Bulk Exporting of PST Files Using Exmerge

To automate the process of exporting Exchange mailboxes to .pst files, we’re going to use the exmerge tool using a Windows batch file. We can use a MAILBOXES.TXT file to choose which mailboxes we’ll be using and possibly a SUBJECTS.TXT or ATTACHMENTS.TXT to constrain our searches. To run the exmerge, run as a typical GUI based merge but save the search. Once saved, you’ll be able to select a path, which we’ll call c:\tmpexmerge. In here, you should see an EXMERGE.INI as well as a MAILBOXES.TXT (and possibly a few other files. In the MAILBOXES.TXT file you’ll see the CN information for the mailboxes selected in the previous: /O=FIRST ORGANIZATION/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=CEDGE You can copy and paste this line to add others, changing the last CN entry (or other pathing information if in other OUs: /O=FIRST ORGANIZATION/OU=FIRST ADMINISTRATIVE GROUP/CN=RECIPIENTS/CN=WSMITH Once you’ve saved the file, edit the EXMERGE.INI file if needed (you usually don’t need to edit this one. Then run exmerge.exe using the command line: exmerge -F C:\tmpexmerge\EXMERGE.INI -B -D This takes awhile, and even longer if you’re actually searching for keywords or doing multiple mailboxes, but not as long as it would take to do things manually. .PST files are saved using the file path in the exmerge.ini. Watch Task Manager to make sure the backup is still running. The -D option above opens the GUI exmerge to show what’s happening (kinda’).

What Exchange NDR Codes Mean

One of the things that hasn’t changed in all these years with Exchange is Non-Delivery Reports. An NDR is an email that is sent when a message you send fails to go out. Exchange has had a consistent set of NDR status codes since version 5, just adding some here or there with changing technology (e.g. routing connectors, smarthosts, etc). Exchange has a lot of NDR codes at this point. I keep a little list running in my collection of files I spotlight to find the answer to recurring questions (which happens to always be 42). When an email bounces in Exchange, these codes explain why without having to be overly verbose (usually the text is actually in the NDR but not in the error logs in Exchange). Anyway, my list:
  • 2.0.x: Codes that start with 2 are success codes. The message got to where it was supposed to go.
  • 4.0.x: Persistent failure codes, including the following:
  • 4.2.2: The percent receiving the message is over their quota.
  • 4.3.1: The server is out of memory or hard drive space in the queue or Information Store directories (or out of file IIS handlers).
  • 4.3.2: Message was deleted by an administrator.
  • 4.4.1: Target server isn’t responding or there’s no network connectivity.
  • 4.4.2: Connection dropped. Often due to switching or intermittent routing failures if there are a lot of these.
  • 4.4.6: Hop count exceeded. Check for loops, check your virtual server, DNS, etc.
  • 4.4.7: Message sat in a queue too long.
  • 4.4.9: DNS failure.
  • 4.6.5: Language problems. Might need to install additional language packs.
  • 5.x: Permanent error codes (usually) including the following:
  • 5.0.0: This is usually the most annoying as it’s the generic, catch all error for when Exchange can’t decide on another error to give. Check your routing groups, check the email address, check that an SMTP communication can flow between your server and the target, etc. Prepare to get no satisfaction from your testing.
  • 5.1.0: Destination address might be wonky; otherwise rebuild the Recipient Update Service.
  • 5.1.1: Server can’t resolve the recipient. See this a lot when I delete accounts.
  • 5.1.2: Results from a host unknown (550) SMTP code.
  • 5.1.3: Malformed email address (e.g. charles@cedge@318.com). The previoius is usually a bad domain, this is usually something bad in front of the @.
  • 5.1.4: Hash tables detect duplicate SMTP addresses.
  • 5.1.5: Invalid mailbox. This happens when the SMTP address exists but the mailbox doesn’t.
  • 5.1.6: I’ve found this means there’s a message store problem. If more than one person is impacted, check mdb integrity.
  • 5.1.7: Senders mail attribute is bad. Check the sender’s mailbox info.
  • 5.1.8: Senders mailbox is bad. Every time I’ve seen this I’ve had to delete/readd the sender from Exchange or their mailbox.
  • 5.2.x: Size matters. Includes the following:
  • 5.2.1: Message is too large. Often a policy issue on the sender’s end.
  • 5.2.2: Recipient is over their quota.
  • 5.2.3: Message is too large. Often a policy issue on the receiver’s end.
  • 5.2.4: Distribution group is trying to send a message and can’t.
  • 5.3.x: MTA Errors, including:
  • 5.3.1: Mail system is full. Check free space for mdb directory.
  • 5.3.2: System not accepting mail. Usually something like a port or relay not working. Especially if you have smarthosts.
  • 5.3.3: The server the message is being sent to is out of space but SMTP is still running. I usually see this if the boot volume on the target/recipient server is not full but the queue directory is.
  • 5.3.4: Message is too large but can decide if policy issue is on sender’s or receiver’s end.
  • 5.3.5: The message is looping back (e.g. the server has an alias pointing back to your server, which tries to send again).
  • 5.4.0: DNS problem (can’t find MX or there are too many MX records listed). I’ve also seen this when users try to send to email addresses but forget the tld. I’ve never forgotten a tld. At least not sober…
  • 5.4.1: Receiving server isn’t responding.
  • 5.4.2: Bad connection to the other server in the SMTP communication.
  • 5.4.3: Routing error.
  • 5.4.4: Routing group error.
  • 5.4.6: The address is usually yourself with a weird reply-to situation (e.g. you’re sending to an alias of yourself and the message can’t deliver).
  • 5.4.7: Exceeded time limit to transfer message.
  • 5.4.8: You’re loopy. By default, SMTP should have a maximum of 20 hops for mail delivery. If Exchange detects a loop like this it’s usually been with an SMTP connector or a smarthost config. It’s usually my fault so I’ve seen this one many times.
  • 5.5.0: Generic. I usually find that if I get this error, I probably need to restart the SMTP service on both hosts. One of the two will fix the issue.
  • 5.5.1: Invalid smtp command. One of the servers is speaking some wonky kinda something. Shouldn’t be possible, but happens every now and then. Especially when there are people out there running weird mail servers.
  • 5.5.2: The target mail server sucks. An SMTP error due to a broken sequence of SMTP commands is all kinds of 1980s. But it happens sometimes. If you can send to others then check the amount of memory and space as a communication stream can die if either of the two hosts craps out due to hardware and comes back online.
  • 5.5.3: You have too many friends. Yes, there is a maximum number of people that can be in the sender field. Remove some and your message should go through.
  • 5.5.4: Invalid character in a domain name (e.g. &).
  • 5.5.5: Wrong protocol. This happens when you call a fax machine from an iPhone too. But in the computer world, http, even when encapsulated and running on port 25 simply can’t speak smtp.
  • 5.5.6: Your message content sucks. Yes, I get plenty of these. Regrettably my server doesn’t discern between intelligent emails and unintelligible emails, but it does notice when there’s invalid strings in the content/body of a message!
  • 5.6.0: Corrupt message content. Similar to above, but with attachments/MIME.
  • 5.6.1: Unsupported attachment (e.g. happened when the .ipa standard was first released by Apple).
  • 5.6.3: Anyone who tries to put more than 250 attachments in an email should be beaten. That’s the only way you’ll see this. Yes, I’ve seen it. No, I did not beat him. Yes, I regret that.
  • 5.7.1: Sender sucks (aka, doesn’t have permissions to send to recipient) or client was not properly authenticated.
  • 5.7.2: The array that comprises a distribution list can’t expand and so the server can’t send to the members in that list.
  • 5.7.3: Security problem. Check auth types on servers and proxy settings. Alternative recipient can cause this as well.
  • 5.7.4: Target server security problem. Check delivery settings.
  • 5.7.5: Try again with plaintext as this usually means there isn’t a handshake between cryptographic algorithms/hashes.
  • 5.7.6: Bad certificate.
  • 5.7.7: Message integrity issues, likely due to encrypted email.
If you’ve seen one that isn’t in my list, let me know and I’ll add it! Finally, keep in mind: friends don’t let friends run their own mail servers.

Address Book.app and Exchange Contacts

Over the years Apple has slowly been adding Exchange functionality to a number of their products, quietly.  While Snow Leopard  is reported to add even more functionality there are still a number of things you can do with Exchange from the Mac OS X client.  For example, Address Book can pull information from your Exchange contacts.  This isn’t to say that every single field will work, but the basics do work – and pretty well.   To connect to your Exchange server from Address Book, open the program and then open the Preferences menu.  From the General tab check the box for Synchronize with Exchange as seen here:
Address Book Synchronize to Exchange
Address Book Synchronize to Exchange
 Now click on the Exchange… button and enter your user name, password and Outlook Web Access Server (OWA Server, or if you only have one Exchange server, the name/IP of the host).  For the Outlook Web Access Server you’ll also want to make sure you have the Fully Qualified URL of the host you use to access your mail, rather than just the IP address for example.  If you would like for synchronizations to occur automatically go ahead and click on the Synchronize Every Hour checkbox.  
Exchange Sync Settings
Exchange Sync Settings
  Saying that Apple has been quietly developing it and saying that it works like a charm though, are two separate topics.  Don’t expect to be able to also synchronize with other services.  This is a recipe for mass duplications of contact data.  Also, don’t expect it to work flawlessly.  It can be problematic, although not always.  In short – if you’re going to try this, make good backups early and often.

Exchange 2003: Applications that Access the Information Store

I would always create a service-specific (Atempo, Blackberry, GFM, Symantec, etc) account that is not a Domain Admin but is an Administrator. Then I would provide the rights mentioned here. So, once you do that then you can go to Services and provide the service with an account to fire up as (eg – AtempoAdmin). Then make sure this key is in the registry (according to which SP you have it might not be) HKEY_CURRENT_USERSoftwareMicrosoftExchange EXAdminShowSecurityPage DWORD value =1 Then fire up Exchange System Manager, click on the Organization, click on the Admin Group and then your group and then properties for it. Then you’ll notice that nice security tab. There, click on your service-specific group/user and allow access to the mailboxes for the service account. I would also enable audit tracking for all login events for that server so that any time that service account logs in it will get tracked. Non-repudiation.

Exchange: Increase Maximum Database Size

Exchange has a maximum database size of 16GB.  You can temporarily increase this if you exceed it by editing the registry.  To do so, open a registry editor (Start -> Run regedit) and browse to this location: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSExchangeIS Now, find the name of the server whose database you would like to increase the size of and click on it.  Then, click on either the folder that starts with Public- or Private- according to which you want to increase the size of.  Now add a Reg_DWORD with a name of: Database Size Limit in GB Now set the setting for the limit to 17GB (just type in 17) and reboot the server.