Hello,
I have an issue using sub-policy by AD group... I can't manage to get working.
What is the format wanted in ePO policy to get the AD Group ?
I just put "Domain users" but doesn't seem to work
Could you help me ?
Solved! Go to Solution.
with exchange 2016 you don't want to use ad groups when setting up the sub-policies. the reason is that for every email that comes through, msme will have to take each email address and do a lookup to AD to verify the user is in the group. if for any reason there is a delay getting a response back from the domain controller then mail flow will start to slow down and mail could start getting backed up in the submission queue.
the recommended approach for sub-policies is to use the email address of the sender (if you filter for outbound mail) or the email address of the recipient (if it is inbound mail). you can use wild cards in the filter as well. by doing this you allow msme to process emails more efficiently. also the reason the approach is faster is that msme scans at the transport layer and by the time the email gets to msme the email address has been set in the header (especially for internal emails) so it is much easier for msme to get the email address over checking if a user is part of an ad group.
what version of exchange is this?
what version of msme?
with exchange 2016 you don't want to use ad groups when setting up the sub-policies. the reason is that for every email that comes through, msme will have to take each email address and do a lookup to AD to verify the user is in the group. if for any reason there is a delay getting a response back from the domain controller then mail flow will start to slow down and mail could start getting backed up in the submission queue.
the recommended approach for sub-policies is to use the email address of the sender (if you filter for outbound mail) or the email address of the recipient (if it is inbound mail). you can use wild cards in the filter as well. by doing this you allow msme to process emails more efficiently. also the reason the approach is faster is that msme scans at the transport layer and by the time the email gets to msme the email address has been set in the header (especially for internal emails) so it is much easier for msme to get the email address over checking if a user is part of an ad group.
those events indicate the url scanner wasn't able to get info on the url being scanned. either it caused an issue with the scanner or msme didn't get a proper reply back from the database. the only way to see what is going on would be to look at debug logs when one of those emails comes through.
with regards to handling the unknown/empty events.. msme would log the info and send the email to the next scanner. there isn't a way to do anything further from the url scanner.
if you are getting alot of these events then i would suggest to open a support ticket so it can be looked into further
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA