Category Archives: MS Exchange server 2003

Blacklist providers to trust II

1 Reply

Almost two years ago I have posted a comment regarding Blacklist providers that I use and I trust… Well I would like to update this post by adding or commenting that now I use only two providers that sucessfuly eliminate or reduce spam that is coming to my mail servers …

I currently use:
zen.spamhaus.org provided by http://www.spamhaus.org
bl.spamcop.net provided by http://www.spamcop.net

As you should decide to use or not to use blocklist providers on your mail servers I am adding interesting article from august 2009 to better understand how this providers work: http://www.allspammedup.com/2009/08/understanding-blocklist-providers/

I wish you luck in fighting spam! 🙂

Exchange System Manager in Exchange Server 2003 crashes when you click HELP

Leave a reply

After updating some SBS servers 2003 I noticed that Exchange System manager crashes if I do click help. The problem is that Internet explorer 7 – which was installed during Windows Update changes the version of Psapi.dll which is used by Exchange system manger (older version) and by IE7. To solve this problem you just need to / Po posodobitvah sistemov SBS 2003 sem ugotovil, da se Exchange System Manager “obesi”, ce v njem pritisnem na tipko Help. Tezava je v tem, da tako IE7 kot Exchange 2003 izkoriscata Psapi.dll, ki se pa med njima razlikuje. Za rešitev težave sledite spodnjim navodilom:

1. Stop the Microsoft Exchange System Attendant service (dependent services wil be also stopped) / Zaustavite servis Microsft Exchange System Attendant (pri tem sem bodo zaustavili še “odvisni” servisi).
2. Stop the IIS Admin Service (dependent services will be also stopped) / Zaustavite servis IIS Admin Service (pri tem se bodo zaustavili še “odvisni” servisi).
3. Rename the file Psapi.dll to Psapi.dll.tmp (or whatever) which can be found in your .Exchsrvrbin directory // Preimenujte Psapi.dll v Psapi.dll.tmp, datoteko pa najdete v mapi .Exchsrvrbin. <be> 4. Start stopped services / Ponovno poženite zaustavljene servise

http://support.microsoft.com/kb/932513

Homework for attendees of my session at NT Konferenca 2007 / Domača naloga za udeležence mojega predavanja na NT Konferenci 2007

Leave a reply

1.) Preglejte stanje svojih domenskih zapisov: http://www.dnsreport.com
2.) Preglejte, ali so vaši poštni strežniki že na kakšni od obstoječih črnih list: http://www.dnsstuff.com
3.) Preverite, da imate pravilne MX zapise ter A zapise. Preverite, da se ujema A zapis z PTR (reverse) zapisom (npr. posta.podjetje.si se razreši v 123.123.123.123 in nazaj iz 123.123.123.123 naj se razresi v posta.podjetje.si)
4.) Preverite server greeting z ukazom telnet posta.podjetje.si 25 odgovoriti vam mora z tromestno številko + A zapisom
5.) Veliko vprašanj se je nanašalo na scenarij:
Imam domeno podjetje.si ter domeno podjetje.eu. Kako nastavim poštni strežnik za obe domeni.
Poleg standardnih nastavitev Recipient policy na strežniku Exchange na DNS nivoju stvar uredimo takole:
Za podjetje.si naredimo A zapis posta.podjetje.si ter PTR posta.podjetje.si ter nastavimo MX zapis z utežjo 10 na posta.podjetje.si
Za podjejt.eu dodamo MX zapis, ki kaže na posta.podjetje.si – s tem načinom pravilno in po RFCju skonfiguriramo poštni strežnik tako, da bo sprejemal pošto za obe domeni.

Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

1 Reply

Konfiguracija Exchange 2003 SP2 strežnika za filtriranje proti črnim listam, uporaba Intelligent message filter-ja ter Sender ID procesiranje / Configuration of Exchange 2003 SP2 to filter mail using black lists, usage of Intelligent message filter and Sender ID processing

Nekaj zlatih pravil na katere moramo biti pozorni pri konfiguraciji poštnih strežnikov. / Some rules to be aware of when configuring mail servers.
DNS nivo / DNS layer

1. MX zapis mora obstajati / MX record must exist
Za test lahko v ukazni vrstici vpišete ukaz / For testing you can try to get the MX record using nslookup command:
nslookup
set type=MX
company.com
Kot rezultat bi morali dobiti / As result you should get:
company.com MX preference = 10, mail exchanger = mail.company.com

2. Forward in reverse DNS zapis se morata ujemati / Forward and reverse DNS record must be the same
Primer / Example:
Recimo, da MX zapis za domeno company.com kaže na poddomeno domene company.com in sicer na mail.company.com. V primeru, da izvršimo ukaz ping v ukazni vrstici dobimo rezultat: / Let say, that MX record for domain name company.com points to subdomain of company.com – mail.company.com. In this case you can check by pinging hostname and get the result:

C:>ping mail.company.com
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=119ms TTL=238 …

Ce pa izvršimo ukaz, ki nam iz IP naslova razreši DNS zapis moramo dobiti rezultat: / If we try to make a reverse lookup we should get the same result:

C:>ping -a 123.123.123.123
Pinging mail.company.com [123.123.123.123] with 32 bytes of data:
Reply from 123.123.123.123: bytes=32 time=111ms TTL=238

Nivo poštnega strežnika (SMTP strežnika) / Mail server layer (SMTP server)

SMTP strežnik se mora oglasiti z istim imenom, kot je vpisan v MX zapisu – v našem primeru: mail.company.com. To pa lahko preizkušamo tako, da se z uporabo programa telnet povezemo na poštni strežnik na portu 25. / SMTP server should present with the same name as a name in MX record. In our case this is mail.company.com. This can be tested using telnet program connecting to port 25 of our mail server.
Kot rezultat bi morali dobiti: / As a result you should get:

220 mail.company.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Mon, 5 Feb 2007 23:07:34 +0100

http://www.dnsreport.com – preverite nastavitve svoje domen / check your domain name configuration
http://www.dnsstuff.com – dodatna orodja za pregled DNS zapisov / additional tools for checking DNS records
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/ – Sender policy framework – generator TXT zapisa / Sender policy framework TXT record generator

  I. del / Part I. – Message delivery properties – general
(wink source) 

 II. del / Part II. – Message delivery properties – Connection filtering
(wink source) 

 III. del / Part III. – Message delivery properties – IMFv2 / Sender ID filtering
(wink source) 

 IV. del / Part IV. – Activate filters on SMTP server
(wink source) 

 V. del / Part V. – SMTP server name

Microsoft SMTP limanica / Microsoft SMTP Tarpit

Leave a reply

Z orodjem, ki ga lahko poberete na spodnji povezavi (.reg in .bat datoteki) lahko enostavno aktivirate 10 sekundno limanico na vašem SMTP servisu (deluje tudi z Exchange 2003). Z upočasnitvijo SMTP komunikacije pripomorete k zmanjšanju SPAM-a v vaših e-poštnih nabiralnikih. / With the tool that you can download (.reg and .bat files) you can very quickly enable 10 seconds tarpit of your SMTP servis (it works also on Exchange 2003). With reduction of SMTP coversation speed you get less SPAM in your mailboxes.

Microsoft SMTP tarpit.zip
Microsoft SMTP tarpit-5.zip – v primeru, da ste imeli kakšno težavo s 10 sekundnim zamikom je tu na voljo še reg datoteka s 5 sekundnim zamikom. / if you encountered any problems with 10 sec. tarpit you can try with this registry file with 5 sec. delay.

Keywords:
SMTP tarpit, SMTP tarpitting, Exchange 2003 tarpitting, Exchange 2003 tarpit, SMTP delay

Sources:
http://support.microsoft.com/kb/842851
http://www.petri.co.il/tar_pitting_exchange_2003.htm
http://msexchangeteam.com/archive/2004/12/06/275851.aspx

Exchange 2003 SP2 – Intellinget message filter “just too intelligent” :)

Leave a reply

Microsoft – Exchange 2003 SP2 – Intelligent message filtering v2 – deleting Sharepoint services notifications on the same machine!!! Can be resolved using MIN and MSExchange.UceContentFilter.xml described in the article below.
http://www.msexchange.org/tutorials/Intelligent-Message-Filter-version-2-IMF-v2.html

Microsoft – Exchange 2003 SP2 – Intelligent message filtering v2 – Exclude …
http://support.microsoft.com/?id=912587