Exchange 2007 and Outlook 2007 using cached-mode is one of the most powerful marriages in the business software space. But like most marriages, it can be tough when the partners aren’t working together, or when one of them is having a secret affair with a particular spindle in your RAID set. As the Outlook gains weight and starts cheating with the RAID set more and more, things tend to break. Then you find out. Every time you try to see your kids, the Outlook 2007 tells you that she can’t let you see them because you were a bastard that didn’t take care of her (OST size) or the house (computer) and she will not let you see your kids until you start showing some responsibility, fix the house (defrag) and spend some more time with her (scanpst/scanost).

In all honesty, finding your Outlook OST, corruption the first thing in the morning can be very frustrating. Depending on the size of your OST, you might be waiting for hours for the scan to complete and your mailbox to be restored to its working state.

But what do the users generally get upset the most at? It’s that they feel helpless and can’t figure out how to fix their OST/PST. If it’s a frequently experienced problem, why is it not automatic? Vlad to the rescue.

First, you will now you’re in for a scanost journey when you get the following screen:

Microsoft Office Outlook Offline Folders

Errors have been detected in the file … Quit Outlook and all mail-enabled applications, and then use the Inbox repair tool (Scanost.exe) to diagnose and repair errors in the file. For more information about the Inbox repair tool, see Help.

 

The complaint is that there is no link to Scanpst.exe. Doing a file search on Vista also turns nothing up. Psst, here is a little secret:

On Vista x64:

C:\Program Files (x86)\Microsoft Office\Office12\SCANpst.exe

On Vista x32:

C:\Program Files\Microsoft Office\Office12\SCANpst.exe

Here is the thing. Before you close out Outlook it will prompt you to locate your set of folders. You can either write down the file location in the error notification above, or you can just go to the next screen “Offline Folder File Settings” and copy the contents of the File section.

On a default Vista system, my OST is:

C:\Users\Vlad\AppData\Local\Microsoft\Outlook\outlook.ost

Obviously replace Vlad with whatever your username is. Now, start Scanpst.exe, select your mailbox and let it work.

Youtube….

 

This may be a great time to catch up on that Star Wars trilogy you’ve been meaning to watch off Youtube because this process will take forever. Or, if you’re lucky enough to have Exchange 2007 it’s time to fall in love with Outlook Web Access 2007.

Exchange 2007 features a built in POP3 server but by default it is off and will not accept plain text connections. Good luck telling that to a difficult customer who wants to send his password in clear text over the Internet just because the Apple store told him so.

By default, going to port 110 and trying pain text user/pass dialog will yield the following error:

“-ERR Command is not valid in this state”

To enable plain text login drop down to PowerShell and issue the following command:

Set-PopSettings -LoginType PlainTextLogin

Then make sure to restart Microsoft Exchange POP3 service:

Restart-Service -service msExchangePOP3

As far as how to enable POP3 service on Exchange 2007, here is some more PowerShell magic:

Set-service msExchangePOP3 -startuptype automatic

Start-service -service msExchangePOP3

This one is for my buddy Seth who waited for months for the message limits to be lifted. For those of you interested, here is where they are changed in SP1:

Organization Configuration > Hub Transport > Global Settings > Transport Settings:

Wham, bam, ticket closed.

Check your mail server configuration and make sure you aren’t trying to query the ORDB (Open Relay Database RBL) that went offline two years ago.

I’m sitting here in the OWN Atomic Tangerine room filling out some livestock export forms for Australia and UK and the usually light phone has been lit up with customers complaining about ORDB connections. These disappeared two years ago, if you’re seeing the rejections with that label you need to get back on the ball

Every now and then time-dependant rule questions come up and today I took a few minutes to figure them out. The good news is, Exchange 2007 transport rules make this easy and seamless. The bad news is, Outlook 2007 can do this too but only as a client-based rules. This means that without Exchange 2007, time-dependant rules can fire only if an instance of Outlook 2007 is running.

Corey Powell asks:

I have a customer with 6 sales people.  They have leads arriving via email to one email address.  They want the “on-call” person to receive all of the leads that come in for the period of time that that person is “on-call”.

So, how do you do this in Outlook 2007? Easy:

Click on Tools > Rules and Alerts > New > Check messages when they arrive > with specific words in the message header:
” 07:”
” 08:”
” 09:”
” 10:”

Forward it to people or distribution list and pick a user.

This will effectively forward messages received from 7:00 am – 10:59 am to the user or distribution list you specify. Repeat for the other 6 shifts with respective 4 hour windows.

Few notes: leading space is very important because some MTA’s use IPv6 which without a leading space can match the wrong part of the header. Furthermore, Outlook does not have the “and” operator (something that Exchange 2007 does in its transport rules stack) so if you receive mail from other time zones your filter may not work as intended.

Courtesy of PC World, Apple today announced that 1.1.5 will ship with Exchange ActiveSync functionality which will, for all intents and purposes, make iPhone “business capable,” more:

Enterprises want great push e-mail–”huge request.” And push calendar information. And push contacts. And a global address list. And Cisco IPsec VPN, and a variety of security-related options. And automated configration options, and remote data wiping just in case the phone is lost or stolen.

“I’m really excited to be the one telling you today we’re doing all these things in the next release of the iPhone software.” Applause.

Back to push. Customers have asked for built-in Microsoft Exchange information. Apple has licensed the ActiveSync technology needed from Microsoft to support Exchange.

Schiller explains how old-school push is complicated and unreliable, then says that ActiveSync is modern, simple, and reliable. iPhone apps like its e-mail and calendar will support it.

He walks over to a podium to demo all this. His phone has no contacts, no events, and no e-mail. But the screen for adding e-mail has a new option: Exhchange. He’s skipping that, but is turning on an Exchange account he had pre-configured. He wants to use ActiveSync for contacts, calendars, and e-mail. He turns them on. “And that’s it.”

His contacts show up, as do his appointments and his e-mail. Apple’s Bob Borchers is in the audience on Wi-Fi helping Schiller with a demo. Schiller creates a new contact, and Borcher confirms that it was instantly synched via Exchange and has shown up on his device.

Next, Schiller goes to mail. Borchers sends him an e-mail. And there it is on Schiller’s phone. Applause. “This is exactly what enterprise customers have asked for.”

Schiller’s looking at his calendar. He asks Borchers to move a meeting up, and the schedule change shows up on Schiller’s iPhone. “All that is happening live.”

Schiller says the last part of the demo is the most fun. He’s saying that maybe he’s lost his iPhone. He asks Borcher to wipe the phone remotely. He does, and Schiller’s phone loses all his data. Applause.

Also interesting is the quote on sales. iPhone is now the second most deployed smartphone (28% market share), second only to Blackberry. I am not sure if Windows Mobile devices are counted under a single brand, or if Samsung Blackjack and AT&T Tilt are two completely different smartphone brands. However you define it, nearly a third of the smartphones on the market now supports Exchange along with its push email and remote wipe. That is… significant.

One of the more frequent questions about Exchange 2007 is the new update technology, the rollup:

Rollup is a collection of hotfixes and Exchange system updates that apply to the entire product. While in the past, Exchange hotfixes included updates for the affected binaries/libraries only, they did not update the product as a whole. The new “rollups” do just that, they provide all the hotfixes affecting Exchange 2007 deployment. Much like service packs, the rollups contain all the hotfixes and patches Microsoft has published and bring the Exchange deployment to an identifiable state (ie, tell me the rollup not a list of all the hotfixes you installed). The schedule is also pretty reliable, every 6-8 weeks.

And speaking of the devil, the first rollup for Exchange 2007 SP1 is out and it fixes the issue of store.exe allocating 100% of CPU. This is a common thing in the 2007 world, there are never enough resources so if you don’t choose to throttle it the Exchange 2007 will allocate so many resources that you’ll hardly be able to launch the management console without snapins timing out.

So, in review: Exchange 2007 SP1 Rollup 1, Exchange 2007 RTM Rollup 6.

Few years ago tar-pitting was a big deal among SBSers who tried to protect their systems from spammers, worms and directory harvesting. Microsoft’s Alex Nikolayev, the big daddy of Microsoft’s SMTP stack developed the tar pitting technology for Microsoft’s SMTP server on top of which Microsoft Exchange 2003 works.

What is tar pitting you ask? It is a process of throttling bad recipient responses in the SMTP channel that are meant to slow down the spammer or directory harvesting attack meant to figure out the valid (or prune invalid) email addresses on your mail server. It works in conjunction with recipient filtering, so if you’re being a good little Internet participant and issuing NDRs as per RFC requirement, tar pitting can help. What exactly does it do? Here is a visual example:

220 daisy.theofficeserver.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at  Sat, 9 Feb 2008 15:31:38 -0500
ehlo vlad.net
250-daisy.theofficeserver.com Hello [65.99.255.240]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250 OK
mail from: vlad@vlad.net
250 2.1.0 vlad@vlad.net….Sender OK
rcpt to: administrator@daisy.theofficeserver.com
250 2.1.5 administrator@daisy.theofficeserver.com
rcpt to: moo@daisy.theofficeserver.com
550 5.1.1 User unknown
rcpt to: cow@daisy.theofficeserver.com
550 5.1.1 User unknown
rcpt to: bee@daisy.theofficeserver.com
550 5.1.1 User unknown
rcpt to: sheep@daisy.theofficeserver.com
550 5.1.1 User unknown

What tar pitting enables you to do is specify the timeout interval in seconds between each rcpt to: command and the 550/511 rejection. Assuming that a regular spambot will issue thousands if not hundreds of thousands of commands in an attempt to filter out the valid recipients on the domain, tar pitting delays can significantly delay their connections.

Why SBSers shouldn’t use this!

First, if you wish to use this technology, here is a Microsoft KB842851 addressing this. If this is something you believe is worthwhile, you should outsource it to a service adequate of handling the volume of these connections, check out ExchangeDefender.

There are two reasons why you shouldn’t implement this technology on a small network:

First, if you are running SBS 2003 or 2003 R2 you have likely upgraded your server to ISA 2004. ISA 2004 establishes the max number of connections per server, per rule to 1000. Likewise, if you are using cheapie firewall solutions that also throttle down the connection limits as to not exhaust an internal server, you are likely going to run out of connections on your server. Remember that tar pitting does not close the connection, it keeps it open. So if you set a timeout of 30 seconds for example, you could run into hundreds of open connections during an attack which would result in service unavailable and connection drops for the valid SMTP connections that may be trying to reach you.

Second, tar pitting has proven itself effective enough that nobody uses DHA anymore. The malicious use of DHA has gone away to a large degree, the spambots are now either being launched with a raw write straight to the socket (ignoring any delays in the connection) or tend to disconnect if more than 5 seconds (depending on the spambot config) has passed between a rcpt to and 250/550 response.

So in effect, this would be worthless to you in stopping spammers and DHA but would backfire on you the first time a larger worm/virus outbreak starts slamming your server.

All in all, not a worthwhile practice for this day and age. Remember, spammers adapt much faster than the rest of the net does, what worked in 2005 won’t work in 2008.

In another desperate Microsoft-bashing event, eWeek (surprise!) is predicting the end of Microsoft in a desperation move to buy Zimbra. Yeah. Forget the advertising. Forget IM share. Forget the webmail dominance in the consumer space..

It’s all about Zimbra..

Yeah. Sure. Cause that’s whats replacing corporate email, a webmail client. But of course, an AJAX frontend is a good replacement for Identity Management, integration into the unified communications for seamless  IM/voice/voicemail, content sharing controls that support encryption, IRM, RPC over HTTP, push sync built in..

Oh, yeah. It’s got none of that!

Let’s face some reality, shall we? We’re talking about webmail people, the black hole of portal’s budgets. This, Google’s other solution which years into the service still bears the Beta tag which in the Web 2.0 world means – we’re losing money big, we can’t make money at it, please click on the ads.  Every commercial reincarnation of which has failed – for bCentral, for Hotmail, for Yahoo, for Excite…

And he huffed puffed and blew the story down…

Got Exchange questions that you’d like answered, for free, by some of the biggest names in the Exchange scene (and me)? I’ll be in the Exchange Expert chats tomorrow and next week, if you have SBS / Centro / WHS specific stuff this would be a place to get them answered. We did one of these back in May and people really seemed to like it so hop on…

Q&A With the Exchange MVP Experts
We invite you to attend a Q&A with the Microsoft Exchange Server MVPs. In this chat Exchange MVPs will be on hand to answer your questions about Exchange Server, Outlook and Exchange for Small Business Server. So if you are thinking of upgrading to Exchange Server 2007 or have questions about Exchange Server 2003 we hope you can join us for this informative online chat!

Add to Calendar

December 5, 2007
10:00 A.M. Pacific Time
Additional Time Zones

EnterChatRoom

Q&A With the Exchange Server MVP Experts
We invite you to attend a Q&A with the Microsoft Exchange Server MVPs. In this chat Exchange MVPs will be on hand to answer your questions about Exchange Server, Outlook and Exchange for Small Business Server. So if you are thinking of upgrading to Exchange Server 2007 or have questions about Exchange Server 2003 we hope you can join us for this informative online chat!

Add to Calendar

December 12, 2007
5:00 P.M. Pacific Time
Additional Time Zones

EnterChatRoom