My.User@domain.com
mail.domain.com #<mail.domain.com #5.7.1 smtp; 550 5.7.1 Message rejected as spam by Content Filtering.> #SMTP#

Don’t ask me why Microsoft has buried this feature! From what I can tell, the only way to whitelist in Exchange 2010 is through the Powershell – not the GUI.  Thanks to Chris Caldwell for the fix.

Specific Address

$list = (Get-ContentFilterConfig).BypassedSenders
$list.add("new.mail@address.com")
Set-ContentFilterConfig -BypassedSenders $list

Entire Domain

$list = (Get-ContentFilterConfig).BypassedSenderDomains
$list.add("domain.com")
Set-ContentFilterConfig -BypassedSenderDomains $list

 Verfiy

Get-ContentFilterConfig

Not 15 minutes later, a user came in to my office saying his Calendar wasn’t syncing on his Montorola DroidX any longer.  After a little research, it turns out the last successful sync was minutes before the SP1 installation completed.  Other iPhones and SmartPhones seemed to working.  For reference, he was running the native ActiveSync version 2.2.1.  Again, there were lots of postings regarding this issue, but here is how we solved ours:

OUR SOLUTION

1.  I was able to make a test “Exchange ActiveSync Mailbox Policy” under ORGANIZATION CONFIGURATION>CLIENT ACCESS. 

2.  Then I set the Exchange ActiveSync properites under the Features Tab of his mailbox to use the test policy created first.

3.  Then I had the user delete his Exchange Account and recreate.  Because this is a sycronized copy, the user should not lose any information. 

Becausse this worked, and I couldn’t find any differences between the default policy and the test policy, I recreated the default policy.

Constant polling in Push mode

The first thing we detirmined was that the phone was constantly polling the exchange OMA (Outlook Mobile Access) website of the exchange server.  This was both visible and audible if you are near a set of computer spearker that can pick up the iPhones RF.  Switching the ActiveSync mode to Fetch, did indeed resolve the battery issue, but it simply masks the problem.  If you are an Exchange Administrator or have a good relationship with one, you can verify this is an issue by checking the Excahnge OMA website logs in iis.  These are difficult to read, but for a medium sized business, you’ll see a noticable increase in the traffic to that website, as the iPhone polls iis constantly.  This might also be noticalbe in Firewall https logs.

Resolution

We found the problem to be caused by a corrupt “Meeting Request” in the users mailbox.  The phone was not able to open this and process automatically, thus causing an error and the ActiveSync polling to restart.  No other functionality seemed to be impared, only that ActiveSync push would constantly fire, due to an inability to sync all mail items. 

1) To eliminate it, we sorted the Users Inbox by Type in outlook. 

2) We then deleted all the meeting or calendar mail requests. 

3) Empty the deleted items as well to completely remove the corrupt invititation.

4) Deleted the iPhones Exchange Account, recreated it, and let the mail sync up.

Once you delete the account, you can recreate it using the AT&T infomration below.  No data will be lost, as this is simply a syncronized copy of the exchange server.

AT&T Support On-Line

After performing a clean install of Microsoft Office 2008, Entourage began to give me the following error:

“Unable to establish a secure connection to servername because the correct root certificate is not installed.”

I followed various post regarding installing our Exchange Server’s certificate.   After installing this, I began to receive this error:

“Unable to establish a secure connection to servername because the server name or IP address does not match the name or IP address on the server’s certificate. If you continue, the information you view and send will be encrypted, but will not be secure.”

Clicking okay, will allow Entourage to connect – but the error will return and is annoying.

However, the error continued.  After much experimenting, I was able to resolve the issue, but the error is so ambigous, that it can be caused from several different misconfigurations.  

If you desire to use SSL, your server must have a valid certificate.  If the certificate is through a public provider, I don’t believe you will not need to install any certificates at all.  If your system admin has provided you a private certificate you will need to install it into Keychain Access.  Install it to system chain if all users on the computer will need it, or to login chain if only you need it.  There are several documents on the web for doing this.  However, if you have installed the certificate, and you still recieve this error, read on.

RESOLUTION
Several blogs have discussed the new AutoDiscovery Service issue within Exchange 2007, however we use Exchange 2003.  

The problem with my Entourage was being caused by our domain structure.  The hardware firewall passes mail ports to the Exchange server.  The Exchange server has a public accessible Security Certificate through GO DADDY.  

However, the LDAP port is forwarded to the domain controller running the Active Directory.  Because in our setup, we don’t publish a separate internet host record the LDAP (for example ldap.mydomain.com), there is no way for the machine name listed in the certificate for mail.mydomain.com to match 2 different machines (the Exchange server and LDAP server).  Therefore the error is valid, and not a Microsoft bug in Office/Entourage.

Since the LDAP lookup is what was causing the error, the error would not popup until a lookup function was needed.  Because of this, it was possible to have Entourage sessions without getting this dialog.  In order to prevent this error, do not require LDAP functions to connect sercurely.  

1. Under the ENTOURAGE menu select ACCOUNT SETTINGS
2. Double click your Exchange Account.
3. Select the Advanced Tab under the EDIT ACCOUNT dialog.
4. Ensure “This LDAP server requires a secure connection (SSL)” is NOT selected.

All mail activity is still handled through an SSL secure connection to the Exchange server.  Only directory lookup function is changed.  Some organizations allow non-secure LDAP access, if yours does not and you are using a separate server for LDAP functions.  Then it will be necessary to obtain a certificate that has a matching internet host record to machine name.   You can also ignore the dialog box safely – though it is very inconvenient.

You can also use this procedure to ensure the error is being caused by LDAP functions.

CONCLUSION
At the very least, I can reassure you that OSX 10.5.6 and Microsoft Office for the Mac (Entourage) 12.1.5 do work together without error.  Microsoft has fixed whatever error/bug was involved, so don’t give up trying to resolve it.  And definitely don’t wait in vain for Microsoft’s next update to do so.