Automatic Deletion
Hi, Is there anyway to set an automatic deletion of mails after certain time/mailbox size on per user basis. Regards, Irf. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
Another option is an SSL based VPN, there is no client software to install and you can users can get access to your 'internal' OWA server from any web browser, public terminals included. Several companies make them, we have one from Neoteris installed. It works great, we use an RSA ACE server for authentication as well which I would strongly recommend. But it gives your users access to their email via OWA from just about _any_ web browser they can find. No client, no setup for the end user and it will never be blocked by any ISP since its SSL. Ed -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 8:07 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a
RE: OWA front end server - licensing and security
Actually, we use squid and OpenBSD for just that purpose, and I don't recall falling into the issue with the absolute URLs, though. It might be because squid is rewriting the URLs on their way through - its been a year since we set it up and we haven't had to touch it since.. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:30 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We use a Network Appliance NetCache in the DMZ as a reverse proxy SSL front end. Internet OWA users hit the NetCache with HTTPS, and the NetCache decrypts and forwards HTTP to a front-end server. Works great, but was a little pricey. Also, because OWA likes to send out absolute URLs, there is a widget you have to install in IIS on the front-end server that makes it change the outputted URLS from http: to https:. This has the side effect of making that front-end server unusable from inside traffic. Come to think of it, I guess you could add another OWA virtual site and not install the widget on it. Untested. If the NetCache is too pricey for you, and you've got someone with unix experience, you can do much the same thing with squid on linux or BSD. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:05 PM To: Exchange Discussions Subject: OWA front end server - licensing and security I'm setting up OWA in my organization, and I have two choices. I can set up Exchange on the web server (in the DMZ), and specify it as a front end server, or I can open port 80 to the primary Exchange server. From a security standpoint, I really like the first option, but I'm thinking that I need a second Exchange Enterprise license. Am I correct in this? Am I being too paranoid about opening port 80 through to the internal Exchange server? I've never liked the idea of raw traffic entering my LAN Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
I don't believe you are correct, even though I do abhor the process. Many anti-spam will do lookups of the sender's domain, yes. And that part will break. Of course, I'd just set any domain which resolves to the Verisign IP address as an instant reject - problem solved. However, a reverse lookup is of the sender's IP address, and if it maps to a domain name. That part won't change, as I don't think they added a wildcard PTR record. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
All you base are belong to us Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Automatic Deletion
yes -Original Message- From: Exchange List [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 2:39 AM To: Exchange Discussions Subject: Automatic Deletion Hi, Is there anyway to set an automatic deletion of mails after certain time/mailbox size on per user basis. Regards, Irf. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
I just installed Office 2003 final from MSDN and was able to export my whole mailbox to a PST. It shows up as 1.8Gig on the exchange 5.5 server, and the PST file is 3.5Gig. Tom -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:35 PM To: Exchange Discussions Subject: RE: Brick Level Backup Everything will fail on a mailbox that's over two gbytes that pushes the data to a pst file. Outlook 11 is supposed to have fixed this, though. John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Posted At: Tuesday, September 16, 2003 5:33 PM Posted To: Exchange Discussion List Conversation: Brick Level Backup Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Logging access To public folder
How Can i log all access to public folders(via Web, MAPI ...)? _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
From Wired.com (http://www.wired.com/news/technology/0,1282,60473,00.html): VeriSign's controversial typo-squatting Site Finder service is about to be bypassed by an emergency software patch to many of the Internet's backbone computers. Paul Chinnery Network Administrator Mem Med Ctr -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:09 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist All you base are belong to us Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:
Exchange 2000 purge question
Hello all, is there any way that you can delete all items in people's mailboxes from the Exchange System Manager 2000? if you cant in the exchange system manager, what is the best way to do this? thanks for the help... Bob C. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
I hope it doesn't get corrupted though... Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:18 AM To: Exchange Discussions Subject: RE: Brick Level Backup I just installed Office 2003 final from MSDN and was able to export my whole mailbox to a PST. It shows up as 1.8Gig on the exchange 5.5 server, and the PST file is 3.5Gig. Tom -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:35 PM To: Exchange Discussions Subject: RE: Brick Level Backup Everything will fail on a mailbox that's over two gbytes that pushes the data to a pst file. Outlook 11 is supposed to have fixed this, though. John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Posted At: Tuesday, September 16, 2003 5:33 PM Posted To: Exchange Discussion List Conversation: Brick Level Backup Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Brick Level Backup
Yup - PST files will almost always be much larger than the size reported on the Exchange store. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alverson, Tom Sent: Thursday, September 18, 2003 8:18 AM To: Exchange Discussions Subject: RE: Brick Level Backup I just installed Office 2003 final from MSDN and was able to export my whole mailbox to a PST. It shows up as 1.8Gig on the exchange 5.5 server, and the PST file is 3.5Gig. Tom -Original Message- From: John Matteson [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:35 PM To: Exchange Discussions Subject: RE: Brick Level Backup Everything will fail on a mailbox that's over two gbytes that pushes the data to a pst file. Outlook 11 is supposed to have fixed this, though. John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Posted At: Tuesday, September 16, 2003 5:33 PM Posted To: Exchange Discussion List Conversation: Brick Level Backup Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup
I'm hitting the MSKB as I speak, but I wondered if there's a quick 'n' dirty answer to this. Long story short I need to get pub.edb back from last nights backup, someones outlook crashed doing a move of a load of contacts, the contacts appear to have mysteriously lost all their category assignments. I have a verified online backup from last night done using ntbackup, what I would like to do is to do an offline restore (for lack of a better word) so that I have the pub.edb file, I'll then look at building a box with Exchange 5.5 on it and recovering the .edb file to it. It seems ntbackup will only let me restore the entire IS (50-odd gb vs 2gb for just the public store), and only to the original location, I'm pretty happy once I have the .edb file that I can bring it up on a recovery box. I'll admit to having been caught somewhat one the hop here, I've read the disaster whitepapers but they appear to assume you want to recover the lot, onto the original box (which is the scenario I'd taken into account). regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup
It's all or nothing based on what you have indicated. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Hutchings Sent: Thursday, September 18, 2003 9:52 AM To: Exchange Discussions I'm hitting the MSKB as I speak, but I wondered if there's a quick 'n' dirty answer to this. Long story short I need to get pub.edb back from last nights backup, someones outlook crashed doing a move of a load of contacts, the contacts appear to have mysteriously lost all their category assignments. I have a verified online backup from last night done using ntbackup, what I would like to do is to do an offline restore (for lack of a better word) so that I have the pub.edb file, I'll then look at building a box with Exchange 5.5 on it and recovering the .edb file to it. It seems ntbackup will only let me restore the entire IS (50-odd gb vs 2gb for just the public store), and only to the original location, I'm pretty happy once I have the .edb file that I can bring it up on a recovery box. I'll admit to having been caught somewhat one the hop here, I've read the disaster whitepapers but they appear to assume you want to recover the lot, onto the original box (which is the scenario I'd taken into account). regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Recovering 5.5 pub.edb from online backup done with Windows 2 000 ntbackup
That should be doable as I have a spare drive large enough to put in the recovery server, I'm just a little surprised that ntbackup for Windows 2000 doesn't give the option of restoring either/or database? regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] -Original Message- From: Tony Hlabse [mailto:[EMAIL PROTECTED] Sent: 18 September 2003 15:27 To: Exchange Discussions Subject: RE: Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup It's all or nothing based on what you have indicated. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Hutchings Sent: Thursday, September 18, 2003 9:52 AM To: Exchange Discussions I'm hitting the MSKB as I speak, but I wondered if there's a quick 'n' dirty answer to this. Long story short I need to get pub.edb back from last nights backup, someones outlook crashed doing a move of a load of contacts, the contacts appear to have mysteriously lost all their category assignments. I have a verified online backup from last night done using ntbackup, what I would like to do is to do an offline restore (for lack of a better word) so that I have the pub.edb file, I'll then look at building a box with Exchange 5.5 on it and recovering the .edb file to it. It seems ntbackup will only let me restore the entire IS (50-odd gb vs 2gb for just the public store), and only to the original location, I'm pretty happy once I have the .edb file that I can bring it up on a recovery box. I'll admit to having been caught somewhat one the hop here, I've read the disaster whitepapers but they appear to assume you want to recover the lot, onto the original box (which is the scenario I'd taken into account). regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Win2k SP 4 with Exchange 5.5
Hey Guys Running Exchange 5.5 SP4, on WIN2K server w/ SP3. When looking at my Queues, I noticed that I've been getting a load of messages with no originators? Maybe around 30 a day. Any ideas, suggestions on where they're coming from? Any way to stop them? Thanks, Paulie -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 4:35 PM To: Exchange Discussions Subject: RE: Win2k SP 4 with Exchange 5.5 Please elaborate -Original Message- From: John Strongosky [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 1:32 PM To: Exchange Discussions Subject: RE: Win2k SP 4 with Exchange 5.5 yes, ex5.5 sp4 won't work with win2ksp4 as of last weekend when I had to rebuild a server. Microsoft tech said there was going to be patch soon. john -Original Message- From: Matt Hoffman [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 1:26 PM To: Exchange Discussions Subject: Win2k SP 4 with Exchange 5.5 Does anyone else have this same setup and have you experienced any problems with upgrading to Win2K SP 4? Windows 2000, SP3 with all hotfixes, Exchange 5.5 SP 4 I'm just wondering about any major issues with Win2K SP4 interfering with Exchange that anyone else has experienced. Thanks, Matt _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Locking down RPC; winexch2k
In an effort to sound stupid... What durn patch? For the recent RPC vulns? Yeah, done. Now, to lock RPC to one port, do I need to do that for all win2k servers or just the ADs, GCs, and Exchange back-end servers? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 16:10 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. -- -- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. -- -- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Locking down RPC; winexch2k
Why the need to do this? - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:00 AM Subject: RE: Locking down RPC; winexch2k In an effort to sound stupid... What durn patch? For the recent RPC vulns? Yeah, done. Now, to lock RPC to one port, do I need to do that for all win2k servers or just the ADs, GCs, and Exchange back-end servers? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 16:10 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. -- -- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. -- -- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Locking down RPC; winexch2k
Unless I'm mistaken, in order to let a front-end server communicate to back-end server servers (exchange and ad), a variety of ports are needed... Including one negotiated port for RPC. Usually this ends up being 1026 on my server, but it's possible to lock it down to one high port and allow that port only through the FW to the internal lan. Yah? Excerpt: If you want the features that require RPCs, such as authentication or implicit logon, but do not want to open the wide range of ports above 1024, you can configure your domain controllers, global catalog servers, and all other back-end servers to use a single known port for all RPC traffic. For more information about how to restrict RPC traffic, see Microsoft Knowledge Base article Q224196, Restricting Active Directory Replication Traffic to a Specific Port (http://go.microsoft.com/fwlink/?LinkID=3052ID=224196). My question is, does back-end servers above refer only to exchange servers or all win2k servers on the LAN? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Thursday, September 18, 2003 11:02 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k Why the need to do this? - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:00 AM Subject: RE: Locking down RPC; winexch2k In an effort to sound stupid... What durn patch? For the recent RPC vulns? Yeah, done. Now, to lock RPC to one port, do I need to do that for all win2k servers or just the ADs, GCs, and Exchange back-end servers? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 16:10 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. -- -- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. -- -- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You.
RE: Win2k SP 4 with Exchange 5.5
Those are called NDRs - non delivery reports. That's the way they're supposed to work -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Paul kondilys [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:44 AM To: Exchange Discussions Subject: RE: Win2k SP 4 with Exchange 5.5 Hey Guys Running Exchange 5.5 SP4, on WIN2K server w/ SP3. When looking at my Queues, I noticed that I've been getting a load of messages with no originators? Maybe around 30 a day. Any ideas, suggestions on where they're coming from? Any way to stop them? Thanks, Paulie -Original Message- From: Martin Blackstone [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 4:35 PM To: Exchange Discussions Subject: RE: Win2k SP 4 with Exchange 5.5 Please elaborate -Original Message- From: John Strongosky [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 1:32 PM To: Exchange Discussions Subject: RE: Win2k SP 4 with Exchange 5.5 yes, ex5.5 sp4 won't work with win2ksp4 as of last weekend when I had to rebuild a server. Microsoft tech said there was going to be patch soon. john -Original Message- From: Matt Hoffman [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 1:26 PM To: Exchange Discussions Subject: Win2k SP 4 with Exchange 5.5 Does anyone else have this same setup and have you experienced any problems with upgrading to Win2K SP 4? Windows 2000, SP3 with all hotfixes, Exchange 5.5 SP 4 I'm just wondering about any major issues with Win2K SP4 interfering with Exchange that anyone else has experienced. Thanks, Matt _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Locking down RPC; winexch2k
IMO, it might make more sense to simply have the FE behind the firewall as well. There are some Exchange specific technet articles on how to configure this however. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:07 AM Subject: RE: Locking down RPC; winexch2k Unless I'm mistaken, in order to let a front-end server communicate to back-end server servers (exchange and ad), a variety of ports are needed... Including one negotiated port for RPC. Usually this ends up being 1026 on my server, but it's possible to lock it down to one high port and allow that port only through the FW to the internal lan. Yah? Excerpt: If you want the features that require RPCs, such as authentication or implicit logon, but do not want to open the wide range of ports above 1024, you can configure your domain controllers, global catalog servers, and all other back-end servers to use a single known port for all RPC traffic. For more information about how to restrict RPC traffic, see Microsoft Knowledge Base article Q224196, Restricting Active Directory Replication Traffic to a Specific Port (http://go.microsoft.com/fwlink/?LinkID=3052ID=224196). My question is, does back-end servers above refer only to exchange servers or all win2k servers on the LAN? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Thursday, September 18, 2003 11:02 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k Why the need to do this? - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:00 AM Subject: RE: Locking down RPC; winexch2k In an effort to sound stupid... What durn patch? For the recent RPC vulns? Yeah, done. Now, to lock RPC to one port, do I need to do that for all win2k servers or just the ADs, GCs, and Exchange back-end servers? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 16:10 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. -- -- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. -- -- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please
RE: Locking down RPC; winexch2k
Yes there is a KB article on how to do this. Search using Accessing Exchange through firewall or something of the like. -Original Message- From: Yanek Korff [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:07 AM To: Exchange Discussions Subject: RE: Locking down RPC; winexch2k Unless I'm mistaken, in order to let a front-end server communicate to back-end server servers (exchange and ad), a variety of ports are needed... Including one negotiated port for RPC. Usually this ends up being 1026 on my server, but it's possible to lock it down to one high port and allow that port only through the FW to the internal lan. Yah? Excerpt: If you want the features that require RPCs, such as authentication or implicit logon, but do not want to open the wide range of ports above 1024, you can configure your domain controllers, global catalog servers, and all other back-end servers to use a single known port for all RPC traffic. For more information about how to restrict RPC traffic, see Microsoft Knowledge Base article Q224196, Restricting Active Directory Replication Traffic to a Specific Port (http://go.microsoft.com/fwlink/?LinkID=3052ID=224196). My question is, does back-end servers above refer only to exchange servers or all win2k servers on the LAN? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Thursday, September 18, 2003 11:02 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k Why the need to do this? - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 11:00 AM Subject: RE: Locking down RPC; winexch2k In an effort to sound stupid... What durn patch? For the recent RPC vulns? Yeah, done. Now, to lock RPC to one port, do I need to do that for all win2k servers or just the ADs, GCs, and Exchange back-end servers? -Yanek. -Original Message- From: Andy David [mailto:[EMAIL PROTECTED] Posted At: Wednesday, September 17, 2003 16:10 Posted To: Exchange Conversation: Locking down RPC; winexch2k Subject: Re: Locking down RPC; winexch2k just apply the durn patch. Sheesh. - Original Message - From: Yanek Korff [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 4:07 PM Subject: Locking down RPC; winexch2k Quick question. When restricting RPC to one known port by adding REG_DWORD TCP/IP Port to HKEY_LOCAL_MACHINE\CurrentControlSet\Services\NTDS\Parameters, does this need to be done on EVERY Win2k server, or just the ADs, GCs, and Exchange Back-End Servers? -Yanek. -- -- This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete all copies of this message. Cigital, Inc. accepts no responsibility for any loss or damage resulting directly or indirectly from the use of this email or its contents. Thank You. -- -- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode= lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] This electronic message transmission contains information that may be confidential or privileged. The information contained herein is intended solely for the recipient and use by any other party is not authorized. If you are not the intended recipient (or otherwise authorized to receive this message by the intended recipient), any disclosure, copying, distribution or use of the contents of the information is prohibited. If you have received this electronic message transmission in error, please contact the sender by reply email and delete
RE: Brick Level Backup
I always get errors in the exmerge log that I assume were due to antivirus (NAV for exchange 5.5) slowing things down. Do you have to stop AV to run this? Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 5:47 PM To: Exchange Discussions Subject: RE: Brick Level Backup I don't do that. Here's the basics of what I do: Exmerge (with various command line switches that I'm too lazy to look up right now). Cd \exmergedata Del pst.9.zip Ren pst.8.zip pst.9.zip Ren pst.7.zip pst.8.zip .. Ren pst.zip pst.1.zip Zip -m -9 pst.zip *.pst This is in a batch file that gets run nightly via the scheduler. I keep 10 days of snapshots of select mailboxes. Customer is happy, it was easy to script, and it didn't cost anything other than a bit of disk space. -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 8:27 AM To: Exchange Discussions Subject: RE: Brick Level Backup But if you keep on dumping new data into the same PST, eventually it will grow quite large, even if your online mailbox limit is low. Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:02 PM To: Exchange Discussions Subject: RE: Brick Level Backup This is true. I've never worked with an Exchange system where the mailbox limits were set anywhere near 2GB, so it's never been an issue for me. -Original Message- From: Alverson, Tom [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 4:33 PM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge fails on mailboxes over 2gig... Tom -Original Message- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 10:46 AM To: Exchange Discussions Subject: RE: Brick Level Backup Exmerge -Original Message- From: Aaron Shimmons [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 8:19 AM To: Exchange Discussions Subject: Brick Level Backup Hi all What is the best brick level backup software for Exchange 2000? I have gave up on Arcserve as it crashes to many times on critical restores. Any advice welcome. Regards Aaron Shimmons Network Administrator _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Attachment Blocking/Unblocking via Exchange server
Hello All. Windows XP defaults to blocking level 1 attachments. I did my homework on the issue and have found out that this can be changed at either the client or the Exchange server. I was wondering how other Exchange Administrators handle attachment blocking and what your theory on the subject? I do not want to unblock at the server level and want to tell users to Zip files before sending. Level 1 does not block .zip files. Thanks for any comments. Samantha _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Attachment Blocking/Unblocking via Exchange server
There is an article at MS which forces the client to use the Public Folder Outlook Security Settings or Outlook 10 Security Settings (for XP) setup for security. Using that, they can't over ride. -Original Message- From: Bridges, Samantha [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:09 To: Exchange Discussions Subject: Attachment Blocking/Unblocking via Exchange server Hello All. Windows XP defaults to blocking level 1 attachments. I did my homework on the issue and have found out that this can be changed at either the client or the Exchange server. I was wondering how other Exchange Administrators handle attachment blocking and what your theory on the subject? I do not want to unblock at the server level and want to tell users to Zip files before sending. Level 1 does not block .zip files. Thanks for any comments. Samantha _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Attachment Blocking/Unblocking via Exchange server
I block at the Gateway using a Dell. - Original Message - From: Bridges, Samantha [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 12:09 PM Subject: Attachment Blocking/Unblocking via Exchange server Hello All. Windows XP defaults to blocking level 1 attachments. I did my homework on the issue and have found out that this can be changed at either the client or the Exchange server. I was wondering how other Exchange Administrators handle attachment blocking and what your theory on the subject? I do not want to unblock at the server level and want to tell users to Zip files before sending. Level 1 does not block .zip files. Thanks for any comments. Samantha _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
Jason, When was the last time you got a spam from [EMAIL PROTECTED] When was the last time you got a spam from [EMAIL PROTECTED] Only spaking from personal experience, but the number of spam messages sent from a non-existant domain is tiny. -Walden PS. Having said that, I think what Verisign did was dumb. Walden H Leverich III President Tech Software (516) 627-3800 x11 (208) 692-3308 eFax [EMAIL PROTECTED] http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.) -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
unable to send mail to Public Folder from External Address
We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
I'd argue with you all the way to the IMS server with you on that point! ;0) Seriously...we get ~100k-150k (This is a conservative estimate) spams/month on our system. Probably 60-75% of those are from non-existant domains...and that's just the stuff that gets through. We get ~250k NDRs/month from people trying to brute-force spam us. 90% of that is from non-existant domains. -Original Message- From: Walden H. Leverich III [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:08 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist :::snip::: Only spaking from personal experience, but the number of spam messages sent from a non-existant domain is tiny. -Walden _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
My mistyped domain resulted in versigns page.What a travesty. -Original Message- From: Chinnery, Paul [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:41 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist From Wired.com (http://www.wired.com/news/technology/0,1282,60473,00.html): VeriSign's controversial typo-squatting Site Finder service is about to be bypassed by an emergency software patch to many of the Internet's backbone computers. Paul Chinnery Network Administrator Mem Med Ctr -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:09 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist All you base are belong to us Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2003 11:22 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I'm surprised how quiet this group is being regarding this issue. This has potentially enormous ramifications. For one thing, this effectively breaks reverse-DNS lookups that anti-spam applications use to verify sending domains as being valid. Come on now, Verisign is masking the difference between a valid domain and NXDOMAIN for all protocols, all users, and all software. Doesn't anyone here have an opinion? Jason -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Monday, September 15, 2003 8:02 PM To: Exchange Discussions Subject: All .COM / .NET domain names now exist [My apologies for the cross-post, but this has the potential to impact just about everybody who uses the Internet...] As of a little while ago (it is around 7:45 PM US Eastern on Mon 15 Sep 2003 as I write this), VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones. The IP address returned is 64.94.110.11, which reverses to sitefinder.verisign.com. What that means in plain English is that most mis-typed domain names that would formerly have resulted in a helpful error message now results in a VeriSign advertising opportunity. For example, if my domain name was somecompany.com, and somebody typed soemcompany.com by mistake, they would get VeriSign's advertising. (VeriSign is a company which purchased Network Solutions, another company which was given the task by the US government of running the .COM and .NET top-level domains (TLDs). VeriSign has been exploiting the Internet's DNS infrastructure ever since.) This will have the immediate effect of making network trouble-shooting much more difficult. Before, a mis-typed domain name in an email address, web browser, or other network configuration item would result in an obvious error message. You might not have known what to do about it, but at least you knew something was wrong. Now, though, you will have to guess. Every time. Some have pointed out that this will make an important anti-spam check impossible. A common anti-spam measure is to check and make sure the domain name of the sender really exists. (While this is easy to force, every little bit helps.) Since all .COM and .NET domain names now exist, that anti-spam check is useless. VeriSign's commentary: http://www.verisign.com/resources/gd/sitefinder/implementation.pdf http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf Third-party reference: http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
We get ~250k NDRs/month from people trying to brute-force spam us. 90% of that is from non-existant domains. Fair enough, guess I'm just lucky. I withdraw my comment. G -Walden Walden H Leverich III President Tech Software (516) 627-3800 x11 (208) 692-3308 eFax [EMAIL PROTECTED] http://www.TechSoftInc.com Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems profound.) _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
Actually, the travesty is that your company is so far behind in the hardware/software options available when spec'ing out and building a new computer from your web page. -Original Message- From: Matt [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:24 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist My mistyped domain resulted in versigns page.What a travesty. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
I think the travesty is in your flaming post, but that is my opinion and I am entitled to one. What does his company's website have to do with Verisign hijacking unregistered domains? Absolutely nothing and is unrelated to the list. Your comments are unnecessary and directed as a personal attack. I would appreciate it if you would refrain from posting to the list unless you can contribute in a useful manner. - Scott Weston - -Original Message- From: Blunt, James H (Jim) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 12:31 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist Actually, the travesty is that your company is so far behind in the hardware/software options available when spec'ing out and building a new computer from your web page. -Original Message- From: Matt [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:24 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist My mistyped domain resulted in versigns page.What a travesty. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
Im not one to usually post, and have been on the list for only about a year now. Within that year I have learned town things: 1) there are a handful of people on this list who REALLY know their stuff AND actively post here(and me thinks James is one of them) and 2)this list is one of the funniest damn list I can think of for just this reasonive gotten flamed myself a few times. I think its just a matter of taking it all in stride Move on -Original Message- From: Scott Weston [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:53 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I think the travesty is in your flaming post, but that is my opinion and I am entitled to one. What does his company's website have to do with Verisign hijacking unregistered domains? Absolutely nothing and is unrelated to the list. Your comments are unnecessary and directed as a personal attack. I would appreciate it if you would refrain from posting to the list unless you can contribute in a useful manner. - Scott Weston - -Original Message- From: Blunt, James H (Jim) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 12:31 PM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist Actually, the travesty is that your company is so far behind in the hardware/software options available when spec'ing out and building a new computer from your web page. -Original Message- From: Matt [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:24 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist My mistyped domain resulted in versigns page.What a travesty. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: All .COM / .NET domain names now exist
oh yeesh. is it thursday again already? -Original Message- From: Mark Nold [mailto:[EMAIL PROTECTED] Posted At: Thursday, September 18, 2003 1:00 PM Posted To: MSExchange Mailing List Conversation: All .COM / .NET domain names now exist Subject: RE: All .COM / .NET domain names now exist Im not one to usually post, and have been on the list for only about a year now. Within that year I have learned town things: 1) there are a handful of people on this list who REALLY know their stuff AND actively post here(and me thinks James is one of them) and 2)this list is one of the funniest damn list I can think of for just this reasonive gotten flamed myself a few times. I think its just a matter of taking it all in stride Move on -Original Message- From: Scott Weston [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 10:53 AM To: Exchange Discussions Subject: RE: All .COM / .NET domain names now exist I think the travesty is in your flaming post, but that is my opinion and I am entitled to one. What does his company's website have to do with Verisign hijacking unregistered domains? Absolutely nothing and is unrelated to the list. Your comments are unnecessary and directed as a personal attack. I would appreciate it if you would refrain from posting to the list unless you can contribute in a useful manner. - Scott Weston - _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Making an Outlook folder permanent
Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Exchange 2003 RBL
Has anyone used the RBL feature in Exchange 2003? How effective is it? What is / are the most reliable list to use? Thanks Jason _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Public folder Errors
Hello, Since you're quoting Q numbers in other posts, I'm guessing you did the steps in Q307917. This isn't going to help you recover, but I've been moving to a new server myself and although the entire Public Hierarchy came across just fine, some Public Folder content didn't. From ESM I'd export the item count for each PF store and then go into to Excel to see how things matched up. A follow up with OUTLOOK accounts to the different stores verified some didn't sync at all, some were missing a couple messages, etc... It APPEARS that having PF virus scanning on screwed-up the initial Sync of content. For folders that didn't replicate content completely I can drop a message in the PF, and then a backfill will be fired off that evening, and everything is synced up (I'm running with PF Virus scanning turned off currently). FWIW, Brent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erick Thompson Posted At: Wednesday, September 17, 2003 5:00 PM Posted To: MS Exchange List Conversation: Public folder Errors Subject: Public folder Errors First, a little background. I installed Exchange 2000 on a new LAN server, which was the only server in the domain. After some testing, we realized that the server would become quickly overloaded. So, I moved a new server into the domain, made it a domain controller, and installed Exchange but did not transfer the FSMO roles (the first DC is still the file/print server). I moved all the mailboxes over, and turned on replication for the public folders (but I missed some). After a day, I removed Exchange from the first server. However, I think the removal did not go cleanly, as I'm now running into a bunch of errors. Someone on the Exchange gets the following error in Outlook (2000). Unable to update public free/busy data. I've taken a look at the server, and it appears the public folder that stores the info (can't remember the name at the moment) is gone. How can I recreate it? In the event log, I have the error 9127 from MSExchangeSA: OALGen encountered error [0x80004005] while calculating the OALs. This appears to be due to the lack of a Offline Address Book (OAB). How can I recreate it? User created public folders are only available in System Manager on the server, not on any workstation with Exchange tools installed. System Manager on a workstation doesn't display any public folders (including Internet Newsgroups) under First Admin Group-Folders-Public Folders. Under First Admin Group-..-Public Folders Store-Public Folders, I can see the folders, but if I select them, I get class not registered. ID no 80040154 Exchange system manager. The folders don't have much in them, so I can delete them and start over, but I'd like to know what's going on. These folders were replicated from the old server. Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Online Defragmentation
Ok I can except that But how do you schedule it? Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 6:15 PM To: Exchange Discussions Subject: Re: Online Defragmentation It's not scheduled? Ed --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: I have a Server Exchange 5.5 Sp4 that when I look in the Log File I do not show the online defrag of the Priv. however I show the Pub. Any ideas on why this would not be running? Joshua Morgan Senior Network Administrator AIMCO W. 864 239-1015 C. 864 449-9912 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Online Defragmentation
I've had this happen before. A reboot has fixed it. Russ --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: I have a Server Exchange 5.5 Sp4 that when I look in the Log File I do not show the online defrag of the Priv. however I show the Pub. Any ideas on why this would not be running? Joshua Morgan Senior Network Administrator AIMCO W. 864 239-1015 C. 864 449-9912 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Making an Outlook folder permanent
I don't know...maybe just create the mailbox? I'm a Domain Admin / Exchange Admin with full Admin rights on my local machine, and I couldn't delete one of the standard folders (Inbox, Sent, Outbox, etc) if I wanted to. If your users can, I would look into the security settings of the local security policy maybe? Or the options you had set for your Outlook install? -Original Message- From: Adams, Kevin C. [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:55 AM To: Exchange Discussions Subject: Making an Outlook folder permanent Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Making an Outlook folder permanent
I'm not sure that's completely correct.. I believe you can delete these folders via an IMAP client... like Eudora for example I believe that Outlook itself is what prevents you from deleted the standard folders... not the server... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Blunt, James H (Jim) Sent: Thursday, September 18, 2003 3:14 PM To: Exchange Discussions Subject: RE: Making an Outlook folder permanent I don't know...maybe just create the mailbox? I'm a Domain Admin / Exchange Admin with full Admin rights on my local machine, and I couldn't delete one of the standard folders (Inbox, Sent, Outbox, etc) if I wanted to. If your users can, I would look into the security settings of the local security policy maybe? Or the options you had set for your Outlook install? -Original Message- From: Adams, Kevin C. [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:55 AM To: Exchange Discussions Subject: Making an Outlook folder permanent Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Making an Outlook folder permanent
You could write a global store event sink that implements onsyncsave and cancels any deletion or rename of the folder in question. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adams, Kevin C. Sent: Thursday, September 18, 2003 11:55 AM To: Exchange Discussions Subject: Making an Outlook folder permanent Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Online Defragmentation
Also my be of note It defrags the Pub like 3 times and I get an Event ID of 183 at about 6:59am noting this: MSExchangeIS (289) Online defragmentation of database 'E:\exchsrvr\MDBDATA\PRIV.EDB' was interrupted and terminated. The next time online defragmentation is started on this database, it will resume from the point of interruption. It never completes Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Morgan, Joshua (Greenville) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:21 PM To: Exchange Discussions Subject: RE: Online Defragmentation Tried that and it does not help Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Russ Payne [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:04 PM To: Exchange Discussions Subject: RE: Online Defragmentation I've had this happen before. A reboot has fixed it. Russ --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: I have a Server Exchange 5.5 Sp4 that when I look in the Log File I do not show the online defrag of the Priv. however I show the Pub. Any ideas on why this would not be running? Joshua Morgan Senior Network Administrator AIMCO W. 864 239-1015 C. 864 449-9912 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
If you can't risk the data getting out, then break your Internet connection. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Tuesday, September 16, 2003 4:25 PM To: Exchange Discussions Subject: Re: OWA front end server - licensing and security Instal a certificate on the front-end server and open port 443 to the front-end server. Putting a front-end server in a DMZ requires you to open lots of dangerous ports through the internal firewall to the Exchange servers, DCs and GCs. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I'm setting up OWA in my organization, and I have two choices. I can === message truncated === __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use
RE: OWA front end server - licensing and security
I don't see how that would stop key-logging. Ed --- Greg Marr [EMAIL PROTECTED] wrote: We have set up our OWA to require two-factor authentication (SecurID) which eliminates any key-logging concerns but this system is not cheap at approx $300 AU ($160 US) per user. The upside is that you can use the same system to authenticate all of your remote access users (dial-up, VPN, etc) and this is the function that really allows me to sleep well at night. I guess that it all depends on how many people are going to require this functionality and of course, your budget. Greg -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Thursday, 18 September 2003 10:07 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is an SMTP server in my DMZ that relays messages to the Exchange server. At the moment, I don't have any other Exchange servers running. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley === message truncated ===
RE: OWA front end server - licensing and security
It doesn't, but it keeps people from reusing credentials. At least I believe that's the posters point. Steve Evans SDSU Foundation -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 1:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security I don't see how that would stop key-logging. Ed --- Greg Marr [EMAIL PROTECTED] wrote: We have set up our OWA to require two-factor authentication (SecurID) which eliminates any key-logging concerns but this system is not cheap at approx $300 AU ($160 US) per user. The upside is that you can use the same system to authenticate all of your remote access users (dial-up, VPN, etc) and this is the function that really allows me to sleep well at night. I guess that it all depends on how many people are going to require this functionality and of course, your budget. Greg -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Thursday, 18 September 2003 10:07 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2003 11:29 a.m. To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Ed, I'm a little confused. You're recommending that I put in a front end server, but not in the DMZ? It seems to me that I might have to open a bunch of ports, but if the front end server is in the LAN, all ports are by default open. Just to clarify, I have one Exchange server which lives on my LAN, and there is
Re: Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup
You don't have an online backup? That you could restore to a box with a different name. Ed --- Paul Hutchings [EMAIL PROTECTED] wrote: I'm hitting the MSKB as I speak, but I wondered if there's a quick 'n' dirty answer to this. Long story short I need to get pub.edb back from last nights backup, someones outlook crashed doing a move of a load of contacts, the contacts appear to have mysteriously lost all their category assignments. I have a verified online backup from last night done using ntbackup, what I would like to do is to do an offline restore (for lack of a better word) so that I have the pub.edb file, I'll then look at building a box with Exchange 5.5 on it and recovering the .edb file to it. It seems ntbackup will only let me restore the entire IS (50-odd gb vs 2gb for just the public store), and only to the original location, I'm pretty happy once I have the .edb file that I can bring it up on a recovery box. I'll admit to having been caught somewhat one the hop here, I've read the disaster whitepapers but they appear to assume you want to recover the lot, onto the original box (which is the scenario I'd taken into account). regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: unable to send mail to Public Folder from External Address
Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Online Defragmentation
The plot thickens I think I'd be doing some offline testing soon. -Original Message- From: Morgan, Joshua (Greenville) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 14:34 To: Exchange Discussions Subject: RE: Online Defragmentation Also my be of note It defrags the Pub like 3 times and I get an Event ID of 183 at about 6:59am noting this: MSExchangeIS (289) Online defragmentation of database 'E:\exchsrvr\MDBDATA\PRIV.EDB' was interrupted and terminated. The next time online defragmentation is started on this database, it will resume from the point of interruption. It never completes Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Morgan, Joshua (Greenville) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:21 PM To: Exchange Discussions Subject: RE: Online Defragmentation Tried that and it does not help Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Russ Payne [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:04 PM To: Exchange Discussions Subject: RE: Online Defragmentation I've had this happen before. A reboot has fixed it. Russ --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: I have a Server Exchange 5.5 Sp4 that when I look in the Log File I do not show the online defrag of the Priv. however I show the Pub. Any ideas on why this would not be running? Joshua Morgan Senior Network Administrator AIMCO W. 864 239-1015 C. 864 449-9912 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Making an Outlook folder permanent
You might be able revoke a user's ownership permissions on his mailbox and then assign him individual permissions on folders therein, but I strongly suspect that Outlook wouldn't function properly in that case. Even if you could, I think it would probably be a waste of time. It would probably be easier to write a daemon that scans all mailboxes and puts back the folder if people delete it. Ed --- Adams, Kevin C. [EMAIL PROTECTED] wrote: Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Online Defragmentation
Set a block of time on the weekend so it can run for 48 hours unimpeded and see what happens. Ed --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: Also my be of note It defrags the Pub like 3 times and I get an Event ID of 183 at about 6:59am noting this: MSExchangeIS (289) Online defragmentation of database 'E:\exchsrvr\MDBDATA\PRIV.EDB' was interrupted and terminated. The next time online defragmentation is started on this database, it will resume from the point of interruption. It never completes Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Morgan, Joshua (Greenville) [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:21 PM To: Exchange Discussions Subject: RE: Online Defragmentation Tried that and it does not help Joshua Morgan AIMCO W. 864 239-1015 -Original Message- From: Russ Payne [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:04 PM To: Exchange Discussions Subject: RE: Online Defragmentation I've had this happen before. A reboot has fixed it. Russ --- Morgan, Joshua (Greenville) [EMAIL PROTECTED] wrote: I have a Server Exchange 5.5 Sp4 that when I look in the Log File I do not show the online defrag of the Priv. however I show the Pub. Any ideas on why this would not be running? Joshua Morgan Senior Network Administrator AIMCO W. 864 239-1015 C. 864 449-9912 _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
Have you tried tracking the message? Have you turned up logging to verify that the message is even making it to the Exchange server? You aren't filtering based on address at the perimeter, are you? Some companies do that. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
Also, are your SMTP virtual servers configured to forward unresolved addresses somewhere else? Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: OWA front end server - licensing and security
Perhaps, but that's not what he said. Ed --- Steve Evans [EMAIL PROTECTED] wrote: It doesn't, but it keeps people from reusing credentials. At least I believe that's the posters point. Steve Evans SDSU Foundation -Original Message- From: Ed Crowley [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 1:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security I don't see how that would stop key-logging. Ed --- Greg Marr [EMAIL PROTECTED] wrote: We have set up our OWA to require two-factor authentication (SecurID) which eliminates any key-logging concerns but this system is not cheap at approx $300 AU ($160 US) per user. The upside is that you can use the same system to authenticate all of your remote access users (dial-up, VPN, etc) and this is the function that really allows me to sleep well at night. I guess that it all depends on how many people are going to require this functionality and of course, your budget. Greg -Original Message- From: Erick Thompson [mailto:[EMAIL PROTECTED] Sent: Thursday, 18 September 2003 10:07 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security We talked about this exact scenario. We decided that given how easy it is to install a key logger, and other malware, on public systems we decided it was too risky. We are planning on using public folders quite heavily with data that we can't risk getting out. Same with the address books. We are trying to figure out a way to give people access to email only from a public terminal. No public folders or address books. If you have any suggestions, that would be great. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Wednesday, September 17, 2003 4:40 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security ISA is a better solution in a DMZ because it doesn't require the plethora of holes in the internal firewall. http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/prodtechnol/isa/deploy/isaexch.asp Requiring VPN (your other message) is a good idea, however, you may be coming back to ISA or some other idea when your users demand to be able to get e-mail from a coffeehouse kiosk terminal. Ed --- Erick Thompson [EMAIL PROTECTED] wrote: I have to admit to being a little confused, how would ISA help, aside from being a proxy? Which isn't nothing, but I'm wondering if I'm missing something else. Thanks, Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Webb, Andy Sent: Wednesday, September 17, 2003 7:04 AM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security Don't forget you also have to fully protect the front end server from all the other servers on the DMZ from which it is not isolated. Those other systems may have been placed on the DMZ in an insecure state with the thought that if anyone broke them, they would be isolated from the internal LAN. What happens when you put the FE in the DMZ is you break that theory. The DMZ is no longer isolated from the LAN. You definitely have to secure the FE, but once you have, why not put it inside where it is not at risk from questionable systems on the DMZ? Better to put an ISA server in the DMZ as was suggested earlier. Regarding IPSEC, Exchange 2003 explicitly states that IPSEC is now supported between front end and back end. So if you upgrade, that's perhaps an option. Though a lesser one than using ISA imho. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leeann McCallum Sent: Tuesday, September 16, 2003 6:32 PM To: Exchange Discussions Subject: RE: OWA front end server - licensing and security You could throw an OWA front end server in the DMZ, put certificate on as Ed suggests, and then wrap everything up in an IPSEC packet that goes between the front end and backend. Between the client on the net and the front end, you would use SSL, so just open 443. -Original Message- From: Erick Thompson === message truncated === __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ:
Recreate OAB and F/B public folders
Due to a mistake on my part, I've lost the OAB and Free/Busy public folders. I need to recreate these folders. I found a good MS document (Q152960) that states how to do this for Exchange 5.5, but I'm running 2000. Does anyone have a reference or know how to recreate the OAB and F/B public folders? Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup
Ed, I have online backups done nightly using ntbackup on Windows 2000, the online backup is done to a dedicated disk, the file on disk is then streamed to tape later on when the normal filesever backups are done. Problem I'm seeing is that when you load the online backup file into ntbackup it simply recognizes Directory and Information Store objects, you don't appear to be able to select which store you want to restore, unless I'm misinterpreting something. regards, Paul - Original Message - From: Ed Crowley [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 9:43 PM Subject: Re: Recovering 5.5 pub.edb from online backup done with Windows 2000 ntbackup You don't have an online backup? That you could restore to a box with a different name. Ed --- Paul Hutchings [EMAIL PROTECTED] wrote: I'm hitting the MSKB as I speak, but I wondered if there's a quick 'n' dirty answer to this. Long story short I need to get pub.edb back from last nights backup, someones outlook crashed doing a move of a load of contacts, the contacts appear to have mysteriously lost all their category assignments. I have a verified online backup from last night done using ntbackup, what I would like to do is to do an offline restore (for lack of a better word) so that I have the pub.edb file, I'll then look at building a box with Exchange 5.5 on it and recovering the .edb file to it. It seems ntbackup will only let me restore the entire IS (50-odd gb vs 2gb for just the public store), and only to the original location, I'm pretty happy once I have the .edb file that I can bring it up on a recovery box. I'll admit to having been caught somewhat one the hop here, I've read the disaster whitepapers but they appear to assume you want to recover the lot, onto the original box (which is the scenario I'd taken into account). regards, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Exchange 2003 RBL
RBL's are not a good thing. They tend to jam legit users/companies in with the spammers. A couple of them just went poof here recently and marked the world as spammers. Do you really want to trash your communications link that way? John Matteson Geac Corporate ISS (404) 239 - 2981 Atlanta, Georgia, USA. -Original Message- From: Jason Clishe [mailto:[EMAIL PROTECTED] Posted At: Thursday, September 18, 2003 3:36 PM Posted To: Exchange Discussion List Conversation: Exchange 2003 RBL Subject: Exchange 2003 RBL Has anyone used the RBL feature in Exchange 2003? How effective is it? What is / are the most reliable list to use? Thanks Jason _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Automatic Deletion
Oooo hard crowd tonight, anyone would think this was the Swnyk Exchange list. hang on it is! [EMAIL PROTECTED] 19/09/2003 1:09:59 a.m. yes -Original Message- From: Exchange List [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 2:39 AM To: Exchange Discussions Subject: Automatic Deletion Hi, Is there anyway to set an automatic deletion of mails after certain time/mailbox size on per user basis. Regards, Irf. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] ** Northland State of the Environment Report 2002 now online at www.nrc.govt.nz ** NORTHLAND REGIONAL COUNCIL This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] ** _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
Yes to this one and they aren't. I am checking the tracking now. Which logging should I be turning up? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 5:05 PM To: Exchange Discussions Also, are your SMTP virtual servers configured to forward unresolved addresses somewhere else? Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
I did the tracking. It shows the internal messages but not the external messages. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gonzalez, Alex Sent: Thursday, September 18, 2003 5:41 PM To: Exchange Discussions Yes to this one and they aren't. I am checking the tracking now. Which logging should I be turning up? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 5:05 PM To: Exchange Discussions Also, are your SMTP virtual servers configured to forward unresolved addresses somewhere else? Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
You should also check the SMTP queues on the Exchange server. Is there anything sitting in the Unreachable destination queue? Sincerely, Andrey Fyodorov Systems Engineer Messaging and Collaboration Spherion -Original Message- From: Gonzalez, Alex [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 1:08 PM To: Exchange Discussions Subject: unable to send mail to Public Folder from External Address We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Mailbox moves completed, but....
Good afternoon, I have completed moving 1700+ mailboxes from one server to the other. We are using Outlook 98 Exchange Windows 2000. After the moves were completed I have a few stray mailboxes that are hanging around that are duplicated on the two servers. Under total K they show 0K, even though the mailbox on the correct server (the one moved to) show the correct space 58,098K. I am afraid if we delete the mailbox on the almost empty server, we will delete the real mailbox. So we don't want to do that. We could dump the mailbox to a PST, delete the mailbox and restore the mailbox, but that would cause problems because all communications to the old mailbox would be severed and people couldn't do replies to the eMAILs that are sitting in the mailbox. Meetings couldn't be canceled. What a quandary. What do we do? Just turn off the server and clean it off.. I don't think so. Thanks for any help you might have. Regards, Mike Mitchell Systems email Administrator Alverno Information Services * [EMAIL PROTECTED] *:(317) 783-9341 EXT. 6211 Education is when you read the fine print, experience is what you get when you don't! - Pete Seeger _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Mailbox moves completed, but....
Where does AD say the mailbox is? Has c run on the old database lately? Steve Evans SDSU Foundation -Original Message- From: Mitchell Mike [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 3:30 PM To: Exchange Discussions Cc: Duncan Scott Subject: Mailbox moves completed, but Good afternoon, I have completed moving 1700+ mailboxes from one server to the other. We are using Outlook 98 Exchange Windows 2000. After the moves were completed I have a few stray mailboxes that are hanging around that are duplicated on the two servers. Under total K they show 0K, even though the mailbox on the correct server (the one moved to) show the correct space 58,098K. I am afraid if we delete the mailbox on the almost empty server, we will delete the real mailbox. So we don't want to do that. We could dump the mailbox to a PST, delete the mailbox and restore the mailbox, but that would cause problems because all communications to the old mailbox would be severed and people couldn't do replies to the eMAILs that are sitting in the mailbox. Meetings couldn't be canceled. What a quandary. What do we do? Just turn off the server and clean it off.. I don't think so. Thanks for any help you might have. Regards, Mike Mitchell Systems email Administrator Alverno Information Services * [EMAIL PROTECTED] *:(317) 783-9341 EXT. 6211 Education is when you read the fine print, experience is what you get when you don't! - Pete Seeger _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Re: Making an Outlook folder permanent
I thought that default mailbox folders such as deleted item and others are not able to be deleted. If other just recover them as long as retention is set and possible setting Dumpster always on just in case. I have found that user can delete mailbox folders using the OWa interface. The only way to get them back was to use the reset folders switch when starting Outlook. I wonder if they fixed the OWA issue I ran across since E2K2000/SP1 From: Ed Crowley [EMAIL PROTECTED] Reply-To: Exchange Discussions [EMAIL PROTECTED] To: Exchange Discussions [EMAIL PROTECTED] Subject: Re: Making an Outlook folder permanent Date: Thu, 18 Sep 2003 14:00:11 -0700 (PDT) You might be able revoke a user's ownership permissions on his mailbox and then assign him individual permissions on folders therein, but I strongly suspect that Outlook wouldn't function properly in that case. Even if you could, I think it would probably be a waste of time. It would probably be easier to write a daemon that scans all mailboxes and puts back the folder if people delete it. Ed --- Adams, Kevin C. [EMAIL PROTECTED] wrote: Greetings, Can anyone tell me if there is way to make a folder in a users mailbox that they cant delete? Any way at all? Thanks, -K- _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ Need more e-mail storage? Get 10MB with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Recreate OAB and F/B public folders
Responding to my post for the purpose of the archive. I figured out how to reset/recreate the public folders. The key is in Q275171, and basically involves resetting the GUID that represents the site. Erick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Erick Thompson Sent: Thursday, September 18, 2003 2:29 PM To: Exchange Discussions Subject: Recreate OAB and F/B public folders Due to a mistake on my part, I've lost the OAB and Free/Busy public folders. I need to recreate these folders. I found a good MS document (Q152960) that states how to do this for Exchange 5.5, but I'm running 2000. Does anyone have a reference or know how to recreate the OAB and F/B public folders? Thanks, Erick _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchanget ext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Mailbox moves completed, but....
So power down the old exchange server and see if they can still access their mailbox -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Evans Sent: Thursday, September 18, 2003 5:38 PM To: Exchange Discussions Subject: RE: Mailbox moves completed, but Where does AD say the mailbox is? Has c run on the old database lately? Steve Evans SDSU Foundation -Original Message- From: Mitchell Mike [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 3:30 PM To: Exchange Discussions Cc: Duncan Scott Subject: Mailbox moves completed, but Good afternoon, I have completed moving 1700+ mailboxes from one server to the other. We are using Outlook 98 Exchange Windows 2000. After the moves were completed I have a few stray mailboxes that are hanging around that are duplicated on the two servers. Under total K they show 0K, even though the mailbox on the correct server (the one moved to) show the correct space 58,098K. I am afraid if we delete the mailbox on the almost empty server, we will delete the real mailbox. So we don't want to do that. We could dump the mailbox to a PST, delete the mailbox and restore the mailbox, but that would cause problems because all communications to the old mailbox would be severed and people couldn't do replies to the eMAILs that are sitting in the mailbox. Meetings couldn't be canceled. What a quandary. What do we do? Just turn off the server and clean it off.. I don't think so. Thanks for any help you might have. Regards, Mike Mitchell Systems email Administrator Alverno Information Services * [EMAIL PROTECTED] *:(317) 783-9341 EXT. 6211 Education is when you read the fine print, experience is what you get when you don't! - Pete Seeger _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
Exchange 2000 Firewall Ports
Windows 2000 Server Exchange 2000 Server I recently got a Cisco PIX and I need to know what ports are absolutely necessary to allow inbound traffic through the firewall for people to be able to send mail in, access OWA, etc. I am reading that port 135 needs to be allowed inbound but due to all the hype with RPC these days I was wondering if the port was necessary. Thanks in advance. Justin _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: unable to send mail to Public Folder from External Address
Anonymous must be set to contributor -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 2:05 PM To: Exchange Discussions Subject: RE: unable to send mail to Public Folder from External Address Also, are your SMTP virtual servers configured to forward unresolved addresses somewhere else? Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: Sure: We have Public Folders that are mail enabled. When we send mail to them from External Addresses mail never gets there. Funny thing is that no one ever receives an NDR either. Thanks, Alex -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley Sent: Thursday, September 18, 2003 4:45 PM To: Exchange Discussions Define unable to send mail. Ed --- Gonzalez, Alex [EMAIL PROTECTED] wrote: We are running Exchange 2000 SP3. We have some Public Folders that are mail enabled. For some reason external people are unable to send mail to it. We have given Default and Anonymous Contributor rights but still nothing. Can someone point me in the right direction. Thanks, Alex _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Exchange 2000 Firewall Ports
Setup a VPN with the PIX. There is no reason to waste all the money on one if you are just going to turn it into swiss cheese to access Exchange. Yes, RDP is necessary if you are trying to allow users to use Outlook at home, but since a large number of consumer ISP's block it since MSBlast, it's a waste of time. As for other ports, SMPT: 25 OWA: 80 or 443 The rest should be firewalled. -Original Message- From: Justin Lape [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 7:51 PM To: Exchange Discussions Subject: Exchange 2000 Firewall Ports Windows 2000 Server Exchange 2000 Server I recently got a Cisco PIX and I need to know what ports are absolutely necessary to allow inbound traffic through the firewall for people to be able to send mail in, access OWA, etc. I am reading that port 135 needs to be allowed inbound but due to all the hype with RPC these days I was wondering if the port was necessary. Thanks in advance. Justin _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]
RE: Automatic Deletion
Thanks for your reply, how can we do that? -Original Message- From: Fyodorov, Andrey [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 6:10 PM To: Exchange Discussions Subject: RE: Automatic Deletion yes -Original Message- From: Exchange List [mailto:[EMAIL PROTECTED] Sent: Thursday, September 18, 2003 2:39 AM To: Exchange Discussions Subject: Automatic Deletion Hi, Is there anyway to set an automatic deletion of mails after certain time/mailbox size on per user basis. Regards, Irf. _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=; lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=?=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED] _ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchangetext_mode=lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin:[EMAIL PROTECTED]