May 2004 - Posts
I've seen a loot of questions in different newsgroups about how to clean
SMTP queues from a spam attack.
The easiest way to do this is to use the Advanced Queuing
Administration Command Line Interface tool (aqadmcli.exe)
Run aqadmcli.exe from a command line with the following syntax to delete all messages from all queues:
setserver "Servername"
delmsg flags=all
Run aqadmcli.exe from a command line with the following syntax to delete all messages from a specific sender address:
setserver "Servername"
delmsg flags=sender,sender=sender@domain_name.com
You can download aqadmcli.exe from:
ftp://ftp.microsoft.com/pss/Tools/Exchange%20Support%20Tools/Aqadmcli/aqadmcli.exe
Error Code Lookup tool can be used to translate errors reported by windows.
Here's a reprint of "Error Code Lookup Tool.doc" included in the Err package:
Error Code Lookup Readme
Determine error values from decimal and hexadecimal error codes in Microsoft Windows® operating systems. The tool can look up one or more values at a time.
Installation
From the Microsoft Web site, download the tool to a specified directory.
Using Error Code Lookup
Usage: err [value] [value]…
where must be of one of the following forms:
Decorated hex (0x54f)
Implicit hex (54f)
Ambiguous (1359)
Exact string (=ERROR_INTERNAL_ERROR)
Substring (:INTERNAL_ERROR)
All values on the command line will be looked up in Exchange’s internal tables and presented to you. If available, informational data associated with the value or values will also be shown (see example below). By default, the tool searches all tables, but you can restrict the output to those tables you deem appropriate by adding “/” to the beginning of the command line.
Example:
> err /winerror.h /ntstatus.h 0
# winerror.h selected.
# ntstatus.h selected.
# for hex 0x0 / decimal 0:
STATUS_WAIT_0 ntstatus.h
ERROR_SUCCESS winerror.h
# The operation completed successfully.
NO_ERROR winerror.h
SEC_E_OK winerror.h
S_OK winerror.h
# 5 matches found for “0”
Err.exe can bee downloaded from:
http://www.microsoft.com/downloads/details.aspx?FamilyId=BE596899-7BB8-4208-B7FC-09E02A13696C&displaylang=en
The Outlook Web Access change password feature is installed, but it is disabled by default.
The password configuration consists of two changes:
1. Adding/editing the registry value to the back end server.
Location: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: DisablePassword
Type: REG_DWORD
Value Data: 0 or 1
Enter the value 0 if you want to enable the change password feature. (The Change Password button is available.)
Enter the value 1 if you want to disable the change password feature. (The Change Password button is unavailable.)
2. Adding Iisadmpwd virtual directory to the front-end server.
Right-click the Default Web Site, click New, and then select Virtual Directory.
Create the virtual directory with the alias IISADMPWD
Point the new virtual directory to Winnt\System32\Inetsrv\Iisadmpwd directory, and make sure that both Read and Execute permissions are selected.
Both changes are made to a standalone server if you are using just one server.
Additional Information:
555071 - IISADMPWD Virtual Directory Is Not Created During a Default Install of IIS 6.0
269082 - IISADMPWD Virtual Directory Is Not Created During Clean Install of IIS 5.0
Exchange 2000 and Exchange 2003 Standard Editions limit the information store size to 16gb.
It is the total database size, including the EDB and the STM file, not just the EDB file.
When the mailbox store database in Microsoft Exchange Server 2003 Standard Edition or Microsoft Exchange 2000 Server Standard Edition reaches the 16gb size limit, the mailbox store does not mount.
To resolve this issue, new functionality has been added to Exchange 2000 Standard Edition that allows an administrator to: Increase the 16GB limit by 1GB to allow for recovery.
In Exchange 2003, this functionality is built into the product. However, to enable this functionality, the administrator must create the new registry value:
Location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSExchangeIS\Private
Value: Temporary DB Size Limit Extension
Type: REG_DWORD
Value Data: 1
To resolve this issue in Exchange 2000, you can apply the September 2003 Exchange 2000 Server Post-Service Pack 3 Rollup. This update requires that you install Exchange 2000 Service Pack (SP3) and install the 813051 update on your server.
824282 September 2003 Exchange 2000 Server Post-Service Pack 3 Rollup
More information can be found at:
828070 Exchange Server Mailbox Store Does Not Mount When the Mailbox Store Database Reaches the 16-GB Limit
There are 2 levels of file attachments for Outlook Web Access.
Level1 attachments have file extensions that are prohibited to access, download or attach.
This applies to back-end servers and standalone servers.
Level2 attachments have file extensions that can be accessed, but only if saved to the client's file system first.
This applies to back-end servers and standalone servers.
OWA is installed with a default set of file extensions for the two levels as shown in the following registry keys:
Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: Level1FileTypes
Type: REG_SZ
Value Data: ade,adp,app,asx,bas,bat,chm,cmd,com,cpl,crt,csh,exe,fxp,hlp,hta,inf,ins,isp,js,jse,
ksh,lnk,mda,mdb,mde,mdt,mdw,mdz,msc,msi,msp,mst,ops,pcd,pif,prf,prg,reg,scf,
scr,sct,shb,shs,url,vb,vbe,vbs,wsc,wsf,wsh
Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: Level2FileTypes
Type: REG_SZ
Value Data: ade,adp,asx,bas,bat,chm,cmd,com,cpl,crt,exe,hlp,hta,htm,html,htc,inf,ins,isp,js,jse
,lnk,mda,mdb,mde,mdz,mht,mhtml,msc,msi,msp,mst,pcd,pif,prf,reg,scf,scr,sct,
shb,shs,shtm,shtml,stm,url,vb,vbe,vbs,wsc,wsf,wsh,xml,dir,dcr,plg,spl,swf
Attachments listed should be separated by a comma with no space.
There are a couple of other registry keys for OWA.
One of them is DisableAttachments. It allows administrators to prevent users from accessing or adding attachments as a whole.
Location: HKLM\System\CurrentControlSet\Services\MSExchangeWeb\OWA
Value: DisableAttachments
Type: REG_DWORD
Value Data: 0,1 or 2
Enter the value 0 if you want to allow all attachments.
Enter the value 1 if you want to disallow all attachments.
Enter the value 2 if you want to allow attachments from only back-end servers.