Sad news I heard today: ORDB.org is shutting down! I consider ORDB one of the finest tools to fight spam, I configured it a couple of times in Sybari Advanced Spam Manager.

We regret to inform you that ORDB.org, at the ripe age of five and a half, is shutting down. It’s been a case of a long goodbye as very little work has gone into maintaining ORDB for a while. Our volunteer staff has been pre-occupied with other aspects of their lives. In addition, the general consensus within the team is that open relay RBLs are no longer the most effective way of preventing spam from entering your network as spammers have changed tactics in recent years, as have the anti-spam community.

We encourage system owners to remove ORDB checks from their mailers immediately and start investigating alternative methods of spam filtering. We recommend a combination involving greylisting and content-based analysis (such as the dspam project, bmf or Spam Assassin).

DNS and the mailing lists will vanish today, December 18, 2006.

This website will vanish by December 31, 2006.

Technorati : ordb, spam
Del.icio.us : ordb, spam

If you’re a fan of Windows Desktop Search, there’s a new cool download for you: Windows Desktop Search: Add-in for Outlook saved mail (.msg file) indexing.

No Desktop Search engine ever convinced me. Call me old-fashioned, but I still prefer to use Lookout .

Overview
This iFilter allows you to perform a search on all elements of your MSG (.MSG) files including Message Body; Subject; From; From Name; From Address; To Name; To Address; CC Name; CC Address; Doc Title Prefix; Sent Date; Received Date; Primary Date; Conversation ID; Attachment Names and will indicate if an attachment is present within the .MSG. Additionally, content within attachments are indexed and searched.

By downloading this iFilter, Outlook .MSG files will be indexed by Windows Desktop Search when your PC is idle, or when you select to ‘Index Now’. Once the index is updated you can immediately search your .MSG files.

System Requirements

• Supported Operating Systems: Windows 2000 Service Pack 4; Windows Server 2003; Windows Server 2003 Service Pack 1; Windows Vista; Windows XP Service Pack 1; Windows XP Service Pack 2
• Requires any of these: Windows Desktop Search 02.06.5000.xxxx, Windows Desktop Search 02.06.6000.xxxx, or Windows Desktop Search 03.00.0000.xxxx and Microsoft Outlook 2000, Microsoft Outlook 2002, or Microsoft Outlook 2003.

Technorati : outlook, windows desktop search
Del.icio.us : outlook, windows desktop search

What’s the most secure and recommended way of publishing Exchange on the Internet? ISA Server on the DMZ and both the front-end and the back-end on the internal network. There’s no doubt about that!

So, in the project I’ve been describing in the last posts I had to publish Exchange 2003 Outlook Web Access. This is what I installed:

• ISA Server 2006 Standard Edition installed in the DMZ, out of the domain, just in a workgroup configuration.
• Exchange Server 2003 Standard Edition as a front-end.
• Exchange Server 2003 Enterprise Edition, 2 node cluster as a back-end.
• External Firewall open TCP ports: 80, 443.
• Internal Firewall open TCP ports: 443.

Microsoft has a technical article with the step-by-step configuration, Publishing Exchange Server 2003 with ISA Server 2006. I followed every step described in this document, but I had to make a change in one of the steps. ISA Server 2006 in a workgroup configuration won’t do the pre-authentication, so you have 2 alternatives:

1. Use RADIUS authentication;
2. Modify the publishing rule.

I decided for the latest, so, although I used Forms Based Authentication, the rule was configured for All Users and not for Authenticated Users. sure you loose some security, but from an Administration point of view is much simpler than implementing RADIUS or IAS.
A final word, with ISA Server 2006 you get the Forms Based Authentication screen from Exchange 2007, even if you use Exchange 2003.

Technorati : exchange server, isa server, owa
Del.icio.us : exchange server, isa server, owa

There are so many Exchange Public Folders tools. Probably too many. One can’t help getting confused with the different tools and different versions available. Microsoft Exchange Team has a great post in their blog about the subject: Confused by different public folder tools?

I read it very carefully, but I must confess I was still confused even after reading it. My main objective was to migrate PF permissions, after having replicated all the Public Folders with the InterOrg Replication Tool. PFDavAdmin seemed to be the right solution, so I decided to give it a try. No success, the tool didn’t work with groups, only with user accounts.

My second try involved exporting PF ACLs with PFInfo and then importing them with PFAdmin. Again, it didn’t work because PFInfo doesn’t export the full path of the Public Folders, so I got some errors.

At the end, I used an export from PFDavAdmin, made some tweaking in the export file and I successfully imported ACLs with PFAdmin. The trick is to remove “Public Folders” from the path of the export file (Public Folders\Folder1\Folder2 become just Folder1\Folder2).

Every case is a different case. Maybe next time I’ll come up with a different solution. This one worked for me, so I decided to share it with all of you.

Technorati : exchange server, pfadmin, pfdavadmin, pfinfo, public folders
Del.icio.us : exchange server, pfadmin, pfdavadmin, pfinfo, public folders

In a previous post, Notes from the field - migration tools, I mentioned that Microsoft provides all the tools you’ll need in order to achieve a successful inter-forest migration.

Well, there’s no way that these tools could cover all the aspects involved, so one solution is to use scripting. But since I prefer to do things with the least effort possible, I like to first investigate a little bit in order to find some better solution for my challenges.

During one of these searches, a colleague of mine, fellow MVP Alexandre Janeiro, found 2 cool tools, AdFind and AdMod, developed by Joe, a Microsoft MVP for Windows Server Directory Services.

• AdFind - Command line Active Directory query tool. Mixture of ldapsearch, search.vbs, ldp, dsquery, and dsget tools with a ton of other cool features thrown in for good measure.
• AdMod - Command line Active Directory modification tool. This is the natural extension to AdFind. I just took a long time to put it together. I was primarily prompted by dsmod,dsmove,dsrm.exe not being what I wanted them to be when I wanted them to be.

In my particular situation, I used these tools to remove the smtp proxyaddresses of the old domain. Here is the complete command line I used:

adfind -default -rb ou=MIGRATION -f “(proxyaddresses=smtp:*@olddomain.com)” -mvfilter proxyaddresses=@olddomain.com proxyaddresses -adcsv | admod proxyaddresses:-:{{proxyaddresses}} -unsafe

Technorati : adfind, admod, exchange server, tools
Del.icio.us : adfind, admod, exchange server, tools

Are you worried about spam? Of course you are. Do you want to contribute to a world free from this plague? Well, now you can. If you use Outlook 2003 or 2007, you can download the Junk E-mail Reporting Tool v1.1 and submit spam messages that aren’t caught by the built-in Outlook Junk E-mail filter.

The tool adds a toolbar button that quickly allows you to report a message as Junk.

The messages reported this way will be sent to abuse@frontbridge.com, where probably they will be used to more accurately define what is or what is not unsolicited commercial email.

If you have previously installed version 1.0 of this tool, you’ll have to first uninstall it by using Add/Remove programs.

Overview
The Junk E-mail Reporting Tool submits e-mail to Microsoft when you explicitly choose to do so. If you receive a junk e-mail and want to report it to us for analysis, first select the e-mail in Outlook and then click the junk e-mail button on your tool bar. You will see a pop-up window asking whether you want to report the selected e-mail to Microsoft and its affiliates. When you click “Yes” to confirm that you’d like to report the selected e-mail as junk e-mail, the junk e-mail will be deleted from your Inbox and sent to FrontBridge, a Microsoft company, for analysis to help us improve the effectiveness of our junk e-mail filtering technologies.

System Requirements
Supported Operating Systems: Windows Vista; Windows XP
Microsoft Office Outlook 2003 or Microsoft Office Outlook 2007

Technorati : exchange server, junk e-mail, outlook, spam

During the migration project I was involved in, I did a lot of scripting. There are a lot of tasks that can only be done by extensive manual labor or by a script. I prefer this last option!

One of the tasks I had to do was to create a lot of mail-enabled contacts in the Active Directory. The script that does this reads the information needed from a text file and the creates the AD objects. The text file has the following format:

name;e-mail

And here’s the VBScipt that does all the work:

Option Explicit
Const ForReading = 1
Const ForWriting = 2

Dim objFSO, objFileIn, objOU, objUser
Dim MyArray, strName, strMail

On Error Resume Next
Set objFSO = CreateObject(”Scripting.FileSystemObject”)
Set objFileIn = objFSO.OpenTextFile(”INPUT_FILE.txt”, ForReading, True)

Set objOU = GetObject(”LDAP://ou=Contacts,dc=domain,dc=com“)

Do While Not objFileIn.AtEndofStream
MyArray = Split(objFileIn.ReadLine, “;”, -1, 1)
strName = MyArray(0))
strMail = MyArray(1)

Set objUser = objOU.Create(”contact”, strName)
objUser.Put “Description”, strName
objUser.Put “Mail”, strMail
objUser.SetInfo

Loop

objFileIn.Close
objFileOut.Close

Technorati : active directory, script

TechNet Magazine is a great source of technical information. It covers most of Microsoft technologies, so every month there’s an interesting article, no matter what Microsoft software you’re interested in.

There’s no secret that I’m a big fan of Exchange Server and everything that’s related with it. In the January 2007 edition I found 2 great articles that deserve a careful reading:

• Exchange Queue & A, KC Lemson and Paul Bowden - Hello, and welcome to the first installment of Exchange Queue and A! We’re kicking off with a series of questions that, to be honest, we came up with ourselves, so it’s probably unfair to position this as a genuine question-and-answer column because it’s only Q&A insofar as the Qs and As happen in an echo chamber.

• Windows PowerShell Constructs, Don Jones - Last month, I showed you some ways in which Windows PowerShell could be put to immediate use solving administrative tasks-without actually writing any scripts. However, while Windows PowerShell is an excellent interactive shell, you can really take advantage of its capabilities and automate more complex tasks when you start to utilize its powerful-yet simple-scripting language.

Technorati : exchange server, powershell, technet
Del.icio.us : exchange server, powershell, technet

I’ve been recently involved in a major migration project for a utility company here in my home country. There were lots of aspects to cover, but the most fun were of course Active Directory and Exchange. Basically we had to move an entire Microsoft infra-structure from the old AD forest to a different one that already existed.

Microsoft provides every tool you’ll need for this kind of migration, although there are some great third-party software that can make your life a little bit easier. But since I like to do things the hard way (and the cheapest way), the tools I used were 100% Microsoft. Here’s the complete set:

• Active Directory Migration Tool (ADMT) v.3: don’t even think in doing an inter-forest migration without this neat tool. It provides complete user, group and computer migration. For the users there’s an option to migrate passwords and to keep the old SID. And for the computers, the tool will translate all the security information in the disk, in order to match the new domain, so you get to keep the old user profiles.
• Exchange Migration Wizard (MailMig): After migrating the users, it’s time to migrate their mailboxes. Exchange to Exchange migration is really easy, although the process can be a little bit slow. I strongly advise you a 2-step procedure, extracting first all the information to .PST files and then importing them to the new server. All the old e-mail aliases are kept. MailMig is included in a typical Exchange server installation.
• Exchange Profile Redirector (ExProfre): Updates Outlook profiles after moving mailboxes across Exchange organizations or administrative groups. Just run it in the logon script, and the user won’t even notice he changed Exchange server.
• InterOrg Replication Tool: Use it to replicate Public Folder content from one Exchange Organization to the new one. The tool also supports replication of free/busy information.
• PFAdmin: It’s never easy to migrate Public Folder permissions. I used PFAdmin with success. I’ll explain how in a different post.

Technorati : active directory, admt, exchange server, mailmig, migration, pfadmin
Del.icio.us : active directory, admt, exchange server, mailmig, migration, pfadmin

You must be out of this world if you don’t know what a mobile device is. And you don’t even have to be a computer geek to have previously tried one of these babies, since they are so widely spread by now.

But just to be safe, Microsoft thought it was better to publish some additional information about these tiny computers, so they came up with this new technical document: Mobile Devices Overview. It’s a 2 page PowerPoint document where you’ll learn what mobile devices can do, how they compare to desktop and laptop computers, and how you can use them in your daily work.

Of course that one of the main benefit it’s the access to e-mail:

E-Mail Access: You are traveling between work sites and need information. With your mobile device, you can use e-mail while waiting to board a plane, while riding a shuttle, or while getting food at a cafeteria.

Technorati : mobile devices
Del.icio.us : mobile devices