Security – Page 2 – flaphead.com

Virus Scanning and Exchange 2007 Message Flow

October 8, 2008 by ucinfo, posted in Exchange, Flaphead, MsExchange, Security

I have been wanting to post this for a while, but you know how things are … comments and views please ..

Message flow within an Exchange Server 2007 organization is based on the server roles. In a single AD site, all messages flow between the Mailbox and Hub Transport server roles.

1.1.1 How messages flow within a single site

When a user sends a message to a user who has a mailbox on an Exchange server in the same Active Directory site, the following steps occur:

1. If the user is using a MAPI client such as Outlook, the message is submitted to the computer running the Mailbox server role.

2. The message is forwarded to a computer running the Hub Transport server role using a MAPI connection. The Hub Transport server applies transport rules, expands any distribution lists, and determines where to route the message

3. The message is routed to the Mailbox server and the client is notified that the message has arrived.

4. Outlook Web Access and Exchange ActiveSync always connect to the Client Access server role and submit messages through the Client Access server role. After the message is submitted, the message flow continues as described previously.


Figure 1: Steps 1 to 3	Figure 2: Step 4

1.1.2 How messages are routed to the Internet

5. If you have deployed an Edge Transport server, all messages sent to the Internet or received from the Internet are passed through the Edge Transport server. For outbound messages, the computer running the Hub Transport server role forwards the messages to the computer running the Edge Transport server role, which applies transport rules and filtering for outbound e-mail, and then forwards the messages to the Internet. Inbound messages are sent to the Edge Transport server, which applies message filtering, and then forwards the messages to the Hub Transport server

Figure 3: Step 5

1.2 Anti Virus Scanning

Exchange 2007 can virus scan messages on an Exchange 2007 server with either a Mailbox or Hub Transport role installed.

1.2.1 Exchange Server-based solutions.

Microsoft recommends that you install server-side antivirus software on every Mailbox server and Hub Transport server in your organization. On Mailbox servers, antivirus software scans mailbox and public folder databases. On Hub Transport servers, antivirus software scans messages as they are sent between users. You also can deploy spam filters on Hub Transport servers to filter messages for spam sent inside your organization.

1.2.2 Exchange Server 2007 Antivirus Features

Viruses often spread between organizations via e-mail. By stopping all messages that contain viruses at your messaging environment’s perimeter, you can better protect your organization. If infected messages get into the organization, it is important that the virus is detected as soon as possible. To achieve this goal, Exchange Server 2007 includes the following virus protection improvements:

Continued support of the Virus Scanning API (VSAPI). In Exchange Server 2007, Microsoft has maintained support for the same VSAPI used in Exchange Server 2003. This VSAPI will be used by any antivirus software that runs on Mailbox servers.
Use of transport agents to filter and scan messages. Exchange Server 2007 introduces the concept of transport agents, such as the attachment filtering agent, to reduce spam and viruses. By running attachment filtering on the Edge Transport or Hub Transport servers, you can reduce the spread of malware attachments before they enter the organization. Additionally, third-party vendors can create transport agents that perform virus scans. Because all messages must be passed through a Hub Transport server, this is an efficient and effective means to scan all messages in transit inside the organization.
Use of antivirus stamping. Antivirus stamping reduces how often a message is scanned as it moves through an organization. After a message has been scanned once, the message is stamped with information that specifies the version of the antivirus software that performed the scan and the results of the scan. This antivirus stamp travels with the message as it is routed through the organization, and also is used to determine whether additional virus scanning must be performed on a message.

1.3 What to scan?

If you are using Exchange 2007, with no external access to OWA or Outlook, and you have desktop antivirus software, then it is reasonable to only virus scan on servers with the Hub role.

Only scanning on Hub servers will not prevent a virus being saved into a mailbox, but will protect from its proliferation around the messaging system.

If however, a client can access a server from outside an organisation where you cannot verify the client will have antivirus software, then you should install antivirus on mailbox role servers too.

Virus scanning on a mailbox role will increase the memory and CPU usage of a server.

A Month in Exchange: October 2008

October 2, 2008 by ucinfo, posted in A Month in Exchange, Exchange, Flaphead, MsExchange, Security

Well this is the summer gone for good now and only 83 days until Christmas!

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
New Downloads available in September 2008

Microsoft Forefront Security for Exchange Server with SP1 Documentation
Forefront Security for Exchange Server SP1 integrates multiple scan engines from industry-leading security firms into a comprehensive, layered solution, helping protect your Microsoft Exchange Server messaging environments from viruses, worms, spam, and inappropriate content.

This new release provides support for Exchange Server 2007 SP1 and Windows Server 2008, as well as content filtering and manageability enhancements. These enhancements include:

Seamless support for organizations running IPv6.

Improved content filtering with installable keyword lists that can be used to eliminate email containing profanity in eleven supported languages.

Improved integration with Microsoft System Center Operations Manager through new management packs that allow administrators to proactively monitor the state of their Exchange 2007 protection.

Increased flexibility for scanning or blocking high compression zip files and RAR archives.
http://www.microsoft.com/downloads/details.aspx?FamilyID=5cd4e36e-2dab-44d6-990e-3b8184b1cb1b&DisplayLang=en

Microsoft Antigen 9 with SP1 Readme
The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.
http://www.microsoft.com/downloads/details.aspx?FamilyID=7793ba73-50c0-4e07-9cd9-211558cbd890&DisplayLang=en

Microsoft Exchange Server ActiveSync Web Administration Tool .. for Exchange Server 2003 and Exchange Server 2007
The Exchange Server ActiveSync Web Administration tool is designed for administrators who want to manage the process of remotely erasing lost, stolen, or otherwise compromised mobile devices.
http://www.microsoft.com/downloads/details.aspx?FamilyID=e6851d23-d145-4dbf-a2cc-e0b4c6301453&DisplayLang=en

Unify – Successfully Migrating Lotus Notes Applications to Microsoft Platform
http://www.microsoft.com/downloads/details.aspx?FamilyID=657651ec-a7c3-4de0-9d89-a83f26902686&DisplayLang=en

Quest Software – Lotus Notes Transition to Microsoft Exchange and Sharepoint
http://www.microsoft.com/downloads/details.aspx?FamilyID=2c06b5a4-5fcc-4185-95e0-77263d793f20&DisplayLang=en

Binary Tree – Solutions to Reduce the Costs, Efforts, and Risk of Moving from Notes to Microsoft Platform
http://www.microsoft.com/downloads/details.aspx?FamilyID=985c9aef-a494-46d3-a562-ab208b82e745&DisplayLang=en

Business Productivity Infrastructure Optimization (BPIO) University 2009 Instructor-led Training Collateral for Collaboration Track
Training Collateral for Delivering Business Productivity Infrastructure Optimization (BPIO) University 2009 Collaboration Track.
http://www.microsoft.com/downloads/details.aspx?FamilyID=5540d63f-11cd-4c45-8a8b-f400e8eed91b&DisplayLang=en

Microsoft Antigen SP1 Documentation
The Messaging Security Suite includes Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager, and provides server-level protection against the latest e-mail threats.
http://www.microsoft.com/downloads/details.aspx?FamilyID=7d00160e-4d15-4459-98a3-89f393ac008e&DisplayLang=en

EMEA case study resources
Word and PowerPoint for GCRP programme
http://www.microsoft.com/downloads/details.aspx?FamilyID=76cb47e0-546a-4212-9b4a-c58959427b0d&DisplayLang=en

Migrate to Microsoft Online Services
This document describes how to migrate your on-premise Exchange Server mailboxes and POP3 and IMAP4 mailboxes to Exchange Online.
http://www.microsoft.com/downloads/details.aspx?FamilyID=25350815-5c57-441a-b7fb-329ff5fe14b3&DisplayLang=en

Microsoft Online Services Sign In Tool (RC2)
Service Client application that enables single sign-on to Microsoft Online Services. With this tool, users can configure Outlook, IE and LiveMeeting, then use it logon to the licensed, hosted applications subscribed on Microsoft Online Services.
http://www.microsoft.com/downloads/details.aspx?FamilyID=01f6c0e4-f897-442a-8462-425f8edddad9&DisplayLang=en

Microsoft Exchange Server 2007 Protocol Documentation
The Microsoft Exchange Server 2007 Protocol technical documentation set provides technical specifications for Microsoft protocols, and Microsoft extensions to industry-standard or other published protocols that are implemented and used in Microsoft Exchange Server 2007.
http://www.microsoft.com/downloads/details.aspx?FamilyID=a9aae935-ad23-4117-a3d9-9ed6093d6d7f&DisplayLang=en

Microsoft Exchange Server 2007 Standards Documentation
The Exchange Server Standards Documents provide information about Exchange 2007 support for industry messaging standards and Requests for Comments (RFCs) related to iCalendar, IMAP4, and POP3.
http://www.microsoft.com/downloads/details.aspx?FamilyID=6fa94dc9-d4b6-402b-8c22-8a52acea2284&DisplayLang=en

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Exchange 2007 Technical White Paper Updates in September 2008

White Paper: Continuous Replication Deep Dive
This white paper provides the technical details for a technology in Microsoft Exchange Server
2007 called continuous replication.
Topic Last Modified: 2008-09-16
http://technet.microsoft.com/en-us/library/cc535020(EXCHG.80).aspx

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Webcasts showing at a desktop near you in October 2008

What is a labcast? An online presentation with guided video demonstrations where you also get the chance to perform these same exercises on your own hands-on virtual lab that we provide during the session. As you face challenges in your lab, our instructors virtually take control of your lab to guide you through the tasks, giving you experience-based knowledge on the Microsoft product or topic. (There are no live instructors if you are watching an on-demand version.)

Thursday, October 02, 2008 – TechNet Labcast: Exchange Server 2007 (Part 1 of 5): Installing Service Pack 1 and Transitioning from Exchange Server 2003 to Exchange Server 2007 (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390065%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Friday, October 03, 2008 – TechNet Labcast: Exchange Server 2007 (Part 2 of 5): Configuring an Edge Server and Compliance and Retention Using Exchange Server 2007 RTM (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390067%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Wednesday, October 08, 2008 – MSDN Webcast: 24 Hours of Windows Mobile Application Development: Using Pocket Outlook Data Inside a Managed Application (Level 300)
Windows Mobile devices ship with Microsoft Pocket Outlook. To limit the amount of data that is stored on Windows Mobile devices and to provide users with a consistent user interface when dealing with Personal Information Manager (PIM) data, you must frequently make use of Pocket Outlook functionality inside your own managed application. In this sample-filled webcast, we show you how to retrieve, use, and store PIM data inside your own managed applications through the Windows Mobile Managed APIs that ship as part of the Windows Mobile 5.0 and Windows Mobile 6 software development kits (SDKs).
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032389578%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Thursday, October 09, 2008 – TechNet Labcast: Exchange Server 2007 (Part 3 of 5): Managing and Administering Exchange Server 2007 Using the Management Console and Management Shell (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390213%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Friday, October 10, 2008 – TechNet Labcast: Exchange Server 2007 (Part 4 of 5): Configuring Unified Messaging and Enabling Remote Client Access (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390227%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Wednesday, October 15, 2008 – MSDN Webcast: 24 Hours of Windows Mobile Application Development: Interoperability Between Managed and Native Code (Level 300)
Even though the Microsoft .NET Compact Framework 3.5 contains a lot of functionality, sometimes it is unavoidable to call back (P/Invoke) into native Win32. In this webcast, we show you the basics of P/Invoke. In the second part of this webcast, we show how you can use existing COM objects inside your managed applications. Of course, both P/Invoking into native code and using COM objects inside managed applications are illustrated by a number of code samples.
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032389650%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-D
F595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Thursday, October 16, 2008 – TechNet Labcast: Exchange Server 2007 (Part 5 of 5): Using Local Continuous Replication and Cluster Continuous Replication (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390228%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Friday, October 17, 2008 – TechNet Labcast: Exchange Server 2007 (Part 1 of 5): Installing Service Pack 1 and Transitioning from Exchange Server 2003 to Exchange Server 2007 (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390066%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Thursday, October 23, 2008 – TechNet Labcast: Exchange Server 2007 (Part 2 of 5): Configuring an Edge Server and Compliance and Retention Using Exchange Server 2007 RTM (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390229%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

Friday, October 24, 2008 – TechNet Labcast: Exchange Server 2007 (Part 3 of 5): Managing and Administering Exchange Server 2007 Using the Management Console and Management Shell (Level 200)
http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMedia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%221032390236%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-4225-BA42-DF595171F04C%22%2f%5e%7earg+Name%3d%22lang%22+Value%3d%22en%22%2f%5e%7earg+Name%3d%22cr%22+Value%3d%22US%22%2f%5e%7esParams%5e%7e%2fsParams%5e%7e%2fCMTYDataSvcParams%5e

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Documentation updates for September 2008
Topic Last Modified: 2008-08-20

New Content

Troubleshooting Public Folder Free/Busy Information Issues

Updated Content

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Documentation updates for October 2008
Topic Last Modified: 2008-09-16

Updated Content

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
New KBs in September 2008
New means they appear in KB as Revision 1.0!
Exchange 5.5: http://kbalertz.com/Technology_55.aspx
Exchange 2000: http://kbalertz.com/Technology_53.aspx
Exchange 2003: http://kbalertz.com/Technology_313.aspx
Exchange 2007: http://kbalertz.com/Technology_515.aspx
Forefront For Exchange: http://kbalertz.com/Technology_523.aspx

September 22, 2008
946926 The logon process is unsuccessful and you receive a “MAPI_E_FAILONEPROVIDER (0x8004011D)” error message in an Exchange Server 2003 environment

September 12, 2008
954389 Error message when you try to access Outlook Anywhere on an Exchange Server 2007 Service Pack 1 computer that is running Windows Server 2008: “The connection to Microsoft Exchange is unavailable”

A Month in Exchange: September 2008

September 2, 2008 by ucinfo, posted in A Month in Exchange, Exchange, Flaphead, MsExchange, Security

So thats it, summer is over and the clock go back very soon. And from today you it’s only 113 days until St. Nic visits your house!

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
New Downloads available in August 2008

Microsoft Exchange Server 2007 Protocol Documentation
The Microsoft Exchange Server 2007 Protocol technical documentation set provides detailed technical specifications for Microsoft protocols and extensions to industry-standard or other published protocols that are implemented and used in Microsoft Exchange Server 2007 to interoperate or communicate natively with Microsoft Office client and other server products.

The documentation set includes a set of companion overview and reference documents that supplement the technical specifications with conceptual background, overviews of inter-protocol relationships and interactions, and technical reference information.
http://www.microsoft.com/downloads/details.aspx?FamilyID=a9aae935-ad23-4117-a3d9-9ed6093d6d7f&DisplayLang=en

Exchange System Manager for Windows Vista
This download will allow installing and operating the Exchange System Manager for Microsoft Exchange Server 2003 on Windows Vista OS
http://www.microsoft.com/downloads/details.aspx?FamilyID=3403d74e-8942-421b-8738-b3664559e46f&DisplayLang=en

Microsoft Exchange Server 2007 Service Pack 1 Help
The Exchange Server 2007 SP1 Help can help you in the day-to-day administration of Exchange. Use this information to guide you through Exchange Server 2007 SP1 features, tasks, and administration procedures.
http://www.microsoft.com/downloads/details.aspx?FamilyID=5eb0f9a0-2c49-4f2a-8a09-b981ed667821&DisplayLang=en

Microsoft Online Migration Toolkit
Sample migration planning materials including: project plan, communication plan, tracking spreadsheet, procedures, e-mail templates, Known Issues and FAQ.
Sample e-mail migration planning materials
http://www.microsoft.com/downloads/details.aspx?FamilyID=b4d668f4-26b0-4b3c-8b13-5e0275948257&DisplayLang=en

Microsoft Exchange Server 2003 Connector for Lotus Notes
The Microsoft Exchange Server 2003 Connector for Lotus Notes supports messaging and calendaring interoperability between Lotus Domino R5/R6 and Microsoft Exchange Server 2003 and Windows Server 2003 Active Directory. This tool replaces the Connector that ships with Exchange Server 2003 (including SP2), and includes several updates to support better message fidelity when routing email between Exchange and Domino, support of iNotes and Domino Web Access clients, enhanced Unicode support and reliability.
http://www.microsoft.com/downloads/details.aspx?FamilyID=d9f3a35e-1046-47b5-b09b-bda9de60cd9d&DisplayLang=en

Microsoft Exchange Server 2003 Calendar Connector for Lotus Notes
The Microsoft Exchange Server 2003 Calendar Connector for Lotus Notes supports the sharing of calendar free/busy schedules between Lotus Domino R5 and R6 and Exchange Server 2003. This tool replaces the Calendar Connector that ships with Exchange Server 2003 (including SP2), and is designed to be used with the Microsoft Exchange Server 2003 Connector.
http://www.microsoft.com/downloads/details.aspx?FamilyID=c14932a1-55f4-4256-af7e-617639d46024&DisplayLang=en

Microsoft Exchange Server 2003 Migration Wizard for Lotus Notes
The Microsoft Exchange Server 2003 Migration Wizard for Lotus Notes supports the migration of Lotus Domino R5 and R6 mailboxes and associated Domino directory information to Microsoft Exchange Server 2003 and Windows Server 2003 Active Directory. This tool replaces the Migration Wizard that ships with Exchange Server 2003 (including SP2), and includes improved retention of contents and Unicode characters during the migration from Domino to Exchange Server 2003.
http://www.microsoft.com/downloads/details.aspx?FamilyID=c105b3e4-3beb-4f1e-8f52-e345af6c3e50&DisplayLang=en

Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1
The Messaging API is a COM-like API that provides access to the contents of messaging stores. CDO 1.2.1 (Collaboration Data Objects, version 1.2.1) is a package providing access to Outlook-compatible objects through a COM-based API. Using either CDO or MAPI, a program can connect to a MAPI store, and then perform operations against that store. Starting with Exchange 2007, Microsoft will distribute the MAPI client libraries and CDO 1.2.1 as a Web download.
http://www.microsoft.com/downloads/details.aspx?FamilyID=94274318-27c4-4d8d-9bc5-3e6484286b1f&DisplayLang=en

Microsoft Exchange Server 2007 Service Pack 1 (SP1) SDK August 2008
The Exchange 2007 SP1 SDK August 2008 Documentation and Samples assists developers who are building applications for Exchange 2007 SP1. This release of the SDK provides new and updated information and sample code to help you develop collaborative enterprise applications for Exchange 2007 SP1.
The README file contains installation instructions for and late-breaking information about the Exchange 2007 SP1 SDK August 2008 Documentation and Samples.
http://www.microsoft.com/downloads/details.aspx?FamilyID=b6dd3f66-0c0c-41b1-b74a-a6eccb30767c&DisplayLang=en

Microsoft Solution for Hosted Messaging and Collaboration 4.5
HMC 4.5 brings together powerful Microsoft enterprise products such as Microsoft Exchange Server, Microsoft Windows SharePoint Services, and
now gives you Microsoft Office Communications Server 2007, which manages all real-time communications such as instant messaging (IM) and audio and video conferencing.
http://www.microsoft.com/downloads/details.aspx?FamilyID=c9cbbc69-4ae4-450d-af5e-f49e7c701cf4&DisplayLang=en

Microsoft Forefront Server Security Management Console Documentation
Forefront Server Security Management Console allows administrators to easily manage Forefront Security for Exchange Server, Forefront Security for SharePoint and Microsoft Antigen, providing a web-based console to centralize configuration and operation, automate the download and di
stribution of signature and scan engine updates, and generate comprehensive reports. Forefront Server Security Management Console also allows administrators to rapidly respond to outbreaks and update protection across enterprise deployments, improving organizational agility in responding to new threats. Through integration with Windows Server 2003 and Microsoft SQL Server, Forefront Server Security Management Console helps maintain reliability and performance of messaging and collaboration protection.
http://www.microsoft.com/downloads/details.aspx?FamilyID=ae4ce23b-9e1e-455c-87a4-36167fe43107&DisplayLang=en

EMEA case study resources
Word and PowerPoint for GCRP programme
– Shoprite
http://www.microsoft.com/downloads/details.aspx?FamilyID=76cb47e0-546a-4212-9b4a-c58959427b0d&DisplayLang=en

Collaboration Data Objects, version 1.2.1
CDO 1.2.1 (Collaboration Data Objects, version 1.2.1) is a package providing access to Outlook-compatible objects through a COM-based API. Using CDO, a program can connect to a MAPI store, and then perform operations against that store, including creating and processing calendar items, and resolving and handling mail recipients. Starting with Exchange 2007 and Outlook 2007, Microsoft will distribute CDO 1.2.1 as a Web download, separated from the two products.
http://www.microsoft.com/downloads/details.aspx?FamilyID=2714320d-c997-4de1-986f-24f081725d36&DisplayLang=en

Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1
The Messaging API is a COM-like API that provides access to the contents of messaging stores. CDO 1.2.1 (Collaboration Data Objects, version 1.2.1) is a package providing access to Outlook-compatible objects through a COM-based API. Using either CDO or MAPI, a program can connect to a MAPI store, and then perform operations against that store. Starting with Exchange 2007, Microsoft will distribute the MAPI client libraries and CDO 1.2.1 as a Web download.
http://www.microsoft.com/downloads/details.aspx?FamilyID=e17e7f31-079a-43a9-bff2-0a110307611e&DisplayLang=en

Microsoft Exchange 2007 Unified Messaging PBX Configuration Note for Cisco Call Manager 5.1
This PBX configuration note contains information about deploying Exchange 2007 UM with a Cisco Call Manager 5.1 using direct SIP connection. You can use it to help decide if Exchange 2007 UM is the appropriate solution for your organization.
http://www.microsoft.com/downloads/details.aspx?FamilyID=68b43d3c-7c84-4c2f-bfd7-98754970d70e&DisplayLang=en

Microsoft Exchange 2007 Unified Messaging PBX Configuration Note for Avaya Communication Manager 5.0
This PBX configuration note contains information about deploying Exchange 2007 UM with Avaya Communication Manager and SIP Enablement Services using direct SIP connection. You can use it to help decide if Exchange 2007 UM is the appropriate solution for your organization.
http://www.microsoft.com/downloads/details.aspx?FamilyID=588e8ad3-45d9-481f-8898-fb39de19882e&DisplayLang=en

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Webcasts showing at a desktop near you in September 2008

err None :-|

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
Documentation updates for July and August 2008

The following topics are new for August 2008:

Updated Content

The following topics have recently been updated for July 2008:

No updated stuff under Technical White Papers for Exchange Server 2007

#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
New KBs in July 2008
New means they appear in KB as Revision 1.0!
Exchange 5.5: http://kbalertz.com/Technology_55.aspx
Exchange 2000: http://kbalertz.com/Technology_53.aspx
Exchange 2003: http://kbalertz.com/Technology_313.aspx
Exchange 2007: http://kbalertz.com/Technology_515.aspx
Forefront For Exchange: http://kbalertz.com/Technology_523.aspx

August 26, 2008
950209 The From field is not displayed correctly when you use Outlook or Outlook Web Access to view a message

August 25, 2008
954578 Sender notifications are not sent in Forefront Security for Exchange Server Service Pack 1 if the “From” field in the original e-mail message header has multiple lines

August 22, 2008
953965 An e-mail message that you send is corrupted when the subject line of an attached e-mail message matches one or more file filters that you configured in Forefront Security for Exchange Server

August 21, 2008
956398 August 2008 cumulative daylight saving time (DST) update for Exchange Server 2003 SP2
952040 Microsoft Forefront Security for Exchange Server cannot block .wmv files that have had their file name extensions renamed
954934 Error message when you try to install Forefront Security for Exchange Server Service Pack 1 on an active node: “Failed to get CMS info GetMCSEVSInfo: An Active node of an Active/Passive cluster is found, but no match for the shared drive is found”

August 19, 2008
954577 The Start menu shortcut that points to Forefront for Exchange does not work in the German version of Windows Server 2008
951922 The FSCDiag.exe utility collects process ID and process information after you install Hotfix Rollup 3 for Forefront Security for Exchange Server Service Pack 1
954911 A scan job fails on a computer that is running Forefront Security for Exchange Server Service Pack 1
954942 You cannot collect data when you try to use the Forefront Server Security Management Console on an SCC cluster that has Forefront Security for Exchange with Service Pack 1 installed
952038 In Forefront Security for Exchange Server, the Reg_ForefrontSoftware.txt log file has missing carriage returns
954565 Nested .msg attachments are not detected as nested attachments in e-mail messages in Forefront Security for Exchange Server Service Pack 1
951920 Forefront Server Security Administrator stops responding if you try to close it when the License Information dialog box is open
955010 The FSCDiag.exe utility does not collect the correct data in Forefront Security for Exchange Server Service Pack 1
954907 E-mail messages are not sent when you are running Forefront Security for Exchange Server Service Pack 1
954093 The “Filter Lists” order is not updated on scan jobs if you delete a filter list and then re-create it by using the same name in Forefront Server Security Administrator
951931 No useful status information is displayed in the status bar when Forefront Security for Exchange Server updates the scan engine
951761 When you click About Forefront on the Forefront Server Security Administrator Help menu, the About Forefront dialog box does not show the rollup version information
953956 Forefront Security for Exchange Server incorrectly detects the Winmail.dat file as a CorruptedCompressedFile virus
954094 The FSCDiag.exe tool does not insert the engine version information into the VerForeFront.csv file when the tool is installed on a cluster in Forefront Security for Exchange Server
951936 The General Options page becomes blank in Forefront Security for Exchange Server Service Pack 1 when you use the TAB key to scroll to the end of the options page, and then you press the ESC key
951923 Forefront Security for Exchange Server selects an incorrect network name resource on an Exchange cluster group
954564 Error when Forefront scan engine updates fail because of a crash in the GetEngineFiles.exe process: “Watson Crash of GetEngineFiles.exe, Bucket ID [454637394]”
954561 You cannot update scan engines through a proxy on a computer that is running Forefront Security for Exchange Server
952039 If you have non-MAPI public folders in an Exchange Server organization, you cannot use Microsoft Forefront Security for Exchange to manually scan these public folders
954092 The engine update process is discarded if a download takes more than 5 minutes in Forefront Security for Exchange Server
954905 Forefront Server Security Administrator crashes when you click the Action drop-down list in the File or Keyword filtering page
951921 The FSCController service cannot start successfully if a corrupted .fdb configuration file is loaded
952833 Microsoft Forefront Security for Exchange Server incorrectly sends an e-mail message to the Critical Notification list during shutdown of the computer

August 5, 2008
951292 After you migrate from Lotus Notes to Exchange Server 2003, junk characters are displayed for the e-mail address in Outlook
954941 E-mail messages start to build into a queue, and the Fsctransportscanner.exe process uses a large amount of memory when Forefront Security for Exchange Server is running

August 4, 2008
924335 CDO time zone tables cannot be automatically updated from the registry values of the Windows operating system on Exchange Server 2003

August 1, 2008
953952 A mailbox server becomes intermittently unresponsive for one or more storage groups, and event ID 623 is logged in Exchange Server 2003

Microsoft AV Scan Engine Updating Issue

August 29, 2008 by ucinfo, posted in Exchange, Flaphead, MsExchange, Security

Interesting but Oooops! .. I like the note at the end “Microsoft will not be providing any hotfixes, engine updates, or program fixes to automatically correct this issue.”

Source: http://blogs.technet.com/fss/archive/2008/08/28/microsoft-av-scan-engine-updating-issue.aspx

Microsoft is aware of an issue with the Microsoft AV engine not updating on some installations of Antigen and Forefront Server Security products. Not all installations of the products are experiencing this issue, however all products may be affected.

The issue arose because the aveMicrosoft.dll in one of the Microsoft AV engine updates was marked as hidden, causing all subsequent updates to fail when attempting to delete this file. When that occurs, the engine is rolled back. This means that installations experiencing this problem are running with an outdated version of the Microsoft AV engine.

Forefront for Exchange SP1 Rollup 3 has been released

August 12, 2008 by ucinfo, posted in Exchange, Flaphead, MsExchange, Security

Just found this up on the Forefront blog http://blogs.technet.com/fss/archive/2008/08/11/forefront-for-exchange-sp1-rollup-3-has-been-released.aspx

Forefront for Exchange SP1 Rollup3 has been released. The fixes that are included with in Forefront for Exchange SP1 Rollup3 are as follows.

Prior to full publication of Forefront for Exchange SP1 Rollup3 we are making our customers aware that this release of Forefront for Exchange is now available. Please Contact Microsoft support if you would like to install Rollup 3 for Forefront.

Interesting that it is NOT actually released yet!

MS08-039: Which users are vulnerable to the OWA XSS vulnerability?

July 9, 2008 by ucinfo, posted in Exchange, Flaphead, MsExchange, Security

This makes an interesting read .. Found it up on the Security Vulnerability Research & Defense Blog

Today we released MS08-039 which addressed several XSS vulnerabilities in Microsoft Exchange’s Outlook Web Access component. While this is an update to be applied to the Exchange server, the clients who use OWA are the computers potentially at risk. We’d like to explain a little more about the vulnerability so that you can determine whether you or your organization are at risk.

OWA has two modes: OWA Light (or OWA Basic for Exchange 2003), and OWA Premium. In short, if OWA Light/Basic is used, you are vulnerable to the XSS vulnerability. You can tell whether OWA Light is used via the “Use Outlook Web Access Light” check box in OWA’s logon screen.

…

Security Update for Exchange Server 2003 SP2 (KB950159)

July 9, 2008 by ucinfo, posted in Exchange, Flaphead, MsExchange, Security

So we have a KB, Download and a Security Bulletin ;-)

NOTE: This also affects Exchange 2007, but is included in RU3 for Exchange 2007 SP1 and RU7 for Exchange 2007 RTM

Source: http://www.microsoft.com/downloads/details.aspx?FamilyID=e099c1d1-5af6-4d6c-b735-9599412b3131&DisplayLang=en

This update addresses the Microsoft Exchange Server vulnerability addressed in the Microsoft Security Bulletin MS07-026.

MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server could allow elevation of privilege
http://support.microsoft.com/kb/953747

Microsoft Security Bulletin MS08-039 – Important
http://www.microsoft.com/technet/security/bulletin/MS08-039.mspx

Executive Summary
This security update resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session. This security update is rated Important for all supported editions of Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerabilities by modifying the validation of HTTP session data within OWA. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update at the earliest opportunity.
Known Issues. Microsoft Knowledge Base Article 953747 documents the currently known issues that customers may experience when installing this security update

Affected Software
Microsoft Exchange Server 2003 Service Pack 2
Microsoft Exchange Server 2007
Microsoft Exchange Server 2007 Service Pack 1

Forefront Security for Exchange with a Hub Transport Role

August 8, 2007 by ucinfo, posted in Flaphead, MsExchange, Security

Just an update from my previous blog.

Computer Says no, well it actually still says

Could not start the Microsoft Exchange Transport service on Local Computer.
Error 1053: The service did not respond to the start or control request in a timely fashion.

I have opened a case with Microsoft and will keep you updated

Forefront Security for Exchange Server fails in a single copy cluster environment

August 7, 2007 by ucinfo, posted in Flaphead, MsExchange, Security

Doh, looks like the an old antigen issue has crept in.

Source: http://support.microsoft.com/kb/939365

Anyway, you should try an get this fix, as it’s a FULL installation, all 30ish MB

It gives you version 10.0.0701.0, which is later than rollup 1

Also looks like it might have fixed my issue with the Microsoft Exchange Transport service failing due to the FSEIMC service hanging

Event Type:    Error
Event Source:    Service Control Manager
Event Category:    None
Event ID:    7022
Description:
The FSEIMC service hung on starting.

Event Type:    Error
Event Source:    Service Control Manager
Event Category:    None
Event ID:    7001
Description:
The Microsoft Exchange Transport service depends on the FSEIMC service which failed to start because of the following error:
After starting, the service hung in a start-pending state.

I will keep you updated!

Forefront Server Security for Exchange 2007

July 9, 2007 by ucinfo, posted in Flaphead, MsExchange, Security

This is another product I have been playing .. found two great things.

First was this error my Hub Transport Server. It looks very much like Forefront caused this .. don’t know what or why, but still it’s a bit scarey!

This is my favorite. In the Forefront Server Security administrator I have specified the following under Scanner Update for the Primary network Update path:

file://engines$ Now check out what the application log says: Event Type:    Error Event Source:    GetEngineFiles Event Category:    Engine Error Event ID:    6014 Description: Microsoft Forefront Server Security encountered an error while performing a scan engine update.    Scan Engine: Kaspersky5    Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate/x86/Kaspersky5    Proxy Settings: Disabled    Error Code: 0x80004005    Description: An error occurred while checking if an update was available. Err this server is not connected to the internet, and you shouldn’t be getting the updates from it anyway!”