RE: Exchange server level encryption-OT

2003-02-26 Thread Chinnery, Paul 
Chris, I take exception to your comments in your second paragraph that the reality is 
that companies don't really care about protecting patient data.  I work in a hospital 
and have met many people from other hospitals through seminars, meetings, etc.  To say 
that we don't care is patently false.  Patient confidentiality is a priority, second 
only to patient care.  Our hospital has zero tolerance for PHI disclosure.  A nurse 
blabs to someone about a patient and boom! she's fired.  I know, I've seen it happen.
The trouble with HIPAA is that they seem to want hospitals and healthcare 
organizations to be almost as secure as the Pentagon.  Our administration hired a big 
name outfit to give their recomendations.  I had to read through 23 documents from 
them.  And some of them, the suggestions, were insane.  One suggested (although it 
said it was optional) searching all purses and bags that patients or visitors to the 
hospital.  I guess they're afraid someone would sneak in a floppy to be used to copy 
patient data.


Paul Chinnery
Network Administrator
Mem Med Ctr


-Original Message-
From: Chris Scharff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 7:10 PM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


Not an expert on the science behind this essay
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403, but the idea
of needing to use nuclear power plants to product the levels of hydrogen
needed for 'clean fuel cells' seems to make the water is the only
byproduct argument a bit disingenuous. Course as I said, I'm not an expert
on the subject so I'm certainly open to knowing where the levels of hydrogen
needed for such a thing would come from.

Perhaps instead of replacing HIPPA, those companies subject to its
regulations need to rethink how and why patient data would need to leave
their environment and design secure systems (which e-mail aint) to
facilitate that transmittal. Course the reality is companies aren't really
interested in protecting patient data, just in being compliant with the
various regulatory agencies which govern them. So, following the cheapest
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote:



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said 
Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have 
been successful and this technology is expected to displace internal 
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here: 
http://www.hydrogencomponents.com/altfuel.html 


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Requesting dadt from Exchange Server

2003-02-26 Thread Smith Thomas Contr 911 SPTG/SC 
We are using Exchange server 5.5./sp3 and the clients use Outlook 2000 and
XP. A lot of user has been getting Requesting Data From Exchange Server ,
when opening the email client, or addresse book or sending mail. Has
anyone ever had this problem? I would appreciate your assistance.

Thanks

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Chinnery, Paul 
Security rule was published in the Federal Register on February 20.  Compliance date 
is April 21, 2005.
Like you, we're still looking at out options.  I did read in Computerworld that 
Pkware's newest version of pkzip, I believe v6.0, uses better encryption and they feel 
it will meet HIPAA guidelines.


Paul Chinnery
Network Administrator
Mem Med Ctr


-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:43 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Well last info I got from compliance yesterday was we got an extension
til Oct 13, 2003. I hope you have better info than I do. :-)

 -Original Message-
 From: Chinnery, Paul [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 1:41 PM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Actually, Mike, the finalized HIPAA security rule says that 
 email encryption is one of the addressables.  They removed 
 it from the required section. Be that as it may, we too, are 
 looking into email encryption.
 
 Paul Chinnery
 Network Administrator
 Mem Med Ctr
 
 
 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, February 25, 2003 3:34 PM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, basically, any information transmitted outside of our 
 company through a public channel (internet included) has to 
 be encrypted. Neither the specific type of, nor level of is 
 explicitly stated.
 
 What I basically want to do is this. If anyone sends email 
 outside of our company, I want it to be grabbed and 
 encrypted. Decryption I would guess would have to happen at 
 the client on the other side.
 
 
  -Original Message-
  From: Leeann McCallum [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 1:27 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  You could have a look at MailMarshal Secure which is an email
  encryption and decryption gateway.  It's an add-on to 
  MailMarshal which provides content filtering, virus checking etc.
  
  Are you looking specifically at e-mail encryption or would
  something like transport layer encryption be sufficient?
  
  What does your security policy say?
  
  
  Leeann
  
  
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, 26 February 2003 9:25 a.m.
  To: Exchange Discussions
  Subject: Exchange server level encryption
  
  
  Ok, my eyes are going crossed.
  I have been trying to figure out a decent way to encrypt all 
  outbound email from our company. This is for compliance with 
  HIPAA. Does anyone happen to have any ideas?
  
  I have googled and haven't found a product that looks right.
  I have searched for exchange 2000 encryption, email 
  encryption, etc. Help?
  
  TIA
  
  Mike
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
  NOTICE - This e-mail is only intended to be read by the named
  recipient.  It may contain information which is confidential, 
  proprietary or the subject of legal privilege. If you are not 
  the intended recipient please notify the sender immediately 
  and delete this e-mail. You may not use any information 
  contained in it.  Legal privilege is not waived because you 
  have read this e-mail.
  
  For further information on the Beca Group of Companies, visit
  our web page http://www.beca.co.nz
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List

RE: Exchange server level encryption

2003-02-26 Thread Schwartz, Jim 
They are not the only company that does this, but I am most familiar with
their product.

-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 5:52 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Sounds like Tumbleweed is going to get a lot more customers now.

-Original Message-
From: Schwartz, Jim [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 5:06 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


It would depend on who you are e-mailing to. If you have a limited amount of
customers or clients PGP or S/MIME is not a bad implementation. If you have
many customers that would not be able to set up PGP for whatever reason you
should look at something that will take the message and send it to a web
site. The customer would get a message that there is an e-mail waiting for
them on your web site and they would go get it. The data would then be
transmitted over SSL which a standard web browser can handle. Tumbleweed has
a secure redirect product that would handle this for you. It also has the
added benefit of being able to handle other forms of encryption and message
retention.

-Original Message-
From: Stevens, Dave [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 3:54 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption



Tumbleweed product does this...it is something that our headquarters wants
us to look into...I haven't personally evaluated yet. dave


Dave Stevens
-IT Network Support- 
email: [EMAIL PROTECTED]

 


-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 3:25 PM
To: Exchange Discussions
Subject: Exchange server level encryption


Ok, my eyes are going crossed. 
I have been trying to figure out a decent way to encrypt all outbound email
from our company. This is for compliance with HIPAA. Does anyone happen to
have any ideas?

I have googled and haven't found a product that looks right. I have searched
for exchange 2000 encryption, email encryption, etc. Help?

TIA

Mike

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
That's a terribly simplistic, and somewhat dangerous, view of HIPAA
legislation. The requirements for encrypted traffic are very specific to
patient information and medical records. I believe it explicitly excludes
general information not directly containing either of those items.

Roger
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 3:34 PM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, basically, any information transmitted outside of our 
 company through a public channel (internet included) has to 
 be encrypted. Neither the specific type of, nor level of is 
 explicitly stated.
 
 What I basically want to do is this. If anyone sends email 
 outside of our company, I want it to be grabbed and 
 encrypted. Decryption I would guess would have to happen at 
 the client on the other side.
 
 
  -Original Message-
  From: Leeann McCallum [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 1:27 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  You could have a look at MailMarshal Secure which is an email
  encryption and decryption gateway.  It's an add-on to 
  MailMarshal which provides content filtering, virus checking etc.
  
  Are you looking specifically at e-mail encryption or would
  something like transport layer encryption be sufficient?
  
  What does your security policy say?
  
  
  Leeann
  
  
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, 26 February 2003 9:25 a.m.
  To: Exchange Discussions
  Subject: Exchange server level encryption
  
  
  Ok, my eyes are going crossed.
  I have been trying to figure out a decent way to encrypt all 
  outbound email from our company. This is for compliance with 
  HIPAA. Does anyone happen to have any ideas?
  
  I have googled and haven't found a product that looks right.
  I have searched for exchange 2000 encryption, email 
  encryption, etc. Help?
  
  TIA
  
  Mike
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
  NOTICE - This e-mail is only intended to be read by the named
  recipient.  It may contain information which is confidential, 
  proprietary or the subject of legal privilege. If you are not 
  the intended recipient please notify the sender immediately 
  and delete this e-mail. You may not use any information 
  contained in it.  Legal privilege is not waived because you 
  have read this e-mail.
  
  For further information on the Beca Group of Companies, visit
  our web page http://www.beca.co.nz
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
What data are you actually trying to encrypt, and where is it coming from?

For instance, some of our products offer HIPAA compliance for electronic
transactions, using a variety of transports, including SMTP, IIRC.

I'd push back at the auditors to make sure that they're clearly defining
what needs to be encrypted and what can be sent clear text. It sounds like
they're pushing for 100% encryption of all email, which is well beyond my
understanding of the expectation under the law.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 3:44 PM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Argh...
 
 Which is pretty much what Eric was saying I think also. I 
 kinda figured this was going to be a tremendous pain in the ass.
 
 So let me throw a side idea at ya. How about creating a 
 different virtual server to handle certain domains and have 
 that relay through a gateway to encrypt that traffic. Then we 
 would know who was getting the mail and the would be able to 
 decrypt it.
 
 
 
  -Original Message-
  From: Ken Cornetet [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 1:39 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  I'll assume you are talking about SMIME encryption here. What
  you want to do is not possible in the general sense. You need 
  the recipient's public key in order to encrypt their mail. 
  You would have to have a predefined list of all possible 
  recipients and their public keys. Even if you had this list, 
  I know of no products that implement this (but then again, 
  I've never looked)
  
  You could probably rig something up using PGP on a unix box
  as an outbound gateway. But then all your recipients would 
  need PGP to read the mail.
  
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 3:25 PM
  To: Exchange Discussions
  Subject: Exchange server level encryption
  
  
  Ok, my eyes are going crossed.
  I have been trying to figure out a decent way to encrypt all 
  outbound email from our company. This is for compliance with 
  HIPAA. Does anyone happen to have any ideas?
  
  I have googled and haven't found a product that looks right.
  I have searched for exchange 2000 encryption, email 
  encryption, etc. Help?
  
  TIA
  
  Mike
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
Yes it does.

Since both Exchange and AD support X.509v3 certs, what about using using
something like Verisign's Trusted Messaging offering?
http://www.verisign.com/products/trustedMessaging/index.html

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Erick Thompson [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 4:19 PM
 To: Exchange Discussions
 Subject: Re: Exchange server level encryption
 
 
 Doesn't PGP suffer from the same problem, where the 
 recipients need to have a PGP key set up?
 
 Erick
 
 - Original Message -
 From: Ken Cornetet [EMAIL PROTECTED]
 To: Exchange Discussions [EMAIL PROTECTED]
 Sent: Tuesday, February 25, 2003 12:38 PM
 Subject: RE: Exchange server level encryption
 
 
 I'll assume you are talking about SMIME encryption here. What 
 you want to do is not possible in the general sense. You need 
 the recipient's public key in order to encrypt their mail. 
 You would have to have a predefined list of all possible 
 recipients and their public keys. Even if you had this list, 
 I know of no products that implement this (but then again, 
 I've never looked)
 
 You could probably rig something up using PGP on a unix box 
 as an outbound gateway. But then all your recipients would 
 need PGP to read the mail.
 
 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, February 25, 2003 3:25 PM
 To: Exchange Discussions
 Subject: Exchange server level encryption
 
 
 Ok, my eyes are going crossed.
 I have been trying to figure out a decent way to encrypt all 
 outbound email from our company. This is for compliance with 
 HIPAA. Does anyone happen to have any ideas?
 
 I have googled and haven't found a product that looks right. 
 I have searched for exchange 2000 encryption, email 
 encryption, etc. Help?
 
 TIA
 
 Mike
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
PGP is a de facto standard - its been around long enough and has enough
support that it is nearly universal.

S/MIME is far less well supported - especially when considering non-Windows
systems.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Erick Thompson [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 4:32 PM
 To: Exchange Discussions
 Subject: Re: Exchange server level encryption
 
 
 True. Is PGP a standard? I believe that SMIME is a standard, 
 which seems safer in the long run. However, I'm not involved 
 at all with mail encryption, so I'm not up to speed on these issues.
 
 Erick
 
 - Original Message -
 From: Erik Sojka [EMAIL PROTECTED]
 To: Exchange Discussions [EMAIL PROTECTED]
 Sent: Tuesday, February 25, 2003 1:24 PM
 Subject: RE: Exchange server level encryption
 
 
 Yup.  But PGP is one of the most widely deployed encryption 
 packages and has software for various client and server packages.
 
 
  -Original Message-
  From: Erick Thompson [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 4:19 PM
  To: Exchange Discussions
  Subject: Re: Exchange server level encryption
 
 
  Doesn't PGP suffer from the same problem, where the 
 recipients need to 
  have a PGP key set up?
 
  Erick
 
  - Original Message -
  From: Ken Cornetet [EMAIL PROTECTED]
  To: Exchange Discussions [EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 12:38 PM
  Subject: RE: Exchange server level encryption
 
 
  I'll assume you are talking about SMIME encryption here. 
 What you want 
  to do is not possible in the general sense. You need the 
 recipient's 
  public key in order to encrypt their mail. You would have to have a 
  predefined list of all possible recipients and their public 
 keys. Even 
  if you had this list, I know of no products that implement 
 this (but 
  then again, I've never looked)
 
  You could probably rig something up using PGP on a unix box as an 
  outbound gateway. But then all your recipients would need 
 PGP to read 
  the mail.
 
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 3:25 PM
  To: Exchange Discussions
  Subject: Exchange server level encryption
 
 
  Ok, my eyes are going crossed.
  I have been trying to figure out a decent way to encrypt 
 all outbound 
  email from our company. This is for compliance with HIPAA. 
 Does anyone 
  happen to have any ideas?
 
  I have googled and haven't found a product that looks right. I have 
  searched for exchange 2000 encryption, email encryption, etc. 
  Help?
 
  TIA
 
  Mike
 
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
 
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
 
 
 
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption-OT

2003-02-26 Thread Roger Seielstad 
I'm still waiting for the HIPAA version 2 requirements to come out - like
encrypted phone conversation. Since we've been tapping those for the 100+
years they've existed.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Chris Scharff [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 7:10 PM
 To: Exchange Discussions
 Subject: Re: Exchange server level encryption-OT
 
 
 Not an expert on the science behind this essay 
 http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403, 
 but the idea of needing to use nuclear power plants to 
 product the levels of hydrogen needed for 'clean fuel cells' 
 seems to make the water is the only byproduct argument a 
 bit disingenuous. Course as I said, I'm not an expert on the 
 subject so I'm certainly open to knowing where the levels of 
 hydrogen needed for such a thing would come from.
 
 Perhaps instead of replacing HIPPA, those companies subject 
 to its regulations need to rethink how and why patient data 
 would need to leave their environment and design secure 
 systems (which e-mail aint) to facilitate that transmittal. 
 Course the reality is companies aren't really interested in 
 protecting patient data, just in being compliant with the 
 various regulatory agencies which govern them. So, following 
 the cheapest route to compliance they encounter the reality 
 that cheap aint easy. 
 
 On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote:
 
 
 
 Ok I knew I shouldn't have used that example, cause I knew 
 somewhere we 
 were going to get into a debate about it. In addition I 
 should have said 
 Hydrogen Fuel Cells which is what I was thinking of when I made the 
 statement. As far as the pollution: 
 
 Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
 into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
 only water vapor from their exhaust pipes. Demonstrations of 
 HFCEVs have 
 been successful and this technology is expected to displace internal 
 combustion engines in the 21st Century. 
 
 Which I got from pretty much the first thing I could google up here: 
 http://www.hydrogencomponents.com/altfuel.html 
 
 
 
 -Original Message- 
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Mellott, Bill 
 Sent: Tuesday, February 25, 2003 2:02 PM 
 To: Exchange Discussions 
 Subject: RE: Exchange server level encryption-OT 
 
 
 Chris Im curious how do you figure this statement? Next thing you'll 
 drag in Hybrids ... 
 
 It's the same problem you have with cars 
 today. Gasoline engines produce pollution, so to change this we could 
 move to hydrogen engines which are pollution free. But the 
 infrastructure isn't there. 
 
 While I agree hydrogen engines maybe more friendly...they do produce 
 pollution AND the infrastructure you correctly point out which is not 
 there really WILL in fact produce pollution to make the pieces/stuff 
 required for the cleaner part. 
 
 Let me ask this..IF say you put a refrigerator in a  sealed 
 room...plug it in...leave the Fridge door openwhat happens in the 
 room? 
 
 there no free lunch...just more healthy... 
 ;-) 
 
 bill 
 
 
 -Original Message- 
 From: Christopher Hummert [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 4:42 PM 
 To: Exchange Discussions 
 Subject: RE: Exchange server level encryption 
 
 
 Except that none of our clients have heard about PGP. That's 
 one of the 
 problems with HIPPA, the solutions they want don't exist for a device 
 that was developed back in the 60's (I think I got the time 
 right, I'm 
 not going to check though). It's the same problem you have with cars 
 today. Gasoline engines produce pollution, so to change this we could 
 move to hydrogen engines which are pollution free. But the 
 infrastructure isn't there. Same thing with e-mail and encryption. 
 That's one of the reasons HIPPA deadlines keeps getting pushed back. 
 
 Then with a solution like PGP you have to teach the users how 
 to use it. 
 That's a nightmare that I don't ever want to repeat again. 
 Hell half of 
 the users I taught have a hard time figuring out what the 
 start button 
 is, and it's right there in front of their face. 
 
 The big problem with HIPPA was that it was designed by 
 bureaucrats (who 
 BTW were probably the same users that have a hard time with the start 
 button thing) that wanted to do something to protect the people that 
 vote for them. Except there wasn't a major problem to begin 
 with. Sure 
 there were a few slight mishaps here and there, but the industry was 
 doing a fine job of learning from those mistakes and creating new 
 solutions to prevent those from happening again. 
 
 In addition to the design problems with HIPPA, you have the fact that 
 it's become so bloated that no one knows exactly what it is 
 or what you 
 need to do. While you run into

RE: Backup Domain Controller causing problems???

2003-02-26 Thread Roger Seielstad 
I've seen initial AD replication take as much as 24 hours, even over
relatively stable and fast links.

Bring it up and pause it's netlogon service, and let it spin for a few days.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Mike Anderson [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 7:30 PM
 To: Exchange Discussions
 Subject: RE: Backup Domain Controller causing problems???
 
 
 I am sorry about that.
 
 We are 100% 'Windows 2000 Server' - so yes - Active Directory.
 
 I know that Primary and Secondary sort of went away as far as 
 the terminology goes... But of course, in order to establish 
 the new Domain, I had to flag one server as the New Forest 
 - and then the server that I refer to as the Backup Domain 
 Controller - is simply an Additional domain controller for 
 an existing domain.
 
 I truly thought that was the long and short of it - so if 
 there is addition functions to perform, would you be able to 
 point me in the right direction?
 
 Thanks,
 
 Mike
 
 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 6:21 PM
 To: Exchange Discussions
 Subject: RE: Backup Domain Controller causing problems???
 
 
 I'm not clear on what your network is - W2K Active Directory, 
 native or mixed?  In AD there is no such thing as a BDC, 
 they're all DCs.  Is that what you built?  Or is yours a BDC 
 left over from an NT4 domain?
 
 
 
 -Original Message-
 From: Mike Anderson [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 3:55 PM
 To: Exchange Discussions
 Subject: Backup Domain Controller causing problems???
 
 
 Hello,
 
 Could someone please throw some ideas my way, as to why 
 having a Secondary Domain Controller active on the network, 
 could mess up authentication?
 
 If I have our BDC turned on and active on the network, and 
 our users attempt to fire up their Outlook from the outside 
 (using Exchange RPC Server published through our ISA Server), 
 they are unable to authenticate.  However, if I turn off our 
 BDC, then they can authenticate just fine.  This is also the 
 case from time to time, when workstations are initially 
 turned on, and perform their initial login into the Domain.
 
 It's almost as if the BDC, is responding first to the 
 authentication requests, and doesn't have a current copy of 
 all the user/password information.  I say that, because by 
 turning off the BDC, everything works fine once again.
 
 This may be my ignorance - regarding how Domain Controllers 
 differ from NT4.0 versus Windows 2000 networks.  It's my 
 understanding that a Backup Domain Controller - simply makes 
 a copy of all items in Active Directory
 - users, computers, passwords, etc. and then responds to 
 requests if the Primary Domain Controller doesn't respond in 
 a timely manner.  Is there anything else, other than using 
 the setup wizard, and joining the Forest, that I need to do 
 in order to properly set up a Backup Domain Controller?  I 
 would think, that going through the setup wizard, and simply 
 letting it run on the network, was all there was to it.
 
 Am I missing something here?  Do I need to initiate some kind 
 of replication process, or synchronization in order to get 
 the BDC current with it's information? (provided that this is 
 even the problem?)
 
 If anyone could offer *anything* regarding this subject, I 
 would be grateful, as I see it to be very important to have 
 our BDC operational in case our PDC ever dies.
 
 Thanks,
 
 Mike
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread bscott 
On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote:
 It sounds like they're pushing for 100% encryption of all email, which is
 well beyond my understanding of the expectation under the law.

  While I don't know about this particular case, I've seen such reactions
before in similar, non-HIPPA cases.  It goes something like this:

  Security becomes a concern.  Of course, you cannot have security without a
good security policy that defines your information assets, risks, threats,
counter-measures, and so on.  Nor can you have security without user
understanding and education.  So the IT guys tell the PHBs that their
existing policy of driving blindly through the fog is a bad idea.  The PHBs
react by coming up with crap ideas like everything must be encrypted  
(without even knowing what encryption actually *is*).  Actually fixing their
management structure would cost too much.

-- 
Ben Scott [EMAIL PROTECTED]
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
Yup. Happens all too often.

Fortunately, we have a great InfoSec guy here, who reports directly to the
CIO, and the CIO has fairly broad veto power over almost any business
initiatives.

Doesn't hurt that the CIO is brilliant either.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 9:50 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote:
  It sounds like they're pushing for 100% encryption of all 
 email, which 
  is well beyond my understanding of the expectation under the law.
 
   While I don't know about this particular case, I've seen 
 such reactions before in similar, non-HIPPA cases.  It goes 
 something like this:
 
   Security becomes a concern.  Of course, you cannot have 
 security without a good security policy that defines your 
 information assets, risks, threats, counter-measures, and so 
 on.  Nor can you have security without user understanding and 
 education.  So the IT guys tell the PHBs that their existing 
 policy of driving blindly through the fog is a bad idea.  The 
 PHBs react by coming up with crap ideas like everything must 
 be encrypted  
 (without even knowing what encryption actually *is*).  
 Actually fixing their management structure would cost too much.
 
 -- 
 Ben Scott [EMAIL PROTECTED]
 | The opinions expressed in this message are those of the 
 author and do  
 | | not represent the views or policy of any other person or 
 organization. |
 | All information is provided without warranty of any kind.   
|
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: Exchange server level encryption-OT

2003-02-26 Thread bscott 
On Tue, 25 Feb 2003, at 8:29pm, [EMAIL PROTECTED] wrote:
 What if the shipping company uses hydrogen fuel cells?

 Oh my God.  The humanity.  The humanity.

  Fun fact of the day: Most of the people who were died in the Hindenburg
disaster (30 or so) were killed when they hit the ground after jumping out
of the gondola.  All but two of the passengers who stayed onboard and rode
the airship to the ground lived to tell their tale.

-- 
Ben Scott [EMAIL PROTECTED]
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Erik Sojka 
You got something on your nose there, Rog.  ;)

 -Original Message-
 From: Roger Seielstad [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 9:53 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Yup. Happens all too often.
 
 Fortunately, we have a great InfoSec guy here, who reports 
 directly to the
 CIO, and the CIO has fairly broad veto power over almost any business
 initiatives.
 
 Doesn't hurt that the CIO is brilliant either.
 
 --
 Roger D. Seielstad - MCSE
 Sr. Systems Administrator
 Inovis Inc.
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
  Sent: Wednesday, February 26, 2003 9:50 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote:
   It sounds like they're pushing for 100% encryption of all 
  email, which 
   is well beyond my understanding of the expectation under the law.
  
While I don't know about this particular case, I've seen 
  such reactions before in similar, non-HIPPA cases.  It goes 
  something like this:
  
Security becomes a concern.  Of course, you cannot have 
  security without a good security policy that defines your 
  information assets, risks, threats, counter-measures, and so 
  on.  Nor can you have security without user understanding and 
  education.  So the IT guys tell the PHBs that their existing 
  policy of driving blindly through the fog is a bad idea.  The 
  PHBs react by coming up with crap ideas like everything must 
  be encrypted  
  (without even knowing what encryption actually *is*).  
  Actually fixing their management structure would cost too much.
  
  -- 
  Ben Scott [EMAIL PROTECTED]
  | The opinions expressed in this message are those of the 
  author and do  
  | | not represent the views or policy of any other person or 
  organization. |
  | All information is provided without warranty of any kind.   
 |
  
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
Nope. Just happen to be lucky to work with some *really* sharp people. And I
do like working for a CIO with a backbone.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Erik Sojka [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 9:57 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 You got something on your nose there, Rog.  ;)
 
  -Original Message-
  From: Roger Seielstad [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 26, 2003 9:53 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  Yup. Happens all too often.
  
  Fortunately, we have a great InfoSec guy here, who reports
  directly to the
  CIO, and the CIO has fairly broad veto power over almost 
 any business
  initiatives.
  
  Doesn't hurt that the CIO is brilliant either.
  
  --
  Roger D. Seielstad - MCSE
  Sr. Systems Administrator
  Inovis Inc.
  
  
   -Original Message-
   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
   Sent: Wednesday, February 26, 2003 9:50 AM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote:
It sounds like they're pushing for 100% encryption of all
   email, which
is well beyond my understanding of the expectation 
 under the law.
   
 While I don't know about this particular case, I've seen
   such reactions before in similar, non-HIPPA cases.  It goes 
   something like this:
   
 Security becomes a concern.  Of course, you cannot have
   security without a good security policy that defines your 
   information assets, risks, threats, counter-measures, and so 
   on.  Nor can you have security without user understanding and 
   education.  So the IT guys tell the PHBs that their existing 
   policy of driving blindly through the fog is a bad idea.  The 
   PHBs react by coming up with crap ideas like everything must 
   be encrypted  
   (without even knowing what encryption actually *is*).  
   Actually fixing their management structure would cost too much.
   
   --
   Ben Scott [EMAIL PROTECTED]
   | The opinions expressed in this message are those of the
   author and do
   | | not represent the views or policy of any other person or
   organization. |
   | All information is provided without warranty of any kind.   
  |
   
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption-OT

2003-02-26 Thread Mellott, Bill 
No I wasn't trying to raise a debate (I don't debate well..wish I could I
might have a better chance against my better half)..though I knew someone
might...
I just get curious at peoples perceptions...and how much they buy into what
is often a lot of media hype...info conveniently not mentioned etc...

Like back when GM did the electric car thing..it was like 90' when I was
back in engineering school
some the other geeks and me did up a quick calc on cost.. initial cost of
vehicle, amount of batteries the thing usedlife of batteries as stated
in the article then...change over cycle..etc...

we did not take into account back then the Fact that after the batteries are
dead/beat the disposal cost due to the fact that batteries are hazardous
waste..at least not from the monetary stand pointetc

I'm not saying new technologies are good or bad...just curious what and how
much people really take into accountabout stuff.

-Original Message-
From: Christopher Hummert [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 5:06 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


Ok I knew I shouldn't have used that example, cause I knew somewhere we
were going to get into a debate about it. In addition I should have said
Hydrogen Fuel Cells which is what I was thinking of when I made the
statement. As far as the pollution:

Fuel cells efficiently convert hydrogen fuel and oxygen from the air
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have
been successful and this technology is expected to displace internal
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here:
http://www.hydrogencomponents.com/altfuel.html



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mellott, Bill
Sent: Tuesday, February 25, 2003 2:02 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


Chris Im curious how do you figure this statement? Next thing you'll
drag in Hybrids ...

It's the same problem you have with cars
today. Gasoline engines produce pollution, so to change this we could
move to hydrogen engines which are pollution free. But the
infrastructure isn't there.

While I agree hydrogen engines maybe more friendly...they do produce
pollution AND the infrastructure you correctly point out which is not
there really WILL in fact produce pollution to make the pieces/stuff
required for the cleaner part.

Let me ask this..IF say you put a refrigerator in a  sealed
room...plug it in...leave the Fridge door openwhat happens in the
room?

there no free lunch...just more healthy...
;-)

bill


-Original Message-
From: Christopher Hummert [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 4:42 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Except that none of our clients have heard about PGP. That's one of the
problems with HIPPA, the solutions they want don't exist for a device
that was developed back in the 60's (I think I got the time right, I'm
not going to check though). It's the same problem you have with cars
today. Gasoline engines produce pollution, so to change this we could
move to hydrogen engines which are pollution free. But the
infrastructure isn't there. Same thing with e-mail and encryption.
That's one of the reasons HIPPA deadlines keeps getting pushed back. 

Then with a solution like PGP you have to teach the users how to use it.
That's a nightmare that I don't ever want to repeat again. Hell half of
the users I taught have a hard time figuring out what the start button
is, and it's right there in front of their face. 

The big problem with HIPPA was that it was designed by bureaucrats (who
BTW were probably the same users that have a hard time with the start
button thing) that wanted to do something to protect the people that
vote for them. Except there wasn't a major problem to begin with. Sure
there were a few slight mishaps here and there, but the industry was
doing a fine job of learning from those mistakes and creating new
solutions to prevent those from happening again. 

In addition to the design problems with HIPPA, you have the fact that
it's become so bloated that no one knows exactly what it is or what you
need to do. While you run into some so called HIPPA expert that says
you need to do one thing, you can always find another that says you
don't need to do that. 

Flat out HIPPA needs to go, and be replaced by something that's a little
more well thought out.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik Sojka
Sent: Tuesday, February 25, 2003 1:25 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Yup.  But PGP is one of the most widely deployed encryption packages and
has software for various client and server packages.

RE: Exchange server level encryption

2003-02-26 Thread Waters, Jeff 
The problem with all of this is that a large encryption infrastructure that
covers multiple vendors is a nightmare that I don't even want to start
working with.  Having some very high level experience with encryption this
is a big game, and there is no real way to work it out for this situation.  
Our 1st response was across the board e-mail encryption, however you have to
ask yourself, does this really protect PHI.  If you share your encryption
with all of your external users, not all of whom are PHI related sites, then
your user selects the wrong recipient presto you now have a HIPPA violation.
All the policies in the world will not prevent this.  So then you have to
start asking yourself, how do I cover this.
One of the options that I asked about was if we had an internal policy (it's
government, they love policy) that prohibited the external transmission of
PHI via e-mail.  The angry comments I got from our personnel was just
amazing, but after hearing them some were valid.  So the next step was that
all PHI e-mail transfers would be done as attachments, utilizing strong file
level encryption (not self-decrypting) and strong passwords.  Next step how
do you work out the transfer of passwords, who makes the passwords, who
controls the passwords.  This is not going to be easy.
Do we need HIPPA, well probably we do, however most of what HIPPA covers
from a technical standpoint is just in keeping with best practices.  The one
thing HIPPA is not going to beat is human nature, and human nature is why we
have the HIPPA violations to begin with.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 9:50 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


On Wed, 26 Feb 2003, at 9:33am, [EMAIL PROTECTED] wrote:
 It sounds like they're pushing for 100% encryption of all email, which is
 well beyond my understanding of the expectation under the law.

  While I don't know about this particular case, I've seen such reactions
before in similar, non-HIPPA cases.  It goes something like this:

  Security becomes a concern.  Of course, you cannot have security without a
good security policy that defines your information assets, risks, threats,
counter-measures, and so on.  Nor can you have security without user
understanding and education.  So the IT guys tell the PHBs that their
existing policy of driving blindly through the fog is a bad idea.  The PHBs
react by coming up with crap ideas like everything must be encrypted  
(without even knowing what encryption actually *is*).  Actually fixing their
management structure would cost too much.

-- 
Ben Scott [EMAIL PROTECTED]
| The opinions expressed in this message are those of the author and do  |
| not represent the views or policy of any other person or organization. |
| All information is provided without warranty of any kind.  |


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: Exchange server level encryption-OT

2003-02-26 Thread Chris Scharff 
Take exception all you like, for the vast majority of companies involved in
health care, patient information is not a priority. Nice that it is in your
organization, but yours is the exception rather than the rule I assure you.
Think insurance companies care about patient confidentiality? Hell, they
don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book and
setting up public and private networks initially would have solved these
types of issues. If protecting patient data had been a priority from the get
go, I'd expect this would already be in place. Instead, maintaining that
confidentiality was an idea given lip service to while measures were put in
place which were known to trade off security for expediency. 

As noble as your organization's intentions are, a thimble full of wine in a
barrel of sewer water, still gets you a barrel of sewer water. That's why
extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:



Chris, I take exception to your comments in your second paragraph that the
reality is that companies don't really care about protecting patient data.
I work in a hospital and have met many people from other hospitals through
seminars, meetings, etc.  To say that we don't care is patently false.
Patient confidentiality is a priority, second only to patient care.  Our
hospital has zero tolerance for PHI disclosure.  A nurse blabs to someone
about a patient and boom! she's fired.  I know, I've seen it happen.

The trouble with HIPAA is that they seem to want hospitals and healthcare
organizations to be almost as secure as the Pentagon.  Our administration
hired a big name outfit to give their recomendations.  I had to read through
23 documents from them.  And some of them, the suggestions, were insane.
One suggested (although it said it was optional) searching all purses and
bags that patients or visitors to the hospital.  I guess they're afraid
someone would sneak in a floppy to be used to copy patient data.


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403 , but the
idea 
of needing to use nuclear power plants to product the levels of hydrogen 
needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an expert 
on the subject so I'm certainly open to knowing where the levels of hydrogen

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave 
their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said 
Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have 
been successful and this technology is expected to displace internal 
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here: 
http://www.hydrogencomponents.com/altfuel.html 


_ 
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm 
Archives:   http://www.swynk.com/sitesearch/search.asp 
To unsubscribe: mailto:[EMAIL PROTECTED] 
Exchange List admin:[EMAIL PROTECTED] 






_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

First Server in Site Question (Again)

2003-02-26 Thread Parrnelli GS11 Ben T 
I think my question got lost in the flurry of server level encryption
messages.

Still trying to find out if my first server is ready for removal.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 9:36 AM
To: Exchange Discussions
Subject: First Server in Site Question


Exchange 5.5 SP4
NT 4.0 SP6 SRP

I'm following Q152959 to move my first server to a new server.

I've completed all the steps with the exception of moving the routing
calculation server, as this was done previously.  I've waited several days,
however, when I check the raw properties I still see the original server in
the site-folder-server properties.

Does this value need to show the new server before I remove the old, or will
the value always be the original no matter where I move the roles.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Hutchins, Mike 
Well, we are an ambulance company, so just about anything we would send
outside of the company would be patient related. Of course not 100%, but
probably 80%.

 -Original Message-
 From: Roger Seielstad [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 7:29 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 That's a terribly simplistic, and somewhat dangerous, view of 
 HIPAA legislation. The requirements for encrypted traffic are 
 very specific to patient information and medical records. I 
 believe it explicitly excludes general information not 
 directly containing either of those items.
 
 Roger
 --
 Roger D. Seielstad - MCSE
 Sr. Systems Administrator
 Inovis Inc.
 
 
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 3:34 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  Well, basically, any information transmitted outside of our
  company through a public channel (internet included) has to 
  be encrypted. Neither the specific type of, nor level of is 
  explicitly stated.
  
  What I basically want to do is this. If anyone sends email
  outside of our company, I want it to be grabbed and 
  encrypted. Decryption I would guess would have to happen at 
  the client on the other side.
  
  
   -Original Message-
   From: Leeann McCallum [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 1:27 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   You could have a look at MailMarshal Secure which is an email 
   encryption and decryption gateway.  It's an add-on to MailMarshal 
   which provides content filtering, virus checking etc.
   
   Are you looking specifically at e-mail encryption or 
 would something 
   like transport layer encryption be sufficient?
   
   What does your security policy say?
   
   
   Leeann
   
   
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Wednesday, 26 February 2003 9:25 a.m.
   To: Exchange Discussions
   Subject: Exchange server level encryption
   
   
   Ok, my eyes are going crossed.
   I have been trying to figure out a decent way to encrypt all
   outbound email from our company. This is for compliance with 
   HIPAA. Does anyone happen to have any ideas?
   
   I have googled and haven't found a product that looks 
 right. I have 
   searched for exchange 2000 encryption, email encryption, etc. 
   Help?
   
   TIA
   
   Mike
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
   NOTICE - This e-mail is only intended to be read by the named 
   recipient.  It may contain information which is confidential, 
   proprietary or the subject of legal privilege. If you are not the 
   intended recipient please notify the sender immediately 
 and delete 
   this e-mail. You may not use any information contained in 
 it.  Legal 
   privilege is not waived because you have read this e-mail.
   
   For further information on the Beca Group of Companies, visit our 
   web page http://www.beca.co.nz
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: First Server in Site Question (Again)

2003-02-26 Thread Martin Blackstone 
If you have followed all the steps in the document, then the next step is to
shut down the first server. Leave it powered off and watch what happens.
Once you are sure everything is working right, then go ahead and remove it.
I always follow this procedure. If you just power down and you run into
issues, no problem, power up again and figure it out. 


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 7:49 AM
To: Exchange Discussions

I think my question got lost in the flurry of server level encryption
messages.

Still trying to find out if my first server is ready for removal.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 9:36 AM
To: Exchange Discussions
Subject: First Server in Site Question


Exchange 5.5 SP4
NT 4.0 SP6 SRP

I'm following Q152959 to move my first server to a new server.

I've completed all the steps with the exception of moving the routing
calculation server, as this was done previously.  I've waited several days,
however, when I check the raw properties I still see the original server in
the site-folder-server properties.

Does this value need to show the new server before I remove the old, or will
the value always be the original no matter where I move the roles.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Martin Blackstone 
I need an MF bambulance! 


-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 7:57 AM
To: Exchange Discussions

Well, we are an ambulance company, so just about anything we would send
outside of the company would be patient related. Of course not 100%, but
probably 80%.

 -Original Message-
 From: Roger Seielstad [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 7:29 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 That's a terribly simplistic, and somewhat dangerous, view of 
 HIPAA legislation. The requirements for encrypted traffic are 
 very specific to patient information and medical records. I 
 believe it explicitly excludes general information not 
 directly containing either of those items.
 
 Roger
 --
 Roger D. Seielstad - MCSE
 Sr. Systems Administrator
 Inovis Inc.
 
 
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 3:34 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  Well, basically, any information transmitted outside of our
  company through a public channel (internet included) has to 
  be encrypted. Neither the specific type of, nor level of is 
  explicitly stated.
  
  What I basically want to do is this. If anyone sends email
  outside of our company, I want it to be grabbed and 
  encrypted. Decryption I would guess would have to happen at 
  the client on the other side.
  
  
   -Original Message-
   From: Leeann McCallum [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 1:27 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   You could have a look at MailMarshal Secure which is an email 
   encryption and decryption gateway.  It's an add-on to MailMarshal 
   which provides content filtering, virus checking etc.
   
   Are you looking specifically at e-mail encryption or 
 would something 
   like transport layer encryption be sufficient?
   
   What does your security policy say?
   
   
   Leeann
   
   
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Wednesday, 26 February 2003 9:25 a.m.
   To: Exchange Discussions
   Subject: Exchange server level encryption
   
   
   Ok, my eyes are going crossed.
   I have been trying to figure out a decent way to encrypt all
   outbound email from our company. This is for compliance with 
   HIPAA. Does anyone happen to have any ideas?
   
   I have googled and haven't found a product that looks 
 right. I have 
   searched for exchange 2000 encryption, email encryption, etc. 
   Help?
   
   TIA
   
   Mike
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
   NOTICE - This e-mail is only intended to be read by the named 
   recipient.  It may contain information which is confidential, 
   proprietary or the subject of legal privilege. If you are not the 
   intended recipient please notify the sender immediately 
 and delete 
   this e-mail. You may not use any information contained in 
 it.  Legal 
   privilege is not waived because you have read this e-mail.
   
   For further information on the Beca Group of Companies, visit our 
   web page http://www.beca.co.nz
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:

RE: Exchange server level encryption

2003-02-26 Thread Hutchins, Mike 
Well, that isn't exactly like that. But it seems as though there also
isn't an easy wau to determine what to encrypt on the fly..

 -Original Message-
 From: Roger Seielstad [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 7:33 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 What data are you actually trying to encrypt, and where is it 
 coming from?
 
 For instance, some of our products offer HIPAA compliance for 
 electronic transactions, using a variety of transports, 
 including SMTP, IIRC.
 
 I'd push back at the auditors to make sure that they're 
 clearly defining what needs to be encrypted and what can be 
 sent clear text. It sounds like they're pushing for 100% 
 encryption of all email, which is well beyond my 
 understanding of the expectation under the law.
 
 --
 Roger D. Seielstad - MCSE
 Sr. Systems Administrator
 Inovis Inc.
 
 
  -Original Message-
  From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, February 25, 2003 3:44 PM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  Argh...
  
  Which is pretty much what Eric was saying I think also. I
  kinda figured this was going to be a tremendous pain in the ass.
  
  So let me throw a side idea at ya. How about creating a
  different virtual server to handle certain domains and have 
  that relay through a gateway to encrypt that traffic. Then we 
  would know who was getting the mail and the would be able to 
  decrypt it.
  
  
  
   -Original Message-
   From: Ken Cornetet [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 1:39 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   I'll assume you are talking about SMIME encryption here. What you 
   want to do is not possible in the general sense. You need the 
   recipient's public key in order to encrypt their mail. You would 
   have to have a predefined list of all possible recipients 
 and their 
   public keys. Even if you had this list, I know of no 
 products that 
   implement this (but then again, I've never looked)
   
   You could probably rig something up using PGP on a unix box as an 
   outbound gateway. But then all your recipients would need PGP to 
   read the mail.
   
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 3:25 PM
   To: Exchange Discussions
   Subject: Exchange server level encryption
   
   
   Ok, my eyes are going crossed.
   I have been trying to figure out a decent way to encrypt all
   outbound email from our company. This is for compliance with 
   HIPAA. Does anyone happen to have any ideas?
   
   I have googled and haven't found a product that looks 
 right. I have 
   searched for exchange 2000 encryption, email encryption, etc. 
   Help?
   
   TIA
   
   Mike
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]
   
  
  _
  List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
  Archives:   http://www.swynk.com/sitesearch/search.asp
  To unsubscribe: mailto:[EMAIL PROTECTED]
  Exchange List admin:[EMAIL PROTECTED]
  
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: First Server in Site Question (Again)

2003-02-26 Thread Parrnelli GS11 Ben T 
Will do.

Thanks for the response.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 8:01 AM
To: Exchange Discussions
Subject: RE: First Server in Site Question (Again)


If you have followed all the steps in the document, then the next step is to
shut down the first server. Leave it powered off and watch what happens.
Once you are sure everything is working right, then go ahead and remove it.
I always follow this procedure. If you just power down and you run into
issues, no problem, power up again and figure it out. 


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 7:49 AM
To: Exchange Discussions

I think my question got lost in the flurry of server level encryption
messages.

Still trying to find out if my first server is ready for removal.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 9:36 AM
To: Exchange Discussions
Subject: First Server in Site Question


Exchange 5.5 SP4
NT 4.0 SP6 SRP

I'm following Q152959 to move my first server to a new server.

I've completed all the steps with the exception of moving the routing
calculation server, as this was done previously.  I've waited several days,
however, when I check the raw properties I still see the original server in
the site-folder-server properties.

Does this value need to show the new server before I remove the old, or will
the value always be the original no matter where I move the roles.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: First Server in Site Question (Again)

2003-02-26 Thread Martin Blackstone 
BTW, I usually wait about a month. I'm cautious like that.
Its REALLY HARD to go back once you remove the server, so this is the
cautious route. 


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 8:06 AM
To: Exchange Discussions

Will do.

Thanks for the response.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 8:01 AM
To: Exchange Discussions
Subject: RE: First Server in Site Question (Again)


If you have followed all the steps in the document, then the next step is to
shut down the first server. Leave it powered off and watch what happens.
Once you are sure everything is working right, then go ahead and remove it.
I always follow this procedure. If you just power down and you run into
issues, no problem, power up again and figure it out. 


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 7:49 AM
To: Exchange Discussions

I think my question got lost in the flurry of server level encryption
messages.

Still trying to find out if my first server is ready for removal.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278


-Original Message-
From: Parrnelli GS11 Ben T [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 9:36 AM
To: Exchange Discussions
Subject: First Server in Site Question


Exchange 5.5 SP4
NT 4.0 SP6 SRP

I'm following Q152959 to move my first server to a new server.

I've completed all the steps with the exception of moving the routing
calculation server, as this was done previously.  I've waited several days,
however, when I check the raw properties I still see the original server in
the site-folder-server properties.

Does this value need to show the new server before I remove the old, or will
the value always be the original no matter where I move the roles.

Thanks.


Ben Parrnelli
Network Administrator
Comm  Data Directorate
MAGTF Training Command
29 Palms, CA 92278

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

duplicate emails

2003-02-26 Thread Michael Ahlfont 
Hello all

We have recently upgraded from exchange 5.5 to 2000. Friday we placed the OWA server 
is outside the firewall and switched it to do the routing of smtp email. Since we made 
the switch Friday night, the custom recipients receive duplicate emails only from 
emails generated outside the company. Emails generated from within the company are not 
duplicated. 

Any ideas on what is happening?

Thanks 
.+-¦‹-Šxm¶ŸÿÃ,Â)Ür‰¿­ë(º·ýì\…öª†­Èb½ë!¶Úÿ0³
§‘Êþz­È±æ«r¬¥:.ž±Êâm[h•æ¯yì\…©àz[,Ã)är‰„ÅÈZž‹ŠËZvh§–+-ižÌ2žG(

RE: Exchange server level encryption

2003-02-26 Thread Roger Seielstad 
Right. It goes back to Ed's quote about there seldom being technical
solutions to behavioral problems.

Part of these regulations requires strongly retraining all employees that
they need to keep patient information out of emails. Things that require
patient information, like billing information, shouldn't traverse email in
the first place, rather it should be handled at the billing system level. At
that point, all an email has to contain is an invoice number or a payment
number and you're not passing any confidential information.

HIPAA isn't something for which completely technical solutions exist. This
is one of those places.



--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 11:06 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, that isn't exactly like that. But it seems as though 
 there also isn't an easy wau to determine what to encrypt on the fly..
 
  -Original Message-
  From: Roger Seielstad [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 26, 2003 7:33 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  What data are you actually trying to encrypt, and where is it
  coming from?
  
  For instance, some of our products offer HIPAA compliance for
  electronic transactions, using a variety of transports, 
  including SMTP, IIRC.
  
  I'd push back at the auditors to make sure that they're
  clearly defining what needs to be encrypted and what can be 
  sent clear text. It sounds like they're pushing for 100% 
  encryption of all email, which is well beyond my 
  understanding of the expectation under the law.
  
  --
  Roger D. Seielstad - MCSE
  Sr. Systems Administrator
  Inovis Inc.
  
  
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 3:44 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   Argh...
   
   Which is pretty much what Eric was saying I think also. I kinda 
   figured this was going to be a tremendous pain in the ass.
   
   So let me throw a side idea at ya. How about creating a different 
   virtual server to handle certain domains and have that 
 relay through 
   a gateway to encrypt that traffic. Then we would know who was 
   getting the mail and the would be able to decrypt it.
   
   
   
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 1:39 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


I'll assume you are talking about SMIME encryption 
 here. What you
want to do is not possible in the general sense. You need the 
recipient's public key in order to encrypt their mail. 
 You would 
have to have a predefined list of all possible recipients 
  and their
public keys. Even if you had this list, I know of no
  products that
implement this (but then again, I've never looked)

You could probably rig something up using PGP on a unix 
 box as an
outbound gateway. But then all your recipients would 
 need PGP to 
read the mail.

-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:25 PM
To: Exchange Discussions
Subject: Exchange server level encryption


Ok, my eyes are going crossed.
I have been trying to figure out a decent way to encrypt all 
outbound email from our company. This is for compliance with 
HIPAA. Does anyone happen to have any ideas?

I have googled and haven't found a product that looks
  right. I have
searched for exchange 2000 encryption, email 
 encryption, etc.
Help?

TIA

Mike


 _
List posting FAQ:   
 http://www.swinc.com/resource/exch_faq.htm
Archives:
http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


 _
List posting FAQ:   
 http://www.swinc.com/resource/exch_faq.htm
Archives:
http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

   
   _
   List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
   Archives:   http://www.swynk.com/sitesearch/search.asp
   To unsubscribe: mailto:[EMAIL PROTECTED]
   Exchange List admin:[EMAIL PROTECTED]

RE: Outlook Web Access Interface.

2003-02-26 Thread Ed Crowley 
That happened because the first access to the mailbox was using a client
that was configured for Arabic.

You can change the folder names using an old Exchange 5.0 client.  The
easiest way for you to do this might just be to create a new mailbox,
though.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michel Fayad
Sent: Tuesday, February 25, 2003 11:15 PM
To: Exchange Discussions
Subject: Outlook Web Access Interface.


Dear all,

I have a question concerning Outlook Web Access.
The interface for Outlook Web Access is in Arabic for only one user. So
Inbox is written in Arabic. Is there a way to make it display back in
English? We are using Windows 2000 and Exchange 2000.

Best Regards,


Michel Fayad

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption-OT

2003-02-26 Thread Christopher Hummert 
I work for a Insurance company. One of our biggest priorities is the
protection of patient information. Don't generalize a whole industry.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
Sent: Wednesday, February 26, 2003 7:26 AM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


Take exception all you like, for the vast majority of companies involved
in health care, patient information is not a priority. Nice that it is
in your organization, but yours is the exception rather than the rule I
assure you. Think insurance companies care about patient
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book
and setting up public and private networks initially would have solved
these types of issues. If protecting patient data had been a priority
from the get go, I'd expect this would already be in place. Instead,
maintaining that confidentiality was an idea given lip service to while
measures were put in place which were known to trade off security for
expediency. 

As noble as your organization's intentions are, a thimble full of wine
in a barrel of sewer water, still gets you a barrel of sewer water.
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:



Chris, I take exception to your comments in your second paragraph that
the reality is that companies don't really care about protecting patient
data. I work in a hospital and have met many people from other hospitals
through seminars, meetings, etc.  To say that we don't care is patently
false. Patient confidentiality is a priority, second only to patient
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse
blabs to someone about a patient and boom! she's fired.  I know, I've
seen it happen.

The trouble with HIPAA is that they seem to want hospitals and
healthcare organizations to be almost as secure as the Pentagon.  Our
administration hired a big name outfit to give their recomendations.  I
had to read through 23 documents from them.  And some of them, the
suggestions, were insane. One suggested (although it said it was
optional) searching all purses and bags that patients or visitors to the
hospital.  I guess they're afraid someone would sneak in a floppy to be
used to copy patient data.


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403 , but the
idea 
of needing to use nuclear power plants to product the levels of hydrogen

needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an
expert 
on the subject so I'm certainly open to knowing where the levels of
hydrogen

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave

their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't
really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the
cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said

Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have

been successful and this technology is expected to displace internal 
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here: 
http://www.hydrogencomponents.com/altfuel.html 


_ 
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm 
Archives:   http://www.swynk.com/sitesearch/search.asp 
To unsubscribe: mailto:[EMAIL PROTECTED] 
Exchange List admin:[EMAIL PROTECTED] 






_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe:

RE: duplicate emails

2003-02-26 Thread Michelle Harmon 
I'm not sure that I understand your question.  The custom recipients are
people outside your organization that are represented in your GAL, correct?
If so, then I'm not sure why you're concerned about mail that people outside
your company are getting from other people outside your company. 

Also, have you checked to see if the duplicate messages have the same
message ID?

-Original Message-
From: Michael Ahlfont [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 10:17 AM
To: Exchange Discussions
Subject: duplicate emails

Hello all

We have recently upgraded from exchange 5.5 to 2000. Friday we placed the
OWA server is outside the firewall and switched it to do the routing of smtp
email. Since we made the switch Friday night, the custom recipients receive
duplicate emails only from emails generated outside the company. Emails
generated from within the company are not duplicated. 

Any ideas on what is happening?

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Ed Crowley 
Yup.  Setting up encrypted mail, whatever that is, isn't going to fix
the problem.  If all e-mail must be encrypted, you pretty much ought
to disconnect it from the Internet, because the vast majority of your
correspondents will not be able to communicate with you.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad
Sent: Wednesday, February 26, 2003 8:18 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Right. It goes back to Ed's quote about there seldom being technical
solutions to behavioral problems.

Part of these regulations requires strongly retraining all employees
that they need to keep patient information out of emails. Things that
require patient information, like billing information, shouldn't
traverse email in the first place, rather it should be handled at the
billing system level. At that point, all an email has to contain is an
invoice number or a payment number and you're not passing any
confidential information.

HIPAA isn't something for which completely technical solutions exist.
This is one of those places.



--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 11:06 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, that isn't exactly like that. But it seems as though
 there also isn't an easy wau to determine what to encrypt on the fly..
 
  -Original Message-
  From: Roger Seielstad [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 26, 2003 7:33 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  What data are you actually trying to encrypt, and where is it coming

  from?
  
  For instance, some of our products offer HIPAA compliance for 
  electronic transactions, using a variety of transports, including 
  SMTP, IIRC.
  
  I'd push back at the auditors to make sure that they're clearly 
  defining what needs to be encrypted and what can be sent clear text.

  It sounds like they're pushing for 100% encryption of all email, 
  which is well beyond my understanding of the expectation under the 
  law.
  
  --
  Roger D. Seielstad - MCSE
  Sr. Systems Administrator
  Inovis Inc.
  
  
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 3:44 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   Argh...
   
   Which is pretty much what Eric was saying I think also. I kinda
   figured this was going to be a tremendous pain in the ass.
   
   So let me throw a side idea at ya. How about creating a different
   virtual server to handle certain domains and have that 
 relay through
   a gateway to encrypt that traffic. Then we would know who was
   getting the mail and the would be able to decrypt it.
   
   
   
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 1:39 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


I'll assume you are talking about SMIME encryption
 here. What you
want to do is not possible in the general sense. You need the
recipient's public key in order to encrypt their mail. 
 You would
have to have a predefined list of all possible recipients
  and their
public keys. Even if you had this list, I know of no
  products that
implement this (but then again, I've never looked)

You could probably rig something up using PGP on a unix
 box as an
outbound gateway. But then all your recipients would
 need PGP to
read the mail.

-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:25 PM
To: Exchange Discussions
Subject: Exchange server level encryption


Ok, my eyes are going crossed.
I have been trying to figure out a decent way to encrypt all
outbound email from our company. This is for compliance with 
HIPAA. Does anyone happen to have any ideas?

I have googled and haven't found a product that looks
  right. I have
searched for exchange 2000 encryption, email
 encryption, etc.
Help?

TIA

Mike


 _
List posting FAQ:   
 http://www.swinc.com/resource/exch_faq.htm
Archives:
http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption-OT

2003-02-26 Thread Ed Crowley 
Very hard to accept, considering the source.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christopher
Hummert
Sent: Wednesday, February 26, 2003 8:28 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


I work for a Insurance company. One of our biggest priorities is the
protection of patient information. Don't generalize a whole industry.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
Sent: Wednesday, February 26, 2003 7:26 AM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


Take exception all you like, for the vast majority of companies involved
in health care, patient information is not a priority. Nice that it is
in your organization, but yours is the exception rather than the rule I
assure you. Think insurance companies care about patient
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book
and setting up public and private networks initially would have solved
these types of issues. If protecting patient data had been a priority
from the get go, I'd expect this would already be in place. Instead,
maintaining that confidentiality was an idea given lip service to while
measures were put in place which were known to trade off security for
expediency. 

As noble as your organization's intentions are, a thimble full of wine
in a barrel of sewer water, still gets you a barrel of sewer water.
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:



Chris, I take exception to your comments in your second paragraph that
the reality is that companies don't really care about protecting patient
data. I work in a hospital and have met many people from other hospitals
through seminars, meetings, etc.  To say that we don't care is patently
false. Patient confidentiality is a priority, second only to patient
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse
blabs to someone about a patient and boom! she's fired.  I know, I've
seen it happen.

The trouble with HIPAA is that they seem to want hospitals and
healthcare organizations to be almost as secure as the Pentagon.  Our
administration hired a big name outfit to give their recomendations.  I
had to read through 23 documents from them.  And some of them, the
suggestions, were insane. One suggested (although it said it was
optional) searching all purses and bags that patients or visitors to the
hospital.  I guess they're afraid someone would sneak in a floppy to be
used to copy patient data.


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403 , but the
idea 
of needing to use nuclear power plants to product the levels of hydrogen

needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an
expert 
on the subject so I'm certainly open to knowing where the levels of
hydrogen

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave

their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't
really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the
cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said

Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have

been successful and this technology is expected to displace internal 
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here: 
http://www.hydrogencomponents.com/altfuel.html 


_ 
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm 
Archives:

RE: Exchange server level encryption-OT

2003-02-26 Thread Christopher Hummert 
All your trying to do is to start another flame war. 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley
Sent: Wednesday, February 26, 2003 8:37 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


Very hard to accept, considering the source.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christopher
Hummert
Sent: Wednesday, February 26, 2003 8:28 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


I work for a Insurance company. One of our biggest priorities is the
protection of patient information. Don't generalize a whole industry.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
Sent: Wednesday, February 26, 2003 7:26 AM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


Take exception all you like, for the vast majority of companies involved
in health care, patient information is not a priority. Nice that it is
in your organization, but yours is the exception rather than the rule I
assure you. Think insurance companies care about patient
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book
and setting up public and private networks initially would have solved
these types of issues. If protecting patient data had been a priority
from the get go, I'd expect this would already be in place. Instead,
maintaining that confidentiality was an idea given lip service to while
measures were put in place which were known to trade off security for
expediency. 

As noble as your organization's intentions are, a thimble full of wine
in a barrel of sewer water, still gets you a barrel of sewer water.
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:



Chris, I take exception to your comments in your second paragraph that
the reality is that companies don't really care about protecting patient
data. I work in a hospital and have met many people from other hospitals
through seminars, meetings, etc.  To say that we don't care is patently
false. Patient confidentiality is a priority, second only to patient
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse
blabs to someone about a patient and boom! she's fired.  I know, I've
seen it happen.

The trouble with HIPAA is that they seem to want hospitals and
healthcare organizations to be almost as secure as the Pentagon.  Our
administration hired a big name outfit to give their recomendations.  I
had to read through 23 documents from them.  And some of them, the
suggestions, were insane. One suggested (although it said it was
optional) searching all purses and bags that patients or visitors to the
hospital.  I guess they're afraid someone would sneak in a floppy to be
used to copy patient data.


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403 , but the
idea 
of needing to use nuclear power plants to product the levels of hydrogen

needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an
expert 
on the subject so I'm certainly open to knowing where the levels of
hydrogen

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave

their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't
really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the
cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said

Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have

been successful and this technology is expected to displace internal 
combustion engines in the 21st

Exchange 2K3 OWA Change Password

2003-02-26 Thread Finch Brett 
 Has anyone played with this feature (using SSL) to change the password. I
have followed the 'Q' article for Exchange2000 to enable (updating the
metabase via admin scripts etc...) but I noticed in Exchange2000 (I use 5.5)
it still was using the dreaded HTR extension. So I looked at the code
quickly and found the 'options.js' was still trying to call a file with a
HTR extension which I know wouldn't work on a IIS 6 box. The code as
follows...

 function openChangePassword()
{
var objLocation =   window.location;
var szServer=   objLocation.host;
var szClose =   g_szUserBase + /?Cmd=close;
var szURL   =   https://; + szServer +
/iisadmpwd/aexp2b.htr?


 So I change the extension to ASP as there is a file named aexp2b.asp in the
'iisadmpwd' folder. I also confirmed anonymous access was enabled and still
nothing, it calls up a page that it says isn't there. Anyone got this
working?

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: duplicate emails

2003-02-26 Thread Michael Ahlfont 
For example the email that you sent to me I recieved in my mailbox and a copy is sent 
to my yahoo account. This copy is duplicated. If this email was internal it would not 
be duplicated.

I didn't check message id and not sure how to. I believe I would need message tracking 
enabled for that. Im familiar with 5.5 but I need to read up on the exchange 2000. 



-Original Message-
From: Michelle Harmon [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 11:29 AM
To: Exchange Discussions
Subject: RE: duplicate emails


I'm not sure that I understand your question.  The custom recipients are
people outside your organization that are represented in your GAL, correct?
If so, then I'm not sure why you're concerned about mail that people outside
your company are getting from other people outside your company. 

Also, have you checked to see if the duplicate messages have the same
message ID?

-Original Message-
From: Michael Ahlfont [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 10:17 AM
To: Exchange Discussions
Subject: duplicate emails

Hello all

We have recently upgraded from exchange 5.5 to 2000. Friday we placed the
OWA server is outside the firewall and switched it to do the routing of smtp
email. Since we made the switch Friday night, the custom recipients receive
duplicate emails only from emails generated outside the company. Emails
generated from within the company are not duplicated. 

Any ideas on what is happening?

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Durkee, Peter 
I say we just have everyone type in gibberish from the beginning. It would work just 
as well, and be a lot cheaper. Besides, with all the spam filters and RBLs, the 
message isn't going to arrive anyway. 

Excuse me, I think I just had an attack of cynicism.

-Peter


-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 8:36
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Yup.  Setting up encrypted mail, whatever that is, isn't going to fix
the problem.  If all e-mail must be encrypted, you pretty much ought
to disconnect it from the Internet, because the vast majority of your
correspondents will not be able to communicate with you.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad
Sent: Wednesday, February 26, 2003 8:18 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Right. It goes back to Ed's quote about there seldom being technical
solutions to behavioral problems.

Part of these regulations requires strongly retraining all employees
that they need to keep patient information out of emails. Things that
require patient information, like billing information, shouldn't
traverse email in the first place, rather it should be handled at the
billing system level. At that point, all an email has to contain is an
invoice number or a payment number and you're not passing any
confidential information.

HIPAA isn't something for which completely technical solutions exist.
This is one of those places.



--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 11:06 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, that isn't exactly like that. But it seems as though
 there also isn't an easy wau to determine what to encrypt on the fly..
 
  -Original Message-
  From: Roger Seielstad [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 26, 2003 7:33 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  What data are you actually trying to encrypt, and where is it coming

  from?
  
  For instance, some of our products offer HIPAA compliance for 
  electronic transactions, using a variety of transports, including 
  SMTP, IIRC.
  
  I'd push back at the auditors to make sure that they're clearly 
  defining what needs to be encrypted and what can be sent clear text.

  It sounds like they're pushing for 100% encryption of all email, 
  which is well beyond my understanding of the expectation under the 
  law.
  
  --
  Roger D. Seielstad - MCSE
  Sr. Systems Administrator
  Inovis Inc.
  
  
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 3:44 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   Argh...
   
   Which is pretty much what Eric was saying I think also. I kinda
   figured this was going to be a tremendous pain in the ass.
   
   So let me throw a side idea at ya. How about creating a different
   virtual server to handle certain domains and have that 
 relay through
   a gateway to encrypt that traffic. Then we would know who was
   getting the mail and the would be able to decrypt it.
   
   
   
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 1:39 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


I'll assume you are talking about SMIME encryption
 here. What you
want to do is not possible in the general sense. You need the
recipient's public key in order to encrypt their mail. 
 You would
have to have a predefined list of all possible recipients
  and their
public keys. Even if you had this list, I know of no
  products that
implement this (but then again, I've never looked)

You could probably rig something up using PGP on a unix
 box as an
outbound gateway. But then all your recipients would
 need PGP to
read the mail.

-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:25 PM
To: Exchange Discussions
Subject: Exchange server level encryption


Ok, my eyes are going crossed.
I have been trying to figure out a decent way to encrypt all
outbound email from our company. This is for compliance with 
HIPAA. Does anyone happen to have any ideas?

I have googled and haven't found a product that looks
  right. I have
searched for exchange 2000

Re: Exchange server level encryption-OT

2003-02-26 Thread Chris Scharff 
I don't doubt that one of your company's biggest priorities now is
regulatory compliance as it relates to the protection of patient
information. If those involved in the health care industry had really been
concerned about protecting this data for the sake of the patients
themselves, wouldn't the safeguards already be in place?

On 2/26/03 10:27, Christopher Hummert [EMAIL PROTECTED] wrote:



I work for a Insurance company. One of our biggest priorities is the 
protection of patient information. Don't generalize a whole industry. 

-Original Message- 
From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff 
Sent: Wednesday, February 26, 2003 7:26 AM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Take exception all you like, for the vast majority of companies involved 
in health care, patient information is not a priority. Nice that it is 
in your organization, but yours is the exception rather than the rule I 
assure you. Think insurance companies care about patient 
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book 
and setting up public and private networks initially would have solved 
these types of issues. If protecting patient data had been a priority 
from the get go, I'd expect this would already be in place. Instead, 
maintaining that confidentiality was an idea given lip service to while 
measures were put in place which were known to trade off security for 
expediency. 

As noble as your organization's intentions are, a thimble full of wine 
in a barrel of sewer water, still gets you a barrel of sewer water. 
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote: 



Chris, I take exception to your comments in your second paragraph that 
the reality is that companies don't really care about protecting patient 
data. I work in a hospital and have met many people from other hospitals 
through seminars, meetings, etc.  To say that we don't care is patently 
false. Patient confidentiality is a priority, second only to patient 
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse 
blabs to someone about a patient and boom! she's fired.  I know, I've 
seen it happen. 

The trouble with HIPAA is that they seem to want hospitals and 
healthcare organizations to be almost as secure as the Pentagon.  Our 
administration hired a big name outfit to give their recomendations.  I 
had to read through 23 documents from them.  And some of them, the 
suggestions, were insane. One suggested (although it said it was 
optional) searching all purses and bags that patients or visitors to the 
hospital.  I guess they're afraid someone would sneak in a floppy to be 
used to copy patient data. 


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403  , but the 
idea 
of needing to use nuclear power plants to product the levels of hydrogen 

needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an 
expert 
on the subject so I'm certainly open to knowing where the levels of 
hydrogen 

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave 

their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't 
really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the 
cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said 

Hydrogen Fuel Cells which is what I was thinking of when I made the 
statement. As far as the pollution: 

Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
only water vapor from their exhaust pipes. Demonstrations of HFCEVs have 

been successful and this technology is expected to displace internal 
combustion engines in the 21st Century. 

Which I got from pretty much the first thing I could google up here: 
http://www.hydrogencomponents.com/altfuel.html

Re: duplicate emails

2003-02-26 Thread Chris Scharff 
Are these CRs alternate recipients for mailboxes?

On 2/26/03 11:06, Michael Ahlfont [EMAIL PROTECTED] wrote:



For example the email that you sent to me I recieved in my mailbox and a
copy is sent to my yahoo account. This copy is duplicated. If this email was
internal it would not be duplicated.

I didn't check message id and not sure how to. I believe I would need
message tracking enabled for that. Im familiar with 5.5 but I need to read
up on the exchange 2000. 



-Original Message- 
From: Michelle Harmon [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 11:29 AM 
To: Exchange Discussions 
Subject: RE: duplicate emails 


I'm not sure that I understand your question.  The custom recipients are 
people outside your organization that are represented in your GAL, correct? 
If so, then I'm not sure why you're concerned about mail that people outside

your company are getting from other people outside your company. 

Also, have you checked to see if the duplicate messages have the same 
message ID? 

-Original Message- 
From: Michael Ahlfont [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 10:17 AM 
To: Exchange Discussions 
Subject: duplicate emails 

Hello all 

We have recently upgraded from exchange 5.5 to 2000. Friday we placed the 
OWA server is outside the firewall and switched it to do the routing of smtp

email. Since we made the switch Friday night, the custom recipients receive 
duplicate emails only from emails generated outside the company. Emails 
generated from within the company are not duplicated. 

Any ideas on what is happening? 

_ 
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm 
Archives:   http://www.swynk.com/sitesearch/search.asp 
To unsubscribe: mailto:[EMAIL PROTECTED] 
Exchange List admin:[EMAIL PROTECTED] 

_ 
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm 
Archives:   http://www.swynk.com/sitesearch/search.asp 
To unsubscribe: mailto:[EMAIL PROTECTED] 
Exchange List admin:[EMAIL PROTECTED] 






_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: duplicate emails

2003-02-26 Thread Allison M. Wittstock 
Are you checking both Exchange server emails and POP3 mails?


On Wednesday 26 February 2003 06:06 pm, you wrote:
 For example the email that you sent to me I recieved in my mailbox and a
 copy is sent to my yahoo account. This copy is duplicated. If this email
 was internal it would not be duplicated.

 I didn't check message id and not sure how to. I believe I would need
 message tracking enabled for that. Im familiar with 5.5 but I need to read
 up on the exchange 2000.



 -Original Message-
 From: Michelle Harmon [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 11:29 AM
 To: Exchange Discussions
 Subject: RE: duplicate emails


 I'm not sure that I understand your question.  The custom recipients are
 people outside your organization that are represented in your GAL, correct?
 If so, then I'm not sure why you're concerned about mail that people
 outside your company are getting from other people outside your company.

 Also, have you checked to see if the duplicate messages have the same
 message ID?

 -Original Message-
 From: Michael Ahlfont [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 10:17 AM
 To: Exchange Discussions
 Subject: duplicate emails

 Hello all

 We have recently upgraded from exchange 5.5 to 2000. Friday we placed the
 OWA server is outside the firewall and switched it to do the routing of
 smtp email. Since we made the switch Friday night, the custom recipients
 receive duplicate emails only from emails generated outside the company.
 Emails generated from within the company are not duplicated.

 Any ideas on what is happening?

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption-OT

2003-02-26 Thread Christopher Hummert 
This is just my opinion on why it happened. From what I understand a few
bad apples had some mishaps with patient information, the media gets a
hold of this, blows it out of proportion, a few rep and senators decided
to do something about this, because now it's been blown into this
massive problem that threatens to destroy our society as we know it.
Thus HIPPA was born. The safeguards were already in place, the industry
was doing a good job creating solutions to protect patient data, but a
few people screwed it up. 

Even with HIPPA in place those same people will be out there to screw
things up, they'll find one way or another, and thus something like
HIPPA v2 will happen, with the cycle continuing on and on. 

With the insurance side of this, protection of patient information is
extremely important. Since if you screw up once and someone out there
finds out about, there are a ton of other agents out there that will be
more then happy to take that account away from you. 

Besides technology the bigger problem is the social side of patient data
protection.  Look at Kevin Metnick(spelling?), he used peoples trust in
other people, against them to get the information that he wanted. What's
going to stop someone from doing this? That's the biggest problem that
being faced today.



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
Sent: Wednesday, February 26, 2003 9:12 AM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


I don't doubt that one of your company's biggest priorities now is
regulatory compliance as it relates to the protection of patient
information. If those involved in the health care industry had really
been concerned about protecting this data for the sake of the patients
themselves, wouldn't the safeguards already be in place?

On 2/26/03 10:27, Christopher Hummert [EMAIL PROTECTED] wrote:



I work for a Insurance company. One of our biggest priorities is the 
protection of patient information. Don't generalize a whole industry. 

-Original Message- 
From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff 
Sent: Wednesday, February 26, 2003 7:26 AM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Take exception all you like, for the vast majority of companies involved

in health care, patient information is not a priority. Nice that it is 
in your organization, but yours is the exception rather than the rule I 
assure you. Think insurance companies care about patient 
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book 
and setting up public and private networks initially would have solved 
these types of issues. If protecting patient data had been a priority 
from the get go, I'd expect this would already be in place. Instead, 
maintaining that confidentiality was an idea given lip service to while 
measures were put in place which were known to trade off security for 
expediency. 

As noble as your organization's intentions are, a thimble full of wine 
in a barrel of sewer water, still gets you a barrel of sewer water. 
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote: 



Chris, I take exception to your comments in your second paragraph that 
the reality is that companies don't really care about protecting patient

data. I work in a hospital and have met many people from other hospitals

through seminars, meetings, etc.  To say that we don't care is patently 
false. Patient confidentiality is a priority, second only to patient 
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse 
blabs to someone about a patient and boom! she's fired.  I know, I've 
seen it happen. 

The trouble with HIPAA is that they seem to want hospitals and 
healthcare organizations to be almost as secure as the Pentagon.  Our 
administration hired a big name outfit to give their recomendations.  I 
had to read through 23 documents from them.  And some of them, the 
suggestions, were insane. One suggested (although it said it was 
optional) searching all purses and bags that patients or visitors to the

hospital.  I guess they're afraid someone would sneak in a floppy to be 
used to copy patient data. 


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403  , but
the 
idea 
of needing to use nuclear power plants to product the levels of hydrogen


needed for 'clean fuel cells' seems to make the water

RE: Exchange server level encryption-OT

2003-02-26 Thread Roger Seielstad 
And I used to work for the third largest insurance adjusting company in the
country, and information security was NEVER a priority for our customers.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Christopher Hummert [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 11:28 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption-OT
 
 
 I work for a Insurance company. One of our biggest priorities 
 is the protection of patient information. Don't generalize a 
 whole industry.
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
 Sent: Wednesday, February 26, 2003 7:26 AM
 To: Exchange Discussions
 Subject: Re: Exchange server level encryption-OT
 
 
 Take exception all you like, for the vast majority of 
 companies involved in health care, patient information is not 
 a priority. Nice that it is in your organization, but yours 
 is the exception rather than the rule I assure you. Think 
 insurance companies care about patient confidentiality? Hell, 
 they don't even care about patients. 
 
 Security second to the pentagon? Perhaps taking a page from 
 their book and setting up public and private networks 
 initially would have solved these types of issues. If 
 protecting patient data had been a priority from the get go, 
 I'd expect this would already be in place. Instead, 
 maintaining that confidentiality was an idea given lip 
 service to while measures were put in place which were known 
 to trade off security for expediency. 
 
 As noble as your organization's intentions are, a thimble 
 full of wine in a barrel of sewer water, still gets you a 
 barrel of sewer water. That's why extremely restrictive 
 regulations were enacted. 
 
 On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:
 
 
 
 Chris, I take exception to your comments in your second 
 paragraph that the reality is that companies don't really 
 care about protecting patient data. I work in a hospital and 
 have met many people from other hospitals through seminars, 
 meetings, etc.  To say that we don't care is patently false. 
 Patient confidentiality is a priority, second only to patient 
 care.  Our hospital has zero tolerance for PHI disclosure.  A 
 nurse blabs to someone about a patient and boom! she's fired. 
  I know, I've seen it happen.
 
 The trouble with HIPAA is that they seem to want hospitals 
 and healthcare organizations to be almost as secure as the 
 Pentagon.  Our administration hired a big name outfit to give 
 their recomendations.  I had to read through 23 documents 
 from them.  And some of them, the suggestions, were insane. 
 One suggested (although it said it was
 optional) searching all purses and bags that patients or 
 visitors to the hospital.  I guess they're afraid someone 
 would sneak in a floppy to be used to copy patient data.
 
 
 Paul Chinnery 
 Network Administrator 
 Mem Med Ctr 
 
 
 -Original Message- 
 From: Chris Scharff [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 7:10 PM 
 To: Exchange Discussions 
 Subject: Re: Exchange server level encryption-OT 
 
 
 Not an expert on the science behind this essay 
 http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
 http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403
  , but the idea 
 of needing to use nuclear power plants to product the levels 
 of hydrogen
 
 needed for 'clean fuel cells' seems to make the water is the only 
 byproduct argument a bit disingenuous. Course as I said, I'm 
 not an expert 
 on the subject so I'm certainly open to knowing where the 
 levels of hydrogen
 
 needed for such a thing would come from. 
 
 Perhaps instead of replacing HIPPA, those companies subject to its 
 regulations need to rethink how and why patient data would 
 need to leave
 
 their environment and design secure systems (which e-mail aint) to 
 facilitate that transmittal. Course the reality is companies 
 aren't really 
 interested in protecting patient data, just in being 
 compliant with the 
 various regulatory agencies which govern them. So, following 
 the cheapest 
 route to compliance they encounter the reality that cheap aint easy. 
 
 On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 
 
 
 
 Ok I knew I shouldn't have used that example, cause I knew 
 somewhere we 
 were going to get into a debate about it. In addition I 
 should have said
 
 Hydrogen Fuel Cells which is what I was thinking of when I made the 
 statement. As far as the pollution: 
 
 Fuel cells efficiently convert hydrogen fuel and oxygen from the air 
 into electricity. Hydrogen fuel cell electric vehicles (HFCEVs) emit 
 only water vapor from their exhaust pipes. Demonstrations of 
 HFCEVs have
 
 been successful and this technology is expected to displace internal 
 combustion engines in the 21st Century. 
 
 Which I

RE: Exchange server level encryption-OT

2003-02-26 Thread Ben Schorr 
We've offered encrypted e-mail to all of our clients; thus far very few, if
any, have agreed to do it.  They think it's too much of a hassle. sigh


-Ben-
Ben M. Schorr
Director of Information Services
Damon Key Leong Kupchak Hastert
http://www.hawaiilawyer.com



-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 7:42 AM
To: Exchange Discussions

And I used to work for the third largest insurance adjusting company in the
country, and information security was NEVER a priority for our customers.

--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Christopher Hummert [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 11:28 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption-OT
 
 
 I work for a Insurance company. One of our biggest priorities is the 
 protection of patient information. Don't generalize a whole industry.
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
 Sent: Wednesday, February 26, 2003 7:26 AM
 To: Exchange Discussions
 Subject: Re: Exchange server level encryption-OT
 
 
 Take exception all you like, for the vast majority of companies 
 involved in health care, patient information is not a priority. Nice 
 that it is in your organization, but yours is the exception rather 
 than the rule I assure you. Think insurance companies care about 
 patient confidentiality? Hell, they don't even care about patients.
 
 Security second to the pentagon? Perhaps taking a page from their book 
 and setting up public and private networks initially would have solved 
 these types of issues. If protecting patient data had been a priority 
 from the get go, I'd expect this would already be in place. Instead, 
 maintaining that confidentiality was an idea given lip service to 
 while measures were put in place which were known to trade off 
 security for expediency.
 
 As noble as your organization's intentions are, a thimble full of wine 
 in a barrel of sewer water, still gets you a barrel of sewer water. 
 That's why extremely restrictive regulations were enacted.
 
 On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:
 
 
 
 Chris, I take exception to your comments in your second paragraph that 
 the reality is that companies don't really care about protecting 
 patient data. I work in a hospital and have met many people from other 
 hospitals through seminars, meetings, etc.  To say that we don't care 
 is patently false.
 Patient confidentiality is a priority, second only to patient care.  
 Our hospital has zero tolerance for PHI disclosure.  A nurse blabs to 
 someone about a patient and boom! she's fired.
  I know, I've seen it happen.
 
 The trouble with HIPAA is that they seem to want hospitals and 
 healthcare organizations to be almost as secure as the Pentagon.  Our 
 administration hired a big name outfit to give their recomendations.  
 I had to read through 23 documents from them.  And some of them, the 
 suggestions, were insane.
 One suggested (although it said it was
 optional) searching all purses and bags that patients or visitors to 
 the hospital.  I guess they're afraid someone would sneak in a floppy 
 to be used to copy patient data.
 
 
 Paul Chinnery
 Network Administrator
 Mem Med Ctr
 
 
 -Original Message- 
 From: Chris Scharff [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, February 25, 2003 7:10 PM 
 To: Exchange Discussions 
 Subject: Re: Exchange server level encryption-OT 
 
 
 Not an expert on the science behind this essay 
 http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
 http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403
  , but the idea 
 of needing to use nuclear power plants to product the levels 
 of hydrogen
 
 needed for 'clean fuel cells' seems to make the water is the only 
 byproduct argument a bit disingenuous. Course as I said, I'm 
 not an expert 
 on the subject so I'm certainly open to knowing where the 
 levels of hydrogen
 
 needed for such a thing would come from. 
 
 Perhaps instead of replacing HIPPA, those companies subject to its 
 regulations need to rethink how and why patient data would 
 need to leave
 
 their environment and design secure systems (which e-mail aint) to 
 facilitate that transmittal. Course the reality is companies 
 aren't really 
 interested in protecting patient data, just in being 
 compliant with the 
 various regulatory agencies which govern them. So, following 
 the cheapest 
 route to compliance they encounter the reality that cheap aint easy. 
 
 On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 
 
 
 
 Ok I knew I shouldn't have used that example, cause I knew 
 somewhere we 
 were going to get into a debate about it. In addition I 
 should have said
 
 Hydrogen Fuel Cells which is what I was thinking of when I

Re: 5.5/2K co-existance

2003-02-26 Thread The Geek Q 
Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection for
mail delivery automatically setup?
I though they were. Do you have to edit the MTA or IMC connections. IMC is
using DNS for delivery.
There is only one MX record pointing to the 5.5 server. Do I need another
directed to the E2K system.
The setup is a mailfilter is passing mail from the Internet to a the 5.5
system, then I thought to the E2k box. How do I check this?
The issue is I have moved one test mail box to the E2K system, and it
intermintaly looses mail inbound and outbound, even when sening to users on
the 5.5 system.
I did check to see if the HOME server islisted correctly, it is.
Thanks,
- John Q
_
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: 5.5/2K co-existance

2003-02-26 Thread Ed Crowley 
You need a class.
http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?isbn=182
249itm=1
http://search.barnesandnoble.com/booksearch/isbnInquiry.asp?isbn=0782127
975itm=1

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 10:03 AM
To: Exchange Discussions
Subject: Re: 5.5/2K co-existance


Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection
for mail delivery automatically setup? I though they were. Do you have
to edit the MTA or IMC connections. IMC is using DNS for delivery. There
is only one MX record pointing to the 5.5 server. Do I need another
directed to the E2K system. The setup is a mailfilter is passing mail
from the Internet to a the 5.5 system, then I thought to the E2k box.
How do I check this? The issue is I have moved one test mail box to the
E2K system, and it intermintaly looses mail inbound and outbound, even
when sening to users on the 5.5 system. I did check to see if the HOME
server islisted correctly, it is.


Thanks,
- John Q

_
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange server level encryption

2003-02-26 Thread Ed Crowley 
More like realism.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Durkee, Peter
Sent: Wednesday, February 26, 2003 9:08 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


I say we just have everyone type in gibberish from the beginning. It
would work just as well, and be a lot cheaper. Besides, with all the
spam filters and RBLs, the message isn't going to arrive anyway. 

Excuse me, I think I just had an attack of cynicism.

-Peter


-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 8:36
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Yup.  Setting up encrypted mail, whatever that is, isn't going to fix
the problem.  If all e-mail must be encrypted, you pretty much ought
to disconnect it from the Internet, because the vast majority of your
correspondents will not be able to communicate with you.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad
Sent: Wednesday, February 26, 2003 8:18 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


Right. It goes back to Ed's quote about there seldom being technical
solutions to behavioral problems.

Part of these regulations requires strongly retraining all employees
that they need to keep patient information out of emails. Things that
require patient information, like billing information, shouldn't
traverse email in the first place, rather it should be handled at the
billing system level. At that point, all an email has to contain is an
invoice number or a payment number and you're not passing any
confidential information.

HIPAA isn't something for which completely technical solutions exist.
This is one of those places.



--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.


 -Original Message-
 From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 11:06 AM
 To: Exchange Discussions
 Subject: RE: Exchange server level encryption
 
 
 Well, that isn't exactly like that. But it seems as though there also 
 isn't an easy wau to determine what to encrypt on the fly..
 
  -Original Message-
  From: Roger Seielstad [mailto:[EMAIL PROTECTED]
  Sent: Wednesday, February 26, 2003 7:33 AM
  To: Exchange Discussions
  Subject: RE: Exchange server level encryption
  
  
  What data are you actually trying to encrypt, and where is it coming

  from?
  
  For instance, some of our products offer HIPAA compliance for
  electronic transactions, using a variety of transports, including 
  SMTP, IIRC.
  
  I'd push back at the auditors to make sure that they're clearly
  defining what needs to be encrypted and what can be sent clear text.

  It sounds like they're pushing for 100% encryption of all email,
  which is well beyond my understanding of the expectation under the 
  law.
  
  --
  Roger D. Seielstad - MCSE
  Sr. Systems Administrator
  Inovis Inc.
  
  
   -Original Message-
   From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, February 25, 2003 3:44 PM
   To: Exchange Discussions
   Subject: RE: Exchange server level encryption
   
   
   Argh...
   
   Which is pretty much what Eric was saying I think also. I kinda 
   figured this was going to be a tremendous pain in the ass.
   
   So let me throw a side idea at ya. How about creating a different 
   virtual server to handle certain domains and have that
 relay through
   a gateway to encrypt that traffic. Then we would know who was 
   getting the mail and the would be able to decrypt it.
   
   
   
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 1:39 PM
To: Exchange Discussions
Subject: RE: Exchange server level encryption


I'll assume you are talking about SMIME encryption
 here. What you
want to do is not possible in the general sense. You need the 
recipient's public key in order to encrypt their mail.
 You would
have to have a predefined list of all possible recipients
  and their
public keys. Even if you had this list, I know of no
  products that
implement this (but then again, I've never looked)

You could probably rig something up using PGP on a unix
 box as an
outbound gateway. But then all your recipients would
 need PGP to
read the mail.

-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 3:25 PM
To: Exchange Discussions
Subject: Exchange server level

RE: Exchange server level encryption-OT

2003-02-26 Thread Ed Crowley 
You're.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christopher
Hummert
Sent: Wednesday, February 26, 2003 8:39 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


All your trying to do is to start another flame war. 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley
Sent: Wednesday, February 26, 2003 8:37 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


Very hard to accept, considering the source.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christopher
Hummert
Sent: Wednesday, February 26, 2003 8:28 AM
To: Exchange Discussions
Subject: RE: Exchange server level encryption-OT


I work for a Insurance company. One of our biggest priorities is the
protection of patient information. Don't generalize a whole industry.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Scharff
Sent: Wednesday, February 26, 2003 7:26 AM
To: Exchange Discussions
Subject: Re: Exchange server level encryption-OT


Take exception all you like, for the vast majority of companies involved
in health care, patient information is not a priority. Nice that it is
in your organization, but yours is the exception rather than the rule I
assure you. Think insurance companies care about patient
confidentiality? Hell, they don't even care about patients. 

Security second to the pentagon? Perhaps taking a page from their book
and setting up public and private networks initially would have solved
these types of issues. If protecting patient data had been a priority
from the get go, I'd expect this would already be in place. Instead,
maintaining that confidentiality was an idea given lip service to while
measures were put in place which were known to trade off security for
expediency. 

As noble as your organization's intentions are, a thimble full of wine
in a barrel of sewer water, still gets you a barrel of sewer water.
That's why extremely restrictive regulations were enacted. 

On 2/26/03 7:19, Chinnery, Paul [EMAIL PROTECTED] wrote:



Chris, I take exception to your comments in your second paragraph that
the reality is that companies don't really care about protecting patient
data. I work in a hospital and have met many people from other hospitals
through seminars, meetings, etc.  To say that we don't care is patently
false. Patient confidentiality is a priority, second only to patient
care.  Our hospital has zero tolerance for PHI disclosure.  A nurse
blabs to someone about a patient and boom! she's fired.  I know, I've
seen it happen.

The trouble with HIPAA is that they seem to want hospitals and
healthcare organizations to be almost as secure as the Pentagon.  Our
administration hired a big name outfit to give their recomendations.  I
had to read through 23 documents from them.  And some of them, the
suggestions, were insane. One suggested (although it said it was
optional) searching all purses and bags that patients or visitors to the
hospital.  I guess they're afraid someone would sneak in a floppy to be
used to copy patient data.


Paul Chinnery 
Network Administrator 
Mem Med Ctr 


-Original Message- 
From: Chris Scharff [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, February 25, 2003 7:10 PM 
To: Exchange Discussions 
Subject: Re: Exchange server level encryption-OT 


Not an expert on the science behind this essay 
http://tnr.com/docprint.mhtml?i=20030224=easterbrook022403
http://tnr.com/docprint.mhtml?i=20030224s=easterbrook022403 , but the
idea 
of needing to use nuclear power plants to product the levels of hydrogen

needed for 'clean fuel cells' seems to make the water is the only 
byproduct argument a bit disingenuous. Course as I said, I'm not an
expert 
on the subject so I'm certainly open to knowing where the levels of
hydrogen

needed for such a thing would come from. 

Perhaps instead of replacing HIPPA, those companies subject to its 
regulations need to rethink how and why patient data would need to leave

their environment and design secure systems (which e-mail aint) to 
facilitate that transmittal. Course the reality is companies aren't
really 
interested in protecting patient data, just in being compliant with the 
various regulatory agencies which govern them. So, following the
cheapest 
route to compliance they encounter the reality that cheap aint easy. 

On 2/25/03 16:06, Christopher Hummert [EMAIL PROTECTED] wrote: 



Ok I knew I shouldn't have used that example, cause I knew somewhere we 
were going to get into a debate about it. In addition I should have said

Hydrogen Fuel Cells which is what I was thinking of when I made the

RE: 5.5/2K co-existance

2003-02-26 Thread William Lefkovics 
When you install Exchange2000 joining an Exchange5.5 site, there is a lot of
prep work that would eliminate most of your questions. You don't even
mention 'Active Directory Connector'.  There is a lot more to know before
effectively answering your question as asked.

I recommend starting here:
http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradeguide.a
sp

William

 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 10:03 AM
To: Exchange Discussions

Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection for
mail delivery automatically setup?
I though they were. Do you have to edit the MTA or IMC connections. IMC is
using DNS for delivery.
There is only one MX record pointing to the 5.5 server. Do I need another
directed to the E2K system.
The setup is a mailfilter is passing mail from the Internet to a the 5.5
system, then I thought to the E2k box. How do I check this?
The issue is I have moved one test mail box to the E2K system, and it
intermintaly looses mail inbound and outbound, even when sening to users on
the 5.5 system.
I did check to see if the HOME server islisted correctly, it is.


Thanks,
- John Q

_
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: Exchange server level encryption-OT

2003-02-26 Thread Chris Scharff 
On 2/26/03 11:30, Christopher Hummert [EMAIL PROTECTED] wrote:

 This is just my opinion on why it happened. From what I understand a few
 bad apples had some mishaps with patient information, the media gets a
 hold of this, blows it out of proportion,

Blows what out of proportion? Insufficient safeguards on patient data? What
would be a significant reaction to the unauthorized sharing of thousands of
medical records? Is oops, we're terribly sorry a sufficient level of
accountability for such actions? Shouldn't others in the medical industry
have risen up saying, we've spent millions of dollars putting safeguards in
place to protect patient privacy and this rogue entity needs to be punished
severely? But they didn't.. I wonder why. Perhaps because none of them were
really doing anything to protect this data.

 a few rep and senators decided
 to do something about this, because now it's been blown into this
 massive problem that threatens to destroy our society as we know it.

It's this level of sarcasm and complete lack of understanding of why the
public is concerned about their information being shared inappropriately
which lead to regulations being put in place.

 Thus HIPPA was born.

It's HIPAA. 

The safeguards were already in place, the industry
 was doing a good job creating solutions to protect patient data, but a
 few people screwed it up.

Really? If the safeguards were in place then why are there companies making
tons of cash off of implementing solutions to ensure HIPAA compliance? HIPAA
compliance is one of the largest sources of IT spending anywhere at the
moment. I fail to see how that can be if the safeguards are already in
place. 
 
 Even with HIPPA in place those same people will be out there to screw
 things up, they'll find one way or another, and thus something like
 HIPPA v2 will happen, with the cycle continuing on and on.

And this is a bad thing why?
 
 With the insurance side of this, protection of patient information is
 extremely important. Since if you screw up once and someone out there
 finds out about, there are a ton of other agents out there that will be
 more then happy to take that account away from you.

Well, first of all.. There's the all important if someone finds out. It's
certainly possible that there are hundreds (nay thousands, nay tens of
thousands) of incidents which have occurred which the public will never find
out about. The reality is that disclosure of patient data among the largest
insurers is unlikely to result in to large of a change in the status quo.
Look at all the bad press Ford took for the Pinto in the 70's, yet they are
still going strong. Why should we expect that a large insurer would suffer a
dissimilar fate?
 
 Besides technology the bigger problem is the social side of patient data
 protection.  Look at Kevin Metnick(spelling?), he used peoples trust in
 other people, against them to get the information that he wanted. What's
 going to stop someone from doing this? That's the biggest problem that
 being faced today.

Social engineering is a problem. That it is the biggest problem is a
debatable point. 


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: 5.5/2K co-existance

2003-02-26 Thread The Geek Q 
That is funny you listed that doc, those were the steps I followed.
The ADC is up and running, no errors.
The issue is I can get delivery receipts from the systems, when I send them 
mail from the ouside. But when that user replies to the message it goes to 
never-never land.
And internal delivery, with-in the site, is fine. But when ALL users send 
mail to outside domains it is not listed in the queue and is never 
delivered. I can ping ouside and do MX lookup properly, but the message are 
no where to be found.
That is why I think  I have a real issue.



From: William Lefkovics [EMAIL PROTECTED]
Reply-To: Exchange Discussions [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Subject: RE: 5.5/2K co-existance
Date: Wed, 26 Feb 2003 10:49:45 -0800
When you install Exchange2000 joining an Exchange5.5 site, there is a lot 
of
prep work that would eliminate most of your questions. You don't even
mention 'Active Directory Connector'.  There is a lot more to know before
effectively answering your question as asked.

I recommend starting here:
http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradeguide.a
sp
William



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 10:03 AM
To: Exchange Discussions
Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection for
mail delivery automatically setup?
I though they were. Do you have to edit the MTA or IMC connections. IMC is
using DNS for delivery.
There is only one MX record pointing to the 5.5 server. Do I need another
directed to the E2K system.
The setup is a mailfilter is passing mail from the Internet to a the 5.5
system, then I thought to the E2k box. How do I check this?
The issue is I have moved one test mail box to the E2K system, and it
intermintaly looses mail inbound and outbound, even when sening to users on
the 5.5 system.
I did check to see if the HOME server islisted correctly, it is.
Thanks,
- John Q
_
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]
_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Disabling Departed Users

2003-02-26 Thread Yanek Korff 

In Exchange 5.5, when a user departed we'd disable their accounts and
continue collecting mail for them so their supervisors could look at
anything business related.

In Exchange 2000, if we disable the account they can no longer receive mail.
The event logs say:
Disabled user /O=[blah-o]/OU=[blah-ou]/CN=RECIPIENTS/CN=[userid] does not
have a master account SID. Please use Active Directory MMC to set an active
account as this user's master account. 

So what's the appropriate procedure for disabling accounts yet allowing the
user to continue to receive mail in a 2k domain?  Or do I have something
screwed up?

-Yanek.

- 
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.  Thank You.

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: 5.5/2K co-existance

2003-02-26 Thread William Lefkovics 
Well now we're getting somewhere.  :o)

Start with message tracking.  Where is 'never-never land' exactly?
Also, increasing logging might produce some ugly errors in the application
event log (that might make you curse at the ADC).
 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 11:24 AM
To: Exchange Discussions

That is funny you listed that doc, those were the steps I followed.
The ADC is up and running, no errors.
The issue is I can get delivery receipts from the systems, when I send them
mail from the ouside. But when that user replies to the message it goes to
never-never land.
And internal delivery, with-in the site, is fine. But when ALL users send
mail to outside domains it is not listed in the queue and is never
delivered. I can ping ouside and do MX lookup properly, but the message are
no where to be found.
That is why I think  I have a real issue.



From: William Lefkovics [EMAIL PROTECTED]
Reply-To: Exchange Discussions [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Subject: RE: 5.5/2K co-existance
Date: Wed, 26 Feb 2003 10:49:45 -0800

When you install Exchange2000 joining an Exchange5.5 site, there is a 
lot of prep work that would eliminate most of your questions. You don't 
even mention 'Active Directory Connector'.  There is a lot more to know 
before effectively answering your question as asked.

I recommend starting here:
http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradegu
ide.a
sp

William




-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 10:03 AM
To: Exchange Discussions

Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection 
for mail delivery automatically setup?
I though they were. Do you have to edit the MTA or IMC connections. IMC 
is using DNS for delivery.
There is only one MX record pointing to the 5.5 server. Do I need 
another directed to the E2K system.
The setup is a mailfilter is passing mail from the Internet to a the 
5.5 system, then I thought to the E2k box. How do I check this?
The issue is I have moved one test mail box to the E2K system, and it 
intermintaly looses mail inbound and outbound, even when sening to 
users on the 5.5 system.
I did check to see if the HOME server islisted correctly, it is.


Thanks,
- John Q

_
The new MSN 8: smart spam protection and 2 months FREE* 
http://join.msn.com/?page=features/junkmail


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: 5.5/2K co-existance

2003-02-26 Thread Ed Crowley 
Are the servers in the same or different routing groups?

Do you want SMTP mail routed out through the 5.5 server?  Have you done
any configuration to the Exchange 2000 SMTP virtual server(s) and/or
SMTP Connector?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 11:24 AM
To: Exchange Discussions
Subject: RE: 5.5/2K co-existance


That is funny you listed that doc, those were the steps I followed. The
ADC is up and running, no errors. The issue is I can get delivery
receipts from the systems, when I send them 
mail from the ouside. But when that user replies to the message it goes
to 
never-never land.
And internal delivery, with-in the site, is fine. But when ALL users
send 
mail to outside domains it is not listed in the queue and is never 
delivered. I can ping ouside and do MX lookup properly, but the message
are 
no where to be found.
That is why I think  I have a real issue.



From: William Lefkovics [EMAIL PROTECTED]
Reply-To: Exchange Discussions [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Subject: RE: 5.5/2K co-existance
Date: Wed, 26 Feb 2003 10:49:45 -0800

When you install Exchange2000 joining an Exchange5.5 site, there is a 
lot
of
prep work that would eliminate most of your questions. You don't even
mention 'Active Directory Connector'.  There is a lot more to know
before
effectively answering your question as asked.

I recommend starting here: 
http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradegu
ide.a
sp

William




-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
Sent: Wednesday, February 26, 2003 10:03 AM
To: Exchange Discussions

Could use some help, need a refresher!
When you add a E2K server into a existing 5.5 site. Are the connection 
for mail delivery automatically setup? I though they were. Do you have 
to edit the MTA or IMC connections. IMC is using DNS for delivery.
There is only one MX record pointing to the 5.5 server. Do I need
another
directed to the E2K system.
The setup is a mailfilter is passing mail from the Internet to a the
5.5
system, then I thought to the E2k box. How do I check this?
The issue is I have moved one test mail box to the E2K system, and it
intermintaly looses mail inbound and outbound, even when sening to
users on
the 5.5 system.
I did check to see if the HOME server islisted correctly, it is.


Thanks,
- John Q

_
The new MSN 8: smart spam protection and 2 months FREE* 
http://join.msn.com/?page=features/junkmail


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
MSN 8 with e-mail virus protection service: 2 months FREE*  
http://join.msn.com/?page=features/virus


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Offline Address book not updating

2003-02-26 Thread Gonzalez, Alex 
We are currently having an issue with O98 clients not getting their
offline address books updated.  The data is old.  We have recreated
profiles and deleted application data and still nothing.  We are running
EX2000 SP3.

Thanks


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Disabling Departed Users

2003-02-26 Thread Michelle Harmon 
Go to the Exchange advanced tab--mailbox rights on the user object and add
self as associated external account.  Wait a bit and you'll be able to
send mail to the mailbox.

-Original Message-
From: Yanek Korff [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:28 PM
To: Exchange Discussions
Subject: Disabling Departed Users


In Exchange 5.5, when a user departed we'd disable their accounts and
continue collecting mail for them so their supervisors could look at
anything business related.

In Exchange 2000, if we disable the account they can no longer receive mail.
The event logs say:
Disabled user /O=[blah-o]/OU=[blah-ou]/CN=RECIPIENTS/CN=[userid] does not
have a master account SID. Please use Active Directory MMC to set an active
account as this user's master account. 

So what's the appropriate procedure for disabling accounts yet allowing the
user to continue to receive mail in a 2k domain?  Or do I have something
screwed up?

-Yanek.

- 
This electronic message transmission contains information that may be
confidential or privileged.  The information contained herein is intended
solely for the recipient and use by any other party is not authorized.  If
you are not the intended recipient (or otherwise authorized to receive this
message by the intended recipient), any disclosure, copying, distribution or
use of the contents of the information is prohibited.  If you have received
this electronic message transmission in error, please contact the sender by
reply email and delete all copies of this message.  Cigital, Inc. accepts no
responsibility for any loss or damage resulting directly or indirectly from
the use of this email or its contents.  Thank You.

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

HIPPA and mail relaying

2003-02-26 Thread Waters, Jeff 
Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have the
Do not reroute incoming SMTP mail tab selected in the Routing tab of the IMS
selected.  The magic tool that the consultant used, and I don't know what it
is, and the CFI LANguard scanner I just used is reporting that the server is
an open mail relay.  Now the consultant is telling us that he doesn't
usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this before,
or am I just being a bonehead and missing something.
Thanks
Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Waters, Jeff 
Sorry, bad day we are using sp4 on the server.

-Original Message-
From: Waters, Jeff [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 3:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have the
Do not reroute incoming SMTP mail tab selected in the Routing tab of the IMS
selected.  The magic tool that the consultant used, and I don't know what it
is, and the CFI LANguard scanner I just used is reporting that the server is
an open mail relay.  Now the consultant is telling us that he doesn't
usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this before,
or am I just being a bonehead and missing something.
Thanks
Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

CDO contact question

2003-02-26 Thread Woodruff, Michael 
I am pulling contacts out of a database using CDO and putting them in a
PF.  When the code finishes the contact is there but the Business
Address is not showing up in the preview.   When I open the contact it
is there.  Then I close it and it is there.  I use the update method
(oAddr.Update , True) to make it reload the info, but it is not working?
Any ideas?

Thanks
Mike

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Offline Address book not updating

2003-02-26 Thread Ed Crowley 
Search the Knowledge Base for the exact phrase Offline Address Book
for product Exchange 2000.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gonzalez, Alex
Sent: Wednesday, February 26, 2003 12:07 PM
To: Exchange Discussions
Subject: Offline Address book not updating


We are currently having an issue with O98 clients not getting their
offline address books updated.  The data is old.  We have recreated
profiles and deleted application data and still nothing.  We are running
EX2000 SP3.

Thanks


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Ed Crowley 
Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Waters, Jeff 
It's a great tool, it says the site is an open relay.  What it does not say
is how it came to the decision or what it's using as its proof.  We are
co.hanover.va.us and I have done a telnet to port 25 and gotten the 550
error.
I'm so confused.
Thanks
Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: HIPPA and mail relaying

2003-02-26 Thread Patrick R. Sweeney 
There are multiple methods of relaying.  The tool should report how it is
relaying.

Abuse.net maintains a tool which will tell you if you are relaying.
http://www.abuse.net/relay.html

-Patrick R. Sweeney
http://boston.craigslist.org/bos/res/8484283.html
- Original Message -
From: Waters, Jeff [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 3:14 PM
Subject: HIPPA and mail relaying


 Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the
 Do not reroute incoming SMTP mail tab selected in the Routing tab of the
IMS
 selected.  The magic tool that the consultant used, and I don't know what
it
 is, and the CFI LANguard scanner I just used is reporting that the server
is
 an open mail relay.  Now the consultant is telling us that he doesn't
 usually get a false hit on this.
 So for you exchange guru's out there, have any of you ran into this
before,
 or am I just being a bonehead and missing something.
 Thanks
 Jeff

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]



_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Smith, Ronni 
I have a series of tests that I run manually to test the relaying. I got it
from one of the testing websites a couple of years ago. I can't recall which
one. It ran about 10 or 12 different tests I think. One of which would not
produce the 550 relay prohibited thing when run against Exchange 5.5 but
which also would not actually relay the message. If you like I can dig
around for that list of tests. And/or the website.

Ronni

-Original Message-
From: Waters, Jeff [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 1:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


It's a great tool, it says the site is an open relay.  What it does not say
is how it came to the decision or what it's using as its proof.  We are
co.hanover.va.us and I have done a telnet to port 25 and gotten the 550
error.
I'm so confused.
Thanks
Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Exchange 2K3 OWA Change Password

2003-02-26 Thread Andrey Fyodorov 
As far as I can see the OWA 2k3 password change procedure is the same as OWA 2k.

That script that they say we should use only understands username, domain name, and 
password. Not [EMAIL PROTECTED] and password. I like the latter.

So we took a portion of MS WebAdmin tool responsible for changing passwords and hooked 
it up to OWA's options.js


-Original Message-
From: Finch Brett [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 11:48 AM
To: Exchange Discussions
Subject: Exchange 2K3 OWA Change Password


 Has anyone played with this feature (using SSL) to change the password. I
have followed the 'Q' article for Exchange2000 to enable (updating the
metabase via admin scripts etc...) but I noticed in Exchange2000 (I use 5.5)
it still was using the dreaded HTR extension. So I looked at the code
quickly and found the 'options.js' was still trying to call a file with a
HTR extension which I know wouldn't work on a IIS 6 box. The code as
follows...

 function openChangePassword()
{
var objLocation =   window.location;
var szServer=   objLocation.host;
var szClose =   g_szUserBase + /?Cmd=close;
var szURL   =   https://; + szServer +
/iisadmpwd/aexp2b.htr?


 So I change the extension to ASP as there is a file named aexp2b.asp in the
'iisadmpwd' folder. I also confirmed anonymous access was enabled and still
nothing, it calls up a page that it says isn't there. Anyone got this
working?

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Ed Crowley 
You're relay secure.

Some tools are too good.  They test scenarios where Exchange will accept
a message for delivery but not relay it.  That is, not all such
scenarios generate a 550 error, but Exchange doesn't relay them and
that's what really matters.  I think your tool is reporting a false
positive.  If the tool was great it would tell you what it was doing
and what passed and what failed.  If all you're getting is a pass/fail,
then the tool leaves something to be desired.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 1:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


It's a great tool, it says the site is an open relay.  What it does not
say is how it came to the decision or what it's using as its proof.  We
are co.hanover.va.us and I have done a telnet to port 25 and gotten the
550 error. I'm so confused. Thanks Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Andrey Fyodorov 
I have a customer who has been connecting to our Exchange servers just fine with MAPI 
Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured with Windows 
XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it failed on 
the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Ed Crowley 
Exchange either relays or it doesn't; there aren't any settings that
allow different types of relay.  If you try a simple relay test and get
the 550, then Exchange is properly configured.  That's my experience,
anyway, so fancy tools aren't terribly important.  I just do this:

Telnet servername 25
HELO name.com
MAIL FROM:[EMAIL PROTECTED]
RCPT TO:[EMAIL PROTECTED]
QUIT

It's easier than finding the website!

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Patrick R.
Sweeney
Sent: Wednesday, February 26, 2003 1:13 PM
To: Exchange Discussions
Subject: Re: HIPPA and mail relaying


There are multiple methods of relaying.  The tool should report how it
is relaying.

Abuse.net maintains a tool which will tell you if you are relaying.
http://www.abuse.net/relay.html

-Patrick R. Sweeney http://boston.craigslist.org/bos/res/8484283.html
- Original Message -
From: Waters, Jeff [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 3:14 PM
Subject: HIPPA and mail relaying


 Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I 
 have
the
 Do not reroute incoming SMTP mail tab selected in the Routing tab of 
 the
IMS
 selected.  The magic tool that the consultant used, and I don't know 
 what
it
 is, and the CFI LANguard scanner I just used is reporting that the 
 server
is
 an open mail relay.  Now the consultant is telling us that he doesn't 
 usually get a false hit on this. So for you exchange guru's out there,

 have any of you ran into this
before,
 or am I just being a bonehead and missing something.
 Thanks
 Jeff

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]



_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Martin Blackstone 
http://www.abuse.net/relay.html 


-Original Message-
From: Smith, Ronni [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:06 PM
To: Exchange Discussions

I have a series of tests that I run manually to test the relaying. I got it
from one of the testing websites a couple of years ago. I can't recall which
one. It ran about 10 or 12 different tests I think. One of which would not
produce the 550 relay prohibited thing when run against Exchange 5.5 but
which also would not actually relay the message. If you like I can dig
around for that list of tests. And/or the website.

Ronni

-Original Message-
From: Waters, Jeff [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 1:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


It's a great tool, it says the site is an open relay.  What it does not say
is how it came to the decision or what it's using as its proof.  We are
co.hanover.va.us and I have done a telnet to port 25 and gotten the 550
error.
I'm so confused.
Thanks
Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: HIPPA and mail relaying

2003-02-26 Thread Waters, Jeff 
Thanks Ed.  I don't know what he was looking for, but am just letting all
the powers that be know that we are not a relay site.  
Thanks again
Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:18 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


You're relay secure.

Some tools are too good.  They test scenarios where Exchange will accept
a message for delivery but not relay it.  That is, not all such
scenarios generate a 550 error, but Exchange doesn't relay them and
that's what really matters.  I think your tool is reporting a false
positive.  If the tool was great it would tell you what it was doing
and what passed and what failed.  If all you're getting is a pass/fail,
then the tool leaves something to be desired.

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 1:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


It's a great tool, it says the site is an open relay.  What it does not
say is how it came to the decision or what it's using as its proof.  We
are co.hanover.va.us and I have done a telnet to port 25 and gotten the
550 error. I'm so confused. Thanks Jeff

-Original Message-
From: Ed Crowley [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:00 PM
To: Exchange Discussions
Subject: RE: HIPPA and mail relaying


Exactly what does the tool say?  What is your domain?

Ed Crowley MCSE+Internet MVP
Freelance E-Mail Philosopher
Protecting the world from PSTs and Bricked Backups!T


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
Sent: Wednesday, February 26, 2003 12:14 PM
To: Exchange Discussions
Subject: HIPPA and mail relaying


Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
the Do not reroute incoming SMTP mail tab selected in the Routing tab of
the IMS selected.  The magic tool that the consultant used, and I don't
know what it is, and the CFI LANguard scanner I just used is reporting
that the server is an open mail relay.  Now the consultant is telling us
that he doesn't usually get a false hit on this.  
So for you exchange guru's out there, have any of you ran into this
before, or am I just being a bonehead and missing something. Thanks Jeff

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Martin Blackstone 
Do the old PC's perhaps have a host file or a static route setup on them to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Friese, Casey 
The Exchange server isn't by chance behind an ISA server is it?

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:28 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


Do the old PC's perhaps have a host file or a static route setup on them to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Waters, Jeff 
I am running XP SP1 and having no problems what so ever.  Can you resolve
the exchange server from the command prompt?  
A side note, 1st thing I always do to any new system, dump the OEM
configuration and put our configs on the systems.  I have found this to
solve more than one or two problems along the way.
Jeff

-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:20 PM
To: Exchange Discussions
Subject: Outlook on Win XP SP1 can't connect to Exchange server


I have a customer who has been connecting to our Exchange servers just fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook 2000 and .PST problem

2003-02-26 Thread Darcy Adams 
Check the properties on the file - make sure it isn't set as read only

-Original Message-
From: Cooke, Brian [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 11:59 AM
To: Exchange Discussions
Subject: RE: Outlook 2000 and .PST problem


I actually ran scanpst on it and nothing really seems to be happening.   The
file isn't big at all maybe 200 MB max.  But the strange thing is that when
running scanpst util on it it's flies through and says everything completed
successfully.   I'm going to run it a few more times and see if there's any
change but from the looks of things everything seems to be in order.  

-Original Message-
From: Santhosh, H. [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 2:52 PM
To: Exchange Discussions
Cc: Cooke, Brian
Subject: RE: Outlook 2000 and .PST problem


Try scanpst.exe utility and run on the pst file
also see if the pst is beyond 2gb if it is u need one more utility
if u are coming the pst from cdrom remove the read only attribute

-Original Message-
From: Cooke, Brian [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 2:48 PM
To: Exchange Discussions
Subject: Outlook 2000 and .PST problem


All,
I am having a problem with a user's PST file here in the office.   He got a
new PC and we were transferring over data however when I went to transfer
his PST file the file size remains the same but there is no folder list and
I can't seem to find any items in the view.   Everything with the transfer
runs smoothly and there seems to be no problem until we try to access the
data.   Does any one have any thoughts as to what the problem might be.  We
are running Exchange 5.5 on Win2K server.  The client is Outlook 2000 on XP.
Thanks in advance for all your help.

Regards,
Brian Cooke

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


**
This message and any attachments are intended for the 
individual or entity named above. If you are not the intended
recipient, please do not forward, copy, print, use or disclose this 
communication to others; also please notify the sender by 
replying to this message, and then delete it from your system. 

The Timken Company
**


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]


===
This email and its contents are confidential. If you
are not the intended recipient, please do not disclose
or use the information within this email or its
attachments. If you have received this email in error,
please delete it immediately. Thank you.
===

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Andrey Fyodorov 
nope

-Original Message-
From: Friese, Casey [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:38 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


The Exchange server isn't by chance behind an ISA server is it?

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:28 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


Do the old PC's perhaps have a host file or a static route setup on them to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: 5.5/2K co-existance

2003-02-26 Thread John Q Jr 
I do want mail router throgh 5.5 and no changes were made to the STMP
connector

- Original Message -
From: Ed Crowley [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 12:38 PM
Subject: RE: 5.5/2K co-existance


 Are the servers in the same or different routing groups?

 Do you want SMTP mail routed out through the 5.5 server?  Have you done
 any configuration to the Exchange 2000 SMTP virtual server(s) and/or
 SMTP Connector?

 Ed Crowley MCSE+Internet MVP
 Freelance E-Mail Philosopher
 Protecting the world from PSTs and Bricked Backups!T


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 11:24 AM
 To: Exchange Discussions
 Subject: RE: 5.5/2K co-existance


 That is funny you listed that doc, those were the steps I followed. The
 ADC is up and running, no errors. The issue is I can get delivery
 receipts from the systems, when I send them
 mail from the ouside. But when that user replies to the message it goes
 to
 never-never land.
 And internal delivery, with-in the site, is fine. But when ALL users
 send
 mail to outside domains it is not listed in the queue and is never
 delivered. I can ping ouside and do MX lookup properly, but the message
 are
 no where to be found.
 That is why I think  I have a real issue.



 From: William Lefkovics [EMAIL PROTECTED]
 Reply-To: Exchange Discussions [EMAIL PROTECTED]
 To: Exchange Discussions [EMAIL PROTECTED]
 Subject: RE: 5.5/2K co-existance
 Date: Wed, 26 Feb 2003 10:49:45 -0800
 
 When you install Exchange2000 joining an Exchange5.5 site, there is a
 lot
 of
 prep work that would eliminate most of your questions. You don't even
 mention 'Active Directory Connector'.  There is a lot more to know
 before
 effectively answering your question as asked.
 
 I recommend starting here:
 http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradegu
 ide.a
 sp
 
 William
 
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 10:03 AM
 To: Exchange Discussions
 
 Could use some help, need a refresher!
 When you add a E2K server into a existing 5.5 site. Are the connection
 for mail delivery automatically setup? I though they were. Do you have
 to edit the MTA or IMC connections. IMC is using DNS for delivery.
 There is only one MX record pointing to the 5.5 server. Do I need
 another
 directed to the E2K system.
 The setup is a mailfilter is passing mail from the Internet to a the
 5.5
 system, then I thought to the E2k box. How do I check this?
 The issue is I have moved one test mail box to the E2K system, and it
 intermintaly looses mail inbound and outbound, even when sening to
 users on
 the 5.5 system.
 I did check to see if the HOME server islisted correctly, it is.
 
 
 Thanks,
 - John Q
 
 _
 The new MSN 8: smart spam protection and 2 months FREE*
 http://join.msn.com/?page=features/junkmail
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


 _
 MSN 8 with e-mail virus protection service: 2 months FREE*
 http://join.msn.com/?page=features/virus


 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Andrey Fyodorov 
HOSTS file.

The new ones have the HOSTS file too with the correct settings. He can do a regular 
ping, by server name, and it replies.

Something is killing the RPCs though.

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:28 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


Do the old PC's perhaps have a host file or a static route setup on them to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: 5.5/2K co-existance

2003-02-26 Thread John Q Jr 
Ahh . . . . should have know, DNS!
I had the DC of 2K listed in the DNS of the 5.5 server.










- Original Message - 
From: Ed Crowley [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 12:38 PM
Subject: RE: 5.5/2K co-existance


 Are the servers in the same or different routing groups?
 
 Do you want SMTP mail routed out through the 5.5 server?  Have you done
 any configuration to the Exchange 2000 SMTP virtual server(s) and/or
 SMTP Connector?
 
 Ed Crowley MCSE+Internet MVP
 Freelance E-Mail Philosopher
 Protecting the world from PSTs and Bricked Backups!T
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 11:24 AM
 To: Exchange Discussions
 Subject: RE: 5.5/2K co-existance
 
 
 That is funny you listed that doc, those were the steps I followed. The
 ADC is up and running, no errors. The issue is I can get delivery
 receipts from the systems, when I send them 
 mail from the ouside. But when that user replies to the message it goes
 to 
 never-never land.
 And internal delivery, with-in the site, is fine. But when ALL users
 send 
 mail to outside domains it is not listed in the queue and is never 
 delivered. I can ping ouside and do MX lookup properly, but the message
 are 
 no where to be found.
 That is why I think  I have a real issue.
 
 
 
 From: William Lefkovics [EMAIL PROTECTED]
 Reply-To: Exchange Discussions [EMAIL PROTECTED]
 To: Exchange Discussions [EMAIL PROTECTED]
 Subject: RE: 5.5/2K co-existance
 Date: Wed, 26 Feb 2003 10:49:45 -0800
 
 When you install Exchange2000 joining an Exchange5.5 site, there is a 
 lot
 of
 prep work that would eliminate most of your questions. You don't even
 mention 'Active Directory Connector'.  There is a lot more to know
 before
 effectively answering your question as asked.
 
 I recommend starting here: 
 http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradegu
 ide.a
 sp
 
 William
 
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 10:03 AM
 To: Exchange Discussions
 
 Could use some help, need a refresher!
 When you add a E2K server into a existing 5.5 site. Are the connection 
 for mail delivery automatically setup? I though they were. Do you have 
 to edit the MTA or IMC connections. IMC is using DNS for delivery.
 There is only one MX record pointing to the 5.5 server. Do I need
 another
 directed to the E2K system.
 The setup is a mailfilter is passing mail from the Internet to a the
 5.5
 system, then I thought to the E2k box. How do I check this?
 The issue is I have moved one test mail box to the E2K system, and it
 intermintaly looses mail inbound and outbound, even when sening to
 users on
 the 5.5 system.
 I did check to see if the HOME server islisted correctly, it is.
 
 
 Thanks,
 - John Q
 
 _
 The new MSN 8: smart spam protection and 2 months FREE* 
 http://join.msn.com/?page=features/junkmail
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 MSN 8 with e-mail virus protection service: 2 months FREE*  
 http://join.msn.com/?page=features/virus
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: 5.5/2K co-existance

2003-02-26 Thread John Q Jr 
Got logging on no errors?
Looks like MTA is the issue IMC is not getting messages, non e in the queue,
If I knew where never-never-land was I would solve this.


- Original Message -
From: William Lefkovics [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 12:34 PM
Subject: RE: 5.5/2K co-existance


 Well now we're getting somewhere.  :o)

 Start with message tracking.  Where is 'never-never land' exactly?
 Also, increasing logging might produce some ugly errors in the application
 event log (that might make you curse at the ADC).



 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 11:24 AM
 To: Exchange Discussions

 That is funny you listed that doc, those were the steps I followed.
 The ADC is up and running, no errors.
 The issue is I can get delivery receipts from the systems, when I send
them
 mail from the ouside. But when that user replies to the message it goes to
 never-never land.
 And internal delivery, with-in the site, is fine. But when ALL users send
 mail to outside domains it is not listed in the queue and is never
 delivered. I can ping ouside and do MX lookup properly, but the message
are
 no where to be found.
 That is why I think  I have a real issue.



 From: William Lefkovics [EMAIL PROTECTED]
 Reply-To: Exchange Discussions [EMAIL PROTECTED]
 To: Exchange Discussions [EMAIL PROTECTED]
 Subject: RE: 5.5/2K co-existance
 Date: Wed, 26 Feb 2003 10:49:45 -0800
 
 When you install Exchange2000 joining an Exchange5.5 site, there is a
 lot of prep work that would eliminate most of your questions. You don't
 even mention 'Active Directory Connector'.  There is a lot more to know
 before effectively answering your question as asked.
 
 I recommend starting here:
 http://www.microsoft.com/Exchange/techinfo/deployment/2000/E2Kupgradegu
 ide.a
 sp
 
 William
 
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of The Geek Q
 Sent: Wednesday, February 26, 2003 10:03 AM
 To: Exchange Discussions
 
 Could use some help, need a refresher!
 When you add a E2K server into a existing 5.5 site. Are the connection
 for mail delivery automatically setup?
 I though they were. Do you have to edit the MTA or IMC connections. IMC
 is using DNS for delivery.
 There is only one MX record pointing to the 5.5 server. Do I need
 another directed to the E2K system.
 The setup is a mailfilter is passing mail from the Internet to a the
 5.5 system, then I thought to the E2k box. How do I check this?
 The issue is I have moved one test mail box to the E2K system, and it
 intermintaly looses mail inbound and outbound, even when sening to
 users on the 5.5 system.
 I did check to see if the HOME server islisted correctly, it is.
 
 
 Thanks,
 - John Q
 
 _
 The new MSN 8: smart spam protection and 2 months FREE*
 http://join.msn.com/?page=features/junkmail
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


 _
 MSN 8 with e-mail virus protection service: 2 months FREE*
 http://join.msn.com/?page=features/virus


 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Bailey, Matthew 
I would check the firewalls on both ends of the connection.

-Matt

Matthew Bailey
LAN Engineer
CSK Auto, Inc.
[EMAIL PROTECTED]
Office: (602) 631-7486
Fax: (602) 294-7486

Chaos reigns within. 
Reflect, repent, and reboot. 
Order shall return.




-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 2:52 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server

HOSTS file.

The new ones have the HOSTS file too with the correct settings. He can
do a regular ping, by server name, and it replies.

Something is killing the RPCs though.

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:28 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


Do the old PC's perhaps have a host file or a static route setup on them
to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just
fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already
preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange
anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But
it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]



_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: Outlook on Win XP SP1 can't connect to Exchange server

2003-02-26 Thread Andrey Fyodorov 
wouldn't be our firewalls, because he can use other PCs in his office to connect with 
MAPI just fine.

-Original Message-
From: Bailey, Matthew [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 5:13 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


I would check the firewalls on both ends of the connection.

-Matt

Matthew Bailey
LAN Engineer
CSK Auto, Inc.
[EMAIL PROTECTED]
Office: (602) 631-7486
Fax: (602) 294-7486

Chaos reigns within. 
Reflect, repent, and reboot. 
Order shall return.




-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 2:52 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server

HOSTS file.

The new ones have the HOSTS file too with the correct settings. He can
do a regular ping, by server name, and it replies.

Something is killing the RPCs though.

-Original Message-
From: Martin Blackstone [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 4:28 PM
To: Exchange Discussions
Subject: RE: Outlook on Win XP SP1 can't connect to Exchange server


Do the old PC's perhaps have a host file or a static route setup on them
to
your server? 


-Original Message-
From: Andrey Fyodorov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 26, 2003 1:20 PM
To: Exchange Discussions

I have a customer who has been connecting to our Exchange servers just
fine
with MAPI Outlook, across the Internet.

They have been receiving new PCs from Dell that are already
preconfigured
with Windows XP SP1.

And for some reason users on those PCs cannot connect to Exchange
anymore.

I asked him to check the XP's built-in firewall. He says it is disabled.

I did an RPC Ping test with him. From old PCs RPC Ping worked fine. But
it
failed on the new XP SP1 PCs.

What else could there be wrong with XP SP1 that would kill RPCs?

Thanks for any ideas!

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]



_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

RE: CDO contact question

2003-02-26 Thread Siegfried Weber 
You must set the appropriate properties to tell Outlook that this
address should show up as business address. Depending on which version
of CDO you use they are different.

Cheers:Siegfried runat=server /

Development Lead,

CDOLive LLC - The Microsoft Messaging and Collaboration Application
Experts
http://www.cdolive.com
 

 -Original Message-
 From: Woodruff, Michael [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, February 26, 2003 9:24 PM
 To: Exchange Discussions
 Subject: CDO contact question
 
 
 I am pulling contacts out of a database using CDO and putting 
 them in a PF.  When the code finishes the contact is there 
 but the Business
 Address is not showing up in the preview.   When I open the contact it
 is there.  Then I close it and it is there.  I use the update 
 method (oAddr.Update , True) to make it reload the info, but 
 it is not working? Any ideas?
 
 Thanks
 Mike
 
 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]
 

_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]

Re: HIPPA and mail relaying

2003-02-26 Thread prontomail 
This is you:
220 wck01.cty_admin ESMTP Server (Microsoft Exchange Internet Mail Service
5.5.2
653.13) ready
helo
250 OK
mail from:[EMAIL PROTECTED]
250 OK - mail from [EMAIL PROTECTED]
rcpt to:[EMAIL PROTECTED]
550 Relaying is prohibited

You are good, regardless of what your consultant says. There are other
methods of testing open-relays, but as long as you pass the test above, you
can go pop the champagne.

HTH
Deji

- Original Message -
From: Waters, Jeff [EMAIL PROTECTED]
To: Exchange Discussions [EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 1:00 PM
Subject: RE: HIPPA and mail relaying


 It's a great tool, it says the site is an open relay.  What it does not
say
 is how it came to the decision or what it's using as its proof.  We are
 co.hanover.va.us and I have done a telnet to port 25 and gotten the 550
 error.
 I'm so confused.
 Thanks
 Jeff

 -Original Message-
 From: Ed Crowley [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, February 26, 2003 4:00 PM
 To: Exchange Discussions
 Subject: RE: HIPPA and mail relaying


 Exactly what does the tool say?  What is your domain?

 Ed Crowley MCSE+Internet MVP
 Freelance E-Mail Philosopher
 Protecting the world from PSTs and Bricked Backups!T


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Waters, Jeff
 Sent: Wednesday, February 26, 2003 12:14 PM
 To: Exchange Discussions
 Subject: HIPPA and mail relaying


 Since HIPPA is the thread of the day.  We are running 5.5 sp3 and I have
 the Do not reroute incoming SMTP mail tab selected in the Routing tab of
 the IMS selected.  The magic tool that the consultant used, and I don't
 know what it is, and the CFI LANguard scanner I just used is reporting
 that the server is an open mail relay.  Now the consultant is telling us
 that he doesn't usually get a false hit on this.
 So for you exchange guru's out there, have any of you ran into this
 before, or am I just being a bonehead and missing something. Thanks Jeff

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]

 _
 List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
 Archives:   http://www.swynk.com/sitesearch/search.asp
 To unsubscribe: mailto:[EMAIL PROTECTED]
 Exchange List admin:[EMAIL PROTECTED]


_
List posting FAQ:   http://www.swinc.com/resource/exch_faq.htm
Archives:   http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]