Site Sections
Posts
254
Comments
120
Trackbacks
120
August 2006 Entries
Jim McBee on secure messaging

Speaking of things that look good, fire up your browser and head on over to Realtime Nexus to register for a free copy of Exchange MVP Jim McBee's Tips and Tricks Guide to Secure Messaging. Although I find the publisher's format somewhat confusing, Jim's writing more than makes up for it; he's got a thorough discussion of the latest security issues facing Exchange administrators, combined with excellent "how to" guidance on getting it working laced with practical advice gleaned from his years of hands-on experience.

After writing an ebook of my own, I have to admit: Jim makes it look easy. Too easy.

posted @ Thursday, August 10, 2006 1:43 PM | Feedback (0)
Community Server 2.1 is released

CS 2.1 is out, and boy does it look good.

posted @ Thursday, August 10, 2006 1:06 PM | Feedback (0)
Scott Schnoll on Exchange 2007's CCR

Microsoft's Scott Schnoll has just posted a new blogcast demo of the Cluster Continuous Replication (CCR) feature in Exchange 2007. Simply put, CCR is native log shipping for Exchange. Although it requires the Microsoft Cluster Service, it is unlike traditional Shared Copy Clustering (SCC) because it doesn't require the clustered machines to share storage (which means a SAN or iSCSI solution). Instead, transaction logs are replicated across an SMB fileshare and used on the second machine to reconstitute the database.

Scott knows a hell of a lot about Exchange, and has been doing a great job of helping the Exchange 2007 early adopters and reviewers get up to speed on CCR (and Exchange 2007 in general); take a few minutes and watch his blogcast.

posted @ Wednesday, August 09, 2006 10:44 AM | Feedback (1)
Four minor Windows Mobile annoyances

Three of these annoyances are generic Windows Mobile annoyances; the third is a device-specific gripe.

  1. I want to be able to sync my device with multiple machines -- if only so I can keep it charged. Inherent Windows ActiveSync limitation. When I've got at least one desktop and laptop to deal with...
  2. While I'm at it...I want multiple Exchange profiles (and no, IMAP/POP3 doesn't cut it.)
  3. And why can't I sync to Entourage? Windows Mobile devices in many ways are cooler than the Mac-compatible PDA options, and I know several Mac users who'd abandon Palm in a heartbeat if only they could sync with the Mac.
  4. I've been bitten by the dreaded "loose stylus" problem that apparently all of the HTC Wizard-based devices share. In essence, something in the stylus receptacle loosens up over time, and the result is that the stylus drops out. Now I have to find what I did with my spare.
posted @ Tuesday, August 08, 2006 6:30 PM | Feedback (0)
Updated Exchange 2007 Beta 2 Release Notes

Microsoft released an updated version of the release notes for Exchange 2007 Beta 2. They're dated August 3.

Among the changes and clarifications, they've explicitly addressed the whole "which version of Monad/Powershell do I use" issue. I also don't remember seeing this the first time around:

Command line Setup changes If you run Setup from a command prompt, and if you are installing the first Exchange server in the organization, you must include the /OrganizationName parameter to specify the name of your Exchange organization. This is a required parameter, and Setup will fail if it is not included.

posted @ Tuesday, August 08, 2006 11:09 AM | Feedback (0)
Getting the most out of XP

I'd like to welcome my co-worker Ryan Femling to the ranks of the 3Sharp bloggers. I especially enjoy having Ryan onboard here at 3Sharp because, like me, he comes from a background of systems administration. He gets it, man; he's been in the trenches too. (Ask him about the kind of April Fool's Day jokes you can pull off when you have administrative access to SMS...)

Ryan kicks off his blog with a post about how to get the most out of Windows XP. My only quibble -- Symantec Anti-Virus? Dude!

posted @ Tuesday, August 08, 2006 10:29 AM | Feedback (2)
Aw, nuts.

Microsoft pulls the plug on Virtual PC for the Mac.

posted @ Tuesday, August 08, 2006 10:20 AM | Feedback (0)
TCP port 25 considered harmful?

Mailing lists are a great resource, even in this Latter-Day Dispensation of Search Engines and Web Forums. While web forums have their place, there's nothing like being able to carry on an extended conversation in the comfort of your own Inbox. I was inspired by a drive-by comment on a recent thread I participated in to take a step back and examine the practice of port-blocking TCP 25, which is the port used by the Simple Mail Transfer Protocol (SMTP).

posted @ Monday, August 07, 2006 11:20 AM | Feedback (2)
Which version of Powershell do I need for Exchange 2007?

I was working up a post on this very topic when I noticed that Paul beat me to it. No need for me to repeat it...go read him! (And tell him I sent you!)

posted @ Friday, August 04, 2006 3:00 PM | Feedback (0)
And finally...Chapter 6 of Email Discovery and Compliance ebook

At long last, Chapter 6 of the DCAR ebook is up. As always, it's a free download (registration required).

I just exchange some email with my editor and found out that we've so far had over 1100 people register to download the ebook.

Wow. Eleven hundred. Thank you very much, everyone, for registering and reading. I'm blown away. I'd love to hear your comments and thoughts.

posted @ Thursday, August 03, 2006 4:01 PM | Feedback (2)
Free anti-spam on Exchange

There aren't a lot of free alternatives for doing anti-spam on an Exchange box. If you're using Exchange Server 2003, you must of course immediately install SP2 (if you haven't already) and make use of the Intelligent Mail Filter. If you're still using Exchange 2000, though, what do you do? GFI used to offer a free version of their MailEssentials program, but that's been discontinued.

This question just came up on a mailing list I read, and it tickled the back of my head. I thought I remembered seeing news of a SpamAssassin plug-in for Exchange, so I went digging -- and behold the following from Christopher G. Lewis:

So now, using the CDO Message's GetStream method, I could write the message object to a text file, and then using the ADO.Stream's LoadFromFile method I could reload the processed file! Instant SpamAssassin headers.

I've not used it -- so I can't comment on its robustness. It looks like SpamAssasssin on Windows doesn't scale well, so I wouldn't recommend using it on a heavily loaded server, but it's another option for smaller sites that don't have the money to spend on commercial software and don't want to deploy a UNIX box to run as their mail gateway (although if you go that route, I highly recommend Wietse Venema's excellent Postfix MTA.

posted @ Thursday, August 03, 2006 3:11 PM | Feedback (2)
Outlook 2007 cool new thing

Monday, I was helping my new officemate Jeff get Office 2007 Beta 2 installed on his desktop machine[1] and discovered this neat tidbit I wanted to share with you.

For at least the last couple versions of Outlook[2], setting up your Outlook profile to talk to an Exchange server has been relatively trouble-free. You'd select Exchange from the list of choices, you'd fill in your name, you'd fill in the name of your Exchange server, and assuming all your credentials were in order[3], it would find your mailbox and everything would be good, as shown below:

Manual Exchange profile configuration: so last megasecond
Manual Exchange profile configuration: so last megasecond

This process contained a couple of potential road bumps that Microsoft tried to smooth out:

  • Unless you're an Exchange admin, the odds are good that you have no earthly idea what the name of your Exchange server is. Thanks to the magic of MAPI mailbox referral, you can enter any valid Exchange server name (either NetBIOS name or DNS FQDN, and IIRC DNS aliases will work too) and Outlook will be pointed to the correct server.
  • Many users don't know what their username is. You can try entering your real name ("Devin Ganger"), or your Windows account username ("dganger" or, if you have a multi-domain organization and need to specify the domain, "REDMOND\dganger"), or User Principal Name ("dganger@redmond.local"). Again, Outlook could use all of these to find your account in Active Directory and pull down the value it needed.

This has worked so well for me that I never stopped to think: can it get better?

Apparently, the Outlook dev team has, because what Jeff and I found was that Outlook 2007 automatically used his domain credentials to look up his mailbox information in Active Directory and configure his profile. I knew that the combination of Exchange 2007 and Outlook 2007 was supposed to really introduce some nice auto-discovery and configuration options for organizations with complicated deployments, but I didn't realize that Outlook 2007 was making this process easier even against older versions of Exchange 2003.

So if you happen to be a member of the Outlook team and you're reading this, very cool! Thank you!

[1] Normally we don't encourage employees to install beta versions of software onto their production machines, but sometimes the nature of our work requires us to do it. So kids, don't try this at home -- we're paid professionals.

[2] Sorry, I don't really remember how far back this goes.

[3] If you weren't logged in as an account that had access to Exchange, it would prompt you for credentials.

posted @ Tuesday, August 01, 2006 1:59 PM | Feedback (2)
HTTP over HTTP! (No joke!)

One of the drawbacks of working at a company like 3Sharp is that sometimes we get so busy doing everything we do that I don't have enough time during the day to check out all of the new technology I want to. If we get especially crunched, I have time to learn about those things I need to know to meet the next deadline or produce the next deliverable...and I don't always feel like going home and playing with new bits there. (In fact, I rarely feel like it these days; when I'm on the computer at home, I'm blogging or writing.)

As a result, I've just not had the time to play with the beta or release candiate builds of ISA Server 2006. I may have to make some time for it, though, after reading Keith Combs' post about the HTTP over HTTP (his tongue-in-cheek name) feature of ISA Server 2006. The central concept is that instead of publishing a bunch of internal web resources directly to the Internet (even if they're protected by current ISA Server 2004 features, like IP-based access control, and ISA server pre-authentication), you require the user to log into the ISA Server (much like Outlook Web Access). Once they're in, they then have a list of the internal resources they can connect to.

Cool stuff...I'll be reading up on it.

posted @ Tuesday, August 01, 2006 11:03 AM | Feedback (2)
So long, Mom -- I'm off to drop the bomb -- so don't wait up for me!

Damn.

I have no commentary other than Tom Lehrer lyrics. Good luck at Amazon, Jesper, and thanks for all the amazing work you've done for all of us at Microsoft.

posted @ Tuesday, August 01, 2006 10:45 AM | Feedback (0)
News

Devin has moved on
to new adventures.
This blog is preserved
for historical purposes.

Please follow his
personal blog at:
Devin on Earth

Virtual Devin
Article Categories
Archives
Post Categories
Data Protection
DCAR
Exchange
Other
Security
Unified Communications
Windows