Fighting Spam in QUB Exchange

If you are suffering problems with Junk Email please check or do the following:

Cached Exchange Mode

Check that you are using Cached Exchange Mode:

  • In Outlook 2007 choose Tools > Account Settings …
  • In the Account Settings dialog select the ‘Microsoft Exchange’ account then click the ‘Change…’ button
  • In the ‘Change E-mail Account’ dialog ensure the option for ‘Use Cached Exchange Mode’ is ticked

Exchange Junk Email
Ensure that your mailbox account on Exchange is set to filter Junk Email:

  • Log in to OWA using MS Internet Explorer (not Firefox)
  • Click on ‘Options’ at the top right of the page
  • Click on ‘Junk E-mail’ on the left menu
  • Ensure that ‘Automatically filter junk e-mail’ is selected

iPhone IMAP Settings for Students

Students can not use the MAPI/Exchange mode supplied with the iPhone due to our QUB settings.  However, IMAP connections should work as follows:

  • Setup
  • Other account, Fill in :- Name, Address       
  • Choose IMAP
  • Incoming mail server is:,Username,Password
    Advanced incoming settings:-Use SSL = on,Authentication = password, Server Port = 993
  • Outgoing mail server is:,Username,Password,Use SSL on,Authentication = password,Server port is 465

How to Align Exchange I/O with Storage Track Boundaries

Apparently disk performance is much improved if you do this. Make sure you do this for each new physical disk. Procede as follows –

  1. If the disk you are aligning is already blank (raw), proceed to Step 3. If the disk contains data, back up the disk before proceeding.
  2. Delete all partitions on the disk.
  3. Open a Command Prompt window, and run Diskpart.exe.
  4. At the Diskpart command prompt, type List Disk and press ENTER. If the disk you want to align does not appear in the list, make sure that it exists and is accessible using the Disk Management snap-in.
  5. At the Diskpart command prompt, type Select Disk X, where X is the number of the disk as shown in the output of the List Disk command. Diskpart should return a message that indicates that Disk X is the selected disk.
  6. At the Diskpart command prompt, type Create Partition Primary Align=X, where X is the value recommended by your storage vendor. If your storage vendor does not have any specific recommendations, we recommend that you use 64.
  7. At the Diskpart command prompt, type Assign Letter=<DriveLetter>.
  8. After the drive letter is assigned, type exit to exit the Diskpart tool.
  9. Use the Disk Management snap-in or the Format command to format the partition as an NTFS-formatted partition.

The link to the MS technet article is –

Physical disk resource does not successfully move to another cluster node

We experienced a problem when trying to move a physical disk resource from one cluster node to another where the move operation is unsuccessful. This turned out to be because some of the hard disk signatures were missing from the Windows registry. The solution to this is described in the following KB article –

The hotfix described has been applied to all the Exchange virtual server nodes. This alone did not fix the problem and we had to edit the registry as described in method 2.

Moving virtual servers to a different cluster node

This should always be done from an Exchange management shell using the following command –

Move-ClusteredMailboxServer -id virtual server ID -MoveComment “Move virt-x to target node” -target target node

The command will run checks on the virtual server before attempting to move nodes.  This phase may take up to 3 or 4 minutes. Use the cluster administrator to monitor the node move – this usually takes around 50 seconds to complete if all goes well!

Forms-based Authentication & Windows Integrated Side by Side

Having your cake and eating it too!

For OWA,  Exchange 2007 (by default) lets you have either Forms-based authentication or Windows Integrated Authentication but NOT both simultaneously – side by side as it were! Actually that’s not quite true – it looks like you can set the /Exchange virtual directory (on the Client Access Server) to use FBA and the /owa virtual directory to use WIA and it ‘does the right thing’! However, if you set /Exchange to WIA and /owa to FBA the /owa virtual directory will succeed but the /Exchange virtual directory will fail miserably (repeatedly prompting for credentials).

Why is this a problem and why on earth would you want WIA and FBA side-by-side?

We want WIA & FBA side-by-side because we have loads of students (and others) who access their email via OWA and expect a forms based login (which we will re-badge if we ever get around to it). However, we’re in the process of deploying MOSS and the standard Inbox/Calendar etc. web parts have ceased working with FBA (as of Exchange 2007 SP1) – to get them working we need WIA. So… Why not just direct OWA customers to the /Exchange virtual directory (set up to use FBA) and direct the MOSS web-parts to the /owa virtual directory? Cos, for the past couple of years we’ve been directing all of out OWA customers to the /owa virtual directory! Trying to change that is just asking for confusion!

Now there’s plenty of info out on the web as to how to configure additional virtual directories for OWA/Exchange 2003 but not so much for OWA/Exchange 2007 (some even suggesting that it’s just not possible). However, it can be done!

Just 3 steps (repeat for each CAS):-

  1. Within the Internet Information Services Manager create a new website. Use a port other than 80 (or 443 for SSL) and use the same document root as your default website. (Make sure that you do start it!)
  2. Using the Exchange Management Shell, execute
    New-OwaVirtualDirectory -OwaVersion:exchange2007 -WebSite "Whateveryoucalledyour new website"
  3. In the Exchange Management Console, go to ‘Server Configuration’, ‘Client Access’ and select the correct Client Access Server. When all the tabs have been populated you should now have, on the ‘Outlook Web Access’ tab, 2 virtual directories where the version is “Exchange 2007” (don’t worry about the three lecacy directories). Right click on the ‘new’ one and select properties (authentication tab) and change the authentiction to whatever you like.

That’s it – you’re done! OK, yes you still have to set up SSL on the new website as per the original one and, if you want, you can restrict access to the new website by IP address etc., but essentially that’s it!

Listing mailboxes that have not been logged into for a specific number of days

Open an EMS window. First set a variable with the current date e.g.

$d = get-date

Then subtract the number of days you want to go back e.g. for 60 days

$d = $d.AddDays(-60)

Now we can list all mailboxes where the last logon date is earlier than 60 days ago

Get-MailboxStatistics | where {$_.LastLogonTime -lt $d}

If you want to restrict the search to particular servers or databases use the -Server or -Database switches to the Get-MailboxStatistics command.

Moving log file locations

Move logs for a particular storage group to a different location with the following EMS command –

Move-StorageGroupPath -Identity "Server\Storage Group Name" \
-LogFolderPath "New Log Folder Path" -SystemFolderPath "New Log Folder Path"


Move-StorageGroupPath -Identity "ex2k7-virt-2\V2SG8" \
-LogFolderPath "U:\Exchange\V2SG8" -SystemFolderPath "U:\Exchange\V2SG8"

Note: All databases in the storage group must be offline.

IMAP Logging on CAS servers

Swich on IMAP logging on the CAS servers by editing the configuration file –

C:\Program Files\Microsoft\Exchange Server\ClientAccess\PopImap\Microsoft.Exchange.Imap4.exe.config

Find the line (near the end of the file) –

<add key="ProtocolLog" value="false" />

Change false to true and save the file.

Restart the IMAP service for this to take effect. Switch off logging by reversing the above change and restarting the IMAP service.