Skip to main content

Displaying the Junk-Email setting of all users on a Server (Exchange 2003)

I got a good question this week about one of my previous posts about displaying and setting junk Email setting on Exchange 2003. What this person wanted to do was display the junkemail setting of all users on a server so they could see who had enabled junk email filtering in OWA. This was a good idea which I thought could be expended a little further an also include reporting on the junk email settings from Outlook 2003 as well. So what I’ve done is put together a script that creates a CSV file that shows you firstly weather the Extended Junk Email rule has been created in a mailbox, If junk email filtering is enabled in OWA, what level junk email filter has been set to in Outlook 2003 and what the delete setting is set to in Outlook 2003. What you end up with is a pretty useful little report on how people are using the Junk Email filtering setting in Outlook and OWA on your server.

I’ve created two versions of the script the first is a WebDAV version which can be run locally or remotely and I’ve also done a Exoledb version that must be run locally on the server. Both scripts work the same way they do a search of the inbox folder for the extended junk email rule by searching for IPM.ExtendedRule.Message items that are named JunkEmailRule. The existence of this rules mean someone has either turned on junk email filtering in OWA or connected to the mailbox with Outlook 2003. To see what the current junk-email filtering setting are you need to check properties on the rule object itself. Checking the PR_Rulemsgstate http://schemas.microsoft.com/mapi/proptag/x65E90003 property will tell you weather someone has disabled this rule via OWA if the value is 48 then the check box will be un-ticked in OWA. The other two setting I’ve mentioned before.

http://schemas.microsoft.com/mapi/proptag/0x61010003 which stores a long value that sets that level of junk email protection you want the long values for each of the setting are

No Automatic filtering = -1
Low = 6
High = 3
Safe Lists only = -2147483648

The “Permanently delete suspected junk e-mail instead of moving it to the Junk E-mail folder” is stored in the http://schemas.microsoft.com/mapi/proptag/0x61020003 as

Disabled = 0
Enabled = 1

The script reports the result to a csv file on the c drive called junkemailsettings.csv

To run the scripts for the WebDAV version it uses the Exadmin virtual directory so you need to include the servername you want to run it against and also your default domain name (you can find this by checking the properties of the exadmin virtual directory in IIS admin). Eg cscript showjmailopsdav1.vbs servername domain.com

To run the exoledb version you just need the servername as command line parameters. Both scripts require that you run them with an account that has rights to every users mailbox

I’ve put a downloadable copy of the script here the webdav version look like

servername = wscript.arguments(0)
domainname = wscript.arguments(1)
Set fso = CreateObject("Scripting.FileSystemObject")
set wfile = fso.opentextfile("c:\Junkemailsettings.csv",2,true)
wfile.writeline("Mailbox,OWAJunkEmailState,Outlook Filter Setting,Outlook Delete
Junk Email Setting")
set conn = createobject("ADODB.Connection")
set com = createobject("ADODB.Command")
Set iAdRootDSE = GetObject("LDAP://RootDSE")
strNameingContext = iAdRootDSE.Get("configurationNamingContext")
strDefaultNamingContext = iAdRootDSE.Get("defaultNamingContext")
Conn.Provider = "ADsDSOObject"
Conn.Open "ADs Provider"
svcQuery = "<LDAP://" & strNameingContext & ">;(&(objectCategory=msExchExchangeServer)(cn="
& Servername & "));cn,name,legacyExchangeDN;subtree"
Com.ActiveConnection = Conn
Com.CommandText = svcQuery
Set Rs = Com.Execute
while not rs.eof
GALQueryFilter = "(&(&(&(& (mailnickname=*)(!msExchHideFromAddressLists=TRUE)(|
(&(objectCategory=person)(objectClass=user)(msExchHomeServerName=" &
rs.fields("legacyExchangeDN") & ")) )))))"
strQuery = "<LDAP://" & strDefaultNamingContext & ">;" & GALQueryFilter & ";distinguishedName,mail;subtree"
com.Properties("Page Size") = 100
Com.CommandText = strQuery
Set Rs1 = Com.Execute
while not Rs1.eof
call ProcMailbox(servername,rs1.fields("mail"))
rs1.movenext
wend
rs.movenext
wend
rs.close
wfile.close
set fso = nothing
set conn = nothing
set com = nothing
wscript.echo "Done"

Sub ProcMailbox(snServername,mnMailboxname)
wscript.echo "Processing : " & mnMailboxname
SourceURL = "http://" & snServername & "/exadmin/" & domainname & "/mbx/" &
mnMailboxname & "/inbox/"
strQuery = "<?xml version=""1.0""?><D:searchrequest xmlns:D = ""DAV:"" >"
strQuery = strQuery & "<D:sql>SELECT ""DAV:displayname"", ""http://schemas.microsoft.com/mapi/proptag/x65E90003"",
"
strQuery = strQuery & """http://schemas.microsoft.com/mapi/proptag/x61010003"",
""http://schemas.microsoft.com/mapi/proptag/x61020003"""
strQuery = strQuery & " FROM scope('shallow traversal of """
strQuery = strQuery & SourceURL & """') Where ""DAV:ishidden"" = True AND ""DAV:isfolder""
= False AND "
strQuery = strQuery & """http://schemas.microsoft.com/exchange/outlookmessageclass""
= 'IPM.ExtendedRule.Message' "
strQuery = strQuery & "AND ""http://schemas.microsoft.com/mapi/proptag/0x65EB001E""
= 'JunkEmailRule' </D:sql></D:searchrequest>"
set req = createobject("microsoft.xmlhttp")
req.open "SEARCH", SourceURL, false,"", ""
req.setrequestheader "Content-Type", "text/xml"
req.setRequestHeader "Translate","f"
req.send strQuery
wscript.echo "Status: " & req.status
wscript.echo "Status text: " & req.statustext
If req.status >= 500 Then
ElseIf req.status = 207 Then
set oResponseDoc = req.responseXML
set oNodeList = oResponseDoc.getElementsByTagName("a:href")
set ostateList = oResponseDoc.getElementsByTagName("d:x65E90003")
set ofilterList = oResponseDoc.getElementsByTagName("d:x61010003")
set odeleteList = oResponseDoc.getElementsByTagName("d:x61020003")
For i = 0 To (oNodeList.length -1)
set oNode = oNodeList.nextNode
Filterlist = ofilterList(i).nodetypedvalue
if filterlist = "" then
flist = "No Automatic filtering"
else
select case Filterlist
case -1 flist = "No Automatic filtering"
case 6 flist = "Low"
case 3 flist = "High"
case -2147483648 flist = "Safe Lists only"
end select
end if
delist = odeleteList(i).nodetypedvalue
if delist = "" then
delset = "Disabled"
else
select case delist
case 1 delset = "Enabled"
case 0 delset = "Disabled"
end select
end if
Rule_State = ostateList(i).nodetypedvalue
select case Rule_State
case 48 wfile.writeline(mnMailboxname & "," & "OWA Junk Email Setting Off," &
flist & "," & delset)
case 49 wfile.writeline(mnMailboxname & "," & "OWA Junk Email Setting Enabled,"
& flist & "," & delset)
end Select
Next
if oNodeList.length = 0 then
wfile.writeline(mnMailboxname & "," & "No Junk Email rules Exists")
End if
Else
End If

end sub

Popular posts from this blog

Testing and Sending email via SMTP using Opportunistic TLS and oAuth in Office365 with PowerShell

As well as EWS and Remote PowerShell (RPS) other mail protocols POP3, IMAP and SMTP have had OAuth authentication enabled in Exchange Online (Official announcement here ). A while ago I created  this script that used Opportunistic TLS to perform a Telnet style test against a SMTP server using SMTP AUTH. Now that oAuth authentication has been enabled in office365 I've updated this script to be able to use oAuth instead of SMTP Auth to test against Office365. I've also included a function to actually send a Message. Token Acquisition  To Send a Mail using oAuth you first need to get an Access token from Azure AD there are plenty of ways of doing this in PowerShell. You could use a library like MSAL or ADAL (just google your favoured method) or use a library less approach which I've included with this script . Whatever way you do this you need to make sure that your application registration  https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-

How to test SMTP using Opportunistic TLS with Powershell and grab the public certificate a SMTP server is using

Most email services these day employ Opportunistic TLS when trying to send Messages which means that wherever possible the Messages will be encrypted rather then the plain text legacy of SMTP.  This method was defined in RFC 3207 "SMTP Service Extension for Secure SMTP over Transport Layer Security" and  there's a quite a good explanation of Opportunistic TLS on Wikipedia  https://en.wikipedia.org/wiki/Opportunistic_TLS .  This is used for both Server to Server (eg MTA to MTA) and Client to server (Eg a Message client like Outlook which acts as a MSA) the later being generally Authenticated. Basically it allows you to have a normal plain text SMTP conversation that is then upgraded to TLS using the STARTTLS verb. Not all servers will support this verb so if its not supported then a message is just sent as Plain text. TLS relies on PKI certificates and the administrative issue s that come around certificate management like expired certificates which is why I wrote th

The MailboxConcurrency limit and using Batching in the Microsoft Graph API

If your getting an error such as Application is over its MailboxConcurrency limit while using the Microsoft Graph API this post may help you understand why. Background   The Mailbox  concurrency limit when your using the Graph API is 4 as per https://docs.microsoft.com/en-us/graph/throttling#outlook-service-limits . This is evaluated for each app ID and mailbox combination so this means you can have different apps running under the same credentials and the poor behavior of one won't cause the other to be throttled. If you compared that to EWS you could have up to 27 concurrent connections but they are shared across all apps on a first come first served basis. Batching Batching in the Graph API is a way of combining multiple requests into a single HTTP request. Batching in the Exchange Mail API's EWS and MAPI has been around for a long time and its common, for email Apps to process large numbers of smaller items for a variety of reasons.  Batching in the Graph is limited to a m
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.