Demonstration: Troubleshooting SMTP message delivery
1.
On LON-EX1, click Start, click Exchange
Server 2016 folder and then click Exchange Toolbox.
2.
In the Toolbox pane, double-click Queue
Viewer.
Note: Explain that
the Queue Viewer tool looks into the local-server message queues. Therefore,
you will see immediately if a message is not delivered correctly. It is helpful
to have a mail message in the queue so that you can show the students both the
error message and the properties, such as retry.
3.
Right-click Submission queue, and then click Suspend.
This prevents the server from processing messages for delivery.
4.
On LON-DC1, click Start, and then click Windows
PowerShell.
5.
At the Windows PowerShell prompt, type Telnet
LON-EX1 25, and then press Enter.
Note: When the
Exchange server responds, explain to the students that the connection is
working, and that the server responds to the request. That means that there is
no firewall problem. You also can tell the students that if the response does
not include the information shown, something is wrong. Most likely, it is
either a firewall issue or the possibility that the Microsoft Exchange
Transport service is not started on the Exchange server.
6.
At the Windows PowerShell prompt, type helo,
and then press Enter.
7.
At the command prompt, type help, and then
press Enter.
Note: Explain that
the students can see the services that the Exchange Server offers. For example,
the STARTTLS indicates that Transport Layer Security (TLS) is available for
secure communication.
8.
Type mail from: fake@contoso.com, and press
Enter.
9.
Type rcpt to: administrator@adatum.com, and
press Enter.
10. Type data, and press
Enter.
11. Type Subject: Test Message
and press Enter.
12. Type This is the test message,
and press Enter.
13. Type ., and press Enter.
14. After the message is displayed
that indicates the message is queued for delivery, type quit, and press
Enter.
15. Close the Windows PowerShell
prompt.
16. On LON-EX1, in Queue
Viewer, double click Submission tab and verify that the message from
fake@contoso.com is present in the Submission queue.
17. Click on Queues tab,
right-click Submission queue, and then click Resume.
18. Verify that the message from
fake@contoso.com is no longer in the submission queue, and that a mailbox
database queue has been created. This queue was used for delivery to the
mailbox.
19. On LON-DC1, from the
Start screen, open Internet Explorer, and in the address bar type https://LON-EX1.Adatum.com/owa, and then press Enter.
20. Sign in as Adatum\Administrator
with the password Pa55w.rd. On the Language and time zone page,
select (UTC-08:00) Pacific Time (US & Canada) and click Save.
21. After you log on to Outlook
Web App, send an email message to Beth@adatum.com. After that, send
another message to Beth@contoso.com.
22. Sign out from Outlook Web App.
23. On LON-EX1, open Internet
Explorer, and in the address bar, type
https://LON-EX1.Adatum.com/ecp, and then press Enter.
24. Sign in to the EAC as Adatum\Administrator
with the password Pa55w.rd.
25. In EAC, click mail flow,
and then click delivery reports.
26. In Mailbox to search field,
click Browse, select Administrator, and then click OK.
27. In the Search for messages
sent to: field, click select users, select Beth Burke, click add->,
and then click OK.
28. Click search.
29. Double-click the message that
appears in Search results pane.
30. Review the report, and make sure
that the message is delivered successfully. Click Close.
31. In the Search for messages
sent to: box, to remove Beth Burke click the X.
32. To open the Select Members -
Windows Internet Explorer, click select users.
33. In the check names box,
type Beth@contoso.com, and then click OK.
34. Click search.
35. Double-click the message that
appears in Search Results pane.
36. Review the report, and show that
the message is not delivered. Click Close.
Note: If you are connected to ECP by using the name
localhost, viewing delivery reports fails. You must be connected to ECP by
using the server name.
Demonstration: Configuring transport settings
1.
On LON-EX1, click Start, click the Microsoft
Exchange Server 2016 folder, and then click Exchange Management Shell.
2.
In EMS, type Get-TransportConfig, and press
Enter.
3.
Scroll through the data displayed to provide a quick
overview of the settings.
4.
Type Get-TransportConfig | FL *max*, and press
Enter.
5. Specifically point out the values for MaxReceiveSize, MaxRecipientEnvelopeLimit, and MaxSendSize.
6.
Type Set‑TransportConfig ‑MaxSendSize 20MB ‑MaxReceiveSize
20MB, and press Enter.
7.
Close EMS.
8.
In EAC, click mail flow, and then click the receive
connectors tab.
9.
Click More, and then click Organization
transport settings.
10. In the organization transport
settings window, note that the limits tab contains the settings defined in EMS.
11. Click the delivery tab,
and in the Specify the external postmaster address box, type postmaster@adatum.com and click Save.
12. Close EAC.
Demonstration: Configuring accepted and remote domains
1.
On LON-EX1, open Internet Explorer, in
the address bar, type
https://LON-EX1.Adatum.com/ecp, and then press Enter.
2.
Sign in to the Exchange Admin Center as Adatum\Administrator
with the password Pa55w.rd.
3.
In Exchange Admin Center, click mail flow and
click the accepted domains tab.
4.
Click New.
5.
In the new accepted domain window, in the Name
box, type Tailspintoys, and in the Accepted domain box, type tailspintoys.com.
6.
Click Internal Relay: Email is delivered to
recipients in this Exchange organization or relayed to an email server at
another physical or logical location.
7.
Click Save.
8.
On LON-EX1, click Start, click the Microsoft
Exchange Server 2016 folder, and then click Exchange Management Shell.
9.
In EMS, type Get-RemoteDomain, and press Enter.
Ensure that you have only one remote domain with DomainName "*”. Explain
that this covers all domains.
10. Type New-RemoteDomain –Name
Contoso –DomainName Contoso.com, and press Enter.
11. Type Get-RemoteDomain Contoso
| FL, and press Enter.
12. Review the settings for the
Contoso remote domain.
13. Type Set-RemoteDomain Contoso
–AutoForwardEnabled $false –DeliveryReportEnabled $false, and press Enter.
14. Type Get-RemoteDomain Contoso
| FL, and press Enter.
15. Ensure that you changed settings
for AutoForward and DeliveryReport.
Demonstration: Configuring SMTP send and receive
connectors
1.
On LON-EX1, click Start, click the Microsoft
Exchange Server 2016 folder, and then click Exchange Management Shell.
2.
In EMS, type New-SendConnector –Name "Send to
Internet” –AddressSpace * -SourceTransportServers LON-EX1,LON-EX2, and
press Enter. Explain to the students that this creates a connector to send
messages to the Internet.
3.
Open Internet Explorer, in the address bar type
https://LON-EX1.Adatum.com/ecp, and then press Enter.
4.
Sign in to the EAC as Adatum\Administrator with
the password Pa55w.rd.
5.
In EAC, click mail flow, and click on the send
connectors tab.
6.
Ensure that the connector is created, and then select
it and click Edit.
7.
Show options that are configured on this connector.
Point out that proxy through Client Access server is not selected.
8.
Click Cancel.
9.
In EAC, click New.
10. In the new send connector
window, in the Name box, type Secure to Contoso.
11. Click Internal (For example,
to route mail to send intranet mail) and click Next.
12. Under Network settings,
click Add, type 172.16.0.10, click Save, and click Next.
13. Under Smart host
authentication, click Basic authentication, and select the Offer
basic authentication only after starting TLS check box.
14. In the User name box,
type Contoso\partner.
15. In the Password box, type
Pa55w.rd, and then click Next.
16. Under Address space,
click Add.
17. In the add domain window,
in the Full Qualified Domain Name (FQDN) box, type contoso.com,
and click Save
18. In the new send connector window,
click Next.
19. Under Source server,
click Add, click LON-EX1, click add, and then click OK.
20. Click Finish.
21. Click the receive connectors
tab.
22. In the Select server box,
click LON-EX1.Adatum.com and then click New.
23. In the new receive connector
window, in the Name box, type AppClient.
24. Under Role, click Frontend
Transport.
25. Under Type, click Client,
and then click next.
26. Under Remote network settings,
click Remove to remove scope 0.0.0.0 – 255.255.255.255.
27. Click Add.
28. In the add IP address window,
type 172.16.0.10, and click save.
29. In the new receive connector
window, click Finish.
30. Click AppClient, and then
click Edit.
31. On the general tab, under
Protocol logging level, click Verbose.
32. On the security tab,
under Permission groups, select the Anonymous users check box,
and then click Save.
Demonstration: Configuring and using transport rules
1.
On LON-EX1, open Internet Explorer, in
the address bar, type
https://LON-EX1.Adatum.com/ecp, and then press Enter.
2.
Sign in to the Exchange Admin Center as Adatum\Administrator
with the password Pa55w.rd.
3.
In EAC, click mail flow, and click the rules
tab.
4.
Click New, and then click Create a new rule.
5.
In the new rule window in the Name
box, type Test Transport Rule.
6.
In the Apply this rule if drop-down box,
select The subject or body includes.
7.
In the specify words or phrases window, in the
text box, type password, click the + sign, and then click OK.
8.
In the new rule window, in the Do the
following drop-down box, select Redirect the message to.
9.
In the Select Members window, select Administrator,
and click add->. Then click OK.
10. Ensure that Enforce is
selected.
11. Click More options and
describe the additional options.
12. Click Save.
13. On LON-DC1, open Internet
Explorer, in the address bar type
https://LON-EX1.Adatum.com/owa, and then press Enter.
14. Sign in to OWA as Adatum\Adam
with the password Pa55w.rd.
15. In the Time zone box,
select (UTC -0800) Pacific Time (US & Canada), and click Save.
16. Click New.
17. In the To field, type Beth@adatum.com.
18. In the Subject field,
type Rule Test.
19. In the message body, type My
password is Pa$$word, and click Send.
20. On LON-EX1, in Internet
Explorer, open a new tab in the address bar, type
https://LON-EX1.Adatum.com/owa, and then press Enter. You will be signed in automatically as
Adatum\Administrator.
21. In OWA, ensure that you received
an email from Adam, and that the original message that Adam sent to Beth is
included.
22. Sign out from OWA.
Demonstration: Configuring and using a data loss
prevention policy
1.
On LON-EX1, open Internet Explorer, and
in the address bar, type
https://LON-EX1.Adatum.com/ecp, and then press Enter.
2.
Sign in to the Exchange Admin Center as Adatum\Administrator
with the password Pa55w.rd.
3.
In EAC, click compliance management, and click
the data loss prevention tab.
4.
Click an arrow next to the + sign, and click New
custom DLP Policy.
5.
In the new custom DLP policy window, in the Name
box, type IP address block.
6.
Click Enforce, and then click Save.
7.
Select the IP address block policy, and then
click Edit.
8.
In the IP address block window, click rules.
9.
Click an arrow next to the + sign, and then
select Block messages with sensitive information.
10. In the new rule window,
click Outside the organization.
11. In the select recipient
location window, select Inside the organization and click OK.
12. Click Select sensitive
information types.
13. In the sensitive information
types window, click Add.
14. Scroll down the list, select
IP Address, click add->, and then click OK two times.
15. In the new rule window,
in the Do the following drop-down box, select Generate incident
report and send it to, and then click Select one.
16. In the list, select Administrator,
and click OK.
17. Click Custom content.
18. In the Include message
properties windows, select the sender, recipient, subject
and matching content check boxes, and click OK.
19. Click Block the message.
20. In the notify the sender with
a Policy Tip windows, in the Enter the message for the NDR that users
will receive text box, type Your message is blocked because of IP
address, and then click OK.
21. In the Choose a mode for this
rule section, select Enforce, and then click Save.
22. In the IP address block
window, click Save.
