Technical Exchange bLog

If an AD user has "User must change password on next logon" marked, it will not get synced to the cloud. Remove the tick and then start sync process.

Depending on your computer language settings, Exchange Admin Center can take those and open in a language you actually don't want to use.
You'll Google that this can be changed if administrator/ admin user has mailbox by openening OWA settings and changing Regional parameters.

But usually Admin user does not have mailbox or you don't want her/him to have it. You will search again and find that you can add mkt=en-US (as an example) to the URL of the Exchange Admin Center (https://yourexchangehostname/ecp?ExchClientVer=15&mkt=en-US)

Third option you have is opening Internet Explorer settings (I am using Windows 2016)


Click languagesClick Set Language Preferences

Add language you want to use by clicking Add language
Use Move up or Move Down options to put desired language on topClose Internet ExplorerOpen it again and login again to Exchange Admin Center

You installed Exchange 2016 on top of Windows 2016 and when you try to access ECP or OWA with newest Google Chrome you get an error ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY.

All works well in Internet Explorer. The reason behind this are obsolete (security) protocols used by default. One option is to change settings in Windows registry, but my suggestion is to download a free copy of CryptoIIS from Nartac Software, run it on the server and press Best practices button then Apply. After restarting the server there will be no ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY error and your server will be a little bit more secured :)

When you install Microsoft Exchange 2016 on Windows 2016 server it is suggested to add some exclusions to Windows Defender. Since the list is quite large, use PowerShell to add exclusions. Exclusion list can be found at https://technet.microsoft.com/en-us/library/bb332342(v=exchg.160).aspx

SECURITY PRECAUTION - Don't just blindly copy below commands and exclusions but check them. If anyone manipulated the below list on this site without my knowledge you will end adding exclusions you don't want to have.

Run PowerShell on Windows 2016 Exchange 2016 server as administrator.Add Folder Exclusions
Set-MpPreference -ExclusionPath $env:SystemRoot"\Cluster",$env:ExchangeInstallPath"ClientAccess\OAB",$env:ExchangeInstallPath"FIP-FS",$env:ExchangeInstallPath"GroupMetrics",$env:ExchangeInstallPath"Logging",$env:ExchangeInstallPath"Mailbox",$env:ExchangeInstallPath"TransportRoles\Data\Adam",$env:ExchangeInstallPath"…

You might find the attachments are being stripped from some email entering your organization despite recipient and sender domain have been added to the "whitelist" in Sender ID Agent.

Agents on Exchange Edge server are as follows:


Each of the agents has its own priority, meaning which of the agent will be first, second, third,... in line to filter. Filters take precedence over another just in case spam is found.

For example: If Connection Filtering Agent finds spam (connection verification fails) it discards the message and none is processed any further. If the message passes Connection Filtering Agent it then goes to Address Rewriting Inbound Agent, which is next on priority list etc.

So, if we put a recipient to BypassedRecipients list in Sender ID Agent, it will be bypassed only for Sender ID Agentfilter and not for example Attachment Filtering Agent.
As per Microsoft. "The BypassedRecipients parameter specifies one or more SMTP email addresses. Messages bound for the…

Go to http://spamcannibal.org/cannibal.cgiIn the right side menu click Lookup IPEnter mail server IP address into the field and click Lookup IPCheck why you got listed in the first placeIf your mail server is missing PTR (reverse DNS) record, add itIf other problem resolve it firstIf the problem is resolved go again to http://spamcannibal.org/cannibal.cgiClick Contact in the right side menuScroll to the bottomEnter your IP addressEnter your EmailDescribe why you got listed and what you did to solve the problemSubmit NOTE: Don't try to get de-listed from any blacklist BEFORE you solved the problem added you to the blacklist in the first place