Category Archives: General Stuff

I’m facing a conundrum. The book must be finished by 12/31. Although I have early access to the Exchange Intelligent Message Filter, if I write about it now it’s likely to change before the book hits the shelf; this is obviously bad. What I’ve decided to do is mention it in the book, limiting myself to talking about what’s already been publicly disclosed by MS. Then I’ll write some material that describes it in more detail. That material will appear here, either as a bonus chapter for folks who buy the 2003 book or as a separate e-book. That way I can provide fresh material without getting in trouble with the PMs for the IMF or slipping the book any further.

There are twenty chapters and three appendices. The first fifteen chapters (plus two appendices) have been written and submitted; several have already come back for author review. Of the remaining material, there are two new chapters written by contributors (one on archiving by Joshua Konkle of KVS, one on legal issues by Jay Friedman of Piper Rudnick) on the way, one revised chapter, and two new chapters (including one on Outlook Mobile Access/Exchange ActiveSync security issues) that I still have to write. Deadline: 12/31. Wish me luck!

I managed to miss this, but Microsoft Press has a book out on VPN deployment with Windows Server 2003: Deploying Virtual Private Networks with Microsoft Windows Server 2003 Technical Reference. I haven’t read it yet, but it was written by two Microsoft PMs (including the guy who owns the network quarantine feature), so I expect it’s pretty good. Network quarantine is an interesting feature, but no one seems to really understand how to make it work. I’ve asked my editors for a courtesy copy and will post a review once it arrives and I read it.

Technically this has nothing to do with security, but it’s cool: Snerdware’s GroupCal lets you see and share calendar information between Exchange 2000/2003 servers and iCal users. This essentially makes iCal act just like Outlook’s native calendar client. I haven’t tried it yet, but I’m about to install it on my wife’s iMac and we’ll see how it works.

From KB 831464:

n Microsoft Windows Server 2003 running Microsoft Internet Information Services (IIS) 6.0, static files that are compressed using gzip may become corrupted and may include content from other files on the Web server. If this behavior occurs, the page that is returned to the client is not rendered correctly. An access violation may also occur.

Translation: if you turn on Gzip compression for use with OWA 2003, your IIS server may get hosed. This patch fixes the problem.

I had a nice meeting with some technical folks from Aelita this morning. Among other things, I learned that they’ve released a free tool to help automate finding and fixing the CDO heap corruption problem (described in KB article 823343) that can occur when Outlook 2003 clients access mailboxes that are later used by CDO-based utilities or tools.

Over on the other blog I discuss some pitfalls in getting Panther to synchronize contacts with Exchange 2000/2003 via WebDAV. It mostly works…

I’ve just turned in the first 10 chapters of Secure Messaging with Exchange 2003. That means I’m halfway done. The current milestone date for 100% completion is 12/15, which would put the book on store shelves in late February, just about a year after the first book.

This is what happens when you don’t have an appropriate retention policy:

A little browsing and up pops a piece of e-mail from an Enron employee complaining about a mother-in-law: “the most selfish person on Earth.” Another contains decades-old photos of former chief executive Jeffrey K. Skilling, sent him by his Beta Theta Pi fraternity brothers. A piece of e-mail written by a woman in Portland, Ore., asks an Enron energy trader, “So … you were looking for a one night stand after all …?”

The complete database is here. Don’t let this happen to you!

Evan Marcus and Hal Stern wrote the best introductory book on high availability, Blueprints for High Availability, back in 1999. It’s an easy-to-read but detailed explanation of how to design and plan HA systems. I just found out today that they have a new second edition, just published. If you care about designing reliable, redundant, or resilient systems, get this book.

While perusing the PVRBlog, I came across an excellent Exchange blog maintained by William Lefkovics, Neil Hobson, and Chris Meirick. It has a ton of good content and is more regularly maintained than my site. It now has pride of place in my RSS aggregator. Keep up the good work, guys!