Automatic VPN for a Specific Domain

Similar Messages

• Bug: Customizing Convergence banner for a specific domain does not work

  Hi,
  I'm trying to customize the banner for a specific domain, I was following the steps from the documentation but I found that there is a bug relate: Bug #6749263 And I tried to find if the bug was already resolved in convergence 1.0-7.01 and the search in bugs.sun.com gets nothing.
  Does anybody knows if the bug was fixed in convergence 1.0-7.01?
  Thanks in advanced.

  ofonseca wrote:
  I'm trying to customize the banner for a specific domain, I was following the steps from the documentation but I found that there is a bug relate: Bug #6749263 And I tried to find if the bug was already resolved in convergence 1.0-7.01 and the search in bugs.sun.com gets nothing.The bug hasn't been fixed (according to the bug notes).
  Regards,
  Shane.

• Command how many mails when through the mailstore for a specific domain.

  I need to get info from the maillog to see how many mails when through the mailstore for a specific domain.
  For example all the mails send and received by example.com witch is hosted on that 2005q1 mailserver.
  Anyone know the commands to get it out.

  The data is certainly in the mail.log.
  You may want to start with the perl log parsing script, here:
  http://ims.balius.com/resources/downloads/files/imslog.pl

• Lync 2013 federation failing for a specific domain

  Hello,
  We have recently migrated to Lync 2013 and noticed that one of the domains we federate with is unable to federate with us.
  we are getting the following error:
  Log Name:      Lync Server Source:        LS Protocol Stack  Event ID:      14428 Task Category: (1001)
  Level:         Error Keywords:      Classic User:          N/A Computer:      server.fqdn.com Description: TLS outgoing connection
  failures.
  Over the past 28 minutes, Lync Server has experienced TLS outgoing connection failures 4 time(s). The error code of the last failure is 0x80090325(SEC_E_UNTRUSTED_ROOT) while trying
  to connect to the server "sip.example.com" at address [10.10.10.10:5061], and the display name in the peer certificate is "Unavailable". Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to
  reach the peer server. Target principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is
  not trusted by the local machine. Resolution: Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check
  that all addresses returned by DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local
  machine.
  Thanks

  Thanks Michael.
  That worked for one of two issues I'm seeing, I did use the same steps for the second issue but it didn't seem to work, I have imported the CA of the domain we would like to federate with to the trusted root certification authorities and the intermediate
  certification authorities per the certificate issuer's website guidelines. I did learn that the federated partner is also using OCS 2007 R2, not sure if this may have to do with this.
  Over the past 30 minutes, Lync Server has experienced TLS outgoing connection failures 1 time(s). The error code of the last failure is 0x80072746 while trying to connect to
  the server "ocs.example.com" at address [10.10.10.10:5061], and the display name in the peer certificate is "ocs.example.com". Cause: Most often a problem with the peer certificate or perhaps the host name (DNS) record used to reach the peer server. Target
  principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is not trusted by the local machine.
  Resolution: Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check that all addresses returned by
  DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local machine.

• Hold email for specific domain

  Is there a way to hold outbound-email only for a specific domain/user, without interrupting other users?

  Hi Alex,
  The new primary mail server is not available due to an issue with the ISP, so all mail is being delivered to the backup mx server (which is on both the new & old DNS MX records).
  The problem is that the backup MX server's DNS servers are using the old records (as the previous DNS NS records had an expire time of 7 days) and therefore relaying the email to an old ISP's relay servers (which then try to relay to an old IP address, so the email consequently gets lost).
  Ideally I would just flush the cache on the DNS servers, but I have no control over these, and the guys that manage them will not be in their office until tomorrow morning and I don't know if they will do this anyway.
  I know it is a far from perfect configuration, but hopefully you maybe able to suggest a solution

• Dns server for specific domain

  Is there a way to define a dns server for a specific domain?
  I'm setting up a develop machine with an amp stack and i want to redirect all urls with a specific domain (i.e. project.dev) to 127.0.0.1.
  I've done this on OSX with dnsmasq configured in this way:
  # dnsmasq.conf
  address=/.dev/127.0.0.1
  listen-address=127.0.0.1
  port=35353
  and adding a dev file in /etc/resolver with this content
  # /etc/resolver/dev
  nameserver 127.0.0.1
  port 35353
  but this in arclinux with dhcpd doesn't work.
  I've tested dnsmasq with
  dig [email protected] -p 35353
  and it works (the address returned is 127.0.0.1) so the problem is the resolver.
  I've also tried either put into /etc/resov.conf.head this:
  # /etc/resolv.conf.head
  nameserver 127.0.0.1
  port 35353
  and configure dnsmasq with the default 53 port without luck.
  This is my /etc/resolv.conf
  # /etc/resolv.conf
  nameserver 127.0.0.1
  nameserver 192.168.0.1

  On linux you should simply run all dns request through one nameserver that forwards everything it doesn't understand. [Edit: You can do that with dnsmasq.] Another simple way to create a local developer zone would be to use wildcard_dns_proxy instead.
  Last edited by progandy (2015-03-03 17:20:29)

• Getting the mailserver of a specific domain

  Hello,
  does someone know how I can get the mailserver for lets say hotmail.com from a dns-server??
  I can contact my dns server with a socket, but I don't know how to talk with this protocol to get any information from it. I want to ask it what the mailserver adress is for a specific domain.
  Please help me!!
  Thanks,
  Daniel

  You need to retrieve the MX-records from the zone.
  The MX-records are in fact the mailservers used to receive mail.
  To make it simple you can use "DNS Package" from Sinotar.
  It seems to be free for personal use.
  http://www.sinotar.com/english/download.html

• Specific domain blocked for both mail programs

  Hi all. Need some help... One specific domain name's email addresses has been blocked by my mac for outgoing email from both 'mail' and entourage programs. I don't get any error messages but the emails never get delivered. However emails from the domain name get delivered to me just fine.
  It is isolated to my mac as I can send/receive using a different computer on the same internet connection to the domain name addresses.
  I think it results from a moment last week when I accidentally clicked on 'junk' instead of delete for an email from the domain name thats causing the trouble. I immediately clicked 'this is not junk', and thought nothing more of it. it appears that somehow the computer will now not deliver email to the domain name address in question. Its like a very specific block, but effects both mail programs. Apple Support suggested posting to this disscussion board or an 'archive and install'. Hope someone can help. thanks.
  iMac   Mac OS X (10.4.8)  

  Open one of these messages in the Sent mailbox, and then click on View in the Menubar of the Mail window, place the cursor on Message, and choose Long Headers from the resulting menu. In the Long Headers, is there on named Message ID#? If so, then the message was sent from this Mac, as the ID# must be reported back from the SMTP.
  Are you using Rich Text Format, when composing and sending on this Mac? Do these messages have any attachments, or images such as might be in a Signature? If this is the situation, then the RTF may be getting converted to HTML, and a SPAM filter in front of the recipient may be blocking the receipt of messages from this Mac.
  Try resending one of these message, after first changing to Plain Text, as a test. Open the message in the Sent mailbox, click on Message in the Menubar, and choose Send Again. Next click on Format in the Menubar, and choose Make Plain Text, and send.
  Keep us posted.
  Ernie

• Configure TLS inbound for specific domain

  Hi All,
  would like to configure TLS inbound for specific domain . am using exchange 2010 and instead of edge we are using Trend Micro IMSS Gateway. now please explain me how to configure TLS for inbound but for specific domain 
  have gone through their documents but when i checked there is a tab for Trusted CA certificated. i have imported out ORG publicly trusted certificate and have selected mutual TLS. but no luck it now allowing the TLS inbound.
  Please help me on this
  Thanks, Venkatesh. "Hardwork Never Fails"

  Hi imvenkat,
  I recommend you ask this in
  Trend Micro forum also, since you are using Trend Micro gateway instead of exchange edge server.
  Best Regards,
  Niko Cheng
  TechNet Community Support

• Channel for incoming mail addressed to specific domain

  I am trying to create a channel for all incoming messages addressed to a specific domain.
  I know that all incoming Internet mails go to tcp_local first.
  What I want to do is to separate mails for different domains to different channels so I could later process them, either with conversion channel or with some channel filters.
  Also, after passing trough those specific channels, how to put those mails back on track for delivery?
  Can anyone help on doing this?
  Thanks
  I�m running (on Solaris 8) MS5.2p1 hf1.21

  To look over the docs� but I already did, and it�s pretty bad, poorly explained�
  So, please let�s try to make this clear.
  Note, every time after making changes I run:
  imsimta cnbuild
  imsimta restart
  First, you gave an example to me (reply 5):
  [email protected]%tcp_friendly-daemon
  Second, I was not sure from your post where to put space (reply6), and I tested both cases:
  domain.net$E$F [email protected]%tcp_friendly-daemon # space between $F and $U
  and
  domain.net [email protected]%tcp_friendly-daemon # space between domain.net and $E
  Unfortunately, nothing has changed.
  Third, you wrote (reply 7) �No spaces�.
  Forth, I tested that as well and it gave me an error (reply 8).
  Fifth, in your last reply (reply 9) you said that I need a left and a right half, and you suggested an example that I�ve already checked (reply 6) and it wasn�t working :(
  So, now I am completely lost�
  Here is the result of testing this last example in imta.cnf:
  domain.net [email protected]%tcp_friendly-daemon # space between domain.net and $E
  ! tcp_friendly
  tcp_friendly smtp mx single_sys subdirs 20 noreverse maxjobs 7 pool SMTP_POOL mailfromdnsverify maytlsserver allowswitchchannel saslswitchchannel tcp_auth
  tcp_friendly-daemon
  imsimta cnbuild
  imsimta restart
  imsimta test -rewrite -debug [email protected]
  Could you review this result, please and try to see what is wrong.
  Initializing mm_.
  Initializing mm_ submission.
  Checking identifiers.
  *** Debug output from initializing MM for submission:
  13:43:32.79: mmc_winit('l','postmaster@machine_name.test.com','0IB800802GOK8O@machine_name.test.com') called.
  13:43:32.79: Queue area size 5858064, temp area size 5858064
  13:43:32.79: 1464516 blocks of effective free queue space available; setting disk limit accordingly.
  13:43:32.79: Rewriting: Mbox = "postmaster", host = "machine_name.test.com", domain = "$*", literal = "", tag = ""
  13:43:32.79: Rewrite: "$*", position 0, hash table -
  13:43:32.79: Found: "$E$F$U%$H@machine_name.test.com$V$H"
  13:43:32.79: Rewrite failed, not forward.
  13:43:32.79: Rewrite: "$*", position 1, hash table -
  13:43:32.79: Failed.
  13:43:32.79: Rewrite: "$*", position 0, rewrite database -
  13:43:32.79: Failed
  13:43:32.79: Rewriting: Mbox = "postmaster", host = "machine_name", domain = "machine_name.test.com", literal = "", tag = ""
  13:43:32.79: Rewrite: "machine_name.test.com", position 0, hash table -
  13:43:32.79: Found: "$U%$D@machine_name.test.com"
  13:43:32.79: New mailbox: "postmaster".
  13:43:32.79: New host: "machine_name.test.com".
  13:43:32.79: New route: "machine_name.test.com".
  13:43:32.79: New channel system: "machine_name.test.com".
  13:43:32.79: Looking up host "machine_name.test.com".
  13:43:32.79: - found on channel l
  13:43:32.79: Routelocal flag set; scanning for % and !
  13:43:32.79: Rewriting: Mbox = "postmaster", host = "machine_name.test.com", domain = "$*", literal = "", tag = ""
  13:43:32.79: Rewrite: "$*", position 0, hash table -
  13:43:32.79: Found: "$E$F$U%$H@machine_name.test.com$V$H"
  13:43:32.79: Rewrite failed, not forward.
  13:43:32.79: Rewrite: "$*", position 1, hash table -
  13:43:32.79: Failed.
  13:43:32.79: Rewrite: "$*", position 0, rewrite database -
  13:43:32.79: Failed
  13:43:32.79: Rewriting: Mbox = "postmaster", host = "machine_name", domain = "machine_name.test.com", literal = "", tag = ""
  13:43:32.79: Rewrite: "machine_name.test.com", position 0, hash table -
  13:43:32.79: Found: "$U%$D@machine_name.test.com"
  13:43:32.79: New mailbox: "postmaster".
  13:43:32.79: New host: "machine_name.test.com".
  13:43:32.79: New route: "machine_name.test.com".
  13:43:32.79: New channel system: "machine_name.test.com".
  13:43:32.79: Looking up host "machine_name.test.com".
  13:43:32.79: - found on channel l
  13:43:32.79: Routelocal flag set; scanning for % and !
  13:43:32.79: Mapped return address: postmaster@machine_name.test.com
  *** Debug output from rewriting a forward header address:
  13:43:32.79: Rewriting: Mbox = "user", host = "domain.net", domain = "$*", literal = "", tag = ""
  13:43:32.79: Rewrite: "$*", position 0, hash table -
  13:43:32.79: Found: "$E$F$U%$H@machine_name.test.com$V$H"
  13:43:32.79: Rewrite failed, not envelope.
  13:43:32.79: Rewrite: "$*", position 1, hash table -
  13:43:32.80: Failed.
  13:43:32.80: Rewrite: "$*", position 0, rewrite database -
  13:43:32.80: Failed
  13:43:32.80: Rewriting: Mbox = "user", host = "domain", domain = "domain.net", literal = "", tag = ""
  13:43:32.80: Rewrite: "domain.net", position 0, hash table -
  13:43:32.80: Found: "[email protected]%tcp_friendly-daemon"
  13:43:32.80: Rewrite failed, not envelope.
  13:43:32.80: Rewrite: "domain.net", position 1, hash table -
  13:43:32.80: Failed.
  13:43:32.80: Rewrite: "domain.net", position 0, rewrite database -
  13:43:32.80: Failed
  13:43:32.80: Rewriting: Mbox = "user", host = "domain", domain = ".net", literal = "", tag = ""
  13:43:32.80: Rewrite: "*.net", position 0, hash table -
  13:43:32.80: Failed
  13:43:32.80: Rewrite: ".net", position 0, hash table -
  13:43:32.80: Found: "$U%$H$D@TCP-DAEMON"
  13:43:32.80: New mailbox: "user".
  13:43:32.80: New host: "domain.net".
  13:43:32.80: New route: "TCP-DAEMON".
  13:43:32.80: New channel system: "TCP-DAEMON".
  13:43:32.80: Looking up host "TCP-DAEMON".
  13:43:32.80: - found on channel tcp_local
  13:43:32.80: Rewrite rules result: [email protected]
  13:43:32.80: Checking reverse URL cache for: [email protected]
  13:43:32.80: Applying reverse URL pattern ldap:///$V?mail?sub?$Q to: [email protected]
  13:43:32.85: Resulting URL: ldap:///o%3Ddomain.net%2Co%3Disp?mail?sub?(|([email protected])([email protected]))
  13:43:32.85: mmc_open_url called to open ldap:///o%3Ddomain.net%2Co%3Disp?mail?sub?(|([email protected])([email protected])), flags = 256
  13:43:32.85: URL with quotes stripped: ldap:///o%3Ddomain.net%2Co%3Disp?mail?sub?(|([email protected])([email protected]))
  13:43:32.85: LDAP URL identified
  13:43:32.85: URL context #1 will be used
  13:43:32.85: Performing URL search on: ldap:///o%3Ddomain.net%2Co%3Disp?mail?sub?(|([email protected])([email protected]))
  13:43:32.86: mmc_read_url result: [email protected]
  13:43:32.86: URL resolution returned: [email protected]
  forward channel = l
  channel description =
  channel user filter =
  dest channel filter =
  source channel filter =
  channel flags #0 = BIDIRECTIONAL MULTIPLE IMMNONURGENT NOSERVICEALL
  channel flags #1 = NOSMTP DEFAULT
  channel flags #2 = COPYSENDPOST COPYWARNPOST POSTHEADONLY HEADERINC NOEXPROUTE
  channel flags #3 = LOGGING NOGREY NORESTRICTED RETAINSECURITYMULTIPARTS
  channel flags #4 = EIGHTBIT NOHEADERTRIM NOHEADERREAD RULES
  channel flags #5 =
  channel flags #6 = LOCALUSER REPORTHEADER
  channel flags #7 = NOSWITCHCHANNEL NOREMOTEHOST DATEFOUR DAYOFWEEK
  channel flags #8 = NODEFRAGMENT EXQUOTA REVERSE NOCONVERT_OCTET_STREAM
  channel flags #9 = NOTHURMAN INTERPRETENCODING USEINTERMEDIATE RECEIVEDFROM VALIDATELOCALSYSTEM NOTURN
  defaulthost = test.com test.com
  linelength = 1023
  channel env addr type = SOURCEROUTE
  channel hdr addr type = SOURCEROUTE
  channel official host = machine_name.test.com
  channel queue 0 name = LOCAL_POOL
  channel queue 1 name = LOCAL_POOL
  channel queue 2 name = LOCAL_POOL
  channel queue 3 name = LOCAL_POOL
  channel after params =
  channel user name =
  urgentnotices = 1 2 4 7
  normalnotices = 1 2 4 7
  nonurgentnotices = 1 2 4 7
  channel rightslist ids =
  local behavior flags = %x7
  backward channel = tcp_local
  header To: address = [email protected]
  header From: address = [email protected]
  envelope To: address = [email protected] (route (machine_name.test.com,machine_name.test.com)) (host domain.net)
  envelope From: address = [email protected]
  name =
  mbox = user
  Extracted address action list:
  [email protected]
  Extracted 733 address action list:
  [email protected]
  Address list expansion:
  user%domain.net@ims-ms-daemon
  1 expansion total.
  *** Debug output from submitting an envelope address:
  13:43:32.88: mmc_wadr(0x0018a888,'[email protected]','[email protected]') called.
  13:43:32.88: Copy estimate before address addition is 1
  13:43:32.88: Parsing address [email protected]
  13:43:32.88: Rewriting: Mbox = "user", host = "domain.net", domain = "$*", literal = "", tag = ""
  13:43:32.88: Rewrite: "$*", position 0, hash table -
  13:43:32.88: Found: "$E$F$U%$H@machine_name.test.com$V$H"
  13:43:32.88: Match, pattern = "domain.net", current = "(*domaincheck*)"
  13:43:32.88: old state = not checked.
  13:43:32.88: Using result 1 from domain match cache.
  13:43:32.88: new state = succeeded.
  13:43:32.88: New mailbox: "user".
  13:43:32.88: New host: "domain.net".
  13:43:32.88: New route: "machine_name.test.com".
  13:43:32.88: New channel system: "machine_name.test.com".
  13:43:32.88: Looking up host "machine_name.test.com".
  13:43:32.88: - found on channel l
  13:43:32.88: Routelocal flag set; scanning for % and !
  13:43:32.88: Address [email protected] requires local processing.
  13:43:32.88: Variant #1 = [email protected]
  13:43:32.89: Variant #2 = *@domain.net
  13:43:32.89: Checking for [email protected] in the system alias file
  13:43:32.89: - not found
  13:43:32.89: Checking for *@domain.net in the system alias file
  13:43:32.89: - not found
  13:43:32.89: Checking [email protected] with URL template ldap:///$V?*?sub?$R
  13:43:32.89: LDAP URL template identified
  13:43:32.89: URL determined to be: ldap:///o%3Ddomain.net%2Co%3Disp?*?sub?(|([email protected])([email protected])([email protected]))
  13:43:32.89: URL context #1 will be used
  13:43:32.89: Using cached LDAP result for URL info: ldap:///$V?*?sub?$R|[email protected]|[email protected]
  13:43:32.89: Scanning LDAP result.
  13:43:32.89: Attribute: objectclass
  13:43:32.89: Attribute index: 0
  13:43:32.89: Attribute: inetuserstatus
  13:43:32.89: Attribute index: 1
  13:43:32.89: Attribute: mailuserstatus
  13:43:32.89: Attribute index: 2
  13:43:32.89: Attribute: uid
  13:43:32.89: Attribute index: 4
  13:43:32.89: Attribute: mail
  13:43:32.89: Attribute index: 5
  13:43:32.89: Attribute: mailhost
  13:43:32.89: Attribute index: 9
  13:43:32.89: Attribute: mailDeliveryOption
  13:43:32.89: Attribute index: 18
  13:43:32.89: Attribute: preferredLanguage
  13:43:32.89: Attribute index: 42
  13:43:32.89: Scanning complete, begin actions
  13:43:32.89: Object class: top
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: person
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: organizationalPerson
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: inetOrgPerson
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: inetUser
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: ipUser
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: nsManagedPerson
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: userPresenceProfile
  13:43:32.89: Object class didn't match
  13:43:32.89: Object class: inetMailUser
  13:43:32.89: Object class match, reference value 1
  13:43:32.89: Object class: inetLocalMailRecipient
  13:43:32.89: Object class match, reference value 18
  13:43:32.89: User/group index = 1
  13:43:32.89: Domain is active
  13:43:32.89: Mail domain is active
  13:43:32.89: User status = active
  13:43:32.89: Mail user status = active
  13:43:32.89: User UID user found.
  13:43:32.89: Processing mailhost attribute machine_name.test.com
  13:43:32.89: Mailhost references local system
  13:43:32.89: Delivery option: mailbox
  13:43:32.89: Delivery options value: 1
  13:43:32.89: No reprocess flag on user, processing now
  13:43:32.89: Status for this address = 1
  13:43:32.89: - URL match for [email protected]
  13:43:32.89: Delivery option template: $M%$\$2I$_+$2S@ims-ms-daemon
  13:43:32.89: - user%domain.net@ims-ms-daemon
  13:43:32.89: Parsing address user%domain.net@ims-ms-daemon
  13:43:32.90: Rewriting: Mbox = "user%domain.net", host = "ims-ms-daemon", domain = "$*", literal = "", tag = ""
  13:43:32.90: Rewrite: "$*", position 0, hash table -
  13:43:32.90: Found: "$E$F$U%$H@machine_name.test.com$V$H"
  13:43:32.90: Match, pattern = "ims-ms-daemon", current = "(*domaincheck*)"
  13:43:32.90: old state = not checked.
  13:43:32.90: Using result 0 from domain match cache.
  13:43:32.90: new state = fail pending.
  13:43:32.90: Rewrite failed due to channel mismatch.
  13:43:32.90: Rewrite: "$*", position 1, hash table -
  13:43:32.90: Failed.
  13:43:32.90: Rewrite: "$*", position 0, rewrite database -
  13:43:32.90: Failed
  13:43:32.90: Rewriting: Mbox = "user%domain.net", host = "ims-ms-daemon", domain = "ims-ms-daemon", literal = "", tag = ""
  13:43:32.90: Rewrite: "ims-ms-daemon", position 0, hash table -
  13:43:32.90: Failed.
  13:43:32.90: Rewrite: "ims-ms-daemon", position 0, rewrite database -
  13:43:32.90: Failed
  13:43:32.90: Looking up host "ims-ms-daemon".
  13:43:32.90: - found on channel ims-ms
  13:43:32.90: - orig_send_access mapping check: l|postmaster@machine_name.test.com|l|[email protected]
  13:43:32.90: - passed.
  13:43:32.90: - send_access mapping check: l|postmaster@machine_name.test.com|ims-ms|user%domain.net@ims-ms-daemon
  13:43:32.90: - passed.
  13:43:32.90: - adding address user%domain.net@ims-ms-daemon to channel ims-ms
  13:43:32.90: - adding address [email protected] to headers.
  13:43:32.90: Copy estimate after address addition is 2
  Expanded address:
  [email protected]
  Submitted address list:
  ims-ms
  user%domain.net@ims-ms-daemon (orig [email protected], inter [email protected], host ims-ms-daemon) NOTIFY-FAILURES NOTIFY-DELAYS
  Submitted notifications list:

• Disabling junk mail filtering for specific domains

  I have a situation where I am getting dozens of messages from individuals all in a specific domain, and all are good messages which I want in my inbox; Mail however thinks they are all junk and moves them to the junk folder. They are NOT brown so I cannot select them and say they are not junk mail, they look like regular email. These are from people I do NOT want in my address book yet they are messages I need to respond to.
  How can I tell the junk mail filter that massages from a given domain should not be filtered? In short, I want just the right-hand-side of the address, the domain component, to be given the OKAY!
  Thanks - Lawrence

  Thanks - I tried the advance tab but could not see how to specify a domain but now I look again I see that there is a way - I think. But Kappy, what you say tells me something I did not know: I thought that filters, rules, et al, were applied when a message is in the inbox - but I have this wrong I think. If I read your reply rightly - the message is examined for junk filters, rules, et al, BEFORE it gets assigned to ANY mailbox! Am I right? This is how your suggestion would work. So I can have an initial rule that simple uses a list of approved domains - and sticks anything from such a domain into the inbox where no more filtering or rule analysis will take place. And the more I think about this, the more it makes sense.
  Thanks - Lawrence

• Automate VPN server certificate distribution

  Hi!
  I'm using SSTP VPN for  remote access which needs VPN server certificate to be trusted.
  For domain computers I just deploy Root CA certificate with group policy.
  I would like to automate installation of the certificate for non domain joined computers cause it's a bit tricky for some users to import certificate to Computer store. :)
  Does anyone have any ideas how to do this?
  Regards, Alexey

  Hi Alexey,
  As far as I know, we can't install the certificate into workgroup computer automatically.
  As a work around, we can import the certificate by powershell script.
  Here is the powershell command used to import the certificate,
  Import-Certificate [-FilePath] <String> [-CertStoreLocation <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
  For detailed information, please refer to the link below,
  http://technet.microsoft.com/en-us/library/hh848630.aspx
  Best Regards.
  Steven Lee
  TechNet Community Support

• Relaying to Specific Domain

  What is the best practice for relaying messages sent externally to a specific domain? I'm not talking about relaying from outside Ironport then back to your email servers. I'm talking about relaying the other direction. So for example your email server sends and email from abc.com to Ironport, I want something on Ironport that says any email from abc.com relay to this IP or domain. Can that only be done using a Outgoing Content Filter?
  The goal is to have emails sent to a certain domain directed from Ironport to a vpn tunnel. 

  Depending on incoming vs. outgoing --- just create a content filter w/ alt-mailhost... and then also be sure to create an SMTP route for that alt-mailhost domain...
  Similar to --->
  SMTP route --->
  In my example --- I'm not really routing anywhere --- so, I am using /dev/null.
  Testing --- standard SMTP telnet --->
  mail from: [email protected]
  250 sender <[email protected]> ok
  rcpt to: [email protected]
  250 recipient <[email protected]> ok
  data
  354 go ahead
  subject: THIS IS A TEST
  HELLO
  250 ok:  Message 202 accepted
  Watching mail_logs --->
  Tue Apr 29 18:11:36 2014 Info: MID 202 ICID 610 From: <[email protected]>
  Tue Apr 29 18:11:41 2014 Info: MID 202 ICID 610 RID 0 To: <[email protected]>
  Tue Apr 29 18:11:49 2014 Info: MID 202 Subject 'THIS IS A TEST'
  Tue Apr 29 18:11:49 2014 Info: MID 202 ready 153 bytes from <[email protected]>
  Tue Apr 29 18:11:49 2014 Info: MID 202 matched all recipients for per-recipient policy DEFAULT in the inbound table
  Tue Apr 29 18:11:49 2014 Info: MID 202 interim verdict using engine: CASE spam negative
  Tue Apr 29 18:11:49 2014 Info: MID 202 using engine: CASE spam negative
  Tue Apr 29 18:11:49 2014 Info: MID 202 Outbreak Filters: verdict negative
  Tue Apr 29 18:11:49 2014 Info: MID 202 queued for delivery
  Tue Apr 29 18:11:49 2014 Info: Delivery start DCID 0 MID 202 to RID [0]
  Tue Apr 29 18:11:49 2014 Info: Message done DCID 0 MID 202 to RID [0] 
  Tue Apr 29 18:11:49 2014 Info: MID 202 RID [0] Response '/dev/null'
  Tue Apr 29 18:11:49 2014 Info: Message finished MID 202 done
  Message is sent where I wanted it... /dev/null.
  I hope this helps!
  -Robert
  (*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)

• Is it possible to restrict the ability to e-mail a pdf outside a specific domain name?

  Hello,
  I am trying to find a solution to a friends problem.  She has a quarterly publication that she sends out to big banks and financial institutions.  Recently she has had some problems with press leaks.  I am trying to find some security options for her however the task is difficult. Because these institutions have firewalls I am not sure encrypting or tracking is the right answer because the publication might not make it through. She wants users to be able to print the publication because many of the readers are older and prefer to read during their commute and at home.  Essentially I am looking for any ways to make readers think twice about sharing the information. I thought if I could restrict e-mail to a specific domain name that would help this way users can only e-mail within their specific company.  If any one has any suggestions please feel free to share. 

  Thank you Todd, I was able to get it to work but I do have a few more questions...
  1) When I tested this, at the top of the message, before any of the text I created, this showed up: This is a multi-part message in MIME format. --------------040406040801080102080500 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit
  2) After the signature line, this showed up: --------------040406040801080102080500 Content-Type: image/jpeg Content-Transfer-Encoding: base64 Content-ID: /9j/4AAQSkZJRgABAQEAYABgAAD/4QAiRXhpZgAATU0AKgAAAAgAAQESAAMAAAABAAEAAAAA AAD/2wBDAAIBAQIBAQICAgICAgICAwUDAwMDAwYEBAMFBwYHBwcGBwcICQsJCAgKCAcHCg0K CgsMDAwMBwkODw0MDgsMDAz/2wBDAQICAgMDAwYDAwYMCAcIDAwMDAwMDAwMDAwMDAwMDAwM DAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz/wAARCAC5ApUDASIAAhEBAxEB/8QA HwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQID AAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6 Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/
  (It was actually much longer than that)
  Is there anyway that I can get that to go away? I obviously would prefer a nice, cleanly formatted e-mail to be sent just like I would send if I were creating it on the spot.
  Thanks,
  Evan

• Configure SMTP to forward mail to a specific domain

  We have migrated all of our e-mail from on premise exchange to Office 365. To support internal applications that send e-mail such as our scanners, we have setup a SMTP relay server using IIS on Windows 2012.
  This is working very well however we have some users that when they do a scan they simply enter their e-mail alias (the part before the @ symbol) since that worked when the scanner was sending to Exchange. However Office 365 does not know how to route these
  e-mails so they result in a NDR. Since the NDR is not sent to the person creating the scan they do not even know the issue other than they did not receive their scan. 
  Is there a way to configure the SMTP service on Windows 2012 to send all e-mail that does not have a domain listed in the e-mail address to a specific domain? For example, if someone were to send their scan to myalias it would be delivered to myalias at mycompany
  dot com (sorry about spelling it out but it is not letting me post this with a e-m ail address in it even if the address is not valid)

  Hi,
  You can try to create a SMTP domain in IIS manager(Default SMTP Virtual Server>Domains>New>domain) and then enable "Allow incoming mail to be relayed to this domain" and "Forward all mail to smart host".
  In addition, for questions related to IIS, you can also ask in IIS forum for professional assistance:
  http://forums.iis.net/
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]