Connector help ( Coexistence Exchange 2003 and Exchange 2010)

Similar Messages

• Need help with Exchange 2010 Spam filter setting

  Hello,
  In Exchange 2010 there is built-in anti spam setting as well as Forefront Protection 2010 for Exchange Server. But this doesn't give privileges to the end user who could access it using any web URL where they could set whitelist/blacklist etc.
  Is there any product in Forefront which we can use for such purpose ?
  Also in Forefront Protection 2010 for Exchange Server if Content Filtering is enable then it reject all emails which have html tag, even if sender have html base signature. This is really confusing any solution for this problem too ?
  thanks

  Hello,
  In my case, I have mostly seen FPE reject messages as spam when there is  alink to say "click here to access <bank web site> and the underlying link is actually to an IP address or to another site that does not match what the link claims to be.
  We have also seen FPE reject messages with an image that is a clickable link.
  Karl
  When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer.
  My Blog: Unlock PowerShell
  My Book: Windows PowerShell 2.0 Bible
  My E-mail: -join ('6F6C646B61726C40686F746D61696C2E636F6D'-split'(?<=\G.{2})'|%{if($_){[char][int]"0x$_"}})

• Help designing Exchange 2010 infrastructure

  Hi all,
  I hope that someone could give me some advices to make me bette runderstand how to achieve my goal.
  I'm going to redesing my Exchange 2010 infrastructure. Here are some details about my actual configuration:
  -       1 domain;
  -       4 offices (1 HQ and 3 branch offices);
  -       4 AD sites. HQ has 192.168.1.0/24 subnet, brach office 1 has 192.168.3.0/24, brach office 2 has 192.168.5.0/24 and brach office 4 has 192.168.7.0/24;
  -       In every AD site I have there is 1 Exchange 2010 Server with HUB,CAS and Mailbox roles installed.
  Actually every office/AD sites has its own Internet Access (2 ISP for every office) and while the email for my domain are received only on the Exchange located in the HQ, all 4 AD sites sends email independently (with the creation of appropriate MX records,
  PTR, SPF etc…).
  Now we are changing the connectivity in all 4 offices that will share the same Internet access at the DataCenter, so that all incoming and outgoing traffic will pass through the Datacenter.
  From what I understand every AD site that has an Exchange 2010 server with mailbox roles installed must have an HUB and a CAS server/role too. This is my actual cfg.
  Since I can put servers in DataCenter I'm thinking about to create an additional AD site (192.168.9.0/24). Once done I will installa an addtional DC and an Exchange 2010 server with only HUB and CAS roles (Maybe an Edge server too).
  What I would like to achieve is to have a “single” Exchange 2010 server that manages all ExternalToInternal connection for clients such as Outlook Anywhere, OWA, ActiveSync, Windows phones etc…that resilenty will redirect request to the correct AD site.
  Internally the same clients will contact the Exchange Server in their own AD site.
  So external users will refers to a generic "mail.domain.it" while internal users will refers to "mailA.doman.it","mailB.domain.it" and so on...
  I know that I need to reconfigure the URL within the exchange exchange servers and there are some others cfg to do but I would like to know if it should works this way.
  Thanks an advance and best regards,
  Andrea

  Yes, that's actually pretty easy.  See this document for an excellent description of proxying and redirection.  Basically you want to have the new site proxy all traffic for the remote sites.
  http://technet.microsoft.com/en-us/library/bb310763(v=exchg.141).aspx
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Oracle Collaboration Coexistence Gateway and Exchange 2010

  Hi,
  in the Beehive 2.0 Integration Guide is said that the Collaboration Coexistence Gateway is compatible with MS Exchange 2003 and 2007.
  Are there any plans to make in compatible to Exchange 2010 or is it even already compatible?
  Thanks for your help!

  Exchange 2010 will proxy ActiveSync for Exchange 2003.  For OWA, it will redirect, so you need a legacy redirect URL.  You can test all of this internally without changing your Internet connection.  For ActiveSync you can use a WiFi connection.
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Copy to my calendar missing after migration Exchange 2010-2013

  Hi there,
  We have migrated our Exchangeserver from Exchange 2003 too 2010 and then too 2013.
  In Outlook 2007 (with Exchange 2003 and later 2010) we had a button in the 'New appointment window' called 'Copy to my Calander' When we made an appointment in a Public Calander.
  After migrating to Exchange 2013 the button is missing, but we're still using the Public folder (Calander).
  Is there a solution for this?

  Hi,
  I'm marking the reply as answer as there has been no update for a couple of days.
  If you come back to find it doesn't work for you, please reply to us and unmark the answer.
  Best Regards,
  Steve Fan
  Forum Support
  Come back and mark the replies as answers if they help and unmark them if they provide no help.
  If you have any feedback on our support, please click
  here

• Exchange 2010 and 2003 coexistence - all email from 2010 flowing through 2003

  So I have a coexistence set up and running perfectly. However, all emails sent from mailboxes on the 2010 server are being routed through the 2003 server (even for external accounts). Is this a cost issue with the routing group connector I setup between
  the two?
  TIA!

  Add a new send connector in Exchange 2010.
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Exchange 2010 and 2003 Co-Existence Help

  Hi All,
  Hopefully someone out there can help me out.
  As the subject says i have exchange 2010 and 2003 in a co-existence mode. I have configured public folder replications and plan to use the following guide to move the public folders:
  http://careexchange.in/moving-public-folders-from-exchange-2003-to-exchange-2010/
  I was about the use the MoveAllReplicas.ps1 powershell script when I had the idea to dismount the legacy (2003) public folder mail store as a test to ensure the public folders had replicated. I noticed under the 'Queues' of the legacy exchange emails were queuing
  up withing 'Messages awaiting directory lookup'.
  All other mail stores were dismounted, as a test I mounted a database (non public folder), did a force connection and refresh. All the emails disappeared from this list.
  So my questions are:
  1. Why would my exchange 2010 sever still be routing emails via the legacy server?
  2. Why would the legacy exchange require a mailstore to be mounted for mail flow to work coming from the 2010 server?
  Thanks

  Thanks for the feedback.
  The issue I am facing is that the emails I am seeing queued are not related to the public folder replications. Emails for the public folder replications normally have a subject line of: 'Backfill' or 'Folder Content'.
  When all mail stores are dismounted on the legacy server some of the outbound emails sent by users who reside on the primary server (2010) are being sent to the legacy server. I can then see these emails queued and they will not be sent until a remount at
  least one mail store.
  E.g. All mailbox stores are dismounted on the legacy exchagn, John Smith's account is located on primary exchange (2010). John sends an email and I see it stuck in the queue on the legacy server  'Messages
  awaiting directory lookup'. 
  NOTE: This does not happen for all users, It seems to happen at Random.
  I also attempted to fix the issue by creating a new 'Send Connector' with a lower cost and defining the 'Source server as the primary server (2010)
  So the question still remains why are some outbound emails still being sent out via the legacy server even though these users are on the primary exchange?
  With regards to the public folders, I used the following to add the replicas between the legacy and primary exchange:
  .\AddReplicaToPFRecursive.ps1 -TopPublicFolder “\” -ServerToAdd “Exchange2010″
  When i dismount the public folders all the public folders are accisable via the 2010 server so it seems the replications have worked.
  Would the above command not have added the replicas to all the public folders including the system public folders?

• Exchange 2003 and Exchange 2010 Coexistence Activesync Issue

  Hello,
  I am currently on the progress of migrating mails from Exchange 2003 SP2 to Exchange 2010 SP3. Before I can do actual migration, I need to make sure that OWA and Activesync works when Exchange 2010 becomes Internet facing.
  Right now Exchange 2003 is Internet facing while Exchange 2010 is internal LAN only. OWA login from Exchange 2010 to a mailbox in Exchange 2003 works fine. However, trying to open a mailbox in Exchange 2003 from Exchange 2010 Activesync fails.
  Activesync login from Exchange 2010 to a mailbox in Exchange 2010 works fine, as well as logging in from Exchange 2003 to mailbox in Exchange 2003.
  Tests using AccessMyLAN ActiveSync Tester using Exchange 2010 as entry point are inconclusive. The test shows the app successfully contacting ActiveSync version 6.5 which is Exchange 2003, but results in "Activesync detected, but not correctly configured."
  Tests using Test-ActiveSyncConnectivity from Exchange 2010 reveals Error HTTP 400 when contacting Exchange 2003. The cmdlet also shows it successfully contacting Activesync version 6.5 (Exchange 2003).
  I have searched around, installed hotfix KB937031, enabled Integrated Windows Authentication on Exchange 2003 Microsoft-Server-Activesync, disabled Require SSL for Microsoft-Server-Activesync and exchange-oma, yet I still can't connect to a mailbox inside
  Exchange 2003 through ActiveSync 2010. Website Multiple Identities for port 80 has been set correctly. Exchange 2003 has Forms-Based Authentication Enabled and is the one thing we haven't tried disabling yet.
  We want to make sure everything works first, then make Exchange 2010 Internet facing, and finally do the mail migration. We do not want to migrate everyone in a single sitting. Please if anyone have ideas any help is welcomed!

  Exchange 2010 will proxy ActiveSync for Exchange 2003.  For OWA, it will redirect, so you need a legacy redirect URL.  You can test all of this internally without changing your Internet connection.  For ActiveSync you can use a WiFi connection.
  Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

• Legacy integration between Exchange 2003 and Exchange 2010

  Dear Team,
  we are using Microsoft Exchange 2003 & 2010 Server for Emails, now we have both servers are connected, we want to raise new Single incident request for doing this activity, we want disconnect 2003 server from 2010 server so accordingly need support,
  we are ready to pay for this incident, 
  pls do the needful,
  Thanks & regards
  Anteshwar Bhosale

  Hi Anteshwar,
  If you want to remove Exchange 2003 from your coexistence environment, please perform the following procedure:
  1. Move all mailboxes to an Exchange 2010 server in the organization.
  2. Move all content from the public folder database on the legacy Exchange 2003 server to a public folder database on an Exchange 2010 server in the organization.
  3. On Exchange 2003 servers, for each offline address book (OAB), move the generation process to an Exchange 2010 server.
  4. Verify that Internet mail flow is configured to route through your Exchange 2010 transport servers.
  5. Verify that all inbound protocol services (Microsoft Exchange ActiveSync, Microsoft Office Outlook Web App, Outlook Anywhere, POP3, IMAP4, Autodiscover service, and any other Exchange Web service) are configured for Exchange 2010.
  If all above steps have been prepared, we can remove the last Exchange 2003 server from the Exchange 2010 organization from ADSIEdit. For detailed steps about this, please refer to:
  https://technet.microsoft.com/en-us/library/gg576862(v=exchg.141).aspx
  Regards,
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Winnie Liang
  TechNet Community Support

• Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2

  I am trying to migrate my server SBS 2003 to win server 2008 r2 and exchange 2010.
   I got error message when trying to install exchange 2010 server.
  Error:
     Installing product E:\exchangserver.msi failed. Fatal error during installation. Error code is 1603. Last error reported by the MSI package is 'Error reading from file E:\Setup\ServerRoles\ClientAccess\owa\bin\DocumentViewing\isgdi32.dll.
  Verify that the file exists and that you can access it.'.
  Fatal error during installation

  Hi Mike,
  Error 1603 "Fatal Error" indicates that issues with Media type or Windows installer file not correctly installed.
  I recommend you check the media you are installing. Change ISO files and reinstall.
  Here are some threads for your reference.
  Error 1603 during a new installation
  http://social.technet.microsoft.com/Forums/exchange/en-US/1de7daab-9cdd-4696-8cc4-6b4418be33ca/error-1603-during-a-new-installation?forum=exchange2010
  Fatal error during installation. Error code is 1603
  http://social.technet.microsoft.com/Forums/exchange/en-US/a325132a-5e3d-4496-adec-4ccdbb0d6c92/fatal-error-during-installation-error-code-is-1603?forum=exchangesvrdeploy
  Hope it helps.
  If there are any problems, please feel free to let me know.
  Best regards,
  Amy
  Amy Wang
  TechNet Community Support

• Exchange 2010 - 2003 coexistence "unable to relay"

  Hi
  I have a customer with a Exchange 2010 / 2003 coexistence. 
  The Exchange 2010 has 3 CAS/HT servers. 
  When sending mails from 2003 to the outside world, one of the CAS/HT is giving me "unable to relay".
  Right now I have removed it from the routing group connector, but do you have any ideas where to look?
  BR
  Steen

  Hello,
  If there is only AD site, the receive connector is not needed.
  If there are multiple AD sites, when you send message to other AD sites, the receive conenctor is needed. If you send message from exchange 2003 to exchange 2010 or exchange 2010 to exchange 2003, the routing group connector is needed.
  Cara Chen
  TechNet Community Support

• Free/Busy availability and Out of Office not working after Exchange 2003 to Exchange 2010

  We just migrated from Exchange 2003 to Exchange 2010 as an intermediate step before we get to Exchange 2013.  I want to make sure everything is working OK before we start the migration to Exchange 2013.  
  The users have Outlook 2010, and there are 2 issues.  They can't view free/busy times for other people using the scheduling assistant, and they can't set their Out of Office messages.  If they go in through Outlook Web Access, then these features
  work!
  I've searched the forums, and I see a few similar issues, but I don't think this is related to the .Net issue on the CAS server.
  Any suggestions?
  Thanks!
  --Kent 

  Hi Kent,
  Try checking the free busy info Outlook 2010 with running  /cleanfreebusy switch
  Check the Free/Busy System Public Folder and pointed out to the correct server on each mailbox DB in Exchange 2010
  Find the public folder replica database
  get-publicfolder -Identity "\NON_IPM_SUBTREE\SCHEDULE+ FREE BUSY" -Recurse | fl name,Replicas
  In E2k10 check if the exchange 2003 is added in the replica list. If not try adding them and check.
  force Public folder content replication.
  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question.
  That will encourage me - and others - to take time out to help you.
  Regards,
  Sathish

• Public folders are not in sync after settting up Replicas between Exchange 2003 and 2010

  I have setup Public Folder replicas between the 2 Exchange servers and I can see all the top and sub level folders.
  For those mailboxes that were migrated over to Exchange 2010,  I have noticied  a lower number of item contents in these fodders when views from an Outlook client whose mailbox had been migrated over to Exchange 2010.
  On Exchange 2003 System Manager, if I properties one of the Public Folders, under the Replicataion tab, I can see the old and new server there. On the Exchange server 2003 box, I can see the last update reviced was a few weeks ago.
  I did see an option to synchronize content but I am not sure which server to run this one from. The Exchange 2003 or 2010 server.
  There is also a Resend Changes... option. Should I use this instead?
  Can anyone advise?

  Hi,
  The "Resend changes" and "Synchronize content" options in Exchange 2003 ESM are used to initiate hierarchy and content replication.
  To update public folder hierarchy and content from Exchange 2010 side, you can use the following commands.
  Update-PublicFolderHierarchy
  Update-PublicFolder
  Please run the Get-publicfolderstatistics cmdlet to get public folder details such as item count, this information will help you compare content replicated between the source and destination servers.
  Besides, here is a blog about public folder replication troubleshooting for your reference.
  http://blogs.technet.com/b/exchange/archive/2006/01/17/417611.aspx
  Hope this is helpful to you.
  Best regards,
  If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Belinda Ma
  TechNet Community Support

• Integration b/w Exchange 2010 SP2 and Exchange 9.1.1.7 connector

  Has any succesfully integrated exchange 2010 sp2 with 9.1.1.7 conncetor ..
  Sp2 is not in the certifcation list in the connector documentation .. just want to check if any one has done this before ..
  Thanks

  Hi Sembee,
  We did this already.
  We got it working now after doing above but with the shell.
  First we confirmed if the mailbox is disabled with the following command: Get-MailboxStatistics -Database MBD01 | Where { $_.DisconnectReason -eq "Disabled" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason
  It did show as disabled but when we try to enable it we got the following: This task does not support recipients of this type.
  So we disabled the mailbox in the shell, enable it again and it was fine.
  Get-MailboxStatistics -Database MBD01 | Where { $_.DisconnectReason -eq "Disabled" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason helped us, cause in the EMC exchange showed the user as enabled.
  Thanks

• Exchange 2010 Send Connector to postfix (v. 2.11) smarthost uses STARTTLS and cannot connect

  Dear all,
  I am having problems with exchange 2010 sending emails through a postfix smarthost server which disconnects the sessions. I also use a sendmail as a smarthost
  server which is working just fine but I have to switch to postfix and cannot do this as long as the encryption does not work.
  Here is the log file of the postfix server:
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: initializing the server-side TLS engine
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: connect from server1.mydomain.com[192.168.20.10]
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: setting up TLS connection from server1.mydomain.com[192.168.20.10]
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: server1.mydomain.com[192.168.20.10]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:before/accept initialization
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1B0] (11 bytes => 11 (0xB))
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0000 16 03 01 00 5a 01 00 00|56 03 01                 ....Z... V..
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAB1BE] (84 bytes => 84 (0x54))
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0000 54 a9 3d b9 0d 5e 8b 64|7c 6b b5 21 f2 93 e7 84  T.=..^.d |k.!....
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0010 17 ea 33 d7 e5 13 f2 75|3a 87 38 32 01 85 82 5b  ..3....u :.82...[
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0020 00 00 18 00 2f 00 35 00|05 00 0a c0 13 c0 14 c0  ..../.5. ........
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0030 09 c0 0a 00 32 00 38 00|13 00 04 01 00 00 15 ff  ....2.8. ........
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0040 01 00 01 00 00 0a 00 06|00 04 00 17 00 18 00 0b  ........ ........
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0050 00 02 01                                         ...
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0053 - <SPACES/NULLS>
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 read client hello A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server hello A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write certificate A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write key exchange A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 write server done A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: write to 7F4823FA5210 [7F4823FB8B70] (1911 bytes => 1911 (0x777))
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: 0774 - <SPACES/NULLS>
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:SSLv3 flush data
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: read from 7F4823FA5210 [7F4823FAC803] (5 bytes => 0 (0x0))
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept:failed in SSLv3 read client certificate A
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: SSL_accept error from server1.mydomain.com[192.168.20.10]: lost connection
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: lost connection after STARTTLS from server1.mydomain.com[192.168.20.10]
  Jan  4 14:18:59 server7 postfix/smtpd[1659]: disconnect from server1.mydomain.com[192.168.20.10]
  I
  have read in the post at https://social.technet.microsoft.com/Forums/exchange/en-US/6db38364-cb08-45c0-b159-3ddf30ef0b3e/exchange-2010-send-connector-uses-ssltls-and-cannot-connect-to-smarthost-how-to-deactivate-ssl?forum=exchange2010
  how to deactivate the SSL encryption, but this is of course a security flaw, if I am not mistaken. I would like to encrypt the connection between the servers for obvious security
  reasons but I have come to a standstill...
  My Exchange server certificate is configured
  as follows:
  AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
                       ule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKe
                       essRule}
  CertificateDomains : {server1, server1.solid-con.com}
  HasPrivateKey      : True
  IsSelfSigned       : True
  Issuer             : CN=server1
  NotAfter           : 22/01/2017 13:18:02
  NotBefore          : 22/01/2012 13:18:02
  PublicKeySize      : 2048
  RootCAType         : None
  SerialNumber       : 6925D91285B649BD4D5E4297F1A48471
  Services           : IMAP, POP, IIS, SMTP
  Status             : Valid
  Subject            : CN=server1
  Thumbprint         : 939A37173BF84E352CEDC74F7D9A3D71F498A005
  AccessRules        : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc
                       ule, System.Security.AccessControl.CryptoKeyAccessRule}
  CertificateDomains : {WMSvc-SERVER1}
  HasPrivateKey      : True
  IsSelfSigned       : True
  Issuer             : CN=WMSvc-SERVER1
  NotAfter           : 19/01/2022 12:56:44
  NotBefore          : 22/01/2012 12:56:44
  PublicKeySize      : 2048
  RootCAType         : Registry
  SerialNumber       : 1DB8711F7ADC5CB54196468EF2FF5D21
  Services           : None
  Status             : Valid
  Subject            : CN=WMSvc-SERVER1
  Thumbprint         : 191D86BDE274510453D58DDB91D253DABBCF05F1
  And My Default Send Connector is configured as follows:
  AddressSpaces                : {SMTP:*;1}
  AuthenticationCredential     : System.Management.Automation.PSCredential
  Comment                      :
  ConnectedDomains             : {}
  ConnectionInactivityTimeOut  : 00:10:00
  DNSRoutingEnabled            : False
  DomainSecureEnabled          : False
  Enabled                      : True
  ErrorPolicies                : Default
  ForceHELO                    : False
  Fqdn                         :
  HomeMTA                      : Microsoft MTA
  HomeMtaServerId              : SERVER1
  Identity                     : Internet
  IgnoreSTARTTLS               : False
  IsScopedConnector            : False
  IsSmtpConnector              : True
  LinkedReceiveConnector       :
  MaxMessageSize               : unlimited
  Name                         : Internet
  Port                         : 25
  ProtocolLoggingLevel         : None
  RequireOorg                  : False
  RequireTLS                   : False
  SmartHostAuthMechanism       : None
  SmartHosts                   : {server7.mydomain.com, server6.mydomain.com}
  SmartHostsString             : server7.mydomain.com,server6.mydomain.com
  SmtpMaxMessagesPerConnection : 20
  SourceIPAddress              : 0.0.0.0
  SourceRoutingGroup           : Exchange Routing Group (DWBGZMFD01QNBJR)
  SourceTransportServers       : {SERVER1}
  TlsAuthLevel                 :
  TlsDomain                    :
  UseExternalDNSServersEnabled : False
  Any help would be greatly appreciated as I am
  stuck...
  Luca

  Hi Allen,
  Thank you very much for your reply.
  The Postfix TLS Manager is enabled in master.cf
  tlsmgr    unix  -       -       n       1000?   1       tlsmgr
  and running
  server7:/etc/postfix # ps -efa|grep tls
  postfix  11967 11863  0 11:21 ?        00:00:00
  tlsmgr -l -t unix -u
  Every other (Linux/UNIX) server has no problem e.g.:
  Jan  5 11:28:36 server7 postfix/smtpd[12215]: connect from server2.mydomain.com[192.168.20.20]
  Jan  5 11:28:36 server7 postfix/smtpd[12215]: Anonymous TLS connection established from server2.mydomain.com[192.168.20.20]: TLSv1 with cipher DHE-DSS-AES256-SHA (256/256 bits)
  Jan  5 11:28:36 server7 postfix/smtpd[12215]: B5502946AB0: client=server2.mydomain.com[192.168.20.20]
  Jan  5 11:28:36 server7 postfix/cleanup[12221]: B5502946AB0: message-id=<[email protected]>
  Jan  5 11:28:36 server7 postfix/qmgr[12200]: B5502946AB0: from=<[email protected]>, size=1026, nrcpt=1 (queue active)
  Jan  5 11:28:36 server7 postfix/smtpd[12215]: disconnect from server2.mydomain.com[192.168.20.20]
  Jan  5 11:28:37 server7 postfix/smtpd[12225]: connect from localhost[127.0.0.1]
  Jan  5 11:28:37 server7 postfix/smtpd[12225]: 4076A946AB1: client=localhost[127.0.0.1]
  Jan  5 11:28:37 server7 postfix/cleanup[12221]: 4076A946AB1: message-id=<[email protected]>
  Jan  5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: from=<[email protected]>, size=1778, nrcpt=1 (queue active)
  Jan  5 11:28:37 server7 postfix/smtpd[12225]: disconnect from localhost[127.0.0.1]
  Jan  5 11:28:37 server7 postfix/smtp[12222]: B5502946AB0: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.54, delays=0.05/0.01/0.01/0.47, dsn=2.0.0, status=sent
  (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 4076A946AB1)
  Jan  5 11:28:37 server7 postfix/qmgr[12200]: B5502946AB0: removed
  Jan  5 11:28:37 server7 postfix/cleanup[12221]: 4401F946AB0: message-id=<[email protected]>
  Jan  5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: from=<[email protected]>, size=1920, nrcpt=1 (queue active)
  Jan  5 11:28:37 server7 postfix/local[12226]: 4076A946AB1: to=<[email protected]>, relay=local, delay=0.02, delays=0/0.01/0/0, dsn=2.0.0, status=sent (forwarded as 4401F946AB0)
  Jan  5 11:28:37 server7 postfix/qmgr[12200]: 4076A946AB1: removed
  Jan  5 11:28:37 server7 postfix/smtp[12227]: Untrusted TLS connection established to 192.168.20.10[192.168.20.10]:25: TLSv1 with cipher AES128-SHA (128/128 bits)
  Jan  5 11:28:37 server7 postfix/smtp[12227]: 4401F946AB0: to=<[email protected]>, orig_to=<[email protected]>, relay=192.168.20.10[192.168.20.10]:25,
  delay=0.29, delays=0/0.01/0.02/0.25, dsn=2.6.0, status=sent (250 2.6.0 <[email protected]> [InternalId=619] Queued
  mail for delivery)
  Jan  5 11:28:37 server7 postfix/qmgr[12200]: 4401F946AB0: removed
  and if you take a look at the lines in bold you will see that mails can be delivered over TLS to that very Exchange server (the mailboxes are on that server)...
  To summarise:
  exchange --> postfix with TLS = session disconnected (and everything seems to be initiated by the exchange server -if I read the logs correctly)
  postfix --> exchange with TLS = works
  any further hints?
  Thank you very much in advance,
  Luca