GAPTHEGURU

Geek with special skills

HOW TO: Prevent annoying spam from your own domain

One of the more annoying types of spam is the one that seems to be coming from your own domain; or worse— from your own email address! Of course, users from your own domain don’t generally spam each other— unless you’re using one of the free web-based email services. And most of us don’t spam ourselves.

Obviously, this is coming from a spammer who has spoofed your email address, or that of someone else from your domain. Unfortunately, SMTP— the protocol that allows mail clients and servers to exchange email, allows headers to be spoofed easily.

In Exchange Server 2007, Accepted Domains tell Exchange which domains to accept email for. If a domain – e12labs.com in this example, exists as an Accepted Domain, there is no reason external senders should use that domain in the MAIL or FROM headers.

You may have remote POP3/IMAP4 users who use SMTP to send mail. However, such sessions should be authenticated, and preferably use a separate Receive Connector.

Thanks to the extensive Transport Permissions model in Exchange 2007, we can easily prevent such spam. Receive Connectors have the ms-exch-smtp-accept-authoritative-domain-sender permission which dictates whether an Accepted Domain can be used in the MAIL orFROM headers. External/internet hosts submit mail to your server without authentication, as anonymous senders. To prevent anonymous senders from sending mail using your domain(s), we need to remove the ms-exch-smtp-accept-authoritative-domain-senderpermission assigned to them.

Use the following command to remove the ms-exch-smtp-accept-authoritative-domain-sender permission from NT Authority\Anonymous Logon on internet-facing Receive Connector(s):

Get-ReceiveConnector “My Internet ReceiveConnector” | Get-ADPermission -user “NT AUTHORITY\Anonymous Logon” | where {$_.ExtendedRights -like “ms-exch-smtp-accept-authoritative-domain-sender”} | Remove-ADPermission

Once this permission is removed, when anonymous senders try to submit mail using your Accepted Domain(s), here’s how the SMTP conversation goes:

220 E12Postcard.e12labs.com Microsoft ESMTP MAIL Service ready at Wed, 3 Sep 2008 06:22:43 -0700
helo
250 E12Postcard.e12labs.com Hello [172.31.0.170]
mail from:jadams@e12labs.com
550 5.7.1 Client does not have permissions to send as this sender

Exchange stopped spoofing of P1/envelope headers. Let’s continue the session and try to spoof the P2 headers (the ones in the DATA part of the message) — maybe that’ll work!

mail from:someone@someotherdomain.com
250 2.1.0 Sender OK
rcpt to:jadams@e12labs.com
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
from:jadams@e12labs.com
subject: Header spoofing

This is how we spoof headers, spoof headers.

.
550 5.7.1 Client does not have permissions to send as this sender
quit
221 2.0.0 Service closing transmission channel

As you can see, removing the ms-exch-smtp-accept-authoritative-domain-senderpermission stops spoofing of your domains in both envelope (P1) and message (P2) headers.

When not to remove the permission?
Is there a scenario where one should not remove the ms-exch-smtp-accept-authoritative-domain-sender permission from NT Authority\Anonymous Logon? Yes, on Receive Connectors used by internal or trusted SMTP hosts (such as copiers/scanners and application servers) that submit mail without authentication.

Advertisements

08/10/2012 Posted by | Exchange server | , | Leave a comment

How To Allow Relaying in Exchange 2010 and Exchange 2007

In Exchange Server 2003, you can allow anonymous SMTP hosts to relay mail by adding their IP address(es) in SMTP Virtual Server Properties | Access tab | Relay. Hosts that require anonymous relay capability include application servers and devices such as copiers, which scan documents and send them as email attachments.

Screenshot: Allowing relaying on Exchange Server 2003 SMTP Virtual Server
Figure 1: Controlling relay restrictions in Exchange Server 2003

Starting with Exchange Server 2007, Exchange implemented its own SMTP protocol stack – unlike Exchange Server 2003/2000, you no longer need to install the SMTP service from IIS. SMTP Virtual Servers have been replaced by Receive Connectors. Understandably, the way you allow relaying has changed as well.

Do you really need to allow relaying?

Before you setup anonymous relaying, it’s important to understand the need for relaying. If your application servers or devices like copiers need to send mail only to internal recipients – i.e. mail to addresses for which Exchange has an Accepted Domain (or a Recipient Policy in Exchange Server 2003/2000) and therefore will receive inbound mail for, it is not considered relaying. The application server or device should be able to do this without any configuration on Exchange.

Recipient Policies and Exchange Server 2010/2007

In Exchange 2003, Recipient Policies tell Exchange which domains to receive inbound email for, and to generate email addresses for recipients using those domains. Exchange 2007 splits this functionality into two parts:

  1. Accepted Domains: As the name suggests, Accepted Domain tells Exchange which domain to accept inbound email for
  2. Email Address Policies which actually generate the email addresses

In Exchange Server 2003/2000, you use Active Directory Users & Computers (ADUC) to create recipients such as user accounts and distribution groups. Exchange’s Recipient Update Service (RUS) monitors Active Directory for new recipients or changes to existing recipients and applies Recipient Policies.

In Exchange 2007 and later, there’s no RUS (or its role is significantly minimized that it’s safe to say there’s no RUS). Recipients are provisioned in Exchange using the Exchange Management Console (EMC) or the Exchange Management Shell (EMS) and Email Address Policies are applied in real-time.

Just like previous versions, Exchange 2010/2007 allow authenticated relaying by default. So if your application server or device can authenticate, you must look at configuring them to do so and avoid allowing anonymous relaying. However, some applications or devices may not be able to authenticate. You may need to allow anonymous relaying when the application server or device receives the SMTP error message:

550 5.7.1 Unable to relay

Relaying: The easy way, and the secure way

The best way to allow unauthenticated relaying, or certainly the more secure and recommended one, is to create or use a Receive Connector dedicated for this purpose. I recommended this approach even on Exchange Server 2003/2000 — it’s not a good idea to use your Internet-exposed SMTP virtual server to allow anonymous relaying, even if restricted to specified IP addresses.

Scott Landry wrote about this recently on the Exchange team blog in “Allowing application servers to relay off Exchange Server 2007“.

To create a new Receive Connector, you need another IP address on your Exchange server.

The other alternative is to create a new Receive Connector that listens on a different port instead of the default SMTP port (TCP port 25). Most app servers and devices don’t like this (which shouldn’t be a surprise, because these are coded by the same developers who decided against providing for authenticated SMTP) and many won’t let you configure an alternate port for sending SMTP mail. Rather than mess with non-default ports for SMTP, and having to configure all clients that need to submit to it to also use the same non-default port, it’s best to add another IP address to your Exchange server and create a new Receive Connector.

Receive Connector Bindings in Exchange 2010/2007

Server processes communicating using TCP/IP listen on a particular port number on a given network interface or IP address. This combination of IP address + port number is known as a socket or binding. Two processes can’t use the same socket at the same time— each needs to have a unique binding. In Exchange 2003, SMTP Virtual Servers bind to a socket, specified by a unique combination of IP address + port number. This means two SMTP Virtual Servers can’t bind to the same IP address + Port combination.

In Exchange 2010/2007, Receive Connectors also consider the RemoteIPRanges — the IP addresses or subnets that are allowed to connect to a Receive Connector, in addition to the IP address + port combination, as a unique binding. This means you can create more than one Receive Connectors using the same IP address + port combination, but different RemoteIPRanges. This allows you to enforce different settings for different SMTP hosts that connect to the same IP address + port. .

Allow relaying: The easy way

With the new IP address added to the Exchange server – let’s say it is 192.168.1.17, and your app server, device or copier that needs to relay is 192.168.1.100, fire up Exchange shell and use the following command:

New-ReceiveConnector -Name RelayConnector -usage Custom -Bindings ’192.168.1.17:25′ -fqdn server.domain.com -RemoteIPRanges 192.168.1.100 -server MYEXCHANGESERVER -permissiongroups ExchangeServers -AuthMechanism ‘TLS, ExternalAuthoritative’

What this does:

  • Creates a new Receive Connector called RelayConnector
  • Specifies the usage type Custom
  • Binds the Receive Connector to port 25 on IP address 192.168.1.17
  • Gives it the FQDN of server.domain.com
  • Allows only the host with the IP address 192.168.1.100 to connect to it (specified by the RemoteIPRanges parameter)
  • Additionally, and most importantly, it assigns the ExchangeServers permission group to it, and disables authentication. When you select ExternalAuthoritative for authentication, you’re telling Exchange that you completely trust the IP address(es) or subnets specified in the RemoteIPRanges parameter (192.168.1.100) and you have another authentication mechanism outside of Exchange, such as IPSec, to authenticate.

This also bypasses all security for messages received from that IP address. Because Exchange treats all hosts specified in RemoteIPRanges as trusted, it doesn’t apply anti-spam filters, doesn’t enforce message size limits, resolves P2 headers, and allows sending on behalf of users. Going back to Exchange Server 2003, this is somewhat similar to adding the sending host’s address to Connection Filtering‘s Global Accept list.

A better, more secure way to allow relaying

If you want it to be more secure, you can create a Receive Connector with PermissionGroups set to AnonymousUsers:

New-ReceiveConnector -Name RelayConnector -usage Custom -Bindings ’192.168.1.17:25′ -fqdn server.domain.com -RemoteIPRanges 192.168.1.100 -server MYEXCHANGESERVER -permissiongroups AnonymousUsers

Notice, we’ve left out the AuthMechanism parameter in the above command. However, we’re still restricting it to a particular IP address— 192.168.1.100. The big difference from the previous approach is we’re not treating the host as trusted.

Next, allow anonymous users to relay. This is done by allowing anonymous users the extended right ms-Exch-SMTP-Accept-Any-Recipient for this Connector:

Get-ReceiveConnector RelayConnector | Add-ADPermission -User “NT AUTHORITY\ANONYMOUS LOGON” -ExtendedRights “ms-Exch-SMTP-Accept-Any-Recipient”

Exchane 2010/2007 and the transport permissions model

In Exchange 2010/2007, you can assig granular permissions to security principals on Receive Connectors and Send Connectors. For instance, if you want to have messages from a certain sender bypass Exchange’s anti-spam filters, you can also assign the ms-Exch-Bypass-Anti-Spam permission to that sender on a Receive Connector. Note, however, that the sender’s identity can only be established if they’re authenticated. Mail from all unauthenticated senders, which includes most Internet mail, is considered as being received from Anonymous (permissions assigned to NT AUTHORITY\ANONYMOUS LOGON apply).

For more information about transport permissions in Exchange 2010, check out Understanding Receive Connectors and Understanding Send Connectors. For Exchange 2007, see “Exchange Server 2007 Transport Permissions Model” in Exchange Server 2007 documentation.

What’s the difference?

The difference between the 2 approaches can be seen when you send test messages, as shown in the following screenshot:

Screenshot: Messages from both Connectors shown in Microsoft Outlook
Figure 2:The difference between the 2 approaches can be seen in how messages are displayed in email clients

The first message at 9:22 AM is sent by the first Connector, where the message received without authentication actually shows up as sent by me – the P2 headers are resolved. Whereas the second message at 9:34 AM actually shows up with the sender’s SMTP address.

The second message also went through the anti-spam filters – a quick check of the message headers reveals the antispam headers.

Screenshot: Message headers showing antispam headers
Figure 3: Messages received using the second method do not bypass anti-spam filters by default

05/03/2012 Posted by | Exchange server, Powershell, Recive Connector, Relaying | , , , | Leave a comment

Exchange Server and Update Rollups Builds Numbers

Here is the complete overview of exchange builds number and the link to their patch and update rollups.

Exchange Server Release dates

Product name Build number Date
 Microsoft Exchange Server 2003  6.5.6944  6/30/2003
 Microsoft Exchange Server 2003 SP1  6.5.7226  5/25/2004
 Microsoft Exchange Server 2003 SP2  6.5.7638  10/19/2005
 Microsoft Exchange Server 2007  8.0.685.24  12/9/2006
 Microsoft Exchange Server 2007  8.0.685.25  12/9/2006
 Microsoft Exchange Server 2007 SP1  8.1.240.6  11/29/2007
 Microsoft Exchange Server 2007 SP2  8.2.176.2  8/24/2009
 Microsoft Exchange Server 2007 SP3  8.3.083.6  6/20/2010
 Microsoft Exchange Server 2010  14.0.639.21  11/9/2009
 Microsoft Exchange Server 2010 SP1  14.1.218.15  8/24/2010
 Microsoft Exchange Server 2010 SP2  14.2.247.5  12/4/2011

Exchange Server 2007 Service Pack 1

Product name Build number Date KB
 Microsoft Exchange Server Exchange 2007 SP1  8.1.240.6  11/29/2007
 Update Rollup 1 for Exchange Server 2007 Service Pack 1  8.1.263.1  2/28/2008  KB945684
 Update Rollup 2 for Exchange Server 2007 Service Pack 1  8.1.278.2  5/8/2008  KB948016
 Update Rollup 3 for Exchange Server 2007 Service Pack 1  8.1.291.2  7/8/2008  KB949870
 Update Rollup 4 for Exchange Server 2007 Service Pack 1  8.1.311.3  10/7/2008  KB952580
 Update Rollup 5 for Exchange Server 2007 Service Pack 1  8.1.336.1  11/20/2008  KB953467
 Update Rollup 6 for Exchange Server 2007 Service Pack 1  8.1.340.1  2/10/2009  KB959241
 Update Rollup 7 for Exchange Server 2007 Service Pack 1  8.1.359.2  3/18/2009  KB960384
 Update Rollup 8 for Exchange Server 2007 Service Pack 1  8.1.375.2  5/19/2009  KB968012
 Update Rollup 9 for Exchange Server 2007 Service Pack 1  8.1.393.1  7/17/2009  KB970162
 Update Rollup 10 for Exchange Server 2007 Service Pack 1  8.1.436.0  4/9/2010  KB981407


Exchange Server 2007 Service Pack 2

Product name Build number Date KB
 Microsoft Exchange Server 2007 SP2  8.2.176.2  8/24/2009
 Update Rollup 1 for Exchange Server 2007 Service Pack 2  8.2.217.3  11/19/2009  KB971534
 Update Rollup 2 for Exchange Server 2007 Service Pack 2  8.2.234.1  1/22/2010  KB972076
 Update Rollup 3 for Exchange Server 2007 Service Pack 2  8.2.247.2  3/17/2010  KB979784
 Update Rollup 4 for Exchange Server 2007 Service Pack 2  8.2.254.0  4/9/2010  KB981383
 Update Rollup 5 for Exchange Server 2007 Service Pack 2  8.2.305.3  12/7/2010  KB2407132

 

Exchange Server 2007 Service Pack 3

Product name Build number Date KB
 Microsoft Exchange Server 2007 SP3  8.3.083.6  6/20/2010
 Update Rollup 1 for Exchange Server 2007 Service Pack 3  8.3.106.2  9/9/2010  KB2279665
 Update Rollup 2 for Exchange Server 2007 Service Pack 3  8.3.137.3  12/10/2010  KB2407025
 Update Rollup 3 for Exchange Server 2007 Service Pack 3  8.3.159.0  3/2/2011  KB2492691
 Update Rollup 3-v2 for Exchange Server 2007 Service Pack 3  8.3.159.2  3/30/2011  KB2530488
 Update Rollup 4 for Exchange Server 2007 Service Pack 3  8.3.192.1  7/7/2011  KB2509911
 Update Rollup 5 for Exchange Server 2007 Service Pack 3  8.3.213.1  9/21/2011  KB2602324
 Update Rollup 6 for Exchange Server 2007 Service Pack 3  8.3.245.2  1/25/2012  KB2608656


Exchange Server 2010

Product name Build number Date KB
 Microsoft Exchange Server 2010 RTM  14.0.639.21  11/9/2009
 Update Rollup 1 for Exchange Server 2010  14.0.682.1  12/9/2009  KB976573
 Update Rollup 2 for Exchange Server 2010  14.0.689.0  3/4/2010  KB979611
 Update Rollup 3 for Exchange Server 2010  14.0.694.0  4/9/2010  KB981401
 Update Rollup 4 for Exchange Server 2010  14.0.702.1  6/17/2010  KB982639
 Update Rollup 5 for Exchange Server 2010  14.0.726.0  12/13/2010  KB2407113


Exchange Server 2010 Service Pack 1

Product name Build number Date KB
 Microsoft Exchange Server 2010 SP1  14.1.218.15  8/24/2010
 Update Rollup 1 for Exchange Server 2010 SP1  14.1.255.2  10/4/2010  KB2407028
 Update Rollup 2 for Exchange Server 2010 SP1  14.1.270.1  12/9/2010  KB2425179
 Update Rollup 3 for Exchange Server 2010 SP1  14.1.289.3  3/7/2011  KB2492690
 Update Rollup 3-v3 for Exchange Server 2010 SP1  14.1.289.7  4/1/2011  KB2529939
 Update Rollup 4 for Exchange Server 2010 SP1  14.1.323.1  6/22/2011  KB2509910
 Update Rollup 4-v2 for Exchange Server 2010 SP1  14.1.323.6  7/27/2011  KB2579150
 Update Rollup 5 for Exchange Server 2010 SP1  14.1.339.1  8/23/2011  KB2582113
 Update Rollup 6 for Exchange Server 2010 SP1  14.1.355.2 10/27/2011  KB2608646

Exchange Server 2010 Service Pack 2

Product name Build number Date KB
 Microsoft Exchange Server 2010 SP2  14.2.247.5  12/4/2011
 Update Rollup 1 for Exchange Server 2010 SP2  14.2.283.3  2/13/2012  KB2645995

03/08/2012 Posted by | Exchange server | , , , , | Leave a comment

Powershell commands

# Create a new mailbox-enabled user
new-Mailbox -alias testmbx -name TestMailbox -database “Mailbox Database” -org Users -UserPrincipalName testmbx@example.com
Password: <userpassword>

# Create a new resource mailbox (Conference Room or Equipment)
New-Mailbox -alias testresmbx -name TestResourceMailbox -database “Mailbox Database” -org Users <-Room | -Equipment>  -UserPrincipalName testresourcembx@example.com

# Create a shared mailbox
new-Mailbox -alias testsharedmbx -name TestSharedMailbox -database “Mailbox Database” -org Users -shared -UserPrincipalName testsharedmbx@example.com

# Create a new linked mailbox
New-Mailbox -alias testlinkedmbx -name TestLinkedMailbox -database “Mailbox Database” -org Users -LinkedMasterAccount account@userdomain.com -LinkedDomainController userdomain-dc-01 -UserPrincipalName testmbx@example.com

# Mail-enable an existing user as a user mailbox
Enable-Mailbox logondisableduser -database “Mailbox Database”

# Mail-enable an existing (AD logon-disabled) user as a resource mailbox (Conference Room or Equipment)
Enable-Mailbox logondisableduser <-Room | -Equipment> -database “Mailbox Database”

# Mail-enable an existing (AD logon-disabled) user as a linked mailbox
Enable-Mailbox logondisableduser -database “Mailbox Database” -LinkedMasterAccount account@userdomain.com -LinkedDomainController userdomain-dc-01

# Move an individual mailbox
Move-Mailbox testmbx -targetdatabase “Mailbox Database”

# Move all mailboxes stored on a server to a target mailbox database
Get-Mailbox -server testserver | Move-Mailbox -targetdatabase “Mailbox Database”

# Disable one individual mailbox
Disable-Mailbox testmbx

# Disable all mailboxes stored on a server
Get-Mailbox -server testserver | Disable-Mailbox

# Remove one individual mailbox-enabled user
Remove-Mailbox testmbx

# Remove all mailbox-enabled users stored on a server
Get-Mailbox -server testserver | Remove-Mailbox

# Set storage quotas
Set-Mailbox testmbx -UseDatabaseQuotaDefaults:$False -IssueWarningQuota 90MB -ProhibitSendQuota 95MB -ProhibitSendReceiveQuota 100MB

# Set a mailbox to forward mail to another recipient and recipients limits
Set-Mailbox testmbx -DeliverToMailboxAndForward:$True -ForwardingAddress testuser@example.com -RecipientLimits 10

# Grant “Send on behalf” permission
Set-Mailbox testmbx -GrantSendOnBehalfTo testuser

# Grant “Send-As” permission
Add-ADPermission testmbx -ExtendedRights Send-As -user testuser

# Grant full mailbox access permission
Add-MailboxPermission testmbx -AccessRights FullAccess -user testuser

#For Creating Resource
New-Mailbox -Name:”Resourcecal” -Alias:Resourcecal -OrganizationalUnit:Users -Database:”Database Name” -UserPrincipalName:”Resourcecal@domain.com” -DisplayName:”Resource Mailbox” -Room

#To Enable Auto-Acceptance
Set-MailboxCalendarSettings Resourcecal -AutomateProcessing:Autoaccept

#New mailbox
New-Mailbox -Name:”Resource1″ -Alias:Resource1 -OrganizationalUnit:Users -Database:”Database Name” -UserPrincipalName:”Resource1@domain.com” -DisplayName:”Resource Mailbox” -Room

#how to set autoaccept
Set-MailboxCalendarSettings Resource1 -AutomateProcessing:Autoaccept

#how to give a user full access to a resource (sentalbord)
Add-MailboxPermission -Identity:Resource1 -AccessRights:fullaccess -User:user1

#how to specify the delegate for the resource mailbox.
Set-MailboxCalendarSettings Resource1 -ResourceDelegates:Delegate1

03/08/2012 Posted by | Exchange server, Powershell | , , , | Leave a comment

List of Powershell cmdlets for Exchange 2007/Exchange 2010

List of Powershell cmdlets for Exchange 2007/Exchange 2010
cmdlet cmdlet name client access hub transport mailbox edge transport unified messaging
AcceptedDomain Get-AcceptedDomain X X
New-AcceptedDomain X X
Remove-AcceptedDomain X X
Set-AcceptedDomain X X
ActiveSyncConnectivity Test-ActiveSyncConnectivity X
ActiveSyncDevice Clear-ActiveSyncDevice X
Remove-ActiveSyncDevice X
ActiveSyncDeviceStatistics Get-ActiveSyncDeviceStatistics X
ActiveSyncLog Export-ActiveSyncLog X
ActiveSyncMailboxPolicy Get-ActiveSyncMailboxPolicy X
New-ActiveSyncMailboxPolicy X
Remove-ActiveSyncMailboxPolicy X
Set-ActiveSyncMailboxPolicy X
ActiveSyncVirtualDirectory Get-ActiveSyncVirtualDirectory X
New-ActiveSyncVirtualDirectory X
Remove-ActiveSyncVirtualDirectory X
Set-ActiveSyncVirtualDirectory X
AddressList Get-AddressList X
Move-AddressList X
New-AddressList X
Remove-AddressList X
Set-AddressList X
Update-AddressList X
AddressRewriteEntry Get-AddressRewriteEntry X
New-AddressRewriteEntry X
Remove-AddressRewriteEntry X
Set-AddressRewriteEntry X
ADPermission Add-ADPermission X X X X X
Get-ADPermission X X X X X
Remove-ADPermission X X X X X
ADSite Get-AdSite X
Set-AdSite X X
AdSiteLink Get-AdSiteLink X
Set-AdSiteLink X
AgentLog Get-AgentLog X X
AntispamUpdates Disable-AntispamUpdates X X
Enable-AntispamUpdates X X
Get-AntispamUpdates X X
AttachmentFilterEntry Add-AttachmentFilterEntry X
Get-AttachmentFilterEntry X
Remove-AttachmentFilterEntry X
AttachmentFilterListConfig Get-AttachmentFilterListConfig X
Set-AttachmentFilterListConfig X
AutoDiscoverConfig Export-AutoDiscoverConfig X
AutodiscoverVirtualDirectory Get-AutodiscoverVirtualDirectory X
New-AutodiscoverVirtualDirectory X
Remove-AutodiscoverVirtualDirectory X
Set-AutodiscoverVirtualDirectory X
AvailabilityAddressSpace Add-AvailabilityAddressSpace X
Get-AvailabilityAddressSpace X
Remove-AvailabilityAddressSpace X
AvailabilityConfig Get-AvailabilityConfig X
Set-AvailabilityConfig X
CASMailbox Get-CASMailbox X
Set-CASMailbox X
ClientAccessServer Get-ClientAccessServer X
Set-ClientAccessServer X
ClusteredMailboxServer Move-ClusteredMailboxServer X
Start-ClusteredMailboxServer X
Stop-ClusteredMailboxServer X
ClusteredMailboxServerStatus Get-ClusteredMailboxServerStatus X
Contact Get-Contact X
Set-Contact X
ContentFilterConfig Get-ContentFilterConfig X X
Set-ContentFilterConfig X X
ContentFilterPhrase Add-ContentFilterPhrase X X
Get-ContentFilterPhrase X X
Remove-ContentFilterPhrase X X
ContinuousReplicationHostName Disable-ContinuousReplicationHostName X
Bitmap Enable-ContinuousReplicationHostName X
Database Dismount-Database X
Mount-Database X
DatabaseCopy Enable-DatabaseCopy X
DatabasePath Move-DatabasePath X
DetailsTemplate Get-DetailsTemplate X
Restore-DetailsTemplate X
Set-DetailsTemplate X
DistributionGroup Disable-DistributionGroup X
Enable-DistributionGroup X
Get-DistributionGroup X
New-DistributionGroup X
Remove-DistributionGroup X
Set-DistributionGroup X
DistributionGroupMember Add-DistributionGroupMember X
Get-DistributionGroupMember X
Remove-DistributionGroupMember X
DynamicDistributionGroup Get-DynamicDistributionGroup X
New-DynamicDistributionGroup X
Remove-DynamicDistributionGroup X
Set-DynamicDistributionGroup X
EdgeSubscription Get-EdgeSubscription X X
New-EdgeSubscription X X
Remove-EdgeSubscription X X
EdgeSynchronization Start-EdgeSynchronization X X
Test-EdgeSynchronization X X
EmailAddressPolicy Get-EmailAddressPolicy X
New-EmailAddressPolicy X
Remove-EmailAddressPolicy X
Set-EmailAddressPolicy X
Update-EmailAddressPolicy X
EventLogLevel Get-EventLogLevel X X X X X
Set-EventLogLevel X X X X X
ExchangeAdministrator Add-ExchangeAdministrator X
Get-ExchangeAdministrator X
Remove-ExchangeAdministrator X
ExchangeCertificate Enable-ExchangeCertificate X X
Export-ExchangeCertificate X X
Get-ExchangeCertificate X X
Import-ExchangeCertificate X X
New-ExchangeCertificate X
Remove-ExchangeCertificate X X
ExchangeSearch Test-ExchangeSearch X
ExchangeServer Get-ExchangeServer X X X X X
Set-ExchangeServer X X X X X
FileDistributionService Update-FileDistributionService X X
ForeignConnector Get-ForeignConnector X X
New-ForeignConnector X X
Remove-ForeignConnector X X
Set-ForeignConnector X X
GlobalAddressList Get-GlobalAddressList X
New-GlobalAddressList X
Remove-GlobalAddressList X
Set-GlobalAddressList X
Update-GlobalAddressList X
Group Get-Group X
Set-Group X
ImapConnectivity Test-ImapConnectivity X
ImapSettings Get-IMAPSettings X
Set-IMAPSettings X
IPAllowListConfig Get-IPAllowListConfig X X
Set-IPAllowListConfig X X
IPAllowListEntry Add-IPAllowListEntry X X
Get-IPAllowListEntry X X
Remove-IPAllowListEntry X X
IPAllowListProvider Add-IPAllowListProvider X X
Get-IPAllowListProvider X X
Remove-IPAllowListProvider X X
Set-IPAllowListProvider X X
Test-IPAllowListProvider X X
IPAllowListProvidersConfig Get-IPAllowListProvidersConfig X X
Set-IPAllowListProvidersConfig X X
IPBlockListConfig Get-IPBlockListConfig X X
Set-IPBlockListConfig X X
IPBlockListEntry Add-IPBlockListEntry X X
Get-IPBlockListEntry X X
Remove-IPBlockListEntry X X
IPBlockListProvider Add-IPBlockListProvider X X
Get-IPBlockListProvider X X
Remove-IPBlockListProvider X X
Set-IPBlockListProvider X X
Test-IPBlockListProvider X X
IPBlockListProvidersConfig Get-IPBlockListProvidersConfig X X
Set-IPBlockListProvidersConfig X X
Bitmap JournalRule Disable-JournalRule X
Enable-JournalRule X
Get-JournalRule X
New-JournalRule X
Remove-JournalRule X
Set-JournalRule X
LogonStatistics Get-LogonStatistics X
Mailbox Connect-Mailbox X
Disable-Mailbox X
Enable-Mailbox X
Export-Mailbox X
Get-Mailbox X
Import-Mailbox X
Move-Mailbox X
New-Mailbox X
Remove-Mailbox X
Restore-Mailbox X
Set-Mailbox X
MailboxCalendarSettings Get-MailboxCalendarSettings X
Set-MailboxCalendarSettings X
MailboxDatabase Clean-MailboxDatabase X
Get-MailboxDatabase X
New-MailboxDatabase X
Remove-MailboxDatabase X
Set-MailboxDatabase X
MailboxFolderStatistics Get-MailboxFolderStatistics X
MailboxPermission Add-MailboxPermission X
Get-MailboxPermission X
Remove-MailboxPermission X
MailboxServer Get-MailboxServer X
Set-MailboxServer X
MailboxStatistics Get-MailboxStatistics X
MailContact Disable-MailContact X
Enable-MailContact X
Get-MailContact X
New-MailContact X
Remove-MailContact X
Set-MailContact X
MailFlow Test-Mailflow X
MailPublicFolder Disable-MailPublicFolder X
Enable-MailPublicFolder X
Get-MailPublicFolder X
Set-MailPublicFolder X
MailUser Disable-MailUser X
Enable-MailUser X
Get-MailUser X
New-MailUser X
Remove-MailUser X
Set-MailUser X
ManagedContentSettings Get-ManagedContentSettings X
New-ManagedContentSettings X
Remove-ManagedContentSettings X
Set-ManagedContentSettings X
ManagedFolder Get-ManagedFolder X
New-ManagedFolder X
Remove-ManagedFolder X
Set-ManagedFolder X
ManagedFolderAssistant Start-ManagedFolderAssistant X
Stop-ManagedFolderAssistant X
ManagedFolderMailboxPolicy Get-ManagedFolderMailboxPolicy X
New-ManagedFolderMailboxPolicy X
Remove-ManagedFolderMailboxPolicy X
Set-ManagedFolderMailboxPolicy X
MAPIConnectivity Test-MapiConnectivity X
Message Export-Message X X
Get-Message X X
Remove-Message X X
Resume-Message X X
Suspend-Message X X
MessageClassification Get-MessageClassification X

03/08/2012 Posted by | Exchange server, Powershell | , , , | Leave a comment

   

%d bloggers like this: