is tiny! In a world where a graphics driver is now over 100MB the entire install suite is less than 11MB. This is going into my test network so testing its ability to limit spam is NOT the point of this exercise, I’m looking at the ease of installation, configuration, and administration.
SEM Pre-Requisites
1. Exchange 2000, 2003, 2007, 2010, or 2013.
2. Windows Server 2000, 2003, 2003 R2, 2008, 2008 R2, or 2012.
3. .Net framework version 2.0 (SP1).
4. MDAC (Microsoft Data Access Components) version 2.7.
5. Internet Information Services.
Solution
Before You Start
1. If you have already installed the Microsoft Anti Spam agents you might want to remove them, (not that you have to). If you don’t know you can run the following command;
[box]
Get-TransportAgent[/box]
If you just have the four below then you DO NOT have the extra agents installed.
2. If yours looks like the one below, then YOU DO have them installed.
3. As stated you don’t have to remove them but if you want to simply execute the following two commands;
[box]
cd "Program FilesMicrosoftExchange ServerV15Scripts"
./Uninstall-AmtispamAgents.ps1
[/box]
4. Answer each question, then run;
[box]
services.msc[/box]
5. Restart the Microsoft Exchange Transport service.
7. The installer is pretty straight forward > Next > Accept the EULA > Next > Enter your details > Next > Accept or change the install location > Next.
8. The product will install.
9. At this point it’s downloading definitions form the internet, and it will take a while.
10. When complete it needs to setup a user that the services will run under. Just supply a password > Next.
Note: This user (by default) is added to the local administrators group, and the Exchange Organization Management group.
11. Finish.
12. The management console installs on TCP port 5000, so if you need to access it through a firewall you will need to open that port.
13. Toolbars Tab: From here, I’ll jump straight to the configuration section, this drops you straight onto the Plugins tab. From here you can change the logo that will be displayed with the toolbar (this is NOT visible with Outlook 2013). You can also change the URL it points to and adding rights to users.
14. Toolbar Tab > Outlook Toolbar: On a client running Outlook > Download Outlook Toolbar > Run the installer.
Note: The installer is a .exe file, I would have preferred a .msi file, so I could deploy this out (on mass), to domain clients via GPO.
17. Now when you launch Outlook you can see the plugin loading.
18. You will now have an extra toolbar with the following options.
BE AWARE: You install the OWA toolbar ONCE on the Exchange CAS server.
19. Toolbars > Outlook Web Application: Install OWA toolbar.
20. Yes.
21. Now when your clients access OWA, you have the toolbar.
22. Latest news: Essentially this is just an RSS feed from the manufacturer to keep you abreast of software updates etc. If you have some RSS aggregation software you can add this same feed.
23. Mailbox Tab > Mailboxes: Here it will list all the mailboxes, by default the ‘Default policy’ will be applied and virus filtering will NOT be enabled (this is an add on license). you can also access statistics for this particular mailbox, and view quarantined emails. The User filter settings are for applying an exception for this one mailbox (I’ll cover this later). If you can’t locate a particular user there is also a search function.
24. Mailbox Tab > Usergroups: Usergroups are used to apply policies, any new group requires you to maintain membership manually. But if your Active Directory is well designed, you can select your SPAMfighter groups based on your OU structure.
SEM – SPAMfighter – Configuring and Working with Policies
This is pretty intuitive, and the default policy comes preconfigured and already applied, though with all filtering systems it will probably take you a little while to get it streamlined to your requirements. The policies section has four main tabs;
Filter Settings: What tools you are going to use to look for spam. Accept Actions: What it will do if it finds nothing. Block Actions: What it will do if it finds something. User Filter settings: Exceptions to the filters for one or more users. Mailboxes: Puts you straight back to the mailbox section you saw earlier.
25. Out of the box there are five filters enabled.
26. But there are four further filters that you can add to the policies.
SPAMfighter – Filters
27. VIRUSfighter Antivirus Filter for SPAMfighter Exchange Module: Remember this is an ‘Add on’ so it would only apply to mailboxes that have this enabled. It’s on its most conservative setting, and will replace the infected email with safe content.
28. SPAMfighter Sender Filter > Whitelist:Simply add either a particular email address you want to allow or add in an entire domain.
29. If your lists get a little unwieldy you can import or export them, and chose weather to overwrite them or append the imported list to your existing list.
30. And where there is a Whitelist there is a Blacklist, it’s configured exactly the same.
31. Automatic Whitelist: This is a brilliant feature! It dynamically adds the addresses our users send to to the Whitelist, and maintains the cache for 10 days (which you can alter). I’m surprised this is disabled by default.
Note: This will be enabled by default in the next release.
32. SPAMfighter Content Filter > Whitelist phrases: Gives you the power to automatically Whitelist emails based on a phrase they contain i.e. Your corporate email disclaimer or default signature.
33. SPAMfighter Content Filter > Blacklist phrases: As the warning says be careful with this section, this is the sort of thing that is handy for blocking “We attempted to deliver your parcel but were unable to” emails that urge you to click an attached zip file full of infected spyware nastiness.
34. SPAMfighter Content Filter > Whitelist Attachments: Here you can upload an attachments (like your company logo from your email signatures) and the system will whitelist and allow through emails containing them.
35. SPAMfighter Content Filter > Blacklist Attachments: Thankfully this is disabled by default, the list of file extensions is quite long, and contains some commonly used file extensions, You will need to do some planning and testing with this one if you want to enable it.
36. SPAMfighter Community Filter: This will filter mail based on mails that have already been blocked by other SPAMfighter users, it uses a scoring/weighting system. You simply set a threshold the higher you set it the more mail will be stopped, this will require some fine tuning.
37. SPAMfighter Language Filter:This is enabled by default, but no languages are selected (which is sensible). If you are never expecting any emails in Chinese you can block them here.
SPAMfighter Filters that you can Manually Add to the Policy.
38. SPAMfighter IP-address Filter: Pretty much does what it says on the tin! Though blocking spammers by IP address is a little hard to manage, and it’s pretty easy to spoof an IP address anyway, which is probably when this is not on the default policy.
39. SPAMfighter Sender Policy Framework Filter: Personally I think you would be crazy to turn this on! If you don’t know what an SPF record is then read the following article.
40. SPAMfighter DNSBL Filter: A DNSBL is a dynamic DNS list of known spammers, if you are familiar with RBL block lists this is similar.
41. SPAMfighter Combined Spam Score Filter: All the other filters check the mail and give it a score, if the score is higher than a certain threshold this this filter will aggregate all those scores and block the mail.
SPAMfighter – Policies > Accept Actions
42. If the mail makes it through all the filters, then this section decides what happens with it.
43. And that is adding information to the mail header that says the mail was scanned and accepted.
SPAMfighter – Policies > Block Actions
44. If the mail gets blocked by any of the filters, this section decides how that is handled.
Note: You can add other actions from the drop-down list below if this does not do what you require.
45. Just as for the accept policy action, this modifies the email header, though this one says the mail was blocked.
46. SPAMfighter Move To Folder Policy Action > Mailboxes : The second default policy action takes that filtered email and places it within a folder called SPAMfighter within the users mailbox.
Note: You can redirect that mail to another mailbox if that is your preference.
47. The system for Public Folders (if you use them) is identical.
48. Contacts: As is says contacts do not have a mailbox, but you can redirect filters contact mail to a specific mailbox should you wish.
49. User Filter Settings: This section can create an exception for one particular user, it simply creates another policy that you can apply to that user.
50. You can create new policies and apply then to particular users or usergroups, and make the system as granular as you like.
51. Statistics: On my test network I didn’t have any throughput on which to pull some meaningful statistics.
52. Statistics > Notifications: You can have daily/weekly/monthly reports emailed to you.
53. If you decide to purchase, the licenses are priced per mailbox. Prices start at £14.50 each (or £29.00 with the Antivirus) And go down to £2.45 (or £4.90 with Antivirus) depending on the amount you buy. They are available for 1, 2, and 3 year periods. For an up to date price list go here.
Related Articles, References, Credits, or External Links
I like to keep ‘My Documents’, ‘My Pictures, ‘Favorites’, etc, in one location so I can sync and back them up. Like previous versions of Windows, Windows 8 likes to put all that information into C:/Users/{username}.
In Windows 7 you could just go from the Start Menu > {Username} and change the ‘Target’ or location, with Windows 8, there is no Start menu.
Solution
1. Launch Windows Explorer (Windows Key+E) > Navigate to C:\Users\{your-username}.
2. Locate the folder location you with to change > Right click > Properties.
3. Location tab > Change the location to the one you prefer > Apply.
Note: For Windows 8.1 and Windows 10, you will not see the ‘location’ option, you need to right click the folder under ‘This PC’, or from ‘Quick Access”.
4. Choose if you want to copy the docs from the existing location to the new location, I’ve just built this so I don’t want to, (if you have already saved work to these locations you might want to).
Related Articles, References, Credits, or External Links
We have had the ability to ‘Remote Wipe’ phones using Exchange ActiveSync since version 2007. But now you can remotely remove your email account from a mobile device running Windows 8 (When connecting to Exchange with Windows Mail).
Note: This WILL NOT remove any settings in Microsoft Outlook on the remote machine!
Solution
1. Log into Outlook WebApp from another machine > Options > See All Options.
2. Phone > Locate the WindowsMail entry, and select it.
3. You can check what it is by clicking details > Here we can see it’s my HP Laptop.
4. To remove your email account form this machine > ‘Wipe Device’.
5. Confirm.
6. The status will change to ‘Wipe Pending’.
7. When the remote wipe has been carried out you will receive email notification.
8. And if you are still logged into WebApp refresh the screen, it should say ‘Remote Device Wipe Successful’.
9. Note: If you ever want to reconfigure this device to receive mail again, you will need to DELETE it from this view before you can set it up again.
Related Articles, References, Credits, or External Links
You need to copy a Global Address List address, or all the GAL to your Outlook contacts folder.
Solution
Copy Global Address List to Outlook Contacts
1. Open Outlook.
2. Tools > Address Book.
3. Ensure “Global Address List” is selected.
4. Select the contacts you require (Note CTRL+A will NOT work, to select ALL highlight the first one, scroll to the last one and hold down CTRL and select it).
5. With the contact Selected Click File > Add to Contacts.
Related Articles, References, Credits, or External Links
A great new feature of OWA 2013 is the ability to run in ‘Offline mode’. This runs in the same manner as Microsoft Outlook’s ‘Cached Mode’ which has been built into full Outlook since version 2003.
There are a few caveats before you can get it to work;
Requirements for OWA Offline Mode
1. A compatible browser (Internet Explorer 10, Chrome 18, or Safari 5.1). source
2. You have to be connecting to OWA being hosted on an Exchange 2013 CAS server.
3. Your mailbox needs to be hosted on an Exchange 2013 Mailbox server.
Capabilities of OWA Offline Mode
1. While you are in offline mode, you can open OWA, read and reply to emails, send new emails, respond to meeting requests, view your calendar, view and edit your contacts.
Note: Obviously all sent and updated data will not be sent to recipients, or changes reflected in Exchange until you are no longer in offline mode.
2. The system will only cache data for the past month and calendar entries for the next twelve months.
3. Contact information for recently used recipients will also be cached.
Disadvantages of OWA Offline Mode
1. A prolonged period in cached mode can cause scheduled events in your calendar to stop working. (Its only designed for users to be sporadically disconnected).
2. You cannot access Archived folders.
3. With the exception of the Inbox, Sent Items, Calendar, and Drafts items folder, only folders you have accessed will be cached.
Solution
1. Whilst online and connected to OWA > Settings > Use mail offline.
2. For security reasons you will be asked if you are on a public computer > Prompted to add the URL to favorites (or bookmarks depending on the browser).
Note: DO NOT use this feature on a shared or public computer, the cache is accessible from other user accounts on the machine.
3. In this example I’m using IE10 > Just for ease I’m enabling the Favorites bar to see the shortcut.
4. Depending on the size of the mailbox and speed of connection, it may take a while to syncronise. Whilst offline OWA will display the time it last connected to Exchange, and while you are working offline if you send any mail it will keep a track of pending options for next time you are online.
Internet Explorer 10 Caches and Databases
The whole system works because the supported browsers have the ability to cache information locally, to see where that’s being set in IE10, Internet Options > General > Browsing Data > Settings > Caches and Databases.
Related Articles, References, Credits, or External Links
Out of the box Evolution can only connect to Exchange 2000 and Exchange 2003, this is because it uses OWA to connect, when Exchange 2007 was released, the way OWA was presented changed a great deal. So if you try and connect to a newer version of Exchange it will error. (Before you email in, I know in 2010, its now called Web App not OWA).
But there’s nothing to stop you connecting to Exchange 2007 and Exchange 2010 via MAPI, you just have to add a few packages first.
I originally wrote this a while back for version 10, but I’ve updated it for version 11.10. I’ve left the earlier version 10 notes below.
Solution
Ubuntu Version 11.10
1. If Evolution is not already installed, Launch the Ubuntu Software Manager and search for Evolution > Install.
2. You will need to enter your password.
3. After a few minutes it should get a green tick to say its been installed.
4. In addition you need to locate and install the “Evolution support for the groupware suite”.
7. You can restore form a backup, but I’ve not got one > Continue.
8. Type in your name and email address > Continue.
9. Now change the server to “Exchange MAPI” > Give it the name/IP of your Exchange server and your domain details > Authenticate > Enter your domain password > And it should say successful > Continue.
10. Set your email account requirements > Continue.
11. Give the account a name, by default it will be your email address, but you can change it > Continue.
12. Apply.
13. Before Evolution launches it will ask for your domain password (Mine never changes so I’m ticking the remember password option, you might NOT want to do this) > And I’m setting Evolution as the default email client.
14. An there is my inbox.
15. And it will pull down the GAL from Exchange, as well as your personal contacts.
16. After a short while it will also sync and display your Exchange calendar.
In this example I’m using Ubuntu version 10
1. First you need to add in the “evolution-mapi” package > System > Administration > Synaptic Package Manager. (You may need to provide a password to proceed).
2. Locate the “evolution-mapi” package.
3. Mark it for installation.
4. You may have to agree to install some dependant packages > do so.
5. Ensure that evolution-mapi is now ticked and click “Apply”.
6. The packages will download and install.
7. Now you can launch Evolution > It should run the “Setup Assistant” > Forward. (Note: If you’re adding an additional account simply open Evolution > Edit > Preferences > Mail accounts > Add).
8. We are not restoring > Forward.
9. Type in your name and email address, this is going to be or default account so leave the default option ticked > Forward.
10. Change the server type to “Exchange MAPI” > Enter the server name/IP address, your domain user name, and the name of the domain > Authenticate.
11. Enter the correct password for your domain account, tick the option to remember the password (Note: if you domain password changes often you might not want to do that) > OK.
12. All being well, you should see a successful result > OK > Forward.
13. Set the options as you require, these would be my personal preference > Forward.
14. Give the mail account a sensible name > Forward.
15. After a couple of minutes there’s your mailbox.
16. And Your Exchange 2010 Calendar sync’d.
17. And your contacts and address lists. (Note: The Exchange Global Address List, can take a couple of restarts before it starts to sync properly).
Related Articles, References, Credits, or External Links