Powershell to get the list of mailbox whos Maxed Quota limits

You may need to get the list of users who mailbox has reached the Quota limits. This information may help you to understand for capacity planning and understanding the datagrowth of the mailbox

Below poweshell helps you the list of mailbox whos which has reached Warning limits and ProhibitSend limits.

Get-MailboxStatistics -Server <Servername>| where{($_.StorageLimitStatus -contains “IssueWarning”) -or ($_.StorageLimitStatus -contains “ProhibitSend”)}

Powershell to get Mailboxes lists who’s Mailbox Quota limits is not get as Default

For various reason we increase the mailbox of the user  or reduce from the default size which is applied throught mailbox store policy. If you want to get the list of users who is not set to default Quota limits. Below command helps you to get the same

Get-Mailbox -ResultSize unlimited |Where{($_.UseDatabaseQuotaDefaults -eq $false)}

Below command gets you the list of mailbox who Quota limits is not get set as default in a given Exchange sever

Get-Mailbox -ResultSize unlimited |Where{($_.UseDatabaseQuotaDefaults -eq $false) -and ($_.Servername -eq “<servername>”)}

Below command to get the list of mailbox who quota limit is get set as default in a given Exchange Store

Get-Mailbox -ResultSize unlimited |Where{($_.UseDatabaseQuotaDefaults -eq $false) -and ($_.Database -eq “servername\SG\Store”)}

Powershell to get the list of Hidden Mailbox and DL in the Exchange Organization

Below powershell helps you the get the list of the entire Hidden mailbox in the Exchange Organization

Get-Mailbox -ResultSize unlimited |Where{$_.HiddenFromAddressLissEnabled -eq $true}

If you wanted to the get the list of Hidden maibox from the specific Exchange server then

Get-Mailbox -ResultSize unlimited |Where{($_.servername -eq “<servername>”) -and ($_.HiddenFromAddressListsEnabled -eq $true)}

If you get the list of Hidden Mailboxes from the specific mailbox store then please use below command

Get-Mailbox -ResultSize unlimited |Where{($_.Database -eq “Server\SG\Store”) -and ($_.HiddenFromAddressListsEnabled -eq $true)}

Powershell to command to get the list of Hidden DL from the Orgnization

Get-DistributionGroup -resultsize unlimited| ?{$_.HiddenFromAddressLissEnabled -eq $true}

Powershell to Export list of Permission given to the mailbox to CSV file

If we need to get the list users who has access to the specific mailbox then below powershell help you the fetch the same. It gets all the details that have mailbox permission to the user krishna.k. It will only get the user accounts which are not inherited to the mailbox. User Permission which is given explicitly given to the mailbox

$user =”Krishna.k”
get-mailbox -identity $user| Get-MailboxPermission | ?{($_.IsInherited -eq $False) -and -not ($_.User -match “NT AUTHORITY”)}

Below powershell commming will export all the user mailbox permission of the mailbox to the CSV file. It exports all the mailbox permission which are explicit permission

Get-mailbox | Get-MailboxPermission | ?{($_.IsInherited -eq $False) -and -not ($_.User -match “NT AUTHORITY”)} |Select User,Identity,@{Name=”AccessRights”;Expression={$_.AccessRights}} | Export-csv C:\mailboxPermission.csv

 

Powershell to get user Mailbox Logon statistics

Powershell to get user Mailbox Logon statistics

Some times you may need to take the user mailbox access statistics. Get-mailboxstatistics will only gives the last logon time and last logoff time. If you wanted to find the details for a week then you need to enable to logging level and trace the event ID: 1016 in the Application logs.

Below powershell command helps you to do the same

Set-EventLogLevel “MSExchangeIS\9000 Private\Logons” –level High

Exchange 2007 Self-Signed Certificate

Exchange 2007 will issue Self-Signed to all except Mailbox Server. Self-Signed certificates are only valid for one year.
Below command helps to create Self-Singed for SMTP TLS connection. You can use the below command when you get this error in transport server

“The STARTTLS certificate will soon expire. The STARTTLS certificate is the certificate not used for internal TLS applications” Event id :12018

 

New-ExchangeCertificate -PrivateKeyExportable $TRUE -SubjectName “CN=servername” -DomainName FQDNservername |Enable-ExchangeCertificate -Services SMTP

 

Below command help to renew the exisitng self-signed certificate to next one year from the date of running this command

 

Get-ExchangeCertificate | New-ExchangeCertificate

DomainKey Implementation

DomainKeys is a sender authentication technology used to prevent spammers from spoofing mail headers and launching phishing attacks. Domain Key adds Digital signature to all the Outgoing mail to Internet and receiver domain will validated the receiving emails from the DNS TXT record.

 

Domain owners has to generate public and private key pair and Public key is published in the DNS as TXT record and private key is used to sing on the receiver outgoing emails. With Digital Signature receiving Domain verifying the incoming emails from the legitimate mail server for that domain. The sender of an email message is authenticated
by querying the sending domain’s DNS TXT records. This prevents external spammers to forge the header and send spam mails.

 

Below is the example of the domain key DNS TXT Entry

 

Selector._domainkey.domain.com IN TXT “k=rsa; t=y; p=ABCXYXWITHADASDFWv60IpRT/AduJ6tGqHwuCW0ycbc68yNxnhpqAT5aILkUB7uAmQV17jykxr6YG2Wwq

 
If Domain key fails in the receiving domain then suitable action will be taken bases on the configuration of the receiving domain. 

If sender domain is not configured with domain key then receiver will not find digital signature then emails are processed normally

Steps to Implement

1. Generate Public Key and Private Key

2. Public private in the Internet DNS TXT record for the domain in the test mode (t=y as given in the above example)

3.  http://domainkeys.sourceforge.net/selectorcheck.html – Test the configuration from the link

4. Bring into live

Below link will provide you more details on the below domain key and testing of the same

http://domainkeys.sourceforge.net/