 |
Exchange 2000/3 Server
Section
|
|
Table of Contents
-
Configuring and Securing Microsoft Exchange 2000 Server and
Clients (White Paper)
-
Quick Start for SMIME in Exchange Server 2003 (White Paper)
-
Exchange 2003 Tools and Updates Package
-
What's New in Exchange 2003
-
Live Communications Server 2003 Document: Migration Guide
-
Operating Live Communications Server 2003 at Microsoft
-
-
Free White Paper on Exchange 2003 Deployment
-
Filtering Messages in Exchange 2003
-
Exchange/Outlook 2003 and RPC over HTTPS
-
Setup and Use the Exchange 2000 Offline Address Book
-
How to hide the Internet Newsgroups folder
-
Publishing Exchange 2000 Outlook Web Access with ISA Server (ISAServer.org)
-
Customizing OWA 2000 Access
-
Speeding Up OWA 2000's Initial-Page Access
-
Reduced the Opening High-Numbered Ports When Using OWA 2000 in a
DMZ
-
Disclaimers on Exchange 2000 Messages (ExchangeAdmin.com)
-
PST Files vs OST Files for Backups (ExchangeAdmin.com)
-
Eseutil: Handle with Care (ExchangeAdmin.com)
-
Protect Your Instant Messaging (ExchangeAdmin.com)
-
How to Remove the Last Exchange 5.5 Server (ExchangeAdmin.com)
-
Capturing Conferencing Server Video Sessions (ExchangeAdmin.com)
-
Developing Custom Forms in Outlook 2002 (Part 1)
-
Developing Custom Forms in Outlook 2002 (Part 2)
-
Load Testing Exchange 2000
-
Configuring Exchange Server NOT to be an
Open-Relay
-
Install Exchange 2000 on Win
Server 2003
-
Instant Messenger Security Primer
-
Using Windows Update on an Exchange 2000 Server
Use LoadSim to push your Exchange servers to the limit and gather
a wealth of useful performance information.
-
ANTISPAM HONEYPOTS GIVE SPAMMERS HEADACHES
Filtering spam is a good idea, but keeping filtering rules
up-to-date without eliminating legitimate email traffic takes
skill and effort. In addition to using mail filter software, you
can fight spam in other ways, such as by using an antispam
honeypot.
As you know, honeypots are traps or decoys that deliberately lure
intruders to help prevent unwanted activity against network
sources. Honeypots also gather forensic evidence, thereby helping
us better understand intruder methodologies. Other Windows & .NET
Magazine authors and I have written about various types of
honeypots in use today. You can find links to honeypot-related
articles at the URLs
below:
http://www.secadministrator.com/articles/index.cfm?articleid=26114
http://www.secadministrator.com/articles/index.cfm?articleid=25679
http://www.secadministrator.com/articles/index.cfm?articleid=22911
http://search.winnetmag.com/query.html?col=secadmin&qt=honeypot
Last week, Security UPDATE reader Brad Spencer brought antispam
honeypots to my attention. Antispam honeypots are services that
pose as legitimate mail servers to thwart spammers. Spencer, who
runs an antispam honeypot (see the first URL below), described to
me what antispam honeypots do, how they operate, and where you can
get one or find out how to build one. According to Spencer, the
real heroes of this technology are Michael Tokarev, who operated
an antispam honeypot in Russia (see the second URL below) and Jack
Cleaver, whose program you'll read more about in a moment.
http://fightrelayspam.homestead.com
http://www.corpit.ru/cgi-bin/h0n5yp0t
An antispam honeypot operation first detects potential spammers,
then thwarts their efforts to send spam through the mail server.
Spammers often use mail systems that allow open mail relaying to
deliver spam. An open relay lets anyone use the mail server to
deliver email messages to anyone else, which is a spammer's dream.
In the past, people offered open relays as a courtesy to Internet
users to help facilitate easy email delivery. Now, operating an
open relay will eventually land your mail server on a blacklist
that might prevent legitimate email from arriving at your system.
For more information about blacklists, visit the Mail Abuse
Prevention System (MAPS) Web site at the URL below.
http://west1.mail-abuse.org
Typically, spammers test a mail server for open relaying by simply
sending themselves an email message. If the spammer receives the
email message, the mail server obviously allows open relaying.
Honeypot operators, however, can use the relay test to thwart
spammers. The honeypot catches the relay test email message,
returns the test email message, and subsequently blocks all other
email messages from that spammer. Spammers continue to use the
antispam honeypot for spamming, but the spam is never delivered.
Meanwhile, the honeypot operator can notify spammers' ISPs and
have their Internet accounts canceled. If honeypot operators
detect spammers who use open-proxy servers, they can also notify
the proxy server operator to lock down the server to prevent
further misuse.
If enough users take time to operate antispam honeypots and
contact ISPs and open-proxy server operators, they'll
systematically make spamming more difficult. Spencer believes that
eventually spammers will find it so hard to distinguish honeypots
from actual open relays that at least some of them might quit such
activities altogether.
Two tools that can help you set up and run an antispam honeypot
are a Windows-based version of Sendmail (see the first URL below)
specifically configured as a honeypot and Cleaver's Jackpot
Mailswerver program (see the second URL below). Jackpot is written
in Java and runs on any system that supports the Java platform.
http://www.sendmail.com
http://jackpot.uk.net
Spencer uses a UNIX-based version of Sendmail to operate his
antispam honeypot. (I haven't used the Windows version recently
but assume that it's still a direct port that works well.) Spencer
details his configuration methods for using Sendmail on his
related Web page. Spencer also describes what happens when you
operate Sendmail as he does and what to do when Sendmail traps a
potential spammer's message.
Jackpot is an SMTP mail server that prevents spam delivery and
saves mail traffic information for evidence and research. Jackpot
also creates Web-based reports that simplify analysis and
tracking. Cleaver writes, "Jackpot saves full details of all spam
mail submitted to it as a collection of web-pages. The information
is organized into lists, with messages sent from a given host
grouped on a page. Jackpot tries to gather some information about
the host that sent the spam ... [it also checks to see] if the
source [of potential spam] is a known open-proxy or a [known spam
operation and uses sources such as] abuse.net to see whether
there's a registered [mail] abuse address for the host."
Spencer mentions two additional resources that can help thwart
spam: SpamNet and Distributed Checksum Clearinghouse (DCC).
According to its Web site, Vipul's Razor, commonly know as SpamNet
(see the first URL below), "establishes a distributed and
constantly updating catalogue of spam in propagation. Clients use
this catalogue to filter out known spam." According to the DCC Web
page (see the second URL below), DCC resembles SpamNet in that
it's "a system of many clients and more than 90 servers that
collects and counts checksums related to several million mail
messages per day, [mostly] as seen by Internet Service Providers."
SMTP servers and mail user agents can use the counts to "detect
and reject or filter spam or unsolicited bulk mail."
http://razor.sourceforge.net/
http://www.rhyolite.com/antispam/dcc/
To help prevent spam, explore the resources I've mentioned in this
article and consider using them on your networks. Thanks to Brad
Spencer for his help
- Anti-Spam Software
Spam Assault! v1.2 [1.0M] W9x/2k/XP US$9.90
Spam Assault! filters and blocks junk e-mail by detecting bogus
Reply To addresses, filtering spam keywords (such as "free" or
"bankrupt"), blocking an unlimited number of identified spam
senders, and by blocking an unlimited number of identified spam
domain names. The program maintains a Save List of valid
addresses. Each time you receive a message from a valid sender,
mark it for the Save List. Any future e-mail from that address
will be automatically saved, regardless of any "filtered" content.
SpamAssault! will remove about 90% of spam within two weeks of
daily usage.
http://www.gnomedownloads.com/Internet/EMail-AntiSpam/spam-assault.html
SpamPal v1.06 [777k] W9x/2k/XP FREE
I hate receiving spam, but then, who doesn't? You hear a lot
about spam-fighting products like Spam Assassin, which is a great
product as long as you modify the base configuration.
Otherwise, you could (with the base configuration) say goodbye to
your Lockergnome newsletters along with most other HTML-based
newsletters, because Spam Assassin is based on points... and HTML
e-mails rack up a ton of points. Some ISPs only give you the
choice of turning Spam Assassin on or off, but you can't configure
it not to block respectable publishers like Lockergnome. Don't
worry. I have a solution for you in the form of SpamPal. "SpamPal is
a mail classification program that can help separate your spam from
the mail you really want to read." You set up SpamPal to check your
e-mail against any number of the freely-usable "blocking lists" (DNSBL
lists). You control the "whitelist," so you can approve anyone you
want to receive e-mail from, regardless of whether they are on a
blocking list or not. People and mail servers with whom you
correspond frequently are Automatically Whitelisted - without you
having to lift a finger! If someone isn't on any of your blocking
lists but you think the e-mail should be blocked, then just add them
to your local "blacklist." If you don't want to automatically delete
the spam then you can have the program put "**SPAM**" in the subject
of the message so you can set a mailbox rule to filter your possible
spam from the rest of your Inbox. These are just some of the
features and if you hate spam, then I would certainly encourage you
to download SpamPal.
http://www.spampal.org.uk/
- Spell-Checkers of OWA
http://www.messageware.com
http://www.spellchecker.com
-
After I installing Microsoft Exchange Server 2003 a my domain
controller (DC), the will DC take a long time to shut down
Exchange relies heavily on Active Directory (AD) and uses several
services to optimize AD communication. One of these services is the
DSAccess service, which provides a cache of information from AD to
various Exchange components, including the Information Store (IS), the
Message Transfer Agent (MTA), and any other component that requires AD
information. By recovering cached AD information, Exchange requires
fewer direct queries to the DCs.
When you shut down a Windows Server 2003 DC, its services stop very
quickly--faster than Windows 2000 services shut down, which is why
this problem appears to be new to Windows 2003. An example of one such
affected service is the Local Security Authority Subsystem (LSASS).
DSAccess uses this service heavily. Because this service stops before
DSAccess can stop cleanly, the DSAccess service goes through several
timeouts before the system can shut down (these timeouts are set to 10
minutes by default). Other Exchange services have a similar problem,
causing even longer delays.
To resolve these delays, you can create a script that you manually run
before stopping your computer, and the script will stop each Exchange
service cleanly because AD is still running. Sample content for the
script might include
net stop msexchangeis
net stop msexchangemta
net stop msexchangemgmt
net stop msexchangesa
net stop resvc
net stop smtpsvc
net stop w3svc
net stop httpfilter
net stop http
net stop iisadmin
net stop winhttpautoproxysvc
You can also add the Shutdown command to the end of your script to
automate the whole shutdown and restart process.
Another approach is to change the amount of time Windows 2003 waits
before killing a service that's not responding. To adjust this timeout
period, perform the following steps:
1. Start a registry editor (e.g., regedit.exe).
2. Navigate to the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control registry subkey.
3. Double-click WaitToKillServiceTimeout.
4. Change the value from the default of 600000 (10 minutes) to
something else (e.g., 20000 for 20 seconds), then click OK.
5. Close the registry editor.
Be aware that changing this registry value will change the wait period
for all services to stop, so setting this value too low might cause
problems with services if the OS is killing them before they can
cleanly finish.
-
Outlook Personal Folders Backup Add-in
- Using a Shortcut to Generate a
Message
You can I add a shortcut on my Send To menu to send a file as an
email attachment to a particular person. As you probably know,
Windows generates the Send To menu from a group of shortcuts in the
user's SendTo folder, which usually is a subfolder of the user's
Windows profile folder. To create a Send To shortcut that displays a
message to a particular person, create a Windows shortcut in the
SendTo folder that uses as the target the command
"C:\program files\microsoft office\office\outlook.exe" /c ipm.note
/m somebody@somewhere.com
where the path to outlook.exe is adjusted to fit your system and you
replace somebody@somewhere.com with the actual name or address of
the person you want to send to. If the name or address contains
spaces, enclose it with quotation marks. The shortcut lets you
generate a mail message by right-clicking any file.
- Problems
with PST file burnt to a CD-ROM
If you export Outlook data to a Personal Folders (.pst) file, but
you might find that you can't import from that .pst file back into
Outlook. You will get a pop-up message that says "Properties for
this information service must be defined prior to use," followed by
a second pop-up message that says "File access is denied. You do not
have the permission required to access the file.This situation
typically occurs when a user burns a .pst file to a CD-ROM for safe
long-term storage. Outlook requires write access to a .pst file;
otherwise, you'll see those two pop-up messages. The solution is to
make sure the .pst file is on a drive on which the user has write
access, then check the file's properties to make sure it isn't
marked for read-only access.
- Microsoft
connects Outlook to Lotus Domino
This weekend, Microsoft released a software update for Microsoft
Outlook 2002 email and personal information manager (PIM) software
that lets the product connect to servers running IBM's Lotus Domino,
the major competitor to Microsoft Exchange Server. The Microsoft
Outlook 2002 Connector lets Outlook users access email, calendar,
address book, and task information stored on servers running Lotus
Domino Release 5. Microsoft created the product with the cooperation
of developers at IBM.
"Many of our customers with Domino servers have told us they would
like to give their employees the opportunity to use the latest
version of Outlook," said Ralf Harteneck, corporate vice president
of the Communication and Meeting Services Group at Microsoft.
"Microsoft strives to make Office and its family of applications as
valuable as possible in a variety of IT infrastructures. The
Connector is one way we're doing that and addressing the needs of
those customers."
Any Outlook 2002 (or Office XP) user can use the Outlook 2002
Connector. The update is a free download available from the
Microsoft
Web site.
http://www.microsoft.com/office/ork/xp/journ/outxpcon.htm
- ADDING
A RECIPIENT TO THE SEND TO MENU
As you probably know, Windows generates the Send To menu from a
group of shortcuts in the user's SendTo folder, which typically is
in the user's Windows profile folder. To create a Send To shortcut
that points to a particular person, create a Windows shortcut in the
SendTo folder that uses as the target the command
"C:\program files\microsoft office\office\outlook.exe" /c ipm.note
/m somebody@somewhere.com
The path to outlook.exe should reflect that file's location on your
system, and somebody@somewhere.com is the name or address of the
person for whom you want to add a shortcut. If the name or address
contains spaces, enclose it with quotation marks. You can then
right-click any file, choose the recipient's name from the Send To
menu, and send the file to that person.
- How can
to remove the M drive from Microsoft Exchange 2000 Server
|
| |
|
