Yeah, the links are a mess. Press CTRL-F to find what you
need. I'm still looking around for a better format that will work with this web
server.
Updated:
2009-12-22 |
Back to Main Page
Quick Links:
DNS |
Exchange |
Exchange 2007 Specific |
Headers |
IMF|
ISP Info |
Misc |
Outlook |
NEW! Outlook Web Access (OWA)
| NEW!
Exchange Activesync (iPhone/Moble Access) |
RBLDNSLookups for servers |
RBLChecks |
SPF |
Spyware/AntiVirus |
Telnet |
Utilities
The following are links I need to access while I'm out on the road
(AKA Can't remember the name of the site, so I end up wasting
time Googling the frelling thing, and not always getting the right search term
down cause Google frelled with the engine too much and the query style I use to
use no longer works). All external links will open up in a new
window.
More to come as I need/find the URLs. I'll also get the content cleaned up
and better organized as I find things. But first...
Are YOU on an Email blacklist?
The
Cost of Spam & Bulk Email
(AKA Just one small scenario of why I have to spend so
much @*$% time in this particular field.)
Daylight Savings Time Changes!!
Moved to it's own page here
Reading Email Headers
- Hey, if I can teach my 65-year-old Mother how to read them, you can to.
How to Interpret Email Headers
- EarthLink's take on it.
How to Obscure Any URL -
How Spammers And Scammers Hide and Confuse - Rather dated, but still relevant.
DNS Stuff: DNS tools, DNS hosting tests,
WHOIS, traceroute, ping, and other network and domain name tools.
- This site alone is probably one of the best lookup sites
out there.
DNS Report - For checking your DNS
records to see if they were done right. Part of the DNS Stuff site.
I can't recommend DNSStuff/DNSReport anymore as
all they want is money now for their services. So... here are some alternatives:
intoDNS: checks DNS
and mail servers health - intodns.com - Looks like dnsreport.com back when it was a great
and simple site.
DNS Report Online -
thednsreport.com -
Nice, but very limited (currently) on what is reported.
Free
DNS Report - dnscolos.com - Again nice, but limited (currently) on what is reported.
And here's 10+ more:
Technology Beyond Infinity: DNSstuff.com Alternative : 10 Free Sites
IP Tools (Whois, DNS Record lookups, etc.):
DNS Tools and Network
Tools for Free - An dnsstuff alternative or replacement
http://www.diggip.com/
SamSpade.org and the
Windows Utility (Hosted here as
samspade.org has had some major problems)
robtex swiss army knife internet tool -
Another place to find out more info on IP addresses and the space used by them.
Telnet - SMTP Commands
(sending mail using telnet)
Telnet - POP Commands
(retrieving mail using telnet)
SMTP Command Syntax
and
Semantics
Not directly related to mail, but still an important note:
RFC 1918 [13] defines network addresses
for private, intranet use. Countless organizations use those subnets behind
network address translation servers. In theory, these private addresses should
never leak into to the public Internet.
Section 3 of RFC 1918 states:
Indirect references to such addresses should be contained within the enterprise.
Prominent examples of such references are DNS Resource Records and other
information referring to internal private addresses. In particular, Internet
service providers should take measures to prevent such leakage.
That is, outside observers (such as a root server) should not
see IP packets with source or destination addresses that are in RFC
1918-specified address space. We also should not observe PTR queries for such
addresses. DNS administrators must install reverse zone files for the RFC
1918 address space that they use, essentially pirating the DNS for this space,
and then make sure there is no access to these zone files from the external
global Internet.
In other words; When configuring DNS for an Active Directory forest,
set up the reverse zone for your subnet(s)!! Even though SBS does
most of the work, it still doesn't set up the reverse zone(s)! :(
Back to top...
SPF: A Sender Policy Framework to
Prevent Email Forgery
Remember that CNN.com trojan-spam? Guess who DOESN'T have a SPF record which
could have helped prevented it?!
MXToolBox - Sender Policy Framework
(SPF) record lookup - Checks your EXISTING SPF record.
SPF Query Tool -
Python-based. Can be used for offline checking.
SPF Testing - via DNS Stuff
Dead due to greed.
Microsoft's Sender ID Framework SPF Record Wizard
- NOT TO BE CONFUSED WITH
SENDER POLICY
FRAMEWORK (SPF)!
- Buggy as hell when tested on 2006-10-18
Back to top...
RBLDNS Lookup configurations - Enter these into your client/server to
auto-block emails coming from relays, blacklisted IPs, etc. Included is the info
you'll need to configure Block List Service Configuration under the Connection
Filtering tab in Exchange 2003 SP2's Message Delivery Properties (Phew! That's a
mouthful), or in Exchange 2007 Management Console: Organization Configuration,
Hub Transport, Anti-spam Tab, IP Block List Providers, Providers Tab, then click
on the +Add... button. The display Name (2k3) or Provider Name (2k7) can be
anything you want. I use the same name as the DNS Suffix of Provider or Lookup
Domain. I generally use these in the order show.
Distributed Sender Blackhole List
- DO NOT USE! They've had a MAJOR HD failure in the database
server.Open Relay Database (ordb.org)
- How do I use ORDB to protect my mail server?
DO NOT USE! They've had a MAJOR HD failure in the
database server.- The Spamhaus Project -
SBL
DNS Suffix of Provider (2k3) or Lookup domain (2k7): sbl-xbl.spamhaus.org or use
zen.spamhaus.org,
but this could increase false-positives as it blocks IPs of users not using
their ISPs relays.
Custom Error Message to Return: Your mail has been rejected by Spamhaus
Real-time Block List. Please see http://www.spamhaus.org/query/bl?ip=%0 (or
{0} for 2k7)
To test it, send any email from the server you're setting this up on to:
nelson-sbl-test@crynwr.com . You will get a response
showing you the communication.
- Using SORBS - Scroll
down for instructions and lookup zones.
DNS Suffix of Provider (2k3) or Lookup domain (2k7):
dnsbl.sorbs.net
Custom Error Message to Return: Your mail has been rejected by SORBS
Real-time Block List. Please see http://www.us.sorbs.net/lookup.shtml?%0 (or
{0} for 2k7)
- Passive Spam Block List -
Quick setup:
DNS Suffix of Provider: (2k3) or Lookup domain (2k7)
psbl.surriel.com
Custom Error Message to Return: Your
mail has been rejected by Spamikaze Real-time Block List. Please see http://psbl.surriel.com/listing?ip=%0&list=PSBL+list+query
and http://psbl.surriel.com/evidence?ip=%0 (Change both %0s to {0} for
Exchange 2007)
- SpamCannibal - Honeypot of
spam sources. Caution: Can cause higher false-positives!
What's nice here is that if an IP is listed, you can see the actual spam
message, including the headers.
DNS Suffix of Provider (2k3) or Lookup
domain (2k7): bl.spamcannibal.org
Custom Error Message to Return:
Your mail has been rejected by SpamCannibal Real-time Block List. Please
go to http://www.spamcannibal.org and lookup IP Address %0 (or {0} for 2k7)
- The Abusive Hosts Blocking List -
Use of the DNSbl ip4r Service
- iX - NiX Spam DNSBL and
blacklist for download
Some things to consider:
- An alternative from using the above RBLDNS servers is setting up
your own internal server, which pulls the RBLDNS records and stores them
locally:
Wrbldnsd - Rbldnsd for Windows (Setup ideas and stuff here:
DNSBL Queries, Data Acquisition & Usage)
- I personally don't recommend SpamCop because of the large amount of
false-positives. Consider this: A user signs up for a mailing list, or doesn't
read the fine print. Instead of unsubscribing, or forgetting they signed up,
they submit it as spam to SpamCop. I sign up for the same thing, and now I
don't get them any more because the system tags it as spam (This has happened
to me on several occasions). See my point?
- SURBL -- Spam URI Real-time Blocklists
- Filters email that contains blacklisted websites. Not usable with DNS
lookups like the others listed above! This is designed for proxy/firewall URL
filtering to keep users from going to those sites, and/or antispam systems
that can scan incoming emails for sites mentioned in the SURBL listings. One
nice thing about this type of system is that it can allow a spammer to connect
(the server has one of the spammer's IP addresses now), then when the spammer
tries to compose the email (after the DATA command), the system can drop the
connection, blacklist the IP, and log the IP address for further processing.
Back to top...
RBL Checks:
Back to top...
Exchange Server:
-
Google Groups: microsoft.public.win2000.active_directory - Don't disable
an account with an Exchange mailbox, expire it instead! This will keep the
backups working, and prevent the Event ID 9548 error.
-
About Exchange: Event 9548, disabled mailboxes and other stuff - Explains
the Event ID 9548 error better.
- The NoMAS Tool
- Another alternative to the Event ID 9548 error. A tool that will dig through
AD and find accounts with the msExchMasterAccountSid attribute not set (hence
causing the 9548 error).
- Somorita
Surfboards - Tips, Tricks, Neat Things - More links, mostly Exchange
Exchange smtp log:
downloadable software. - LOOK! TOYS! hehe -
Dead. I knew I should have archived this site.-
Configure RPC over HTTP/S on a Single Server
- MS KB Article on the same thing:
How to configure RPC over
HTTP in Exchange Server 2003
-
Connection to Exchange via RPC over HTTP through ISA Server 2000
- 833401 How to configure RPC over HTTP on a single server in Exchange
Server
2003:
http://support.microsoft.com/?id=833401
- 325930 How to troubleshoot connectivity issues that are caused by RPC
client protocol registry entries:
http://support.microsoft.com/?id=325930
-
Configure RPC over HTTP/S on a Single Server
- Delivery status notifications
in Exchange Server and in Small Business Server - AKA What does the 4.x.x
or 5.x.x errors mean?
- XADM: How to Rehome Public
Folders in Exchange 2000
- Link state issues and
routing issues in Exchange 2000 Server and in Exchange Server 2003
- How to remove the
last Exchange Server 5.5 computer from an Exchange Server 2003 administrative
group
- How to remove the
first Exchange Server 2003 computer from the administrative group - Also,
once you have all the public folders replicated, you should right-click
on the Public Folder store and click on Move all replicas BEFORE you
decommission the Exchange 200x server.
- XADM: How to Remove the
First Exchange 5.5 Server in a Site
- Common Mistakes
When Upgrading Exchange 5.5/2000 To a Exchange 2003
- Error message
when you try to remove an orphaned mailbox after a failed move operation in
Exchange 2003: "The Operation cannot be performed because this mailbox was
already reconnected to an existing user" - If you see Error # c1034ad6,
this does the trick.
- Error message when
you try to remove Exchange 2000 Server from a mailbox server that no longer
hosts mailboxes: "One or more users currently use a mailbox store on this
server"
-
How to Move Objects Between Administrative Groups - I know, this may seem
like a "Duh!" moment, but "simple things can tend to be forgotten" ;).
- How the Recipient Update
Service applies recipient policies
- How to defragment with the
Eseutil utility - Also, here are some VBScripts to dismount and mount
the database: (To be added later)
- TechArena Community -
How to change the POP3 Connector Schedule: "There
is a way to do this, you have to add an accelerator dword to the registry. Add a ScheduleAccelerator (DWORD) entry to:
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinessServer\Network\POP3
Connector"
To determine the actual polling interval: Divide the POP3 Scheduling
interval (the value you have configured in the POP3-Connector
GUI'sScheduling tab) by the value you set for the ScheduleAccelerator reg
entry. For example, if you specify a 15-minute interval in the
POP3-Connector GUI, and you set the ScheduleAccelerator value to 3, the POP3
Connector will poll every 5 minutes (15 divided by 3). If you set it to 5,
the POP3 Connector will poll every 3 minutes.
This is unsupported by Microsoft and it is said that it should only be used
in a testing environment.
I used it and removed it after a couple of days as it was causing numerous
errors with exchange. Some people use it and say it has worked for years
with no problems." - Personally I don't recommend it unless you
have the bandwidth and/or don't have to worry about messages being too
large. I've seen "collisions" happen when the POP3 connector is still
pulling email down when the next polling interval hits. It has a fit and
basically says "I've got a session already going!" and bitches about
it in the event logs. So use this with caution.
- "501 5.5.4 Invalid Address"
error message from a sending UNIX server
Related searches:
http://www.ask.com/web?q=501 5.5.4 invalid address&qsrc=145&o=12770&l=dir
-
Using ExMerge to recover a Single Mailbox or Mailbox Item
- How to recover or to
restore a single mailbox in Exchange Server 2003
- How to recover the
information store on Exchange 2000 Server or Exchange Server 2003 in a
single site.
- The Exchange database store
may not mount in Exchange Server 2003 or in Exchange 2000 Server, and event
IDs 9175, 486, 455, 413, and 5 may be logged - Yes, this one has bitten
me more times than I care to admit. It usually happens when I forget to (or
can't) exclude the location of the transaction log files in an antivirus
program. Something that might also help if the e00.log file is trashed or
lost is:
1. Stop the Exchange Store service.
2. Rename the e00.log and e00.chk files. Never ever EVER delete
them until you are 110% positive the store is stable!!!
3. Make a copy the last e00xxxxx.log file.
4. Rename that last e00xxxxx.log file to e00.log
5. Start the Exchange store service.
When you start the store, it should replay all of the transaction logs
(Check the application log to see if it does). You might loose a
little data, but not as much as the entire store. :)
-
Explaining the Database size limit changes in Exchange 2003 Service Pack 2
and how to make the changes.
- How to use Recovery Storage
Groups in Exchange Server 2003
-
Dgoldman's WebLog : How to troubleshoot the OAB Generation process
- Messages remain in an
outbound queue until a non-delivery report is generated when you send e-mail
to a remote domain - This is also suppose to disable XEXCH50 on outside
domains, preventing Event 7010. Tried it (restarted SMTP even) and it didn't
work. But, according to this article
SMTP EventID 7010,
xexch50 & 504 occur, it's not anything to worry about. Just reduce the
diag logging from max to the next level down. Not really a good answer, but
what can you do?
-
Implementing Custom Recipient Policies - Some tips for creating custom
email addresses. Exchange 2000/2003 only. Exchange 2007 makes this much
easier to do with the built-in wizard.
- Exchange 2000/2003 - How to
customize the SMTP e-mail address generators through recipient policies
- So you can customize the email address generation, like First Initial and
Last Name. This also mentions the issue with modifying the Default Policy.
Just create a new policy with the same attributes as the Default. It won't
hurt having a .local and a .com/.net/.org/etc. address. Exchange 2007 info
is in below.
-
How to Move Exchange Server 2003 to New Hardware and Keep the Same Server
Name - This tip also works on a SBS server (as I found out the hard
way).
- How to recover the
information store on Exchange 2000 Server or Exchange Server 2003 in a
single site - Man, did this one save my bacon. :)
- Event IDs 8276 and 8207
are logged after you set the regional settings to Turkish on a Windows
Server 2003-based computer that is running Exchange Server 2003
- Exchange System Manager
in Exchange Server 2003 stops responding when you try to access Exchange
Help after you install Internet Explorer 7 - Just rename the PSAPI.DLL
in the Exchange Bin folder. You might have to stop Exchange System Attendant
(which will also stop the store and MTA stacks) and the IIS services before
you can do this (IISRESET /STOP, rename file, IISRESET /START)
Exchange 2007 Specific:
-
Microsoft Exchange Server
Remote Connectivity Analyzer - Prototype - HOT!!!
-
Do NOT ever delete or move the %SYSTEMDRIVE%\ExchangeSetupLogs folder from
your server. For whatever reason when an update or rollup is applied, it can
break OWA and possibly other things. REF:
Description of Update Rollup 2 for Exchange 2007
-
TechNet - Microsoft Exchange Server 2007 - RTFM Baby! ;)
-
Exchange
2007 System Requirements
-
Exchange
2007 Frequently Asked Questions
- Server roles of Exchange 2007:
Hub
Transport Server Role: Overview - Typical Install
Client
Access Server Role: Overview - Typical Install
Mailbox
Server Role: Overview - Typical Install
Unified
Messaging Server Role: Overview - NOT part of the typical install, and
for good reason: "Unified Messaging combines voice messaging, fax, and
e-mail into one Inbox, which can be accessed from the telephone and the
computer. Unified Messaging integrates Exchange Server 2007 with the
telephony network in your organization and brings the features found in
Unified Messaging to the core of the Exchange Server product line." I'm
going to guess that you would want to set up a separate server just for this
task because of the overhead on the server, as well as the network, that
this will bring. Also, in order to integrate Exchange 2007 with your PBX
system, you HAVE to think this through as a lot of PBX systems just won't
work. Here's a list from MS that is updated regularly:
Telephony Advisor for Exchange Server 2007
Edge
Transport Server Role: Overview - Only ONE server can be this, and it
can't be an Exch2007 server and/or a AD Controller. It CAN be a AD member
server. It's roll is to be a public-facing server that will take the brunt
of attacks from hackers and spammers. Normally placed on a DMZ or before the
LAN firewall. This role does not handle OWA! The Client Access
Server Role does that. It's strictly for anti-spam/anti-virus/SMTP
protection. Basically it's MS's version of a
Barracuda box.
- How to view and
transfer FSMO roles in the graphical user interface - This is needed
when you need to change the Schema Master Role, among other things, from a
2000 AD Server.
- SMTP / Routing Group
connector state changes cause needless connector state toggling in Exchange
2000 Server - When you run the 2007 Readiness checker in ExBPA, you'll
get a
message about
Link state
suppression is not enabled. Looks to be a bit risky to do this if you're
running just one Exchange server with no failover system in place.
- How
to Install Exchange 2007 in an Existing Exchange Server 2003 Organization
- Planning for Coexistence -Some interesting info about having 2007 and
having either/or/both 2003 and 2000 servers running in the same
organization. For example: "Exchange Server 2003 and Exchange 2000 Server used
Simple Mail Transfer Protocol (SMTP) as the primary communication protocol
between Exchange servers. In Exchange 2007, the server roles use RPC for
server-to-server communication and rely on the Hub Transport server to
perform SMTP transport." This one alone can make an admin go nuts if
there is some kind of firewall or Access Control List between the servers.
- Verifying an Exchange 2007 Installation
- Things you will need in order to backup an Exchange 2007 server with
Backup Exec:
Download details: Microsoft Exchange Server MAPI Client and Collaboration
Data Objects 1.2.1 - Installed on the Exchange server.
These next two are HUGE downloads, so plan on some Bacardi breaks while
waiting for them. ;)
Download details: Exchange Server 2007 - Management Tools (32-Bit) - If
installing Backup Exec on a separate 32-bit server.
Download details: Exchange Server 2007 Service Pack 1 - Both 32-bit and
64-bit editions are here. CRUCIAL if the server(s) are already patched.
- You
Had Me At EHLO... : Exchange Server 2007 Recipient Policies and Accepted
Domains
-
Mike Lagase : Steps to help mitigate Excessive Paging and Working Set
trimming issues on Exchange 2007 servers
-
Exchange
anti-spam myths revealed
OK. Lets get things moving! (From Exchange 200x to 2007 that is):
- If you're running Exchange 5.5, you have to migrate to 2003 first:
Migrating from Exchange Server 5.5 to 2007
-
How to Remove the Last Legacy Exchange Server from an Organization
- Once you have all the public folders replicated, you should right-click
on the Public Folder store and click on Move all replicas BEFORE you
decommission the Exchange 200x server.
- You have to set up an SMTP connector on the new Exchange 2007 server in
order to send mail outside of your organization. It's called a Send
Connector in Exchange 2007:
How to Configure Internet Mail Flow Directly Through a Hub Transport Server.
There are other ways to configure mail flow described in the "How to Remove"
article linked above, like an Edge server or a SMTP gateway service for
spam/antivirus control.
- Exchange 2007 can change the default Global Message Size limits to it's
own defaults, which is 10 Meg in and out. If you need to alter this:
How to Modify Exchange 2003 Global Message Size Limits in Exchange 2007 RTM.
This should now be possible from the Exchange 2007 Management Console when
SP1 is installed. If you installed 2007 into an existing organization, it
shouldn't touch these values.
- Once public folders are replicated on the Exchange 2007 server, you have
to upgrade them at some point (I'm guessing after you remove any 2k3 replica
links) using the cmdlet parameter Set-AddressList ForceUpgrade. I
still have to research and test this one.
Outlook 9x/200x Specific:
Back to top...
Outlook Web Access (OWA): - Yes, I'm mixing both
2003 and 2007 here since some of the articles will work on both versions. The
older 5.5/2000 versions were to damn ugly and unusable, so there won't be much
info for them in here.
Exchange Activesync (iPhone / Moble Access) -
I dread this at times because of the amount of work you have to put into this to
get it working securely and correctly.
-
Microsoft Exchange Server
Remote Connectivity Analyzer - Prototype - HOT!!!
-
Exchange ActiveSync
and Outlook Mobile Access errors occur when SSL or forms-based
authentication is required for Exchange Server 2003 - This one fixed the
issue I had getting Andy's iPhone to sync with Standard and Enterprise
versions. The SBS version does this as part of the configuration.
-
Walkthrough: Exchange ActiveSync On Your iPhone 2.0 - Shows some of the
perks using ActiveSync on the iPhone.
-
iphone exchange 2007 outlook anywhere - Google Search
-
Microsoft Exchange Server
Remote Connectivity Analyzer - Prototype - Test your connectivity before
deploying it (Yes, I've linked it several times in here on purpose).
- Some quick pointers about using ActiveSync:
You have to use HTTPS/SSL. Don't be stupid using HTTP. Remember that the
users use the same credentials that are in your AD domain. Someone gets
that, and all hell can break loose (spammers, crackers, script-kiddies).
Small Business Server, by default, uses SSL.
You have to open up
TCP port 443 INBOUND on your firewall and redirect it to the LAN IP if
you're using NAT/PAT (You ARE using a firewall, right?).
You have to create a public DNS record for your domain(s) to point to your
public IP(s). You could use just the IP, but the SSL Cert will not match.
You have to have a public SSL certificate that
matches the URL of the domain(s) (Not always cheap).
The SSL certificate publisher (AKA The Root Authority) MUST be
supported on the phone! Not all of the free or cheap ones are! You can
attempt to use the internal LAN certificate, but I've
never gotten it to work without a lot of fuss.
In order to use the AutoDiscover feature, you have to set up a public web
page with all the info for the phone to grab (More on this as time allows).
-
Autodiscover and Exchange 2007 and
How to
Configure Exchange Services for the Autodiscover Service
- Apple -
Support - iPhone - Enterprise - Direct from Apple's mouth
(so-to-speak). Has admin utilities and tips on issues.
-
I always get a
Security Information message indicating that the Certificate could not be
verified when I try to access my Exchange server using Exchange Active Sync.
- Explains why you get the error and ways to fix it.
Intelligent Message Filter:
ISP Info:
Spyware/Virus/Trojan/Worm Submission sites:
Back to top...
Utilities
Back to top...
Misc shit I just need to bookmark:
Back to top...
