Can’t receive emails from clients using symantec

I need a solution


For nearly 1/2 year now, we’ve been unable to receive emails from clients using higher-levels of symantec security. We had an issue last year with an infected machine that appears to have given us a negative reputation (Case 00013827), but we had this lifted late last year and we still don’t receive emails.

Here’s an example:

Diagnostic information for administrators:

Generating server: LV-EX01.lismore.local
Remote Server returned ‘550 Invalid recipient <> (#5.1.1)’

Original message headers:

Received: from LV-EX01.lismore.local ( by LV-EX01.lismore.local

( with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 27 Nov 2018

12:05:35 +1100

Received: from LV-EX01.lismore.local ([fe80::a1e0:dede:77a3:156d]) by

LV-EX01.lismore.local ([fe80::a1e0:dede:77a3:156d%16]) with mapi id

15.00.1367.000; Tue, 27 Nov 2018 12:05:35 +1100

From: Kate Steel <>

To: “‘‘” <>

Subject: test

Thread-Topic: test

Thread-Index: AdSF7UupFZy6WiA5Sf66pQIm+USZgA==

Date: Tue, 27 Nov 2018 01:05:35 +0000

Message-ID: <ad5f04ab2f1e4a3097ad423beff6146e@LV-EX01.lismore.local>

Accept-Language: en-AU, en-US

Content-Language: en-US



catalogueonsend: False

x-ms-exchange-transport-fromentityheader: Hosted

x-originating-ip: []

Content-Type: multipart/alternative;


MIME-Version: 1.0

This issue is now happening with other clients who are using symantec products. We are unable to send/receive pretty much with everyone using your products. Can we get this resolved?



Email blocked messagelabs policy.

I need a solution


Since a few days our outbound email gets filtered by symantec/messalabes with the error 553 message filtered.

Below the header of a NDR i received. I would like to get this resolved.

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-vermaatgroep-nl;
Received: from ( by ( with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1122.17; Wed, 12 Sep 2018 07:46:47 +0000
Received: from
 ([fe80::6845:fa15:709e:595c]) by
 ([fe80::6845:fa15:709e:595c%9]) with mapi id 15.20.1122.020; Wed, 12 Sep 2018
 07:46:47 +0000
From: Maikel Stalvord <>
To: Rene Veneboer <>
Subject: RE: In de plaatstelling
Thread-Topic: In de plaatstelling
Thread-Index: AdRKCnZYtz6l0Cx3SpmXV5RCgu0GFQAYfZbg
Date: Wed, 12 Sep 2018 07:46:47 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: nl-NL, en-US
Content-Language: nl-NL
X-MS-Has-Attach: yes
authentication-results: spf=none (sender IP is ); 
x-originating-ip: [2a02:a440:8d89:1:930:e79a:5448:bac9]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1;VI1PR0801MB1839;6:KuZ3V9lIVPJGjxG0ELLzXGyS2FJZN5JabeqoCv8qNlO2S+TGqqYPludnZDqGBLKm31xhApEBvAFb4Uxe+8KnIrEF51AKZmPswTVAASxYj8GnN2fbyzFoF0DGHErmjersvI60/oa+xjcIAPV41ZTvpjcjX/pgAfXdDvZMr38CtE+jUjtn4H9lR1Jo831nbUPJagmsNtNHfGWGFteloBsQ1zhC8laAxDy9Mb4Z/EszUjVSK5XQEybUP0N7akeuMyXck/operLhQ32J6l4uEWxsoEJkArl/UxO7QEJFeqvWXLJvSKdgz5IaDE0BGTPvvsJuhQ03UELpktk/dveaBBiVPMYFsDUhe+PBrX8aRNdmu6bJb6mwJQWam6c3N832JiTHTJi49KXWDyT1dt5Ru33ihedhU+uUBrN/PCLbLYVewvfkkbcfMEK6kACdFB0tb/r7IXJ2X0MeXxJzyEccAPxAPA==;5:rbbItfw1RAVp4bw5n3iJF0GcIGS9UOrt14Rm0ImEWOg2AHeQlBzeKyXoBB9swukxbYol57rNP9LZXBWsGBWpNWBD9ZR3BpHUjT4YuT6P4dlQdTIV8tb01MPfg4L4AOWwfc7T90629ht9KhJR1ZMrroTeBOeY2GNXsO5+1k64wUs=;7:6X+SIc0dy7t0HbDztauyIru/vU3tCgetI8AAZzLYrUGra5FLRamZ6/btBvL99xCYc7umw6HF63/+MaQXajNKykL8FqTTJAUNUJdDUmjbbMnbaP99mAnl4PAgEpPlBRKzuyVWbJQJ9oQL2QND2BDC0m79wnvqGiZ/IP6M71eu3voU80H15lUbpS26xna67y/pvfJH5O0ZXJKyihjremVeHPHnZ44KLHNYXIoQ3prCrlapTkpBu8VF5MQBCTHiAYVU
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 5ca0fc4e-ed6e-4cb9-0723-08d61883e487
x-microsoft-antispam: BCL:0;PCL:0;RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(2017052603328)(7153060)(49563074)(7193020);SRVR:VI1PR0801MB1839;
x-ms-traffictypediagnostic: VI1PR0801MB1839:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(103651359005742)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(102415395)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231311)(944501410)(52105095)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(201708071742011)(7699050);SRVR:VI1PR0801MB1839;BCL:0;PCL:0;RULEID:;SRVR:VI1PR0801MB1839;
x-forefront-prvs: 07935ACF08
x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(346002)(39850400004)(396003)(366004)(376002)(136003)(199004)(189003)(38564003)(19627235002)(99286004)(316002)(97736004)(86362001)(14454004)(6916009)(5250100002)(14444005)(2906002)(256004)(5024004)(478600001)(5660300001)(790700001)(7696005)(76176011)(6116002)(68736007)(7116003)(606006)(106356001)(105586002)(53936002)(81156014)(81166006)(74316002)(7736002)(99936001)(8676002)(6506007)(486006)(8936002)(102836004)(3480700004)(2900100001)(6306002)(74482002)(54556002)(55016002)(9686003)(6246003)(54896002)(236005)(733005)(6436002)(229853002)(476003)(446003)(11346002)(186003)(25786009)(33656002)(46003);DIR:OUT;SFP:1102;SCL:1;SRVR:VI1PR0801MB1839;;FPR:;SPF:None;LANG:nl;PTR:InfoNoRecords;A:1;MX:1;
received-spf: None ( does not designate
 permitted sender hosts)
x-microsoft-antispam-message-info: BjoVY00u8lvj2bGLUaHVAq0k74SXy7kZstW3VP9YDLFTuQ/WONcB4J0o+LJHfHsFMzfyuM5REvHSByeQ0I6HUlaQv12l4+0O3NEoGskHDQu95d6BaWiuorQfQguqy/KBs8rsaVcIF5y4y6VEOH63zL9oS6tb4aFqW8KzZyLIHKJ5vIajpRgABEz/TCTJFjKZy5yxVU5IoXKefwPFOQ/GkTALbS9PNw7sMhHUp1sEg9AFA3zV/hDEBNK06U88PcnlErnu/BaM5ZHqpnt/NbXE+2c6Ti7uVVOY32oSc63qkOYIFfqugBrHQxrYc49tjSk4iN0telozQ9ZVLyRYo7E8lJi/tO/+5rSEatCABMCqKH4=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/related;
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 5ca0fc4e-ed6e-4cb9-0723-08d61883e487
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Sep 2018 07:46:47.1288
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8409bcf3-d736-4f08-8b16-942af98ddb15
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0801MB1839


FAQ: NetScaler SD-WAN Installation and Upgrade

Q: Can I downgrade a NetScaler SD-WAN 4000/5000 appliance to an earlier software release?

A: A NetScaler SD-WAN 4000/5000 appliance cannot be downgraded to an earlier release. The appliance should have to be factory reset and provisioned again from scratch.

For example, if an appliance is running:

Version 7.3.1 it will have the following files for each component:

SD-WAN 4000/5000 7.3.1-48.418829

  • SD-WAN version: 7.3.1-48.418829;
  • SVM version:;
  • NS version:;
  • XS 6.0 build 50762 with Hotfixes XS60E001, 003, 010, 014, 018, 020, 023, 024, 026, 028, 029, 031, 033, 034, 035, 037, 39, 40
  • Supplemental Pack version 1.6.2, build 1002

Version 7.2.2 has different files for each SD-WAN, SVM, NS and Supplemental Pack components:

SD-WAN 4000/5000 7.2.2-24

  • SD-WAN version 7.2.2-24;
  • SVM version;
  • NS version;
  • XS 6.0 build 50762 with Hotfixes XS60E001, 003, 010, 014, 018, 020, 023, 024, 026, 028, 031
  • Supplemental Pack version 1.6, build 1010

Currently there is no option to downgrade the SVM version (The update software option only applies for the upgrade bundle, not the SVM).

Q: What precaution should be taken while upgrading NetScaler SD-WAN 4000-1000 from version 7.2.2 to version 7.3.4?

A: When upgrading the appliance, if you use the single bundle upgrade (.upg) file then the upgrade gets stuck at step 1/6 and continues to be there unless we go to the CLI and execute a perl command to proceed to next step.

To resolve this issue:

  1. Navigate to cd /var/mps/log and then run

    tail –f bundleupgrade.log

    When you see the following message, proceed to next step:

    Upgrade Status: In progress, doing upgrade.

  2. Navigate to cd /var/mps/cb_sb_images/install and run the following command:

    perl –us nsroot –pas <password of SVM>

    You might have to run this command multiple times to get the upgrade done as it involves 6 steps and can hang at any point.

Q: How can I re-start the setup wizard of a NetScaler SD-WAN VPX appliance?

A: You can remove (set to all hosted IP addresses of NetScaler SD-WAN VPX appliance (both apA and primary IP addresses if it exist)

The following is a sample session:

Login: adminPassword: passwordadmin> set adapter apa -ip -netmask -gateway> set adapter primary -ip -netmask -gateway> restart

Q: Why is the upgrade bundle of NetScaler SD-WAN version 7.4.1 displayed as release 7.4.1a?

User-added image

A: On a previous NetScaler SD-WAN 7.4.0 version there was an issue (#0583172). It was due to a problem with glibc library included in supplemental pack and only occurs during upgrade. System reboot actually fix it.

NetScaler SD-WAN 7.4.1.a includes a new supplemental pack, rest of others components remains the same.

Q: Why did MAPI application identifier change on NetScaler SD-WAN version 7.3.0 and later?

A: A default MAPI application identifier rule has been changed from “Port 64999” to “Dynamic TCP” from version 7.3.0 and later.

Connection to exchange are initiated to End-Point Mapper (EPMAP) service running in port 135, and then the MAPI connections are initiated to EMSMDB port (a non-standard port) returned by the EPMAP service. Port was modified to 64999/TCP just to indicate that the EMSMDB port is a non-standard port that is dynamically chosen on every server.

From version 7.3 onwards, MAPI applications are indicated properly as Dynamic TCP. There is no change/difference in the MAPI acceleration behavior.

Changing back to port 64999 is not be required as the port selection is dynamic.

Q: How can I shutdown a NetScaler SD-WAN appliance remotely via the CLI?

A:There is no option to shutdown (only restart) a NetScaler SD-WAN appliance remotely via the CLI when logged in as the “admin” user.

User-added image


7023216: Unable to install, or problems after the install, of the GroupWise client on Windows 10

Microsoft is sometimes installing a virtualised version of Outlook.This Outlook installs its own mapi and sets itself as default.There is no way to change the default because the registry isa virtualized one that can only be access by Outlook.

The workaround we have found for this is deleting the followingfiles:


This seems to cause everything to fallback to the standard mode ofoperation.

Deleting the files from there is not an easy task. First you needto change the owner of the files to yourself. Then give yourselffull control of the files and finally you can rename/deletethem.

We haven’t found a better work around so far or anything we can doon the GroupWise side to fix it but our engineering team is stillinvestigating it.


Outlook traffic to Exchange 2016 (RPC over HTTPS) is not working via NetScaler

Outlook Stuck in “Connecting”, and repeatedly prompting for authentication.

For testing:

Switch to MAPI over HTTP works

Using SSL Bridge works

If outlook connects directly to back-end Server it works.

Looking at the symptoms it looked like a HTTP processing issue on NetScaler, trace showed the following:

For reference Pink is Client side traffic and Green in Backend

Outlook Sends the auth information in frame #7273, with a content-length of 1GB and the Subsequent packet #7311 has 104 bytes of data.

This auth info was not being forwarded to the back-end server, this was the problemUser-added image


Recovering Exchange Data with NMM 8

This article aims to describe the Restore options available for recovering Exchange backups performed with NMM (Networker Module for Microsoft) 8.2.4. While the procedure is shown with NMM 8.2.4 and Exchange 2010, it would also be applicable with other versions of NMM 8.x, like 8.2.3 and 8.2.2 with minor differences and also would apply to Exchange 2013. Exchange 2007 is not covered here. Exchange 2007 uses Storage groups and has some differences in the restore procedure. If recovery of NMM backups of Exchange 2007 Server is required, follow the NMM User guide for Exchange available at support site

The goal of this article is to help someone who maybe performing restores with NMM for the first time and also for someone who may have not done the restores for a long time and could use a refresher. While this article covers the different types of restores, its not exhaustive and is not a replacement for the information in the NMM user guide. It compliments the user guide, by being more descriptive of the process.

Types of Restores

There are 3 types of restores. They are covered in the order of their popularity, i.e the most common type of restore is covered first:

Granular Level Restore (GLR).

GLR allows restoring mailbox or mailbox items without having to restore the entire database from backup media. It uses ‘Networker Virtual File system (NwFS)’ to mount the backups on a Data Domain Device or Advance File Type Device.

Following is the advantage of performing GLR:

  1. Restore of the entire database to Exchange server is not required. This means if you have 1 TB Exchange database to restore, you do not need to allocate 1 TB+ of disk space on the Exchange server to perform the restore. GLR virtually mounts the backup on to the Exchange server, creating a recovery database within Exchange in the process. Once this GLR database is created, one can proceed with the browse and restore of mailbox/mailbox items.

Disadvantages of performing GLR:

  1. GLR can be slow for restore of large mailboxes that contains 10’s of thousands of mail items. If GLR is get extremely slow for large mailbox restores then restoring the database to the exchange server and then performing mailbox restore may be beneficial from a performance point of view.
  2. GLR can only be performed from a level FULL backup. GLR from incremental backups is not supported.
  3. GLR can only be performed from backups done to disk type media, i.e from AFTD (Advanced File Type Device) and from Data domain devices. If backups to tape exists, then GLR from tapes cannot be done. Tape backups can be cloned to a disk media (AFTD or Data Domain) and GLR can then be performed from the disk media.

Prerequisites for GLR

Before GLR can be done, there are certain prerequisites that need to be met

1. Backups are done to either AFTD device or Data domain device.

2. Backups to be restored from must be at level FULL.

3. During NMM install, the GLR feature should be chosen to be installed. Note all Full level backups are GLR enabled, even if GLR was not chosen ding install. Even backups to Tapes are GLR enabled. If GLR was not enabled during backup, GLR is still possible. The GLR feature can be added before performing the restore, to allow for GLR.

Below are the Pre-requisites that are common for both ‘GLR’ and ‘Restore from RDB’ options from NMM GUI:

4. The service account used with NMM, should have the following permissions set:

    1. The ‘send-as’ and ‘receive-as’ rights need to be set to the Exchange server where the restore is being performed. Following is an example of how to set this permission. Execute this from a elevated Exchange powershell and replace environment specific information:

get-ExchangeServer Apphost2 | Add-AdPermission -user administrator@spring -extendedrights Receive-As, Send-As, ms-Exch-Store-Admin

b. The service account should have a mailbox on a database that’s mounted and it should be initialized with mail. I.e this mailbox should have either sent or received some mail.

5. The MAPI/CDO software needs to be installed. In the NMM user guide for Exchange the following versions are documented for Exchange 2010 and Exchange 2013.

    1. For Exchange 2010, MAPI/CDO 1.2.1 version 6.5.8244.0 or earlier. Note here that build 8244 or higher does work and you can safely use it. But if you are troubleshooting a GLR browse issue, you can choose to use adhere to this requirement.

b. For Exchange 2013 MAPI/CDO 1.2.1 version 6.5.8320.0 or later.

6. The service account needs to be a member of the following domain groups.

    1. Domain users
    2. Exchange Organization Management.

By default Exchange Organization Management group is a member of the local ‘administrators’ group on the Exchange server. If this not the case, then make sure it is.

If there is a requirement to get more granular with rights for the service account, i.e give it no more rights that needed, then create a Exchange role group and assign it the following roles:

Database Copies


Disaster Recovery

Mailbox Import Export

Mail Recipient Creation

Mail Recipients

View-Only Configuration

View-Only Recipients

Make the service account a member of the role group created above and also ensure this account is a member of the local administrators group on each Exchange server in the cluster.

***Note: if you choose not to get granular with regards to role assignments, in addition to the user being a member of Organization Management group, you would need to assign the ‘Mailbox Import Export’ role to the user performing the restore, when doing restore to ‘PST’.

How do to check if a save set is GLR enabled?:

mminfo -S -s vmmsrv -q ssid=1324416600

ssid=1324416600 savetime=5/7/2018 9:34:02 PM (1525743242) dag-2010.spring.local:APPLICATIONS:Microsoft Exchange 2010carydb3

level=full sflags=vF size=172065988 files=37 insert=5/7/2018

create=5/7/2018 complete=5/7/2018 browse=6/7/2018 11:59:59 PM retent=6/7/2018 11:59:59 PM


*ACTUAL_HOST: apphost2;


“C:\Program Files\EMC NetWorker\nsr\tmp\7140-1525743109-0”;

*appid: 1;

*backup start time: 1525743242;

*coverid: 1341193800;

*De-duplication: No;


*GLR_HINT: “E:\Exchangedb\carydb3\”;

*GLR_OFFSET_MAP: Yes; ===> The GLR attributes are seen for GLR enabled save set


“C:\Program Files\EMC NetWorker\nsr\tmp\1324416600_om.bin”;

*policy action jobid: 128671;

*policy action name: “exchange2010-action: 1525743244”;

*policy name: “Exchange2010: 1525743244”;

*policy workflow name: “Exchange2010-wkfl: 1525743244”;

*snap_sessionid: 1525742832;

*ss data domain backup cloneid: 1525743244;

*ss data domain dedup statistics: “v1:1525743244:172465188:2157958:2157958”;

group: Exchange2010-grp;

Clone #1: cloneid=1525743244 time=5/7/2018 9:34:04 PM retent=6/7/2018 flags=F

frag@ 0 volid=1508963247 file/rec= 0/0 rn=0 last=5/7/2018

Now that we have covered the prerquisites for GLR, let’s review the procedure to perform GLR.

  1. Launch Networker User for Microsoft user GUI as ‘administrator’
  2. Select the client to restore from. In a DAG setup, this would be the DAG name. In the standalone setup, this would be the hostname of the Exchange server


3. Select GLR (Granular Level Recovery) option:


4. Select the desired database and browse time for restore:


5. Choose ‘Recover Options’. If you are troubleshooting a GLR restore issue and need to increase debug setting, you can set the debug setting here. This step is optional:


6. Select ‘Start Recover’


7. Click on ‘Monitor’ to follow the progress of the restore:


Notice it creates a RDB database. The name of the database starts with ‘GLR’ and the date and time of restore is appended to this to form the database name

8. When the restore is complete it, you will receive a pop up windows. Be careful, this window may be behind the main NMM window, so look out for this:



9. Once you click ‘ok’ to the above, the GUI will switch to the ‘recover’ section. Be patient over here as it may take some time for the GUI to refresh and show new information:


10. If after some time the GUI does not refresh, you can press ‘F5’ to manually refresh and then you can navigate to the mailboxes by click on the ‘+’ to expand the GLR db and then the mailboxes:


11. Select the desired mailbox or mailbox folders or individual items and the click ‘Recover’ to start recover of mailbox items. By default the recover will place the recovered items back into the original mailbox. In this case it’s the mailbox of ‘roger’

12. Look to the ‘Monitor’ pane to check for progress and completion:


13. Verify the restore by logging into the mailbox of the user. You will see the mail items recovered under a new folder labelled with date and time of restore. Expand to find the recovered items:


This concludes the procedure for GLR Restore.

Restore to RDB:

If GLR is not an option, e.g if the backup data resides on tape or if GLR is not fast enough, then restoring the database to RDB is the next option. Following are the advantages of restoring to RDB:

  1. Once the restore is completed, recovering mailbox items from RDB is faster than restoring from GLR.
  2. Restore can be done from Full and incremental backups. GLRs can be done only from FULL level backup.

Disadvantage of restore to RDB:

  1. Requires free disk space to restore the full database. If you are restoring a 1 TB database, you need 1 TB+ free disk space. Restore cannot be done to a Network share. It needs to be done to a local disk.

2. May take a long time to do the restore as its restoring Full database.

Procedure for RDB restore.

  1. Launch the ‘Networker Module for Microsoft’ GUI as ‘administrator’
  2. Select ‘Database Recover’. Note, the selection of ‘RDB Data Recover’ implies recover mailbox data from RDB. This can only done after recover to RDB has been complete. So the first step to recover from RDB is to recover the database to RDB and this is done through ‘Database recover’


3. Select the desired database from the desired browse time. Change browse time if needed. Then choose ‘Advance Recover’. From ‘Advanced Recovery’ window, select ‘Recovery Database (RDB) Recovery’


4. If you are troubleshooting a restore failure and what to run the restore in Debug, select ‘Recover Options’ and then choose the debug level. We will perform this restore in normal level.


5. In ‘Manage RDB’ window, select ‘Create’. Note if you have a previously created RDB, either select that RDB for ‘RDB overwrite’ or delete the previous RDB and ‘Create’ a new one. Deletion and creation of RDB can all be done from ‘Manage RDB’. Having more than one RDB will cause browsing issues.


6. Specify a name for RDB and specify file paths for EDB and logs:


7. Click ‘Create’


8. Select the RDB and click ‘Next’


9. Review the selections and click ‘Next’


10. Click ‘Recover Options..’ and select Debug level, if you want to run the restore in debug mode for troubleshooting. Click ‘Next’ to proceed with restore


11. Switch to the ‘Monitor’ view to monitor the progress of the restore. Once the restore has completed successfully, you will see this pop up window tilted ‘Recovered RDB Mailbox Items’. Look out for this window. Sometimes, this may get hidden behind the main NMM GUI. Click ‘ok’ to continue


12. Once you click ‘ok’ above, then click ‘recover’ -> Exchange 2010 Recover Session -> ‘RDB Data Recover’. This will allow you to browse the contents of the RDB database.


13. Depending on the size of the DB, it may take some time for the RDB DB to show. Expand to see the listing of mailboxes.


14. The process of recovering mail items from RDB from this point on is identical to the restore of mail items from GLR.

The third type of restore is not a very common type of restore: Recovering a database and overwriting it. Disaster Recovery Situation

If there is a need to perform Disaster Recovery of the Exchange databases, due to data corruption or some other DR situation, then use the procedure below: (Note this is a destructive process as it will overwrite the existing database. So be sure this is what you want to do)

For Standalone Exchange servers:

1. Start the ‘Networker Module for Microsoft’ GUI as ‘administrator’

2. Choose ‘Database Recovery’


3. Choose the database that need to be restored and the required browse time. Then click ‘Recover’


4. The above message indicates that the ‘This database can be overwritten by a restore’ property on the database needs to be set. This can be done through Exchange PowerShell as or through Exchange Management Console. Once this is done. Try the restore again.

5. As usual, you get to choose to enable ‘Debug’ logging under ‘Recover options..’


6. Under ‘Exchange’ Tab, you get to pick a few options that are relevant to this type of restore. These options have bee explained below. The default choices are shown below:


Include Existing logs (Roll-forward Recovery’. This option is useful if the database and logs were on separate volumes and the volume containing logs is still available, or even if both DB and logs are on the same volume and only the ‘edb’ file is corrupt and the logs are good, then you can do the restore of the backup and then perform a roll forward recovery using the logs on the disk. This will bring the database to the most recent state with minimum or no data loss.

Include only logs from this restore (Point-in-time recovery)’. Select this option when point in time restore is required, i.e the database will be recovered to the time of the last backup.

Put database online after restore’. By default the restore process will replay the logs and put the database online after restore. If this is not required, then click on this option again to deselect it and select ‘Do not replay the transaction logs’. If ‘Do not replay the transaction logs’ is selected then the logs are restored, but they will need to be manually replayed using ‘eseutil’

Deleted Database Target’, This is used if a flat file restore of database is required. This option bypasses VSS method of restore and simply restores the ‘edb’ and ‘logs’ as files to the target directory. Further processing is required to mount the database.g. Once the desired options are selected, click ‘Start Recover’ to start the restore. Progress of the restore can be monitored under the ‘monitor’ tab

For Database Restore of a database that’s replicated in a DAG configuration, you first have to suspend the replication, otherwise the following error is seen in the Monitor tab:

NMM … Using client name APPHOST1, the version of the Exchange server is Exchange 2010.

96585:nsrsnap_vss_recover:NMM .. Initialization success — Exchange shell successfully initialized. Required for Exchange 2010 or Exchange 2013.

NMM .. MailboxStore [carydb3] is in replicated state, please suspend the replication on all DAG nodes and perform restore after that.

Once the replication is suspended, then the rest of the procedure to restore the database is same as in the standalone Exchange server. Also note, the restore cannot be done on the server hosting the passive copy. It has to be done on the server hosting the active copy of the database. Once the restore is successful, you will see this message below:


Recovering Public Folder Database

Public folder Databases are implemented differently in Exchange 2010 vs Exchange 2013. In Exchange 2010, public folders databases are just like mailbox database’s but are identified separately as Public Folder database. They are not replicated through the DAG mechanism, but can use ‘Public Folder Replication’ for high availability. Public folder database cannot be recovered to an RDB

In Exchange 2013 and Exchange 2016 public folders are supported through public folder mailbox. This mailbox is stored in a regular mailbox database that allows support for high availability through DAG. This means Public folder database can be restored to RDB.

In Exchange 2010, NMM considers public folder databases as ‘Standalone Databases’ and backs them up as part of the DAG, if configured to include Standalone Database. The backups are indexed to the ‘DAG’ client index.

In Exchange 2016, since public folders are part of regular mailbox database (you could have a database dedicated to public folders), the backups for this follows the same workflow as regular mailbox database.

To restore Public Folder database for Exchange 2010, the method for restore would be same as restoring a mailbox database (Overwrite existing database). However they cannot be recovered to RDB and GLR cannot be done on them. The only choice is to overwrite the database. Note public folder databases belong to a specific Exchange server and restore can only done back to that server. So if a public folder resides on Server-A, it cannot be restored to Server-B, it has to be restored to Server-A. When you bring up the NMM GUI, if you see a ‘X’ on the database name as below:


This means that the Public folder database ‘Public_Folder01’ is not owned by the Exchange server on which the NMM GUI is opened and was not backed up from this server and is not available for recovery. If the database is browsed from the server that owns it, it would show as below:


What if you want to restore a Public Folder Database, but do not want to overwrite the existing database?. Flat file restore comes to the rescue. I will not be covering Flat File restore in this post.

Recovering a mailbox/mailbox items to PST file

1. NMM supports the restore of a mailbox /mailbox items to a PST file. The most important thing to remember here is that an additional ‘role’ is required for the NMM service account to allow for this restore. And this role is ‘Mailbox Import Export’ Role. By default this role is not assigned to the role group ‘Exchange Organization Management’.

Below command will list the roles assigned to the custom role group ‘nmm-backup-group’. Note the role ‘Mailbox Import Export’ is assigned to this role group. If this role and the others mentioned below are assigned to the service account of NMM, then you are all set to do restore to PST. If not assign this role manually:

Get-ManagementRoleAssignment -roleassignee nmm-backup-group | select name,role

Name Role

—- —-

Database Copies-NMM-Backup-Group Database Copies

Databases-NMM-Backup-Group Databases

Disaster Recovery-NMM-Backup-Group Disaster Recovery

Mail Recipient Creation-NMM-Backup-Group Mail Recipient Creation

Mail Recipients-NMM-Backup-Group Mail Recipients

Mailbox Import Export-NMM-Backup-Group Mailbox Import Export

View-Only Configuration-NMM-Backup-Group View-Only Configuration

View-Only Recipients-NMM-Backup-Group View-Only Recipients

2. Another prerequisite for restore to PST is a UNC path for the target location. The restore cannot be done to a local path. Create a UNC path. This share can be local or on a different server. Below is a share that’s been created on C:pst-restore. This share has read/write permission for ‘Everyone’

[PS] C:Windowssystem32>net share

Share name Resource Remark


ADMIN$ C:Windows Remote Admin

C$ C: Default share

E$ E: Default share

IPC$ Remote IPC

Address E:Program FilesMicrosoftExchange ServerV14Mailboxaddress

“Access to address objects”

PST-Restore C:PST-Restore

The command completed successfully.

3. Perform GLR as explained before or Restore to RDB and then restore from RDB. Select the required mailbox or mail items, then under ‘Recover Options..’ , ‘Exchange’ Tab, specify path to PST Target. Notice the UNC path “\apphost1pst-restorerogerpstroger.pst”


4. Review the selection and then click ‘Start Recover’


5. Check the ‘Monitor’ tab to review the status of the restore.

6. When the restore is complete, the PST file can be found under the UNC path:



Discovery Manager fails to export all messages on a worker that does not have Outlook configured as the default mail client

Article Number: 000517265Article Version: 3 Article Type: Break Fix

SourceOne Discovery Manager

Discovery Manager fails to export all messages on a worker that does not have Outlook configured as the default mail client:

The following errors are found in ExJBRestoreDC.exe log on the worker server:

Verbosity : ERROR

Process : P6708

Thread : T6664

Module : CoExExchProvider.cpp

Func : CoExExchProvider::Init(206)

Machine :

Message : Failed to initialize MAPI. (0x86040C5B) Unspecified error (0x80004005)

Verbosity : ERROR

Process : P6708

Thread : T6664

Module : ExMboxOutputSource.cpp

Func : CExMboxOutputSource::InitExchangeProvider(500)

Machine :

Message : CoExExchProvider::Init failed 0x80004005

Verbosity : ERROR

Process : P6708

Thread : T6664

Module : ExMboxOutputSource.cpp

Func : CExMboxOutputSource::InitExchangeProvider(501)

Machine :

Message : Unable to initialize provider %1. Error: %2!x! (0x8604322A) Failed to initialize MAPI. (0

x86040C5B) Unspecified error (0x80004005) [ExJBRestoreDC.exe, CoExExchProvider.cpp(206).C


Verbosity : ERROR

Process : P6708

Thread : T6664

Module : ExMboxOutputSource.cpp

Func : CExMboxOutputSource::InitProvider(306)

Machine :

Message : unable to intialize lower provider 0x80004005

Verbosity : ERROR

Process : P6708

Thread : T6664

Module : ExMboxOutputSource.cpp

Func : CExMboxOutputSource::InitProvider(307)

Machine :

Message : System call failed. (0x86040100) Unable to initialize provider %1. Error: %2!x! (0x860432

2A) [ExJBRestoreDC.exe, ExMboxOutputSource.cpp(501).CExMboxOutputSource::InitExchangeProvi

der] >Failed to initialize MAPI. (0x86040C5B) Unspecified error (0x80004005) [ExJBResto

reDC.exe, CoExExchProvider.cpp(206).CoExExchProvider::Init]

Verbosity : ERROR

Process : P6708

Thread : T6664

Module : ExRestoreThread.cpp

Func : CExRestoreThread::InitMboxSource(1178)

Machine :

Message : Failed to initialize the output provider : 1. (0x86043268) System call failed. (0x86040100

) [ExJBRestoreDC.exe, ExMboxOutputSource.cpp(307).CExMboxOutputSource::InitProvider] >Un

able to initialize provider %1. Error: %2!x! (0x8604322A) [ExJBRestoreDC.exe, ExMboxOutpu

tSource.cpp(501).CExMboxOutputSource::InitExchangeProvider] >Failed to initialize MAPI.

(0x86040C5B) Unspecified error (0x80004005) [ExJBRestoreDC.exe, CoExExchProvider.cpp(206)


The following information event is logged in Event Viewer System Log on the worker server:

Log Name: System

Source: Application Popup


Event ID: 26

Task Category: None

Level: Information





Application popup: Microsoft Office Outlook : Either there is no default mail client or the current mail client cannot fulfill the messaging request. Please run Microsoft Outlook and set it as the default mail client.

Microsoft Office Outlook is not selected as default program on the worker that picked the job.

Configure Outlook as the default mail program using the following steps:

Navigate to the following location: ‘Control PanelAll Control Panel ItemsDefault ProgramsSet Default Programs’

Review the “MAPI” default program

Select Outlook as default program



Outbound mail from Outlook blocked by PGP

I need a solution

Sending mail from Outlook causes an immediate bounce. Message says:

Your message did not reach any of the intended recipients.

                Subject:        FW: Meeting in Outlook

                Sent:           27/02/2018 14:41:00

Message delivery failed. Please check PGP log for details.

The original message is embedded in this non-delivery report. Click Send Again to see the original text and have the opportunity to re-send the message. If the problem persists and you still receive another non-delivery report, please contact your administrator for details.

PGP Log says:

14:41:30 Email     Info    Processing outgoing message from <(null)> with subject: FW: Meeting in Outlook
14:41:30 Email     Error    MAPI Proxy: ..sharedOCconnection.cpp : Line 301 : Echo::oc::OCconnection::SetUserInfo
14:41:30 Email     Error        SenderName is empty
14:41:30 Email     Error            Received OCC error ecBadParameter PGPError: (bad parameters)

In Outlook Account Settings the sender’s name and email address is definitely not empty.

This behaviour continues even when PGP services are stopped, and SED is set not to process messages.



7022563: Regular users unable to create a personal address book

This document (7022563) is provided subject to the disclaimer at the end of this document.


GroupWise 2014 R2 Support Pack 2


When a regular user is logged into a Windows 10 workstation, theyare unable to create a personal address book in GroupWise. There are no errors. The create looks like it is going towork but when control to the client is given back to the user a fewseconds after the create, the new PAB is not there.


There was a problem with MAPI. The fix is to do thefollowing:

1. Close the GW client and Address book
2. Open Control Panel.
3. Search for mail and click on Mail (Microsoft Outlook)(32-bit).
4. Click on Show Profiles…
5. Select ‘Novell GroupWise’ and then click remove andyes.
6. Start GW.


There was a problem with MAPI


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.