Exchange Server

Exchange 2003 & 2007

Removing a Blackberry Enterprise Server (BES) user

by

This quick how-to explains the easy task of how to remove a user from Blackberry Enterprise Server.

  • First of all login to or open the BES server console. If the BES MMC console is already open close it (quit) then launch it again. If the MMC is not open, open it, then close it and open it again. (Use the “Blackberry Manager” icon on the desktop or in the start menu to do this). You can also run “C:\Program Files\Research In Motion\BlackBerry Enterprise Server\BBMgr\Server\bbmgrw32.exe” if BES has been installed in its default location.
  • On the left hand side menu, expand “Servers” then expand “YourBESservername”. You should see a list of users on the right.
  • Find the user you are removing, highlight and right-click their name and then select “Delete user” When asked if you would also like to remove their data, select “yes”.
  • The user should now be removed from Exchange Blackberry services.

deleting-bes-user

How to increase the default exchange 2003 SP2 database store limits

by

This applies to Exchange 2003 SP2.

Today I had a call from a client complaining that their e-mail would sporadically stop working every day or two. They said that by restarting the server, they could temporarily fix the problem.

I connected up, and took a look at the server’s event viewer application logs, around about the times that the client complained this last happened, which was around 07h30 in the morning. At 05h00 in the morning, when the exchange database runs some checks, I found the problem. A warning event that complains that the exchange logical database is now over the default size allowed. Logical size being the physical size of the .edb and .stm files, less the logical free space (also known as white space). Anyway the defaults size for the entire database is 18GB (16GB + 2GB). We need to adjust these now, as our combined mailboxes and public folders are over the 18GB size limit, or are quite close to breaching the limit. If they are over, then your exchange database would have already dismounted following the next check at 05h00 in the morning. If they have not passed the 18GB limit, then you will probably just be getting warning events at the moment, and should still increase the size limits to avoid any downtime.

This is how…

Open the registry editor – Start – Run, and type : regedit
Click Ok

Now navigate to (Note that the GUID is a unique string of numbers for each server) :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\NameOfYourExchangeServer\Private-GUID

Create a new DWORD entry as follows :

Database Size Limit in GB

Right-click and modify the entry once created, and give it a decimal value of anything between 1 and 75 depending on how many GB you want to limit this size to. Make sure you have enough disk space free on the partition your Exchange database is residing, and then enter something higher than 18. For example I used 60 for 60GB.

Modify the exchange 2003 SP2 default database size

Click OK

Now navigate to the next part (This is to modify the public folders database size) :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\NameOfYourExchangeServer\Public-GUID

Do the same as above, by creating the same DWORD value, and give it a size limit (decimal value) higher than the current public database value. For example I used 15 for 15GB.

Click OK.

Now we need to exit the registry editor, and restart the Exchange Information Store.

Go to start – run, and type : services.msc

Press enter, or click OK.

Navigate to the Exchange Information Store service, and right click it. Select the restart option.

Please note that this will now dismount your store. If your mail store is still online, users will be temporarily disconnected while the store re-mounts itself. Once back online, the database sizes will have increased, and you will get some nice notifications in your application log informing you of the new database sizes.

Clear outgoing spam problems on your Exchange 2003 server / network

by

Today I had to sort out a client’s mail server after BT disconnected them from all broadband access. Their server had sent out 108 000 spam e-mails, and the mail queues were full, trying to send more.

They had to contact BT, and ask them to re-connect their broadband service, so that I could remotely login and take a look into the issue.

First thing I did once I got access was disable their SMTP Service. To do this, right-click My Computer, go to “Manage” expand “Services and Applications” Double click on Services, and scroll down to Simple Mail Transport Protocol Service. Right-click it, and select Stop. This will halt all outgoing mail.

From this point, I logged into the router (Which happened to be a Netgear DG834), and checked the firewall logs. I could see tons of SMTP connections from external IP address, first of all I thought let me just secure the firewall – this hadn’t been done on this particular router.

I went to the Firewall settings, and made some rules as follows :
Outbound traffic:
Allow SMTP(25) for single IP address on the internal LAN (192.168.16.2) – this is the IP of the mail server.
Dissallow SMTP(25) for all IP addresses on internal LAN. (The above rule for the server overrides this).

I did a test before enabling these rules by using telnet to test outgoing SMTP connections from a few client PCs on the network first.

From command prompt, type : telnet anymailserver.com 25 (replace anymailserver.com with a mail server address such as mail.google.com). I could make a connection using this before the rule was in place, after the rule was enabled I could not, so this firewall rule was working well to block SMTP traffic from any PCs on the network that we didn’t want to be able to send mail. This by the way, was in case one or more of the PCs had picked up a mass mailing worm that was sending spam directly from the PC. A telnet test from the mail server still worked, as I had explicity allowed SMTP traffic from it’s IP address. So that was the Internal network locked down. You can see if you get a successful telnet on port 25 if the command prompt goes blank, or gives you a mail server welcome message. (See the image below). If you don’t get a connection, the attempt will time out, and say it didn’t manage to connect after a few seconds.

telnet25

Another thing to do at this point, would be to ensure the Anti virus is up to date on all PCs and the server, and scan them to ensure they are all clean.

Next up was the Exchange configuration – I checked that relay access was restricted only to the Mail server itself.

Open Exchange System Manager by going to Start menu – Programs, Exchange, Exchange System Manager.

Expand Servers, select your mail server name (In this case it is SBS2003), expand protocols, expand SMTP, and right click on the Default SMTP Virtual Server icon, then select Properties. (See image below)

Exchange System Manager

Once the properties sheet is open, click on the “Access” tab, then click on the “Relay” button.

Ensure that only localhost (127.0.0.1) – the server itself, and the Server’s IP address internally are in the list. So in this case 127.0.0.1 and 192.168.16.2 are in the list, with the option “Only the computers below” selected. Then untick the check box below that list (Allow all computers which successfully authenticate to relay, regardless of the list above). This makes sure that only the server can relay mail. Obviously the situation depends on how your network is setup, so as long as you don’t have other mail servers connecting to this exchange server then you should be safe un-ticking this option. See image below :

relay_access1

Click Ok, and then Ok once again. Open My computer, and browse to your exchange server’s queue folder. This is usually in C:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue

You would probably have thousands of files in here, so re-name the Queue folder to Queue_old or something like that, and create a new folder called “Queue” in it’s place. This will ensure a clear queue for when we re-enable the SMTP service.

Now go to your Services again, and Start the SMTP service, by right-clicking Simple Mail Transport Protocol, and clicking the Start option.

If all goes well, your queues should stay clear of any bad mail, and your network should be able to send mail again.