Earlier i’ve done the Exchange server migration – 2007 to 2010 – Live cast, Its been 10 months since Exchange team release the SP1 for Microsoft Exchange server 2010….today i’m doing Microsoft Exchange server 2010 SP1 upgradation…Live page is opened.
If you come across the issue of saving the IP which needs to block it under the “Edge server IP Block List” entry, following error receive “The server threw an exception. (Exception from HRESULT: 80010105 (RPC_E_SERVERFAULT))”
Why this is used : IP Block List is part of the connection filtering feature in Exchange. When the IP Block List feature is enabled on a computer, the Connection Filter agent analyzes all messages that come through all Receive connectors on that computer and it block all incoming messages from addresses specified in the IP Block list.
Reason for the above error : Duplicate IP exist inside the IP block list.
Resolution : From the EMS (Exchange management shell) use the following. You use the Add-IPBlockListEntry and Remove-IPBlockListEntry cmdlets to manage the addresses in the IP Block list. You can specify individual IP addresses, IP subnets using the CIDR notation, or IP ranges.
From the EMS,
If you want to list all the IP blocklist for verification, type Get-IPBlockListEntry . This will list all the Block IP, and you can see the duplicate entries. Write down each of the dupicate entry seperately and then run the following command for each entries.
To remove an address from the IP Block list using the Shell, you must specify this IP. However, an easier way to remove an address is to pipeline the output of the Get-IPBlockListEntry cmdlet to the Remove-IPBlockListEntry cmdlet.
For example, if you want to remove the IP address 192.168.1.100 from your IP Block list, run the following command:
Get-IPBlockListEntry -IPAddress 192.168.1.100 | Remove-IPBlockListEntry
This will remove 192.168.1.100 from your IP block list, which is a duplicate, identified by you. For each entry, do the same by changing the IP. Once it is done, Your block list will start accepting the IP to block and save it on the list, without throwing the error (as above mentioned)
If you have not already done so, I highly recommend you create an SPF record for your domain as this will make it much more difficult for spammers to forge your domain in order to spam domains in other organizations.
Sender Policy Framework..WikiPedia Definition
Creating your own SPF record is a relatively simple process, Microsoft even provides a web-based GUI wizard that will help you do this.. Domain holders need to complete an inventory and publish all IP addresses of their outbound e–mail servers in the DNS zone file. This is an administrative step that requires no changes to an organization‘s e–mail or DNS software. Even if your domain has no outbound e–mail servers, you can help protect your domain from spoofing by publishing an SPF record in the DNS that states this. Microsoft Safety Home Page click here
Implementation Tips for the Sender ID Framework—Creating Your SPF Record..Click here
Sender ID Overview Click here