5.7.1 smtp; 550 5.7.1 Message rejected as spam by Content Filtering.

A third party daily report has been configured to send to a customer and it has been rejected by customer's Exchange server 2007 (sp3) with below error:
#5.7.1 smtp; 550 5.7.1 Message rejected as spam by Content Filtering.

An useful discussion:

How to Specify Recipient and Sender Exceptions for Content Filtering

Use Exchange shell to make some change on the server:

1.Added recipient's email to the recipients exception list of content filter
Set-ContentFilterConfig -BypassedRecipients tiffany@contoso.com

2.Added domain examplesender to the allow list.
Set-ContentFilterConfig -BypassedSenderDomains examplesender.com

3.Added the sender email  to the allow list.
Set-ContentFilterConfig -BypassedSenders someone@examplesender.com

Another thing worth to try is to use Exchange console to add  the daily report title as the keyword of  content filter exception


Some PowerShell scripts to query Exchange server

Some PowerShell scripts to query Exchange server.

They need to executed them in the Exchange Management Console .
·         check the current message tracking settings
get-transportserver your-server-name | fl *Message*

Note, by default Exchange 2007/2010 has the message tracking enabled and the server keeps log files for recent 30 days only.

·         List all mailboxes and size:
Get-MailboxDatabase "your Mailbox Database name" | Get-MailboxStatistics | Sort totalitemsize -desc | ft displayname, totalitemsize, itemcount

·         Show sum of mailboxes:
Get-Mailbox -Database "your Mailbox Database name" | Get-MailboxStatistics | %{$_.TotalItemSize.Value.ToMB()} | Measure-Object -sum  -average -max -min

·         Show received mails statistics during a given period:
Get-MessageTrackingLog -Server your-server-name -EventID receive -Start 13/10/2012 -End 11/11/2012 -resultsize unlimited |Select-Object TotalBytes | Measure-Object -Property TotalBytes -maximum -minimum -average –sum

·         Show received mails statistics during a given period:
Get-MessageTrackingLog -Server your-server-name -EventID send -Start 13/10/2012 -End 11/11/2012 -resultsize unlimited |Select-Object TotalBytes | Measure-Object -Property TotalBytes -maximum -minimum -average -sum



MAP Toolkit Useful References


which log to use for log parsing:

Transforming SCCM Data into License Intelligence


Using Microsoft SCCM for SAM


Flexera Software’s Vincent Brasseur, Director of Product Management,
Microsoft’s SCCM is the market leader in desktop software deployment, configuration management and inventory collection. The raw software inventory data is used primarily for day to day software deployment operations but has limited value for software asset management and license optimization.
SCCM provides application recognition capability, which is necessary to get a usable understanding of what software is installed across the IT estate. SCCM’s inventory agent can also collect application usage data, which shows what software is not only installed but actually being used. All of these are important pieces of an overall software asset management (SAM) and license optimization program, but knowing what is installed is only the first step in the process.
For end-to-end software asset management and license optimization, additional features are needed that do not exist today in SCCM. They are delivered by other tools that integrate with SCCM and use it as an inventory and application usage data source. They provide more extensive license management and license optimization capabilities based on ITIL standards. These tools add some or all of the following capabilities:
  1. Collection of purchasing data from procurement or finance systems and reconciliation of purchased licenses versus installed software. A stock keeping unit (SKU) library is the only reliable way to automate this step by determining exactly what has been purchased according to the PO line item SKUs, and linking those purchases to the installations.
  2. Reconcile inventory and purchasing data with HR and enterprise data. This will add a needed business view to the reports. Licenses, purchase orders, installations and computers can be tied to enterprise groups (locations, cost center, business unit) or identified users.
  3. Provide advanced SAM capabilities. This potentially includes many features, such as reporting on license consumption per enterprise business unit, location, cost center or user, providing an audit trail and historical data on installations and licenses, being able to assign individual licenses to users or devices or allocate a license quantity to a department or a site, calculating the purchase versus installed compliance status of each license based on its metric.
  4. Automated management of license agreements and contracts. This can include such things as wizards to help create contract hierarchies and payment schedules. For Microsoft Enterprise Agreements, next generation software asset management tools can estimate upcoming true-up payments based on software utilization. For Microsoft Select and Select Plus Agreements, the tools can show point consumption over time, for each enrolment.
  5. Track application usage to enable license re-harvesting when there are unused or under-used applications in one area of the organization, and reallocate those licenses to another group. Usage data can also be used to reduce on-going maintenance payments when the software is not even installed, for example.
  6. Application of vendor Product Use Rights to optimize license consumption. By taking advantage of use rights, such as right of second use, multiple installations and downgrade rights, license optimization tools can reduce the number of new licenses that must be purchased at true-ups and renewals.
  7. Recycling of licenses allocated to hardware to be retired. 

Change and Configuration Management tracking software

Change and Configuration Management tracking software

Hi there,
I'd also like to know if there is any software can acheive this.Not sure if it'll help, but we currently do this by a manual process. Essentially, staff are trained that in order to change any configuration, they need to raise a Change Request (Word template), detailing all the details of the change. This is then passed onto the IT person responsible for actually making the change. It's assigned a unique "Change ID", and logged in an excel spreadsheet.
It's a long winded process, that relies on staff being trained to raise change requests, but the end result is that we can look back from histroy of a particular system to see all the changes that were made.
We also have a mechanism that allows for "Emergency Change Requests" that allow us to change first and raise the paperwork later. This is discouraged, but in a true emergency, allows changes to be made quickly.
Hope this helps.
Marked As Answer byKevin RemdeMicrosoft Employee, OwnerMonday, February 28, 2011 1:02 PM

Perhaps you could clarify further what you might expect from a system that "helps us track". If you have diligent engineers then you could track changes in a simple spreadsheet. I like to use a sharepoint discussion list for tracking changes because we can subscribe to the list and receive an email when a change occurs, while also discussing the change and maintaining that discussion in a single location. But then again, we could just setup a mailbox for change tracking and have people write an email to it when they change something.
If you don't have diligent engineers and want to find some software that actually recognizes changes, then you're faced with a very diverse set of options and there really isn't one that is good, inexpensive, and easy to use, that works across all platforms. Since this is a Microsoft Forum I'll say that Microsoft Operations Manager is pretty good. System Center Essentials is fairly inexpensive but their interface is still clunky. For "what happened" type tracking I like to use Splunk. I forward all event logs to it. If you enable auditing on registry keys then those changes land in the logs. If you're running a 2008r2 infrastructure then you can just use its built-in log forwarding for centralized log management. I'm ultimately looking towards something like Tripwire Enterprise for true automated change management.


How to Audit Your Microsoft Software Licenses

How to Audit Your Microsoft Software Licenses

The Microsoft Assessment and Planning (MAP) Toolkit

A Guide to Assessing Windows Server Licensing

Microsoft SAM (Software Asset Management) guide
What a Microsoft Licence Review means for you and your organisation
What’s involved?
Simply put, the SAM Team will ask you to supply information about your software estate, and then check that the software you have installed matches up with the licences you hold (Microsoft licence reviews only encompass Microsoft software and software licences). Microsoft will (or should) work in partnership with you in an open and transparent way, this is a consistent approach with every customer big or small. However, you should be aware that you will need to dedicate some time to completing the review. (Microsoft will ask for around 14 days as an initial benchmark)Your input is vital to ensure accuracy and to enable the Microsoft team working with you to complete the process together as swiftly as possible.

SAM step by step

Third party tools for software asset management

An Audit by Another Name: An Insiders Look at Microsoft’s SAM Engagement Program

How to Set Up an IT Helpdesk for Free



How to change a Symantec Endpoint Protection client from unmanaged to managed

This guide applies to version MR1, MR2,MR3 and later.

1.Get sylink.xml from server

a. for MR1 and MR2 only. Copy of the file Sylink.xml from the server from C:\Program Files\Symantec\Symantec Endpoint Protection Manager\data\outbox\agent\

b. for MR3 and later version. SEP console->clients->right click on the group you want to join the workstation to and choose "export communicaiton settings"->browse and save sylink.xml file

2. On the client computer , click Start > Run, type smc -stop, and click OK.

3. Copy the Sylink.xml into the C:\Program Files\Symantec\Symantec Endpoint Protection folder, and replace any existing Sylink.xml file.

4. Click Start > Run, type smc -start, and click OK.
For more details:


Find Last Reboot Time in Windows 7, Vista and Windows 2008

Find Last Reboot Time in Windows 7, Vista and Windows 2008

Uses WMI command line (WMIC):
wmic OS Get LastBootUpTime

Use command line
systeminfo | find "Up Time"


As a system administrator, from time to time you may facing a problem suchas "How do I prevent users from performing accidental drag and drop operations?"

This issue is mainly due to that some users accidentally move files around when they didn't mean to. They might be clicking on a file, but accidentally drag the mouse while clicking, resulting in the file being dropped into a folder by mistake.
Some may suggest to educate the user to be always careful when drag and drop, but this is actually rarely helpful because sometimes users may not even know they have moved a folder to another folder.
A good approch is to this is to increase the mouse drag sensitivity to require uses to drag the mouse a "definitely not accidental" distance before the system considers a drag operation to be in progress. Depending on your users, you might crank this up to 10, 30, or even 60 pixels.
This can be achived by two methods:
1.Modify System­Parameters­Info, (SPI_SETDRAGWIDTH) and (SPI_SETDRAGHEIGHT). This may need to create a program to implement, ie, a c# program.
This is recommended method.

2.Modify registry key:
HKEY_CURRENT_USER\Control Panel\Desktop\DragHeight
HKEY_CURRENT_USER\Control Panel\Desktop\DragWidth

You can write a script to achive this, or make a reg file and let logon script to load it form every user.
Note that, this method is not recommended.
How do I prevent users from dragging and dropping files in Explorer?

NTFS stop folders being moved
Preventing Accidental "Drag and Drop" in Windows Explorer