Category Archives: Exchange

Exchange 2019

How to Fix Exchange Spam Queue from a Compromised Mailbox (Kapothi Ritual Guide)

Leave a comment

🌄 Introduction

If you’ve ever woken up to find your Microsoft Exchange server queues overflowing with spam, you know the panic it brings. Outbound messages pile up, inboxes go silent, and your domain risks being blacklisted. This guide shares a real incident response: how we identified the compromised mailbox ([email protected]), reset its password, purged the Exchange queue with PowerShell, and traced the attacker’s IP using IIS logs.

By walking through these steps — containment, queue cleanup, IIS log filtering, inbox rule audit, and mailbox permission checks — you’ll learn how to stop spam at the source and harden your Exchange environment against future attacks.

⚡ Morning Containment Ritual

First, we identified the spammer in Exchange Toolbox → Queue Viewer, reset the password, and purged the queue.

# Reset the compromised account password
Set-ADAccountPassword -Identity [email protected]

# (Optional) Disable the account temporarily to freeze access
Disable-ADAccount -Identity [email protected]
# Purge spam messages from Exchange queue
Get-Queue | Get-Message |
Where {$_.FromAddress -eq [email protected]} |
Remove-Message -WithNDR $false

🔎 IIS Log Filtering

We confirmed the login source by filtering IIS logs.

# Filter IIS logs for the account
Select-String -Path “C:\inetpub\logs\LogFiles\W3SVC1\u_ex260430.log”
-Pattern [email protected]
| Out-File C:\Temp\dc02_iis_filtered.log

🔎 IIS Log Sample Extraction

To create a smaller sample of the filtered IIS log for analysis:

# Extract first 200 matching lines from filtered IIS log
Select-String -Path “C:\Temp\dc02_iis_filtered.log”
-Pattern [email protected]
| Select-Object -First 200
| Out-File C:\Temp\dc02_sample.log

đź“ś Inbox Rule Audit

We found and removed a malicious rule named DELETE.

# Inspect inbox rules
Get-InboxRule -Mailbox [email protected]

# Inspect specific rule
Get-InboxRule -Mailbox [email protected]
-Identity “RuleName” | Format-List

# Remove malicious rule
Remove-InboxRule -Mailbox [email protected]
-Identity “RuleName”

🛡️ Mailbox Permission Audit

We confirmed no rogue delegates were added.

# Audit mailbox permissions
Get-MailboxPermission -Identity [email protected]

đź“– Lessons Learned

  • Attackers often use inbox rules to hide their tracks.
  • IIS logs reveal the true client IP.
  • Password resets and queue purges are the fastest containment.
  • MFA and conditional access are the long‑term shields.

🌌 Closing

This Kapothi scroll reminds us: even in the quiet shrine‑home observatory, vigilance is ritual. The inbox can be turned against us, but with methodical steps — Contain → Eradicate → Recover → Audit → Harden — balance is restored.

Exchange 2013, Exchange 2016, Exchange 2019

📨 How to Set Out of Office Replies in Exchange Server (2013/2016/2019)

Leave a comment

📨 How to Set Out of Office Replies in Exchange Server (2013/2016/2019)

When a colleague is away, it’s important to let senders know automatically. Microsoft Exchange provides a simple way to configure Out of Office (Automatic Replies) either by the user themselves or by an administrator. Here’s the complete guide.

1. User Method (Outlook / OWA)

  • Outlook (desktop app)
    Go to File → Automatic Replies (Out of Office). Select Send automatic replies. Add your message for Inside My Organization and Outside My Organization. Optionally set start and end dates.
  • Outlook Web App (OWA)
    Log in to OWA. Navigate to Options → Organize Email → Automatic Replies. Enable automatic replies and configure your message.

2. Admin Method (Exchange Management Shell)

If the user cannot log in, administrators can set Out of Office replies on their behalf using PowerShell:

Set-MailboxAutoReplyConfiguration -Identity "[email protected]" -AutoReplyState Scheduled -StartTime "MM/DD/YYYY HH:MMAM" -EndTime "MM/DD/YYYY HH:MMPM" -InternalMessage "Internal auto-reply message here." -ExternalMessage "External auto-reply message here."

Key Parameters

  • Identity → the user’s mailbox (email address or alias).
  • AutoReplyState → Enabled, Disabled, or Scheduled.
  • StartTime / EndTime → define when replies begin and stop.
  • InternalMessage → message for colleagues.
  • ExternalMessage → message for outside senders.

3. Verification Ritual

After setting the configuration, always verify:

Get-MailboxAutoReplyConfiguration -Identity "[email protected]"
  • AutoReplyState is set to Scheduled.
  • StartTime and EndTime match the intended period.
  • InternalMessage and ExternalMessage are correct.

4. Testing

  • Send a test email from an internal account → confirm the internal reply.
  • Send a test email from an external account → confirm the external reply.
  • After the EndTime, send another test → confirm no auto-reply is sent.

🛡️ Comfort Insight

Think of this process as carving a temporary scroll into the Exchange shrine: the scroll activates at the start time, delivers the message faithfully to all senders, and at the end time, the scroll rolls up automatically, leaving the mailbox back to normal.

✨ With these steps, your organization can ensure smooth communication even when team members are away.

Exchange 2013

Exchange 2013 Auth Certificate Renewal Guide

Leave a comment

Exchange 2013 Auth Certificate Renewal Guide

Introduction

The Microsoft Exchange Server Auth Certificate is a self‑signed certificate used for server‑to‑server authentication and hybrid trust with Microsoft 365. In Exchange Server 2013, this certificate does not renew automatically and must be replaced manually before expiry. If it expires, hybrid features such as free/busy lookups and mail flow can break.

Renewal Steps

1. Generate a New Certificate

New-ExchangeCertificate -FriendlyName “Microsoft Exchange Server Auth Certificate” -PrivateKeyExportable $true
  • Creates a new self‑signed certificate.
  • Ensures the private key is exportable (required for AuthConfig).

Important: SMTP Certificate Prompt

When running New-ExchangeCertificate to create the Auth certificate, Exchange may prompt:

Do you want to replace the default SMTP certificate? (Y/N)

This prompt appears because Exchange certificates can technically be assigned to multiple services, including SMTP (mail transport) and AuthConfig (OAuth trust). However, the Microsoft Exchange Server Auth Certificate is only intended for AuthConfig and should not be bound to SMTP.

  • When creating the Auth certificate, always choose No at this prompt.
  • Your existing SMTP certificate remains active and continues to handle mail transport.
  • If your SMTP certificate itself is expiring, renew or replace it separately and then assign it using:
Enable-ExchangeCertificate -Thumbprint <Thumbprint> -Services SMTP

Tip: Always verify SMTP mail flow after making changes. Use Get-ExchangeCertificate to confirm which certificate is bound to SMTP.

2. Capture the Thumbprint

Copy the thumbprint from the command output for use in the next step.

3. Set the New Certificate in AuthConfig

Set-AuthConfig -NewCertificateThumbprint <Thumbprint> -NewCertificateEffectiveDate (Get-Date)
  • Applies the new certificate immediately.
  • Exchange 2013 requires the effective date to be specified.
  • In single‑server environments, immediate activation is safe.

Alternative for multi‑server environments:
Use the following command to set the effective date 48 hours ahead, allowing replication across all servers:

Set-AuthConfig -NewCertificateThumbprint <Thumbprint> -NewCertificateEffectiveDate (Get-Date).AddHours(48)

4. Restart the Service

Restart-Service MSExchangeServiceHost
  • Reloads Exchange components to apply the new certificate.
  • Service display name: Microsoft Exchange Service Host.

5. Verify Configuration

Get-AuthConfig
  • Confirm that CurrentCertificateThumbprint matches the new certificate.
  • Ensure the old certificate is listed as PreviousCertificateThumbprint.

Rollback (Repoint to Previous Certificate)

If you need to revert to the old certificate (for example, if issues arise after renewal), you can repoint AuthConfig to the previous thumbprint.

Set-AuthConfig -NewCertificateThumbprint <PreviousThumbprint> -NewCertificateEffectiveDate (Get-Date)
  • Reverts AuthConfig to the previous certificate immediately.
  • Use Get-AuthConfig to confirm the rollback.

Warning: Only rollback if the previous certificate is still valid (not expired). If expired, renewal is mandatory.

Notes

  • Always document thumbprints and expiry dates for future reference.
  • Remove any unwanted certificates (e.g., ones created without exportable keys) using:
Remove-ExchangeCertificate -Thumbprint <Thumbprint>

Conclusion

Renewing the Microsoft Exchange Server Auth Certificate in Exchange 2013 is essential for maintaining hybrid functionality with Microsoft 365. Following the steps above ensures secure OAuth trust and uninterrupted service continuity. Including rollback and SMTP guidance ensures admins can recover quickly and handle all prompts confidently.

Exchange 2010, Office 365, OutLook

Slow Outlook 2016 Autodiscover with Office 365 or Internal Exchange Server

Leave a comment

In case you run into slow account setup with Outlook 2016, which can take up to 10 mins or more. To workaround this issue, you may use the following Registry settings to force Outlook to bypass the root domain discovery and redirect to the autodiscover CNAME or A record to resolve the address for autodiscover settings.

For Outlook 2016:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover]
“ExcludeHttpsRootDomain”=dword:00000001

Note: For Office PC that has joined the Microsoft Active Directory, there is no need to amend the registry. This setting will be applied via the group policy when you login the system. and make sure Exchange Internal auto discovery DNS Entries are already created to auto discover internal Exchange Server

 

More Information Available at http://www.mistercloudtech.com/2015/12/08/how-to-resolve-slow-office-2016-autodiscover-with-office-365/

Exchange 2010

Your Account has been disabled after reconnect a Disconnected Mailbox in Exchange Server 2010

Leave a comment

 

Thanks to Original Post at https://linkdottech.wordpress.com/2014/12/06/your-account-has-been-disabled-after-reconnect-a-disconnected-mailbox-in-exchange-server-2010/

 

Dears when an Exchange 2010 mailbox has been disabled it becomes a disconnected mailbox, may be you need to restore this mailbox and suddenly after restored you get the above message when you try to login through OWA “your account has been disabled”  but the mailbox already enable and to be sure you can list the disconnected mailboxes run the following PowerShell command

Get-MailboxStatistics -Database DBName | Where { $_.DisconnectReason -eq “Disabled” } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason

Surprise!! Now the mailbox is simply disabledSad smile You have been guided to enable this mailbox by the following PowerShell command,

Enable-Mailbox -Identity UserName

Another Surprise !! you got the following Error message “This task does not support recipients of this type.” Sad smile And after Check the user type by the following PowerShell command

Get-mailbox UserName|Fl Recipient* you got the following results that mean no problem with the user type.

RecipientLimits            : unlimited
RecipientType              : UserMailbox
RecipientTypeDetails : UserMailbox

In this case if you try to export the user mailbox you will get the following error message: “Couldn’t connect to the source mailbox”

5-6-2014 9-53-48 AM

And this message let you make check on the MAPI if enable or not for this user by the following PowerShell command:

Get-CASMailbox -Identity UserName

5-6-2014 9-51-22 AM

 

 

And you found the MAPI enabled True that mean no problem by MAPI as the above figure.

 

At the End you need to say Haaaaaaa7Smile And solution is the following PowerShell Command after run it everything will be working normally SmileSmileSmile

Get-mailboxdatabase | Clean-mailboxdatabase

 

Exchange

You receive a “c1034a7f” error message when you delete a mailbox store: “One or more users currently use this mailbox store”

Leave a comment

This article describes several methods that you can use to work around an issue in which you cannot delete a Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 mailbox store.

 

When you try to delete a mailbox store from a server that is running Exchange 2000 or Exchange 2003, you may receive the following error message:

One or more users currently use this mailbox store. These users must be moved to a different mailbox store or be mail disabled before deleting this store.

ID no: c1034a7f

Exchange System Manager

This issue occurs if there are mailboxes that are homed on the store that you are trying to delete. You cannot delete a mailbox store if there are any users who have mailboxes that are homed on that store.

The following sections offer a different method to find the mailboxes that are homed on a mailbox store. When you have determined that a particular account owns a mailbox on a particular store, you can either move the mailbox or disable the account.

Method 1: Use the LDP tool to search for mailboxes that are on a mailbox store

 

 

  1. Start Ldp.exe.
  2. Click Connection, and then click Connect.
  3. Enter the name of a domain controller, and then click OK.
  4. Click Connection, and then click Bind.
  5. Enter the user name, the password, and the domain name of an administrative account, and then click OK.
  6. On the View menu, click Tree.
  7. Make sure that the Base DN box is blank, and then click OK.

    If the Base DN box is not blank, clear its contents, and then click OK.

  8. Right-click the container that you want to search, such as the CN=Users container, and then click Search.
  9. Click the Filter box, and then type the following:
    (&(objectCategory=person)(objectClass=user)(msExchHomeServerName=/o=ORGANIZATION NAME/ou=ADMINISTRATIVE GROUP NAME/cn=Configuration/cn=Servers/cn=SERVER-NAME-TO-REMOVE))
  10. Click Subtree, and then click Run.
  11. When you have identified which users have mailboxes on this store, you can use Active Directory Users and Computers to move the mailboxes to a different store or to delete the user’s mailbox.

Method 2: Use the LDP tool (Ldp.exe) to browse for mailboxes that are on a mailbox store

 

You can use the LDP tool to find all the accounts that have mailboxes on a particular mailbox store. This tool is included with the Microsoft Windows 2000 Support Tools package.

To use the LDP tool to find all the accounts that have mailboxes on a particular mailbox store, follow these steps:

  1. Start Ldp.exe.
  2. Click Connection, and then click Connect.
  3. Enter the name of a domain controller, and then click OK.

    We recommend that you enter a domain controller in the root domain of the forest.

  4. Click Connection, and then click Bind.
  5. Enter the user name, the password, and the domain name of an administrative account, and then click OK.
  6. On the Browse menu, click Search.
  7. Click to select the “DC=domainname,DC=local” by Base DN check box.
  8. Click the Filter box, and then type the following text:
    (msExchHomeServerName=*Exchange Virtual Server Name*)
  9. Click Subtree, and then click Run.
  10. Identify the users who have mailboxes on this store. Then, use the Active Directory Users and Computers snap-in to move the mailboxes to a different store or to delete the mailboxes.

For more information about how to use the LDP tool, see the LDP documentation in the Microsoft Windows 2000 Resource Kit.

For more information about how to find data by using the LDP tool, click the following article number to view the article in the Microsoft Knowledge Base:

224543 (http://support.microsoft.com/kb/224543/ ) Using Ldp.exe to find data in the Active Directory

Method 3: Use Active Directory Users and Computers to browse for mailboxes that are on a mailbox store

 

 

  1. Start Active Directory Users and Computers on a computer that has Exchange System Manager installed on it.
  2. In Active Directory Users and Computers, click View, click to select the Advanced Features check box, and then click OK.
  3. Click View, and then click Choose Columns.
  4. In the Modify Columns box, click Exchange Mailbox Store in the Hidden Columns list, click Add, and then click OK to add the Exchange Mailbox Store to the Displayed Columns list.

    An Exchange Mailbox Store column appears in Active Directory Users and Computers that shows the mailbox store that a user has a mailbox on.

  5. When you have identified which users have mailboxes on this store, you can use Active Directory Users and Computers either to move the mailboxes to a different store or to delete the user’s mailbox.

Method 4: Use Active Directory Users and Computers to search for mailboxes that are on a mailbox store

 

 

  1. Start Active Directory Users and Computers.
  2. Right-click the domain that you want, and then click Find.
  3. Click the Advanced tab, click Field, point to User, and then click Exchange Home Server.
  4. In the Condition list, click Ends with, type the name of the Exchange computer, and then click Find Now.
  5. If you are prompted to add the current criteria to your search, click Yes.
  6. When you have identified which users have mailboxes on this store, you can use Active Directory Users and Computers either to move the mailboxes to a different store or to delete the user’s mailbox.

The mailbox search results appear in the bottom pane.

Method 5: Use the LDIFDE tool (Ldifde.exe) to create an export file that contains the mailboxes that are on a mailbox store

 

 

  1. At a command prompt, type an LDIFDE command that resembles the following. Then press ENTER.

    ldifde -d “DC=ROOT,DC=COM” -f c:\output.txt -r “(&(objectCategory=person)(objectClass=user)(msExchHomeServerName=/o=ORGANIZATION NAME/ou=ADMINISTRATIVE GROUP NAME/cn=Configuration/cn=Servers/cn=SERVER-NAME-TO-REMOVE))”

  2. Quit the command prompt.
  3. Start Notepad or some other text editor, and then load the Output.txt file that you created in step 1 to view the mailboxes that are on the mailbox store.
  4. When you have identified which users have mailboxes on this store, you can use Active Directory Users and Computers either to move the mailboxes to a different store or to delete the user’s mailbox.

For more information about the LDIFDE tool, type the following command at a command prompt on a computer that is running a product that is listed in the “Applies To” section:

ldifde /?
Exchange 2000, Exchange 2007, Exchange 2010

Ports used by Exchange

Leave a comment

 

 

 

Protocol: LDAPPort (TCP/UDP): 389 (TCP)Description: Lightweight Directory Access Protocol (LDAP), used by Active Directory, Active Directory Connector, and the Microsoft Exchange Server 5.5 directory.

Protocol: LDAP/SSLPort (TCP/UDP): 636 (TCP)Description: LDAP over Secure Sockets Layer (SSL). When SSL is enabled, LDAP data that is transmitted and received is encrypted. To enable SSL, you must install a Computer certificate on the domain controller or Exchange Server 5.5 computer.

Protocol: LDAPPort (TCP/UDP): 379 (TCP)Description: The Site Replication Service (SRS) uses TCP port 379.

Protocol: LDAPPort (TCP/UDP): 390 (TCP)Description: While not a standard LDAP port, TCP port 390 is the recommended alternate port to configure the Exchange Server 5.5 LDAP protocol when Exchange Server 5.5 is running on a Microsoft Windows 2000 Active Directory domain controller.

Protocol: LDAPPort (TCP/UDP): 3268 (TCP)Description: Global catalog. The Windows 2000/2003 Active Directory global catalog listens on TCP port 3268. When you are troubleshooting issues that may be related to a global catalog, connect to port 3268 in LDP.

Protocol: LDAP/SSLPort (TCP/UDP): 3269 (TCP)Description: Global catalog over SSL. Applications that connect to TCP port 3269 of a global catalog server can transmit and receive SSL encrypted data. To configure a global catalog to support SSL, you must install a Computer certificate on the global catalog.

Protocol: IMAP4Port (TCP/UDP): 143 (TCP)Description: Internet Message Access Protocol version 4, may be used by “standards-based” clients such as Microsoft Outlook Express or Netscape Communicator to access the e-mail server. IMAP4 runs on top of the Microsoft Internet Information Service (IIS) Admin Service (Inetinfo.exe), and enables client access to the Exchange 2000/2003 information store.

Protocol: IMAP4/SSLPort (TCP/UDP): 993 (TCP)Description: IMAP4 over SSL uses TCP port 993. Before an Exchange 2000 server supports IMAP4 (or any other protocol) over SSL, you must install a Computer certificate on the Exchange 2000/2003 server.

Protocol: POP3Port (TCP/UDP): 110 (TCP)Description: Post Office Protocol version 3, enables “standards-based” clients such as Outlook Express or Netscape Communicator to access the e-mail server. As with IMAP4, POP3 runs on top of the IIS Admin Service, and enables client access to the Exchange 2000/2003 information store.

Protocol: POP3/SSLPort (TCP/UDP): 995 (TCP)Description: POP3 over SSL. To enable POP3 over SSL, you must install a Computer certificate on the Exchange 2000/2003 server.

Protocol: NNTPPort (TCP/UDP): 119 (TCP)Description: Network News Transport Protocol, sometimes called Usenet protocol, enables “standards-based” client access to public folders in the information store. As with IMAP4 and POP3, NNTP is dependent on the IIS Admin Service.

Protocol: NNTP/SSLPort (TCP/UDP): 563 (TCP)Description: NNTP over SSL. To enable NNTP over SSL, you must install a Computer certificate on the Exchange 2000/2003 Server.

Protocol: HTTPPort (TCP/UDP): 80 (TCP)Description: the protocol used primarily by Microsoft Outlook Web Access (OWA), but also enables some administrative actions in Exchange System Manager. HTTP is implemented through the World Wide Web Publishing Service (W3Svc), and runs on top of the IIS Admin Service.

Protocol: HTTP/SSLPort (TCP/UDP): 443 (TCP)Description: HTTP over SSL. To enable HTTP over SSL, you must install a Computer certificate on the Exchange 2000/2003 server.

Protocol: SMTPPort (TCP/UDP): 25 (TCP)Description: Simple Mail Transfer Protocol, is the foundation for all e-mail transport in Exchange 2000/2003. The SMTP Service (SMTPSvc) runs on top of the IIS Admin Service. Unlike IMAP4, POP3, NNTP, and HTTP, SMTP in Exchange 2000/2003 does not use a separate port for secure communication (SSL), but rather, employs an “in-band security sub-system” called Transport Layer Security (TLS).

Protocol: SMTP/LSAPort (TCP/UDP): 691 (TCP)Description: The Microsoft Exchange Routing Engine (also known as RESvc) listens for routing link state information on TCP port 691. Exchange 2000/2003 uses routing link state information to route messages and the routing table is regularly updated. The Link State Algorithm (LSA) propagates outing status information between Exchange 2000/2003 servers. This algorithm is based on the Open Shortest Path First (OSPF) protocol from networking technology, and transfers link state information between routing groups by using the X-LSA-2 command verb over SMTP and by using a Transmission Control Protocol (TCP) connection to port 691 in a routing group.

Protocol: X.400Port (TCP/UDP): 102 (TCP)Description: ITU-T Recommendation X.400 is really a series of recommendations for what an electronic message handling system (MHS) should look like. TCP port 102 is defined in IETF RFC-1006, which describes OSI communications over a TCP/IP network. In brief, TCP port 102 is the port that the Exchange message transfer agent (MTA) uses to communicate with other X.400-capable MTAs.

Protocol: MS-RPCPort (TCP/UDP): 135 (TCP)Description: Microsoft Remote Procedure Call is a Microsoft implementation of remote procedure calls (RPCs). TCP port 135 is actually only the RPC Locator Service, which is like the registrar for all RPC-enabled services that run on a particular server. In Exchange 2000/2003, the Routing Group Connector uses RPC instead of SMTP when the target bridgehead server is running Exchange 5.5. Also, some administrative operations require RPC. To configure a firewall to enable RPC traffic, many more ports than just 135 must be enabled. Please take note… however, you can static the port by changing the registry. Let me share with you all in future articles…

Protocol: DNSPort (TCP/UDP): 53 (TCP)Description: Domain Name System (DNS) is at the heart of all of the services and functions of Windows 2000/2003 Active Directory and Exchange 2000/2003 Server. You cannot underestimate the impact that a DNS issue can have on the system. Therefore, when service issues arise, it is always good to verify proper name resolution.

This definately clear all of your mind when you want to put in Front End in DMZ…

Last not least, we will always recommend to put in ISA rather than opening ports. This is also the recommended way from MSFT.

Exchange 2007

Exchange best practices analyzer asking to install dotnet frame work 1.1 and after install owa is not working

Leave a comment

Basically, you (or the software you were installing) switched your IIS site where OWA is installed into either a 32bit mode or ASP.NET 1.1. Since Exchange 2007 Outlook Web Access 2007 only runs on ASP.NET 2.0 in 64bit mode, you need to fix it back.

First, disable the 32bit mode for your web site. By default OWA goes into the Default Web Site context (0) so the following will take care of that:

cscript C:\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0

Second, register ASP.NET 2.0 as the default framework for that web site:

C:\Windows\Microsoft.NET\Framework64\v2.0.50727>
aspnet_regiis.exe -i
Start installing ASP.NET (2.0.50727).
……………………………….
Finished installing ASP.NET (2.0.50727)

Restart IIS and you should be all set.

Exchange 2007

To use the Exchange Management Console to configure mail forwarding for a mailbox

Leave a comment
  1. Start the Exchange Management Console.
  2. In the console tree, expand Recipient Configuration, and then click Mailbox.
  3. In the result pane, right-click the mailbox for which you want to configure mail forwarding and click Properties.
  4. In <Mailbox> Properties, on the Mail Flow Settings tab, click Delivery Options, and then click Properties.
  5. Click the Forward to check box. This enables the Browse button.
  6. Click Browse to open the Select Recipient dialog box. Select the recipient to whom you want to forward messages, and then click OK.
    Bb851509.note(en-us,EXCHG.80).gifNote:
    By default, the dialog box displays all recipients that are in the current recipient scope that is specified in the Recipient Configuration node. To learn more about the recipient scope and its impact on the recipient work center, see Understanding Recipient Scope.
  7. If you want incoming messages to be delivered to the mailbox as well as to the forwarding address configured, select the Deliver message to both forwarding address and mailbox check box. Clear this check box to forward all incoming messages without retaining copies in the mailbox.
  8. Click OK to return to <Mailbox> Properties.
  9. Click OK.
Exchange 2000

How to Enable Standard Journaling – Exchange 2000

1 Comment

It is recommended that you designate a dedicated Exchange server as the journaling server. Additionally, if you use a dedicated journaling server, you do not have to enable standard journaling on the server. Enable journaling only on those servers with mailbox stores for which you want to journal.

Before You Begin

Review your overall journaling strategy to verify that journaling is enabled on appropriate Exchange server.

To enable standard journaling

  1. In Exchange System Manager, expand Servers, expand <your Exchange server>, expand <storage group>, and then right-click the mailbox store.
  2. On the General tab, select Archive all messages sent or received by mailboxes on this store, and then click Browse to specify a mailbox as the journaling mailbox. All journalized messages for senders on this mailbox store are sent to the mailbox you specify.