By default, if you send a mail on behalf of a Shared Mailbox, the sent item will be saved in the user’s primary mailbox and not the shared mailbox. If you want to change it to expected behaviour, i.e. save the items in the Shared Mailbox, execute following command. This works in Exchange Online and Exchange OnPrem.
By default on an on prem Exchange 2013/2016/2019 environment, internal server names are displayed in the message header analyzer, which you would not want to expose externally.
This is how it would look like:
To remove that information, execute this command in the Exchange Powershell. Make sure you have the right Send Connector Name.
Exchange Zero days are very common these days and there is a freshly baked one today (30th September 2022 as of writing). If you want to know what how the vulnerabilities work, take a look at the reference at the bottom. As a sysadmin I care about securing my systems.
Here are a few steps to mitigate this zero day vulnerability:
In IIS Manager on the Exchange Server, select the Autodiscover virtual directory and open URL Rewrite and add a new rule.
A good backup tool uses VSS Writers to achieve application consistent backups, which also truncates transaction log files. You can also achieve that without having to do a backup. Here are the few commands:
diskshadow
You can add multiple volumes, if database and log files are located on different disk drives:
On the first day of a new year (for me it was the second day) Microsoft gave us a present to work on that affects Exchange servers. Affected systems could not send or receive mails, messages would get stuck in message queue with the error “Message deferred by categorizer agent”. Here are the two relevant event viewer entries:
The issue here is that the malware filter could not scan the message because of this error (it has to do with date time not fitting into 32 bit integers anymore) and the message would not get sent to the recipient. To temporarily resolve the issue, you can disable antimalware.