RE: OWA front end server - licensing and security
You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] # Notice: This e-mail message is only intended to be read by the named recipient. It may contain information which is confidential, proprietary or the subject of legal privilege. If you are not the intended recipient please notify the sender immediately and delete this e-mail. You may not use any information contained in it. Legal privilege is not waived because you have read this e-mail. For further information on the Beca Group of Companies, visit our web page http://www.beca.co.nz # _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Extracting to pst
Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
FW: Re-assign/ Move mailbox
I did reply to this but am not sure if it came through. Thanks Tony that was a great help - forgot about the retention time - d'oh. I did have a bit of trouble doing this tho as when I deleted the user, there was no red cross against the mailbox so I could not re-attach. Ran clean-up agent and came up OK for future ref. -Original Message- From: Tony Hlabse [mailto:[EMAIL PROTECTED] Sent: 15 September 2003 14:11 To: Exchange Discussions Subject: RE: Re-assign/ Move mailbox It's okay to delete the mailbox if you have retention set on the Store. PSS didn't give you exact directions. Check out http://www.microsoft.com/downloads/details.aspx?displaylang=enfamilyid= 9e52bafc-5c33-46b9-af14-04e4d989ef6b From: Rob Hackney [EMAIL PROTECTED] Reply-To: Exchange Discussions [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Subject: RE: Re-assign/ Move mailbox Date: Mon, 15 Sep 2003 14:05:41 +0100 Hi Nate, I have added the new AD account already and removed the 'SELF' rights from mailbox permissions however when I try and delete the 'corrupt'ad account, I cannot deselect the check box against 'mark this mailbox for deletion'. Perhaps this is a Small Business server restriction? Doesn't make much sense if it is. Thanks -Original Message- From: Couch, Nate [mailto:[EMAIL PROTECTED] Sent: 15 September 2003 13:17 To: Exchange Discussions Subject: RE: Re-assign/ Move mailbox It seems to me that all you need to do is add the new AD account to the original mailbox and then remove the old corrupt account from the permissions. Maybe I am missing something, but that should do it. Nate Couch EDS Messaging -- From:Rob Hackney Reply To:Exchange Discussions Sent:Monday, September 15, 2003 7:01 AM To: Exchange Discussions Subject: Re-assign/ Move mailbox SBS 2k (exchsp3 pos fixes) I have a user whose account has become corrupt and on advice from PSS I have been told to delete it. I have created a new account for the user which accesses the original mailbox. I would like to move/ re-assign the original mailbox which is attached to the corrupt user account to hhis new account. Is there a way of doing this within the same site other than pst? I've looked around (google/ technet/ etc) but have been unable to find an answer. Thanks Rob Support Analyst TKC Group Ltd Unit 3 Ashmead Ind Est Keynsham BS31 1TZ UK 0117 916 1320 This email is confidential and intended solely for the use of the individual(s) to whom it is addressed. It should not be deemed to constitute a binding contract between TKC Group and the recipient(s) unless a purchase order number is quoted. Any views or opinions presented are solely those of the author and do not necessarily represent those of TKC Group Ltd. If you are not the intended recipient(s), please do not copy or disclose its contents. Please return it to: [EMAIL PROTECTED] then delete the email. intY has scanned this email for all known viruses (www.inty.com) _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode =la ng=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] intY has scanned this email for all known viruses (www.inty.com) This email is confidential and intended solely for the use of the individual(s) to whom it is addressed. It should not be deemed to constitute a binding contract between TKC Group and the recipient(s) unless a purchase order number is quoted. Any views or opinions presented are solely those of the author and do not necessarily represent those of TKC Group Ltd. If you are not the intended recipient(s), please do not copy or disclose its contents. Please return it to: [EMAIL PROTECTED] then delete the email. intY has scanned this email for all known viruses (www.inty.com) _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ Get 10MB of e-mail storage! Sign up for Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es _ List posting FAQ:
Re: Extracting to pst
Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
5.5 to E2K mailbox migration
Hi All, I'm getting about a 10% failure rate on our intrasite mailbox migrations from 5.5 to E2K. The errors indicate some kind of corruption in the mailbox per Q264119, although not apparent to the user. Has anyone found a quick fix or workaround for this particular error. Thanks. Liz Ashraph [EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Manually relocate transaction log files
Hi Ben, Microsoft Professional Product Services talked me through this. Their approach allows you to move them back to the correct place if needed. Have you learned nothing from the replies? Don't manually move the log files. EVER. The Exchange Optimizer will move them for you. Safely. It has to stop the services first before moving them. This way, Exchange knows where the old log files are in case you need to perform a restore and roll-back the log files (so you don't lose any mail).=20 Ben Winzenz Network Engineer Gardner White (317) 581-1580 ext 418 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Problems moving mailboxes
I have experienced this as well in a pure 5.5 environment. I choose to stop AV, move the mailboxes, start AV and do an on-demand scan. I also stopped the flow of incoming internet mail to it (had it caching on another server). I suspect this also can happen if a user is accessing the mailbox during the move. Does anyone know if this is true? Chris _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
I thought the software would only read mailbox stores of up to 250 users! Regards Aaron Shimmons Network Administrator -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 12:52 To: Exchange Discussions Subject: RE: Extracting to pst Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
What version do you have? We have the latest version which is not limited to 250 users. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Shimmons Sent: Wednesday, September 17, 2003 8:20 AM To: Exchange Discussions Subject: RE: Extracting to pst I thought the software would only read mailbox stores of up to 250 users! Regards Aaron Shimmons Network Administrator -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 12:52 To: Exchange Discussions Subject: RE: Extracting to pst Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
Version 11 Business -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 13:27 To: Exchange Discussions Subject: RE: Extracting to pst What version do you have? We have the latest version which is not limited to 250 users. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Shimmons Sent: Wednesday, September 17, 2003 8:20 AM To: Exchange Discussions Subject: RE: Extracting to pst I thought the software would only read mailbox stores of up to 250 users! Regards Aaron Shimmons Network Administrator -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 12:52 To: Exchange Discussions Subject: RE: Extracting to pst Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Creating an automated Bulletin Board System HELP
THat is the direction I'd prefer to go. However: We are migrating from a mainframe mail system that has a Bulletin Board feature. They want me to duplicate the feature. When you subscribe to their BB, you get any new messages to the BBs that you subscribed to. I'm trying to figure out how I can manipulate exchange and or outlook (through forms) to interact with Active Directory. I envision this: A user opens a subscription form. They choose the BB they want to subscribe to and enter their username. The form adds that username to a distribution list. That distribution list is set as the Forward recipient for that BB (Public Folder) When someone posts to the BB, everyone in the Dist list gets a copy. Sound OK? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
But if you keep on dumping new data into the same PST, eventually it will grow quite large, even if your online mailbox limit is low. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:02 PM To: Exchange Discussions Subject: RE: Brick Level Backup This is true. I've never worked with an Exchange system where the mailbox limits were set anywhere near 2GB, so it's never been an issue for me. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 4:33 PM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
Yeah, but you can easily specify that only the front-end server could use those ports. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 7:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
IPSec is a nice idea too. But you need to test test test. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Leeann McCallum [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 7:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] # Notice: This e-mail message is only intended to be read by the named recipient. It may contain information which is confidential, proprietary or the subject of legal privilege. If you are not the intended recipient please notify the sender immediately and delete this e-mail. You may not use any information contained in it. Legal privilege is not waived because you have read this e-mail. For further information on the Beca Group of Companies, visit our web page http://www.beca.co.nz # _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
Upgrade to the Enterprise version. - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] # Notice: This e-mail message is only intended to be read by the named recipient. It may contain information which is confidential, proprietary or the subject of legal privilege. If you are not the intended recipient please notify the sender immediately and delete this e-mail. You may not use any information contained in it. Legal privilege is not waived because you have read this e-mail. For further information on the Beca Group of Companies, visit our web page http://www.beca.co.nz # _ List posting FAQ:
Need Latest Outlook Profile Generator for XP Professional
Dear all, We use newprof.exe to automatically create outlook profile for users as part of the logon script process. The current version of newprof.exe is 5.0.1457.3. The version works very well for Outlook 98 but not Outlook 2000 onwards. It generates error message about Microsoft Exchange Profile Generate Utility when this newprof.exe command is triggered. I have tried looking for the compatible version that cater for Outlook 2000 onwards but no luck so far. If you do know the solution, would you please kindly tell me how? Thank you muchly. BY --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 11/09/2003 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Creating an automated Bulletin Board System HELP
It's called a newsgroup and Outlook Express works great for accessing them. -Original Message- From: Ron [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:45 AM To: Exchange Discussions Subject: RE: Creating an automated Bulletin Board System HELP THat is the direction I'd prefer to go. However: We are migrating from a mainframe mail system that has a Bulletin Board feature. They want me to duplicate the feature. When you subscribe to their BB, you get any new messages to the BBs that you subscribed to. I'm trying to figure out how I can manipulate exchange and or outlook (through forms) to interact with Active Directory. I envision this: A user opens a subscription form. They choose the BB they want to subscribe to and enter their username. The form adds that username to a distribution list. That distribution list is set as the Forward recipient for that BB (Public Folder) When someone posts to the BB, everyone in the Dist list gets a copy. Sound OK? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
is there a way to display LinkState?
Exchange servers do all this nice work discovering route failures by sending linkstate probe messages among themselves. But they keep this info to themselves. Wouldn't it be nice if this information could be displayed? Are there any tools out there that do such a visual? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: E2k multiple domains
Not sure if this got posted, but... I did that, is there anything else? Do I need to add that domain into the allow relay? Users can use their outlook to get the mail, but when they try to send they get the 550 relay denied. These outlook users are in remote locations and are using Outlook Internet Mail, not exchange. Thanks! -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2003 6:01 PM To: Exchange Discussions Subject: Re: E2k multiple domains You need domain2.com in a recipient policy. Ed --- Steck, Herb [EMAIL PROTECTED] wrote: I have to be missing something and it's causing me to go bald very early in life. Here is what I am doing: Single Exchange 2k Server domain1.com has always worked Have added new users that will be using domain2.com. DNS records are changed and pointing to the same server and are working fine. Whenever a user gets an e-mail from the outside the sender gets relaying not allowed. I went into the SMTP VS and added the domain2.com as granted. Even restarted the VS and still get relay not allowed. Now I have made this work on 5.5 servers for an ISP that wanted to use Exchange for their users mail server, but I must be missing something in E2K to make it work right. Any help, direction would be great. Am sure this has been discussed before, but I don't have access to my archives right now. Thanks in advance! The information transmitted is intended only for the person or entity to which it is addressed and may contain proprietary, confidential and/or legally privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] The information transmitted is intended only for the person or entity to which it is addressed and may contain proprietary, confidential and/or legally privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: E2k multiple domains
I added that. Anything else I need to do? Users can get their mail via pop, but now when they try to send they get the 550 error. -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Monday, September 15, 2003 6:01 PM To: Exchange Discussions Subject: Re: E2k multiple domains You need domain2.com in a recipient policy. Ed --- Steck, Herb [EMAIL PROTECTED] wrote: I have to be missing something and it's causing me to go bald very early in life. Here is what I am doing: Single Exchange 2k Server domain1.com has always worked Have added new users that will be using domain2.com. DNS records are changed and pointing to the same server and are working fine. Whenever a user gets an e-mail from the outside the sender gets relaying not allowed. I went into the SMTP VS and added the domain2.com as granted. Even restarted the VS and still get relay not allowed. Now I have made this work on 5.5 servers for an ISP that wanted to use Exchange for their users mail server, but I must be missing something in E2K to make it work right. Any help, direction would be great. Am sure this has been discussed before, but I don't have access to my archives right now. Thanks in advance! The information transmitted is intended only for the person or entity to which it is addressed and may contain proprietary, confidential and/or legally privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] The information transmitted is intended only for the person or entity to which it is addressed and may contain proprietary, confidential and/or legally privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: is there a way to display LinkState?
How about Winroute in the support directory? - Original Message - From: Fyodorov, Andrey [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 10:39 AM Subject: is there a way to display LinkState? Exchange servers do all this nice work discovering route failures by sending linkstate probe messages among themselves. But they keep this info to themselves. Wouldn't it be nice if this information could be displayed? Are there any tools out there that do such a visual? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: is there a way to display LinkState?
I was just thinking about something that could be displayed on a support person's (datacenter operator's) screen. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 10:45 AM To: Exchange Discussions Subject: Re: is there a way to display LinkState? How about Winroute in the support directory? - Original Message - From: Fyodorov, Andrey [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 10:39 AM Subject: is there a way to display LinkState? Exchange servers do all this nice work discovering route failures by sending linkstate probe messages among themselves. But they keep this info to themselves. Wouldn't it be nice if this information could be displayed? Are there any tools out there that do such a visual? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: is there a way to display LinkState?
Winroute reskit -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 8:40 AM To: Exchange Discussions Subject: is there a way to display LinkState? Exchange servers do all this nice work discovering route failures by sending linkstate probe messages among themselves. But they keep this info to themselves. Wouldn't it be nice if this information could be displayed? Are there any tools out there that do such a visual? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: E2k multiple domains
Make sure they are authenticating properly and that you have relaying with authentication turned on. -Original Message- From: Steck, Herb [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 2:00 PM To: Exchange Discussions Subject: RE: E2k multiple domains Not sure if this got posted, but... I did that, is there anything else? Do I need to add that domain into the allow relay? Users can use their outlook to get the mail, but when they try to send they get the 550 relay denied. These outlook users are in remote locations and are using Outlook Internet Mail, not exchange. Thanks! _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Computer GPO software installation problems
Hello, I keep looking for the solution to this particular problem, but have found no success with Microsoft's knowledgebase or any other site I've looked at. According to all the sources I've read I'm doing it correctly, but here goes; Windows 2000 server SP3, Computer GPO software distribution (doesn't matter what type of MSI file), Windows XP client workstations SP1: software assigned via Computer GPO's does not install. The computer basically behaves as if it's not receiving any information about waiting software install files. Software assigned or published to Users works as expected. The packages are set up with correct permissions to the share for both computers and users, assigned with UNC path names and not local paths, and appropriate accounts are set up to access the GPO in permissions for that GPO. In fact, this is set up with a brand-new OU called BETATEST, where the users or computers get moved into for testing purposes, so Authenticated Users really ought to do the trick, but even specifically assigned computer names do not work. As mentioned earlier, assigned or published User GPO software installs work just fine. Does anyone have a clue about this? I'm absolutely stumped, and cannot find anything specifically weird such as GPO's have been set to block inheritance or computer GPO settings having been turned off. Everything seems clean there. Basically, I would welcome any suggestions as to where to look for problems beyond this point. I really don't want to do all my software assignment through the Users - some stuff really needs to be set up to install at the Computer level. Thanks in advance for any assistance, Matt Hoffman _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: ARGH! Computer GPO software installation problems
Argh! Sorry about this, I meant to send it to the NT list. But, of course, if any of you can help... ;) Matt -Original Message- From: Matt Hoffman [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:00 AM To: Exchange Discussions Subject: Computer GPO software installation problems Hello, I keep looking for the solution to this particular problem, but have found no success with Microsoft's knowledgebase or any other site I've looked at. According to all the sources I've read I'm doing it correctly, but here goes; Windows 2000 server SP3, Computer GPO software distribution (doesn't matter what type of MSI file), Windows XP client workstations SP1: software assigned via Computer GPO's does not install. The computer basically behaves as if it's not receiving any information about waiting software install files. Software assigned or published to Users works as expected. The packages are set up with correct permissions to the share for both computers and users, assigned with UNC path names and not local paths, and appropriate accounts are set up to access the GPO in permissions for that GPO. In fact, this is set up with a brand-new OU called BETATEST, where the users or computers get moved into for testing purposes, so Authenticated Users really ought to do the trick, but even specifically assigned computer names do not work. As mentioned earlier, assigned or published User GPO software installs work just fine. Does anyone have a clue about this? I'm absolutely stumped, and cannot find anything specifically weird such as GPO's have been set to block inheritance or computer GPO settings having been turned off. Everything seems clean there. Basically, I would welcome any suggestions as to where to look for problems beyond this point. I really don't want to do all my software assignment through the Users - some stuff really needs to be set up to install at the Computer level. Thanks in advance for any assistance, Matt Hoffman _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: is there a way to display LinkState?
I'm pretty sure you can access link information via WMI too, so if you wanted to code something... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fyodorov, Andrey Sent: Wednesday, September 17, 2003 9:47 AM To: Exchange Discussions Subject: RE: is there a way to display LinkState? I was just thinking about something that could be displayed on a support person's (datacenter operator's) screen. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 10:45 AM To: Exchange Discussions Subject: Re: is there a way to display LinkState? How about Winroute in the support directory? - Original Message - From: Fyodorov, Andrey [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 10:39 AM Subject: is there a way to display LinkState? Exchange servers do all this nice work discovering route failures by sending linkstate probe messages among themselves. But they keep this info to themselves. Wouldn't it be nice if this information could be displayed? Are there any tools out there that do such a visual? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Need Latest Outlook Profile Generator for XP Professional
Check out the white paper at the attached link, if describes the different versions of Newprof and may be of value to you. http://imanami.com/downloadcenter/support/docs/Imanami%20OProfile%20vs%2 0Microsoft%20Resource%20Kit%20Tools.pd Forgive the promo, but when you get tired of wrestling with Newprof, you may want to consider Imanami OProfile at www.imanami.com/oprofile. OProfile is inexpensive and installed in minutes. You can then stop worrying about how changes in OS's, Outlook and Exchange affect your Outlook profiles. Kevin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of bysoo1 Sent: Wednesday, September 17, 2003 6:57 AM To: Exchange Discussions Subject: Need Latest Outlook Profile Generator for XP Professional Dear all, We use newprof.exe to automatically create outlook profile for users as part of the logon script process. The current version of newprof.exe is 5.0.1457.3. The version works very well for Outlook 98 but not Outlook 2000 onwards. It generates error message about Microsoft Exchange Profile Generate Utility when this newprof.exe command is triggered. I have tried looking for the compatible version that cater for Outlook 2000 onwards but no luck so far. If you do know the solution, would you please kindly tell me how? Thank you muchly. BY --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 11/09/2003 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Need Latest Outlook Profile Generator for XP Professional
Sorry the correct link is: http://imanami.com/downloadcenter/support/docs/Imanami%20OProfile%20vs%2 0Microsoft%20Resource%20Kit%20Tools.pdf -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lalor, Kevin Sent: Wednesday, September 17, 2003 8:57 AM To: Exchange Discussions Subject: RE: Need Latest Outlook Profile Generator for XP Professional Check out the white paper at the attached link, if describes the different versions of Newprof and may be of value to you. http://imanami.com/downloadcenter/support/docs/Imanami%20OProfile%20vs%2 0Microsoft%20Resource%20Kit%20Tools.pd Forgive the promo, but when you get tired of wrestling with Newprof, you may want to consider Imanami OProfile at www.imanami.com/oprofile. OProfile is inexpensive and installed in minutes. You can then stop worrying about how changes in OS's, Outlook and Exchange affect your Outlook profiles. Kevin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of bysoo1 Sent: Wednesday, September 17, 2003 6:57 AM To: Exchange Discussions Subject: Need Latest Outlook Profile Generator for XP Professional Dear all, We use newprof.exe to automatically create outlook profile for users as part of the logon script process. The current version of newprof.exe is 5.0.1457.3. The version works very well for Outlook 98 but not Outlook 2000 onwards. It generates error message about Microsoft Exchange Profile Generate Utility when this newprof.exe command is triggered. I have tried looking for the compatible version that cater for Outlook 2000 onwards but no luck so far. If you do know the solution, would you please kindly tell me how? Thank you muchly. BY --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.518 / Virus Database: 316 - Release Date: 11/09/2003 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Invisible corrupt message on EX5.5 server
We are running exchange 5.5 sp4 on a win2k sp3 server. I have been using
outlook 2003 beta for a long time (I now have the final version installed)
and apparently it has left some garbage in my inbox and the administrators
(which I also open with my profile).
I only found out about this when I installed BE 9.0 on the server (I had
been using NTBACKUP) and accidentally did a mailbox (BRICK) backup (bless me
father for I have sinned, my last full backup was yesterday). The
information store backup runs without problems, but the brick backup logs
these failures:
Backup - \\S3CIN\Microsoft Exchange Mailboxes WARNING: \\S3CIN\Microsoft
Exchange Mailboxes\Administrator [administrator]Top of Information
StoreFrom
AdminN
Notification: Inbound Mail Failure is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom
[toma]FinderUnread
Mail
Outlook 10 Message Manager (MS Exchange Settings) is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom [toma]Top of
Information
StoreInbox
Outlook 10 Message Manager (MS Exchange Settings) is a
corrupt
file.
This file cannot verify.
I have tried emptying my inbox but it still finds the corrupt message
there. Short of deleting my account and recreating it (which will be my
last resort) does anyone have suggestions for how to delete these things?
OWA does not see them either.
Tom
â²Úh²PÛiÿü0ÂÌÇ(ú«qïÞÅÈ_j¨mg{^özm§ÿâÊZ®Ib²×(÷
¸§þ\«Êez{^ì\
©àz¶j
zV§éà+!N§²æìr¸zf¢Ú%y«Þ{!jx
Ë0Êy
¢a1r§ââ²)åËZvh§³
§Ê
RE: Invisible corrupt message on EX5.5 server
So, the only thing that sees a bad message is the brick level backup? I's just stop
doing it. It's certainly possible that OL2003 has items that BE9.0 doesn't
understand.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alverson, Tom
Sent: Wednesday, September 17, 2003 11:22 AM
To: Exchange Discussions
Subject: Invisible corrupt message on EX5.5 server
We are running exchange 5.5 sp4 on a win2k sp3 server. I have been using outlook 2003
beta for a long time (I now have the final version installed) and apparently it has
left some garbage in my inbox and the administrators (which I also open with my
profile).
I only found out about this when I installed BE 9.0 on the server (I had been using
NTBACKUP) and accidentally did a mailbox (BRICK) backup (bless me father for I have
sinned, my last full backup was yesterday). The information store backup runs without
problems, but the brick backup logs these failures:
Backup - \\S3CIN\Microsoft Exchange Mailboxes WARNING: \\S3CIN\Microsoft Exchange
Mailboxes\Administrator [administrator]Top of Information StoreFrom
AdminN
Notification: Inbound Mail Failure is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom [toma]FinderUnread
Mail
Outlook 10 Message Manager (MS Exchange Settings) is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom [toma]Top of Information
StoreInbox
Outlook 10 Message Manager (MS Exchange Settings) is a
corrupt file.
This file cannot verify.
I have tried emptying my inbox but it still finds the corrupt message there. Short
of deleting my account and recreating it (which will be my last resort) does anyone
have suggestions for how to delete these things?
OWA does not see them either.
Tom
.ryirr
â²Úh²PÛiÿü0ÂÌÇ(ú«qïÞÅÈ_j¨mg{^özm§ÿâÊZ®Ib²×(÷
¸§þ\«Êez{^ì\
©àz¶j
zV§éà+!N§²æìr¸zf¢Ú%y«Þ{!jx
Ë0Êy
¢a1r§ââ²)åËZvh§³
§Ê
RE: Extracting to pst
Nope, I think the number of mailboxes you can read is based on the licenses you purchased. It is a great piece of software. One of my 5.5 customers does snapshot backups to a NAS and they use it all the time. - Jim sends -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 2:20 AM Posted To: Exchange Technical Mailing List Conversation: Extracting to pst Subject: RE: Extracting to pst I thought the software would only read mailbox stores of up to 250 users! Regards Aaron Shimmons Network Administrator -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 12:52 To: Exchange Discussions Subject: RE: Extracting to pst Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Exchange2000 To Exchange 2000 Migration
I have a client needing to migrate about 6000 users from one Exchange 2000 Organization to another Exchange 2000 migration (InterOrg)... Does anyone have any good tools or places to look for resources? thanks... _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Unable to delete calendar item
Windows NT 4.0 SRP Exchange 5.5 SP4 Outlook 2000 Greetings All. The Boss's secretary has put a calendar item into his Public Folder calendar and now cannot edit or delete it. She claims to have entered it just like all of his other calendar items, however, when I open this one it's listed as a Discussion and has Posted To: Microsoft Outlook Embedded Message. I've not seen this before and I too cannot delete or modify it. Google turned up little info on this subject. Can anyone shed some light on what an Embedded Message is and how I can get rid of it? John, I'm sure you can guess who the Boss is! Thanks. Ben Parrnelli Network Administrator Comm Data Directorate MAGTF Training Command 29 Palms, CA 92278 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Exchange2000 To Exchange 2000 Migration
In one shot or are the two orgs going to co-exist for a while? Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: J Martin [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 2:08 PM To: Exchange Discussions Subject: Exchange2000 To Exchange 2000 Migration I have a client needing to migrate about 6000 users from one Exchange 2000 Organization to another Exchange 2000 migration (InterOrg)... Does anyone have any good tools or places to look for resources? thanks... _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Locking down RPC; winexch2k
Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Locking down RPC; winexch2k
just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Invisible corrupt message on EX5.5 server
That is a good possibility. I'll try to exmerge it and see if that
generates any errors. I did download the latest build from Veritas instead
of installing the older build off of the CD.
-Original Message-
From: Webb, Andy [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 17, 2003 12:38 PM
To: Exchange Discussions
Subject: RE: Invisible corrupt message on EX5.5 server
So, the only thing that sees a bad message is the brick level backup? I's
just stop doing it. It's certainly possible that OL2003 has items that
BE9.0 doesn't understand.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alverson, Tom
Sent: Wednesday, September 17, 2003 11:22 AM
To: Exchange Discussions
Subject: Invisible corrupt message on EX5.5 server
We are running exchange 5.5 sp4 on a win2k sp3 server. I have been using
outlook 2003 beta for a long time (I now have the final version installed)
and apparently it has left some garbage in my inbox and the administrators
(which I also open with my profile).
I only found out about this when I installed BE 9.0 on the server (I had
been using NTBACKUP) and accidentally did a mailbox (BRICK) backup (bless me
father for I have sinned, my last full backup was yesterday). The
information store backup runs without problems, but the brick backup logs
these failures:
Backup - \\S3CIN\Microsoft Exchange Mailboxes WARNING: \\S3CIN\Microsoft
Exchange Mailboxes\Administrator [administrator]Top of Information
StoreFrom
AdminN
Notification: Inbound Mail Failure is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom
[toma]FinderUnread
Mail
Outlook 10 Message Manager (MS Exchange Settings) is a corrupt file.
This file cannot verify.
WARNING: \\S3CIN\Microsoft Exchange Mailboxes\Alverson, Tom [toma]Top of
Information
StoreInbox
Outlook 10 Message Manager (MS Exchange Settings) is a
corrupt
file.
This file cannot verify.
I have tried emptying my inbox but it still finds the corrupt message
there. Short of deleting my account and recreating it (which will be my
last resort) does anyone have suggestions for how to delete these things?
OWA does not see them either.
Tom
.ryirr
.+--xm
,)r(
\y'i)l+-rrW{jxm^zx%S
^jZ 2G(L\xfyb))
_
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Web Interface:
http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin:[EMAIL PROTECTED]
RE: Extracting to pst
How much $ is this software?? -Original Message- From: McBee, Jim [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 1:01 PM To: Exchange Discussions Subject: RE: Extracting to pst Nope, I think the number of mailboxes you can read is based on the licenses you purchased. It is a great piece of software. One of my 5.5 customers does snapshot backups to a NAS and they use it all the time. - Jim sends -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 2:20 AM Posted To: Exchange Technical Mailing List Conversation: Extracting to pst Subject: RE: Extracting to pst I thought the software would only read mailbox stores of up to 250 users! Regards Aaron Shimmons Network Administrator -Original Message- From: Woodruff, Michael [mailto:[EMAIL PROTECTED] Sent: 17 September 2003 12:52 To: Exchange Discussions Subject: RE: Extracting to pst Why not do increments of 250? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy David Sent: Wednesday, September 17, 2003 7:44 AM To: Exchange Discussions Subject: Re: Extracting to pst Vitamin Fortified Power Control ? - Original Message - From: Aaron Shimmons [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 3:20 AM Subject: Extracting to pst Hi all I have Power Control which I use to extract mailboxes when necessary. But my version only works up to 250 mailboxes. What would you recommend for 250+ mailboxes? Regards Aaron Shimmons Network Administrator _ _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
We use a Network Appliance NetCache in the DMZ as a reverse proxy SSL front end. Internet OWA users hit the NetCache with HTTPS, and the NetCache decrypts and forwards HTTP to a front-end server. Works great, but was a little pricey. Also, because OWA likes to send out absolute URLs, there is a widget you have to install in IIS on the front-end server that makes it change the outputted URLS from http: to https:. This has the side effect of making that front-end server unusable from inside traffic. Come to think of it, I guess you could add another OWA virtual site and not install the widget on it. Untested. If the NetCache is too pricey for you, and you've got someone with unix experience, you can do much the same thing with squid on linux or BSD. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:05 PM To: Exchange Discussions Subject: OWA front end server - licensing and security I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
Everything will fail on a mailbox that's over two gbytes that pushes the data to a pst file. Outlook 11 is supposed to have fixed this, though. John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Posted At: Tuesday, September 16, 2003 5:33 PM Posted To: Exchange Discussion List Conversation: Brick Level Backup Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: 5.5 to E2K mailbox migration
Shutdown Exchange 5.5 .. Run ESEUTIL and ISINTEG against the priv.edb/pub.edb as necessary. Read and heed all documented warnings and have a full backup before you start. John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Ashraph, Elizabeth A. [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 7:58 AM Posted To: Exchange Discussion List Conversation: 5.5 to E2K mailbox migration Subject: 5.5 to E2K mailbox migration Hi All, I'm getting about a 10% failure rate on our intrasite mailbox migrations from 5.5 to E2K. The errors indicate some kind of corruption in the mailbox per Q264119, although not apparent to the user. Has anyone found a quick fix or workaround for this particular error. Thanks. Liz Ashraph [EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
I don't do that. Here's the basics of what I do: Exmerge (with various command line switches that I'm too lazy to look up right now). Cd \exmergedata Del pst.9.zip Ren pst.8.zip pst.9.zip Ren pst.7.zip pst.8.zip ... Ren pst.zip pst.1.zip Zip -m -9 pst.zip *.pst This is in a batch file that gets run nightly via the scheduler. I keep 10 days of snapshots of select mailboxes. Customer is happy, it was easy to script, and it didn't cost anything other than a bit of disk space. -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 8:27 AM To: Exchange Discussions Subject: RE: Brick Level Backup But if you keep on dumping new data into the same PST, eventually it will grow quite large, even if your online mailbox limit is low. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:02 PM To: Exchange Discussions Subject: RE: Brick Level Backup This is true. I've never worked with an Exchange system where the mailbox limits were set anywhere near 2GB, so it's never been an issue for me. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 4:33 PM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Server Health Monitor
Outlook 98 Exchange 5.5 Windows 2000 SP3 We are experiencing problems where Outlook just locks up and needs bounced to continue. We were looking at the Server Health Monitor and was wondering about the Store Instance Level should be? We noticed when we are having problems ours is averaging 235. What might be causing this? Thanks and have a great week. Mike Mitchell Systems email Administrator Alverno Information Services * [EMAIL PROTECTED] *:(317) 783-9341 EXT. 6211 Education is when you read the fine print, experience is what you get when you don't! - Pete Seeger _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
I've been thinking a lot about this, and decided to go with another approach. I'm going to create another network, connected to the Exchange server, and allow clients to VPN into that network. It doesn't have access to any other resources, and is empty except for OWA (for now anyway). And no front end server. Our load doesn't justify a front end server, and the security benefits don't seem large enough to justify the expense. But the IPSec idea is a good one. And, as I remember, you can place a lot of restrictions on IPSec. Thanks for the suggestions, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Fyodorov, Andrey Sent: Wednesday, September 17, 2003 6:30 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security IPSec is a nice idea too. But you need to test test test. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Leeann McCallum [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 7:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] # Notice: This e-mail message is only intended to be read by the named recipient. It may contain information which is confidential, proprietary or the subject of legal privilege. If you are not the intended recipient please notify the sender immediately and delete this e-mail. You may not use any information contained in it. Legal privilege is not waived because you have read this e-mail. For further information on the Beca Group of Companies, visit our web page
RE: OWA front end server - licensing and security
I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] # Notice: This e-mail message is only intended to be read by the named recipient. It may contain information which is confidential, proprietary
RE: Computer GPO software installation problems
Just a thought, but by default, computer accounts are placed in a folder, not in an OU. GPOs will apply to computers in an OU, but not in a folder. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matt Hoffman Sent: Wednesday, September 17, 2003 8:00 AM To: Exchange Discussions Subject: Computer GPO software installation problems Hello, I keep looking for the solution to this particular problem, but have found no success with Microsoft's knowledgebase or any other site I've looked at. According to all the sources I've read I'm doing it correctly, but here goes; Windows 2000 server SP3, Computer GPO software distribution (doesn't matter what type of MSI file), Windows XP client workstations SP1: software assigned via Computer GPO's does not install. The computer basically behaves as if it's not receiving any information about waiting software install files. Software assigned or published to Users works as expected. The packages are set up with correct permissions to the share for both computers and users, assigned with UNC path names and not local paths, and appropriate accounts are set up to access the GPO in permissions for that GPO. In fact, this is set up with a brand-new OU called BETATEST, where the users or computers get moved into for testing purposes, so Authenticated Users really ought to do the trick, but even specifically assigned computer names do not work. As mentioned earlier, assigned or published User GPO software installs work just fine. Does anyone have a clue about this? I'm absolutely stumped, and cannot find anything specifically weird such as GPO's have been set to block inheritance or computer GPO settings having been turned off. Everything seems clean there. Basically, I would welcome any suggestions as to where to look for problems beyond this point. I really don't want to do all my software assignment through the Users - some stuff really needs to be set up to install at the Computer level. Thanks in advance for any assistance, Matt Hoffman _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang =english
Public folder Errors
First, a little background. I installed Exchange 2000 on a new LAN server, which was the only server in the domain. After some testing, we realized that the server would become quickly overloaded. So, I moved a new server into the domain, made it a domain controller, and installed Exchange but did not transfer the FSMO roles (the first DC is still the file/print server). I moved all the mailboxes over, and turned on replication for the public folders (but I missed some). After a day, I removed Exchange from the first server. However, I think the removal did not go cleanly, as I'm now running into a bunch of errors. Someone on the Exchange gets the following error in Outlook (2000). Unable to update public free/busy data. I've taken a look at the server, and it appears the public folder that stores the info (can't remember the name at the moment) is gone. How can I recreate it? In the event log, I have the error 9127 from MSExchangeSA: OALGen encountered error [0x80004005] while calculating the OALs. This appears to be due to the lack of a Offline Address Book (OAB). How can I recreate it? User created public folders are only available in System Manager on the server, not on any workstation with Exchange tools installed. System Manager on a workstation doesn't display any public folders (including Internet Newsgroups) under First Admin Group-Folders-Public Folders. Under First Admin Group-..-Public Folders Store-Public Folders, I can see the folders, but if I select them, I get class not registered. ID no 80040154 Exchange system manager. The folders don't have much in them, so I can delete them and start over, but I'd like to know what's going on. These folders were replicated from the old server. Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server?
Expected error messages
While going through my event logs, I ran into a series of errors. They are expected, as detailed in Q322837. However, I am setting up a system where I'll get notified when an error occurs. Is there any way to suppress these errors, or fix the problem? Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
We have set up our OWA to require two-factor authentication (SecurID) which eliminates any key-logging concerns but this system is not cheap at approx $300 AU ($160 US) per user. The upside is that you can use the same system to authenticate all of your remote access users (dial-up, VPN, etc) and this is the function that really allows me to sleep well at night. I guess that it all depends on how many people are going to require this functionality and of course, your budget. Greg -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Thursday, 18 September 2003 10:07 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to
RE: OWA front end server - licensing and security
Sorry, I should have said that it eliminates any key-logging concerns related to authentication - it obviously can't stop the actual recording of keystrokes by key-logging software. It will however, basically eliminate the possibility of someone gaining access to your email system using credentials left behind by one of your users which is where we happen to draw the line in terms of functionality/security. Greg -Original Message- From: Greg Marr Sent: Thursday, 18 September 2003 11:31 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We have set up our OWA to require two-factor authentication (SecurID) which eliminates any key-logging concerns but this system is not cheap at approx $300 AU ($160 US) per user. The upside is that you can use the same system to authenticate all of your remote access users (dial-up, VPN, etc) and this is the function that really allows me to sleep well at night. I guess that it all depends on how many people are going to require this functionality and of course, your budget. Greg -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Thursday, 18 September 2003 10:07 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in
RE: All .COM / .NET domain names now exist
I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
Yes, it sucks. Write to ICANN. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Clishe Sent: Wednesday, September 17, 2003 10:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
