msdigest.net

PFDAVAadmin is still a great tool to manage public folders. It helps you do a lot of things "in bulk" that you would not easily be able to do otherwise (in a GUI). At least not as quickly and it works with Exchange 2000/2003/2007 even though it’s an old utility. However, on two different Exchange 2007 servers, I have received messages similar to this:

‘Could not expand https://localhost/exadmin/admin/mydomain.com/public%20folders/: name cannot begin with the ’0′ character, hexadecimal value 0×30. Line 1, position 386′

I figured something was wrong with my public folder configuration, but thanks to a discussions on the web, I found that it relates to the .Net framework used by the utility. This message occurs if you do not have the Microsoft .NET Framework v1.1 installed on the server. (Exchange 2007 uses the v2.0 Framework).
Microsoft recommends using the PFDAVAdmin utility from a workstation, not from the console of the Exchange server, though. If you get this message, do NOT install the v1.1 Framework on an existing Exchange 2007 server. You run the risk of resetting some of the v2.0 Framework settings and, thus, breaking Exchange Server 2007!

So if you want to run PFDAVAdmin from the console of an Exchange 2007 server, you need to install the v1.1 .NET Framework prior to building Exchange.

Thanks to Jim McBee for highlighting this.

This great blog post by the Forefront team about Backscatter protection and how to deal with it using Forefront Protection 2010 for Exchange Server.

In essence, backscatter is a DSN (Delivery Status Notification) delivered to a recipient who never sent the original mail in the first place. While the DSN itself is perfectly legitimate and valid notification initiated by a reputable MTA, it has been sent to a user who never initiated the original mail transaction.

Read the blog post here.

Microsoft has announced an update of the Exchange 2007 Storage Cost Calculator.

The new version 2.9 is available for download here.

For more information about the enhancements in the new version, check the blogpost at msexchangeteam.com.

A third party Exchange Client for Google Android (The Google Mobile platform) has been confirmed. It’s being developed by Aardvark Labs and is currently in limited beta.

The client will provide real-time, wireless synchronization of email, calendar, and contacts for the Google Android OS and T-Mobile G1.

Public launch of the Exchange Client begins Q1 of 2009 and a limited beta will commence shortly.

Not that Google Android phones are that available yet, it could be interesting for some. In Europe T-Mobile has announced a G1 phone.

Read more and sign up for the beta here.

Read more about what is Android and the Android platform.

This post is not directly Exchange related, but more general about one way of enhancing messaging security, so it’s actually relevant no matter what messaging platform you have.

In this post I’ll try to outline some of the hosted mail gateway security products that are available on the market. A mail gateway is generally used to relay mail in and out of the company. Mail Security gateway became popular services a few years back, by providing external scanning for spam and virus of all incoming mail traffic. Today some ome of the services listed below also has additional features, such as backup and compliance among some of the features.

Below is some of the messaging security companies that provide mail security, there’s properly a lot more, but these seems to be the most popular ones:

• Microsoft Exchange Hosted Filtering (Formerly known as FrontBridge)
• MessagingLabs (Recently acquired by Symantec)
• ExchangeDefender
• Postini (Now owned by Google, now part of Google Apps Security Services)
• Comendo (also known as Virus112)
• SoftScan
• SpamFighter (Available as a hosted solution and as a module for Exchange)

The last 3 are Danish companies and they all provide a hosted mail gateway solution, although SpamFighter also have the product: SpamFighter Exchange Module, a lot similar to what we know from the Microsoft product: ForeFront Server for Exchange Server.

Of course the price varies on the products and services listed above. I don’t know all the services myself.

This post was meant as inspiration and to list the options of hosted mail security solutions available. Using external mail security gateway solutions is a great way of enhancing messaging security for your company, without having the competence in-house to maintain and manage the mail security solutions and keep all the spam and virus filters up-to-date.

It’s still not best practice to always use an external mail gateway to enhance messaging security, but again depending on the organizations requirements it could be very good practice.

Pros:

• The provider is doing filtering as their business and they are usually very good at it
• SMTP backup, if the internal Exchange is unavailable for a period, the mail is usually kept for up to 7 days and you can pay for more
• Usually 4-8 different scan and spam engines are used
• All maintenance are handled externally, you pay for a service and no other costs to licenses and software maintenance
• All spam/virus definition updates are handled externally and more frequently than a lot of the internal solutions
• All support handled externally

Cons:

• All support handled externally
• “Trust the provider” – this is essential with any hosted services
• You might loose some control of the filters, depending on the control you are used too

By using external solutions like the ones above, does not mean you can leave your internal Exchange without any antivirus and antispam software. It’s always good practice to have a two layer security strategy, combining the external solution with you existing internal solution. So there’s no savings on the cost of licenses and management of the internal solution, but security is always a cost at some point, it’s just a matter of what level you want.

When talking about TCO with hosted messaging security, it’s worth mentioning, that if you already have Exchange Enterprise CALs, Microsoft Exchange Hosted Filtering is available at no additional charge.

Cross-posted at: http://it-experts.dk/blogs/petsch/archive/2008/10/22/messaging_2D00_security.aspx

As previously written in one of my earlier posts and on msexchangeteam.com, a pre-release version of Update Rollup 4 for Exchange Server 2007 Service Pack 1 (KB952580) was inadvertently made available to Microsoft Update, the Microsoft Update Catalog, and Windows Software Update Services (WSUS) servers for download and soon after taken offline again.

Now the final release of Update Rollup 4 for Exchange Server 2007 Service Pack 1 has been released. Fixes for the following issues are included (details in KB 952580).

Direct link to download:

• Update Rollup 4 for Exchange Server 2007 Service Pack 1

If you by accident have installed the pre-release version of Update Rollup 4, you should uninstall it before installing the final version. Read more on the MSExchangeTeam blog:

• Update Rollup 4 for Exchange Server 2007 SP1 has been released
• INFO: Update Rollup 4 for Exchange Server 2007 Service Pack 1

Microsoft has announced an update of Mailbox Server Role Storage Requirements Calculator for Exchange Server 2007.

The new version 16.0 is available for download here.

For more information about the enhancements in the new version, check the blogpost at msexchangeteam.com.

As issue that I’ve seen on Exchange 2007 after a migration from Exchange 2003, if you try to remove an accepted domain, but keep getting this error:

Cannot remove the domain ‘<domain name>’ because it is referenced by the proxy address template ‘smtp:@<domain name>’

First off go to the Exchange Management Console – Microsoft Exchange – Organisation configuration – Hub Transport – E-mail Address Policies.

Make sure that the domain is removed from any policies that you have set up, if the problem still persists go to a domain controller that has Windows Server Support Tools installed.

Run: adsiedit.msc from Start – Run

now browse to the following:

• Configuration
• CN=Configuration,DC=<Domain Name>,DC=<Root>
• CN=Services
• CN=Microsoft Exchange
• CN=<Exchange Organization>
• CN=Recipient Policies

Now right click CN=Default Policy and select properties.
Scroll down to the attribute named disabledGatewayProxy, select it and click edit. Remove the offending domain and click ok.
Give it a while for active directory to replicate across all domain controllers.

Go to the Exchange Management Console – Microsoft Exchange – Organisation configuration – Hub Transport – Accepted Domains

You should now be able to remove the offending domain successfully.