September 2006 Archives
As a follow-up to last week's post on public folders and SharePoint, Liam Cleary has a pretty good walkthrough that covers the process of setting up SharePoint document libraries and records archives so that they can directly accept items mailed to them. I haven't had a chance to play with this yet, but it's an important part of Microsoft's arguments around migrating to SharePoint from Exchange public folders, so it's definitely on my radar.
Oh, bother.
I got a testy e-mail from Shane Keats of McAfee asking us to remove SiteAdvisor from the study, based on his claim that SiteAdvisor isn't an anti-phishing toolbar. I wrote a detailed response, in private e-mail, and was prepared to leave it at that.
However, Mr. Keats cried "foul" to InfoWorld and on the IE blog, saying that including SiteAdvisor is "silly and wrong. We don't claim, anywhere, to offer phishing protection. In fact, we're pretty explicit that we don't."
I'll admit to sometimes being silly, and I've certainly been wrong before, but I think in this case it's fair to include SiteAdvisor. Here's why:
- The SiteAdvisor.com home page contains this text: “McAfee SiteAdvisor also complements and enhances your existing security software by detecting threats which traditional security products often miss, including spyware attacks, online scams, and sites that spam you”. I think a reasonable person would likely interpret the reference to “online scams” as including phish.
- Question 2 of the SiteAdvisor FAQ page says “SiteAdvisor is a consumer software company dedicated to protecting Internet users from all kinds of Web-based security threats and annoyances including spyware, adware, unwanted software, spam, phishing, pop-ups, online fraud, and identity theft.” This definitely seems to represent SiteAdvisor as an anti-phishing tool.
- Mr. Keats included a partial quote from this support article: "SiteAdvisor's software does not currently provide automated or real-time phishing detection". However, the full text of this article explicitly says that user reports of phish sites are reported by SiteAdvisor. In our report, we didn’t distinguish between tools that use automated reporting and those, like SiteAdvisor, that can incorporate user-generated reports.
- On August 3rd, I spoke via phone with both Craig Kenwec of McAfee and Scott Van Sickle of Global Fluency, a PR agency that handles client-security PR for McAfee. Both of them told me that SiteAdvisor incorporates anti-phishing functionality.
Microsoft pointed to our study from the IE blog, where there are already several comments, including this one from "Sheep and Duck":
3Sharp was founded in 2002 by three friends: Paul Robichaux, Peter Kelly, and John Peltonen, all experts in their respective fields. Their goal was to establish a company that could demonstrate the robustness, flexibility, and sheer native capabilities of the Microsoft communication and collaboration technologies. By working closely with Microsoft's Information Worker Group, 3Sharp has always been able to stay on the cutting-edge of the Office System technologies.http://www.3sharp.com/about_us.htm
Somehow I don't trust this "study".
To which I say:
Sheep and Duck, I understand why you're skeptical. No matter who commissioned the study, *someone* would distrust the results on that basis alone. However, I think if you read the report, you'll see that we have been transparent about our test methods and the data we used for the test. If you read the report and still have questions, feel free to contact me via e-mail (paulr@3sharp.com) or my blog (www.robichaux.net/blog) and I'll do my best to address them.
The report even says that the actual scores of which product blocked or warned on which URLs is available from us on request. It's hard to be much more transparent than that!
The folks over at mozilla links also asked a good question that I should have addressed in the FAQ: because some of the URLs came from a feed generated by opt-in Hotmail users, does IE have an unfair advantage? The answer is "no", because the feed we used wasn't incorporated in the data feeds that Microsoft uses for the Phishing Filter.
Big day for 3Sharp-- we just released "Gone Phishing", the first public study to compare the effectiveness of anti-phishing technologies for Windows. I alluded to it in an earlier post. The study is the topic of today's podcast installment. As a bonus, this episode features music and even embedded URLs (at least for the iPod-compatible AAC version).
When we started working on "Gone Phishing", I anticipated that I'd get some questions, so I've been keeping a running list of things that I expect to be FAQs.
Q: What's unique about your study?
A: As far as we know, no one's done a public study that directly compares multiple products against a meaningful number of URLs. Most of the evaluations that have been put out there are anecdotal and only used a few URLs.
Q: What did you test?
A: We took 8 anti-phishing products (including the Netcraft toolbar, IE 7's Phishing Filter, Google's Safe Browsing for Firefox, Netscape 8.1, GeoTrust TrustWatch, McAfee SiteAdvisor, the eBay toolbar, and EarthLink's ScamBlocker) and ran two sets of tests: one to determine how good each technology was at catching known phish, and one to see how many mistakes each made on known-good URLs.
Q: Who won?
A: IE 7 came out best overall, with a score of 172 of a possible 200. Netcraft was a very close second, scoring 168/200. For the rest of the scoring, see the report.
Q: Microsoft commissioned the study. Isn't it biased?
A: No. 3Sharp, not Microsoft, designed the methodology, picked the URLs, and ran the tests. The report includes a complete discussion of how we did this, and even lists of the URLs we tested. We believe our methodology is sound and we're being 100% transparent about how we got the results we did so that others can duplicate the results if they like.
Q: How'd you decide who won?
A: We calculated a composite accuracy score for each technology. This score combined the product's performance at blocking or warning phish with its accuracy in not blocking or warning on legitimate URLs. Each technology earned points for correct blocks/warns and lost points for bogus blocks/warns. (See p10 of the report for the full scoring formula). A product that blocked all 100 phish and none of the 500 good URLs would score a perfect 200; a product that didn't block anything (e.g. IE 6, Safari, Firefox 1.5, Opera, etc.) would score 0.
Q: 200? I thought there were only 100 phish.
A: We used 100 live phish and 500 known good URLs for the test. However, our scoring formula counts 2 points for a block and 1 point for a warning-- so if product X blocked all 100 phish, it would score 200.
Q: Why'd you decide that a block should score twice as much as a warn?
A: Users have increasingly become conditioned to ignoring security warnings. In our view, stopping someone from going to a potentially dangerous site is better than suggesting that they not do it.
Q: What URLs did you use?
A: We gathered 100 phish for the tests; we did this by using several data feeds, scanning them using regular expressions, and then manually culling out the real phish. We tested each phish by hand to make sure that it was still live before running our tests, then we manually tested each phish in each technology and scored the results. Each phish was tested within 48 hours of its arrival to make sure it was fresh (or is that "phresh"?) See appendices A and B of the report for a complete list. For the known-good URLs, we took a set of 500 randomly selected URLs from our data feeds, then manually checked them to make sure they weren't 404.
Q: Why didn't you test <my favorite product>?
A: We had to take a snapshot of available products at a point in time. We couldn't test all of the products, and we couldn't go back and re-do the tests every time one of the technologies got updated. For example, EarthLink released an update to ScamBlocker during our test period, Mozilla released Firefox 2.0 (which includes anti-phishing features) recently, and Microsoft has updated IE 7 twice since the tests. Because phish have such a short lifetime, we couldn't go back and re-run the tests.
w00t! Microsoft just released PowerShell release candidate 2. That's good news for almost everyone-- I say "almost" because I'm working on a PowerShell poster for Windows IT Pro and now I have to go back and study the changes with a fine-tooth comb to see which ones I need to incorporate. (Remember, the current Exchange 2007 beta build requires PowerShell RC0; I'm not sure what will happen if you install RC2 on top of a working Exchange 2007 install, but I'm not gonna try it.)
Over on Ed's blog, he's been talking about how the battle between IBM Lotus and Microsoft isn't about e-mail. In the comments, I pointed out that both sides want the battle to be about their broader platform... but many customers still think it's about messaging and calendaring, and they see the debate in those terms. That may be because they're more familiar with messaging and calendaring tools, or it may be because (despite protestations to the contrary) many Notes shops aren't using all the collaboration functionality that they paid for (and have to manage).
Arlene and I got our free iPod nano units from KeyBank's promotion today. I was expecting a 1GB unit because that's what the ad promised. Instead, though, they shipped me one of the brand new (as in, introduced two weeks ago) aluminum 2GB models. I'm delighted! That's way nicer than I expected. Now, if I can just get Key to send me that debit card I asked for...
Want to try Exchange 2007 Unified Messaging? Microsoft is working with a set of select partners to sell a "trial kit" with the hardware you'll need. Rather, they're selling some of the hardware you'll need: an AudioCodes gateway that will link up to 4 analog phone lines with your Exchange UM server via Voice-over-IP. That gives you Outlook Voice Access, play-on-phone, and the Exchange automated attendant. You also get two hours of phone support, which you'll probably need to set up the gateway.
Reuters has an interesting story today on how phishers are cranking up their attempts to steal your money-- and your identity. Symantec released a study today claiming an 81% increase in the number of unique phishing message sent out in the first half of 2006 vs the second half of 2005-- not a huge surprise to anyone who has an e-mail account.The story is particularly timely, though, given that 3Sharp will be making a phishing-related announcement later this week; I'll have more to say later in the week.
Message tracking is an immensely useful Exchange feature that makes it simple to see each place where an inbound or outbound message was touched by an Exchange component. Mark Arnold had a good post back in August about some nifty message tracking tricks you can do with the set-transportServer task, but he left out the most important one (IMHO): how do you turn on subject-line tracking?
I meant to blog this a few weeks ago, but I forgot. Thankfully, Outlook 2007's To-Do Bar helped remind me, as I'd flagged it for followup. One of the most common questions I see from people who have just installed Exchange 2007 for the first time involves the hub transport role's behavior when receiving Internet e-mail. Wonder why it's rejecting your messages? Wonder no more; Bharat has a good explanation.
I get some of the best stuff in my press release feeds! Today's winner is a release from the Visa Bureau, an independent visa agency that makes its living from helping people emigrate. Anyway, the release points out that Australia has added network security, Siebel, SAP, J2EE, C#, and Java skills to the Migration Occupations in Demand List (MODL) (along with boilermakers, panel beaters, pastry cooks, and welders).
Kerry Thompson just posted a solid article exploring the pros and cons of getting a CISSP (Certified Information Systems Security Professional) certification. The CISSP curriculum is demanding, that's for sure; Thompson presents some good arguments both pro and con. (His final take: if you want more money, get an MCSE or CCNA :))
A good question over on the Exchange 2007 TechNet forums: where is the Exchange 2007 version of loadsim? The answer is simple: you can't have it yet :) There is a new Exchange 2007 version of loadsim, codenamed "Swordfish". The comments here say that Swordfish will ship about the same time as Exchange 2007. However, you're not out of luck in the meantime.
Ha! You probably thought I was never going to post about a non-technical topic again. Surprise! David and I went home teaching the other day. When he turns 12 and is ordained to the Aaronic Priesthood, he'll probably be assigned as my regular home teaching companion, and I can't wait! That's why I took him with me.
Joel Oleson has an interesting post on the differences between Exchange public folders and email-enabled lists in WSS v3/MOSS. He was kind enough to point to my column discussing migration tools, too. I pointed out Joel's post for a simple reason.
For my inaugural podcast, I thought I'd talk about how Exchange 2007 Unified Messaging servers answer the phone, and what has to happen in order for everything to go smoothly. Enjoy! (It's in AAC format only for now until I can dig up a decent MP3 converter...)
Now here's something I'm looking forward to playing with: a Windows-based IP PBX! 3CX offers two versions: the free version and an enterprise version. It looks like the primary differences between the versions are that the enterprise edition has product support and will have Exchange integration, although they don't specify how it will integrate with Exchange. I've got a query in to the PR folks who sent me the release, and I'll post the answer I get.
At the Tokyo Game Show, Microsoft made a couple of huge announcements about the Xbox 360. First, they announced some new games for the Japanese market, where the Xbox family has traditionally been pretty weak. They announced some excellent new Xbox Live Arcade titles, too, including Gyruss, Rally-X, and Track & Field. Konami and NAMCO BANDAI have really jumped on the potential of XBLA; Konami alone had three or four titles released just within the last couple of months.
When your Exchange unified messaging server logs event ID 1082, what do you do?
The first step in answering this question is understanding what event ID 1082 means. The error message itself is pretty clear: "No Hub Transport server available to process header file C:\Program Files\Microsoft\Exchange Server\UnifiedMessaging\voicemail\70683b04-5e47-4d24-a143-1cf331a4f121.txt.". If you look in the referenced directory, you'll probably find a bunch of pairs of files, with each pair consisting of a .wav file that contains the actual voicemail plus a .txt file that contains routing information.
This may be one of the funniest things I've ever seen: an old-school classroom instructional video on how to properly talk like a pirate.
All sorts of folks are calling for restrictions on camera phones. Some propose legislative remedies, while others just want the phones banned from their facilities.
I'm getting ready to launch (or, more properly, relaunch) my podcasts, so I added the MTEnclosures plugin and one of my favorite dance songs as a test.
I've seen several queries in various fora about using Entourage with Exchange 2007. I've been using it for a while and have had absolutely no problems. There are a couple of issues to be aware of, though.
My main man Dave Goldman just released a new version of his extremely useful oabinteg tool. Oabinteg is very useful for identifying problems with the offline address book generation process; I used it (along with some helpful suggestions from Dave) to pinpoint a problem with OABs with Exchange 2007 against an Office 2003 client running on Vista RC1. Most admins find that OAB generation just ticks along in the background, never calling attention to itself; however, it never hurts to run oabinteg to see what's happening under the covers.
Last fall, I had a lot of fun writing a "top 10" list of availability principles and tips for Exchange. Part of the fun was that I got to work with fellow Exchange MVPs Ben Winzenz and Chris Scharff, along with some other cool folks at MessageOne. The list came out as a nifty little pocket guide, printed on heavy glossy paper with a slick cover. MessageOne was giving them out at various trade shows. Turns out that now Windows IT Pro is making the guide available too as a download (registration is required.) You might also find some of these other whitepapers interesting, too.
I thought I'd blogged about this before, but apparently not. I've gotten a few questions at roadshow events about how the Exchange Unified Messaging server role scales. Now, it's not entirely fair to ask scalability questions about products that are still in beta because the answers are almost guaranteed to change (and hopefully for the better). However, in discussions with Microsoft's Michael Khalili, I understand that the current guideline is that a single server should be able to handle 80-100 concurrent calls (the direction doesn't matter, whether inbound or outbound). If you co-locate the UM role on another server, you may be able to handle fewer calls, but as with so many other scalability questions, the ultimate answer is "it depends".
Observationally, I've been able to easily handle 4-5 concurrent UM calls on a 32-bit VM running as a UM / mailbox / CAS / hub transport server. I'm sure once Microsoft IT rolls out Exchange UM across the company they'll be publishing one of their nifty "IT Showcase" white papers that describes in detail what their architecture looks like.
Update: forgot to mention Michael Wilson's excellent post on the number of users you can put onto a UM server.
On Friday, I posted that I was starting to experiment with Naturally Speaking. The results are in: here's my first post written using NS.
This is the only current book that covers Live Communications Server 2005. Fortunately, it's a good introduction. Joe Schurman has written a readable, useful book that covers much of what you need to know to install and manage LCS, even if you are fairly inexperienced. The book assumes medium familiarity with Active Directory, and it helps if you have some Windows admin background.
I just bought Dragon Naturally Speaking and was eager to try it, then I had second thoughts: what if it doesn't work well with Office 2007? I installed it anyway. Unfortunately, despite what Marc says, in my initial tests performance was quite poor. This may be because I was running it in Parallels on my MacBook Pro. However, other people seem to be pleased with its performance in Parallels. I'm going to try it on the Thinkpad tonight and see if it's any better. If not, back to Amazon it goes.
Two years ago, I wrote a Troubleshooter Q&A about turning on read receipts in OWA. I just noticed the reader comments, which aren't very nice; they complain that I didn't actually include a description of how to do it for Outlook. (In fairness, if you search for "Outlook force read receipt" my article comes up near the top.)
So, the answer: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Preferences\ReadReceipt, a REG_DWORD, controls this. Set it to "1" and Outlook will request a read receipt for every outbound message. Problem solved!
I was working on a project that involved a unified messaging server, and I wanted to find out which users had been enabled for unified messaging. I thought this would require me to use the get-user cmdlet and search for a particular attribute, but it turns out to be easier than that. All I needed was get-UMmailbox. Unfortunately, it doesn't work as documented-- I was expecting get-UMMailbox to give me a list of only those mailboxes that were enabled. However, I only wanted the enabled ones, so a quick get-ummailbox | where {$_.UMenabled -eq $true} promptly gave me what I wanted:
Ryan IM'd me to ask where the Exchange SMTP pickup directory went in Exchange 2007. Good question; it did indeed move, as part of the overall move away from the IIS core services that Exchange 2000 and Exchange 2003 used. The Exchange 2007 pickup directory defaults to c:\program files\microsoft\exchange server\transportRoles\pickup. (Note the space in "Exchange Server" and the lack of one in "transportRoles"). Drop your message in there and away you go. You can also use the Set-TransportServer cmdlet to set some pickup-related parameters, including where the directory is and what size messages it can accept.
Did you know that you can get the Exchange Intelligent Message Filter (IMF) to use per-server gateway thresholds? If not, don't feel bad; lots of other admins don't know that either. Evan Dodds blogged this in September 2004; he recently mentioned that he wasn't aware of any other place that this setting was documented, so I decided to give it a freshness bump because there are still lots of people who apparently don't know about it.
I was surprised to see a letter to the editor in this month's Windows IT Pro complaining about the magazine's lack of Notes and Domino coverage. The writer is right; I don't think I've ever seen an article about Notes or Domino in the magazine, and I've been reading it since it launched 10 years ago (and writing for it nearly that long!) (And occasionally, when I mention Domino or Workplace, everyone complains...)
I recently spoke with my editors at Windows IT Pro, Anne Grubb and Amy Eisenberg. We were talking about future topic ideas, and I suggested a few things that I'd love to see the mgaazine cover in more depth.
One example: which Linux distro is the "best" replacement for Windows? e.g. if you wanted to replace your mom's Windows desktop with Linux, which version would cause the least upset? Many distros include Windows-like features, some of which induce subtle feelings of wrongness because they're almost-but-not-quite exact copies. Others are radically different.
Via Jack Dausman, news that IBM's released the first public draft of their redbook on migrating from Exchange 2003 to Domino. It probably deserves a book review, but I don't know if I'll have time to get to it for a while yet.
Nathan Breskin-Auer has a great summary of the "light" version of Outlook Web Access 2007 at the Exchange team blog. I'm disappointed that there isn't a Tasks module in OWA light, since I use both tasks and Macintoshes heavily.
I'm also disappointed that Microsoft isn't going to certify OWA Premium for use with Firefox. This may seem odd, given that I'm not a huge Firefox fan. I understand that it's a resource issue; the OWA team chose to spend their efforts on adding features instead of adding support for a browser that is lightly used (if at all) within their target customer base. However, not shipping Firefox support is bad for three reasons:
- it belies the power of OWA's AJAX implementation, which would work well with any modern AJAX-capable browser.
- Microsoft's competitors (including Domino Web Access, Zimbra, and Scalix) support Firefox
- The education / university market has lots of Firefox adoption, and it's also a market that Microsoft's trying to crack
Maybe for SP1? Of course, the program team's answer is likely to remain the same: "when we see customer demand". Fair enough.
The current version of Entourage doesn't provide any way to set out-of-office status on an Exchange server. That's not a huge problem, since you can use Outlook Web Access (or even Outlook) to change your OOF status and message. However, I just found this nifty app that lets you natively set your OOF status and message from your Mac desktop. Unfortunately, I haven't yet gotten it to work-- good thing I'm not going out of the office for a while.
Reader mail from Mike in Canada:
I’ve read your articles for years and they’ve always provided me with invaluable timely information. I have a quick question about the “Messaging and Security Feature Pack for Windows Mobile 5”. This seems to be a hard feature pack to find good information about. Microsoft doesn’t seem to have a download for it so I assume it must come with a Windows Mobile 5 Device that has a version after 148xx.2.x.x. My organization is about to get the latest Motorola Q’s from Bell Mobility in Canada. Apparently the Q’s that Bell have support the messaging and security feature pack for Windows Mobile 5 but I don’t really have any good information on it. This article is supposed to step me through the process of getting Windows Mobile devices working with Exchange SP2. Step 7 in this article tells me to install the Exchange ActiveSync Mobile Administration Web tool but I’ve never seen that tool (I’m guessing it comes with the feature pack).I have an ISA 2004 server and I already have active sync working for older Windows Mobile devices but I’m very interested in the new live sync “direct push” technology so I’m trying to get as educated as I can before my new devices arrive from my provider. I don’t even know if the new “direct push” requires me to change my publishing policy in ISA Server as I can’t find information on that topic either (I used the wizard in ISA server to publish Exchange active sync over SSL for my older devices). Can you direct me to some more information and let me know if the feature pack is downloadable?
This was perhaps one of the most enlightening books I've ever read, in two senses. The first is that it taught me a great deal about Amish culture. I'm probably not alone in that I knew very little about the Amish beyond what I saw in Witness. For example, I didn't know that there are multiple sects of the Amish faith-- each congregation can create its own ordnung, or set of rules, and different congregations have different rules about what kinds of interactions with the outside world are permitted, discouraged, or outright forbidden. (I also didn't know that bishops are chosen by lot from the congregations, and that they serve for life-- yikes!)
The second way this book enlightened me is to give me a further testimony of the importance of the family. Although Amish doctrine differs in many ways from LDS doctrines, one attitude shared by both is that moral standards aren't prison bars that keep people in-- they're more akin to a picket fence that helps separate what should be an enclave of love from negative influences in the outside world.
Shachtman is careful not to describe rumspringa as a period when teens are encouraged to go out and do things that violate the tenets of their faith, although many of them do. However, overall the Amish church has a very high retention rate-- north of 90% by most estimates. He includes interviews with a few people who've left the church; some are glad, and some are not. He also intersperses comments from scholars who study Amish culture, which provides a welcome third-party perspective. If this book has any flaw, it's that writing an entire book based on interviews leads to a disconnected prose style composed mostly of pasted-together quotes. Once I got used to it, though, I was fascinated by what I learned. Highly recommended.
My friend Ken is an anesthesiologist (and a professional photographer, but I digress.) Last night, we were talking, and I mentioned that I was heading to Boston for a quick trip. He said he was a little envious of my travel schedule, and I told him that there wasn't really anything to be envious of. Here's the proof in the form of my day's schedule:
As part of my grand unified communications adventure (more on which later), I needed to get reverse number lookup (RNL) working with LCS. RNL is a simple concept: when you get a phone call from extension 1001, you want your computer to identify the caller as John Smith, not as '1001'.
Communicator looks up numbers using one of two sources:
- the address book produced by the Address Book Service on the LCS server; this is generated daily from whatever you've got in Active Directory.
- contacts in the user's local Outlook address book (or Windows address book)
When you place a call to a Communicator user, the PBX sends a CSTA message that includes a device identifier, like this:
<deviceIdentifier>tel:1001; phonecontext=pbx.litware.com</deviceIdentifier>
(or maybe <deviceIdentifier> tel:+16175552702;ext=52702</deviceIdentifier>
Communicator will try to match the device identifier against one of the numbers it can see in the address book or the Outlook contact. If it matches, it displays the caller info; if not, you just get the number. You can add this information manually, but the preferred way to do this is to put the callers' numbers into a multivalued attribute called proxyAddresses. However, we were in somewhat of a hurry. The simplest solution for us was to add the "TEL" URI of the associated extension into the "home" phone number field of each user object. This would more sensibly be done by a script, but for our lab environment, which only has a handful of extensions, it was a quick solution.
I'm a huge fan of the Exchange team's blog because it includes a wealth of technical information that you can't find anywhere else. They don't waste a lot of time with marketing fluff, and the folks who post there run the gamut from product support to developers to product managers. The Unified Communications Group at MS recently launched their own blog, which I hope will live up to the same standard.
Since I'm used to seeing my byline in print magazines, I don't usually get too excited about it. However, I was surprised (and pleased!) to see that the Solution Accelerator for Exchange Consolidation and Migration won an Honorable Mention in Windows IT Pro's Readers' Choice awards. This is especially cool because it was a write-in nomination! Missy Koslosky, Devin Ganger, and I worked really, really hard on this guide, and it's great to see that it's been useful to people.
Argh. This bit me, even though I knew better. I set up a managed custom folder, created a folder policy for it, and waited patiently for the folder to appear in a user mailbox. It didn't. Why? Because I hadn't set a schedule for the managed folder assistant, that's why. Fortunately, a quick run of start-ManagedFolderAssistant solved the problem.
