Novell credits Microsoft for booming SUSE Linux sales

Novell reported a 243% jump in sales of its SUSE Linux operating system, crediting its alliance with Microsoft. Interesting development, after the initial teething issues the two companies have had with their relationship, and the open source community's quick kneejerk reaction (not that it wasn't expected... ) to it.

Gmail flaw allows forwarding messages to attacker's mailbox

As I sat watching a cool video put together by "Gmail fans" yesterday, reports of a flaw with Google's popular web-based email service were beginning to appear. The flaw allows an attacker to create a filter to forward a victim's messages to any email address specified by the attacker.

Scary stuff - Gmail is one of the email services I use.

More in "Gmail zero-day flaw allows attackers to steal messages" on InfoWorld.com.

Little over a week ago, Google Docs' new Presentations feature, a would-be competitor for Microsoft PowerPoint, reportedly revealed email addresses of users collaborating/viewing a presentation. Not a very serious flaw, imo, but it had privacy experts concerned.

This is not as much about pointing out Google's vulnerabilities, but more about realizing that web-based software, just like software that runs on your PCs or servers, can have vulnerabilities. Additionally, so can the infrastructure of web-based service providers.

I was recently notified by another web-based service provider that their databases were compromised, but they're making sure no major damage is done (or some such verbiage that I can't seem to recollect but didn't make much sense at all when I read it). I should monitor my credit reports, it added further. Thanks, that makes me feel very comfortable. Where do I send the bill from the credit monitoring service?

The Gmail collaborative video wasn't nearly as bad.

Exchange Server 2007: How to get a list of Exchange ActiveSync users

Getting a list of actual Exchange ActiveSync (EAS) users was not an easy task with Exchange Server 2003, and certainly not one that could be accomplished in a hurry.

Yes, it indeed is a one-liner shell command with Exchange Server 2007:

Get-CASMailbox | where {$_.HasActiveSyncDevicePartnership} | select Name

10/7/2008:
Here's an updated version, which uses the -Filter parameter to filter recipients on the server-side:

Get-CASMailbox -Filter {HasActiveSyncDevicePartnership -eq $true} | Select Name

Related posts and links:

• Exchange Server 2007: Listing Exchange ActiveSync users and device information
  
• Exchange 2003 - Active Sync reporting
  
• More on Exchange ActiveSync Reporting with Log Parser - COM object available
  
• Exchange ActiveSync, ISA 2006 and Error 0x85010004
  
• Exchange Server 2007 SP1: Take control of your Windows Mobile devices
  

Zenprise in Network World's '9 Wireless Network Companies To Watch'

Zenprise was named as one of the '9 Network Wireless Companies To Watch' by Network World.

From Network World:

Why it’s worth watching: Zenprise for BlackBerry software was launched in February 2007. Two months later, when RIM’s North American BlackBerry network crashed, Zenprise customers were perhaps the only people on the continent who knew hours before anyone else that 1) there was a problem, 2) it was serious, and 3) it was in RIM’s NOC. What everyone else saw as a third-party service that customers were dependent upon, Zenprise understood to be a critical enterprise asset that customers needed to manage like any other. The software makes it possible to actually enforce service-level agreements and improve support to mobile e-mail users.

Exchange Server 2007: Setting Message Size Limits

In a previous post, we looked at how the maximum recipients per message settings are treated differently by Exchange Server 2007 and Exchange Server 2003/2000 when sending to Distribution Groups (read previous post "Distribution Groups and maximum recipients per message").

Another commonly asked question is about message size limits and the inability to send messages that are apparently within the maximum sizes configured. Let's take a look at the message size settings in different places.

Organizational limits: These apply to all Exchange servers in the Organization. You can set these using the Set-TransportConfig command from the Exchange shell:

Set-TransportConfig -MaxReceiveSize 40MB -MaxSendSize 40MB

In SP1, you can also set it using the Exchange console by going to Organization Configuration | Hub Transport | Global Settings tab | Transport Settings | properties.

Receive Connector limit: Unlike Exchange SMTP Virtual Servers in Exchange Server 2003/2000, Exchange 2007's Receive Connectors are only used to receive messages. The maximum message size limit can be different on different Receive Connectors on a Hub Transport or Edge Transport server. To modify the maximum message size on a Receive Connector using the Exchange console, select Server Configuration | Hub Transport | select a HT server | Receive Connectors -> select a connector | Properties | General tab.



To set ReceiveConnector limit using the shell:

Set-ReceiveConnector "CONNECTOR NAME" -MaxMessageSize 40Mb

Send Connector limit: Send Connectors are used for sending outbound messages to the internet or particular address spaces (domains). Edge Transport servers also have a Send Connector to send inbound messages to Hub Transport servers in an AD Site. To modify the maximum message size on Send Connectors, select Organization Configuration | Hub Transport | Send Connectors -> select connector | Properties | General tab.



To set SendConnector limit using the shell:

Set-SendConnector "CONNECTOR NAME" -MaxMessageSize 40Mb

Mailbox limit: Individual recipients like mailboxes can have their own limits to bypass the Organizational limits. To set these using the Exchange console: Recipients | Mailbox -> select mailbox | properties | Mail Flow Settings tab | Message Size Restrictions.

Do individual size limits bypass the Organization size limit?

Setting higher message size limits on an Exchange recipient bypasses the maximum message sizes in the Exchange Organization configuration, albeit only for internal messages, not for messages sent to or received from unauthenticated sources.

Troubleshooting Sender and Recipient Size Limits: Consider the sender's MaxSendSize and the internal recipient's MaxReceiveSize when troubleshooting message size issues.

If the sender's size limits allow sending a large message, but the recipient's limits do not allow receiving a message of that size, you get a NDR with the following text (note the enhanced status code informing you exactly why the message was rejected):
#550 5.2.3 RESOLVER.RST.RecipSizeLimit; message too large for this recipient ##

If the recipient is allowed to receive a large message, but the sender isn't allowed to send a message of that size, you get the following NDR:
#550 5.2.3 RESOLVER.RST.SendSizeLimit; message too large for this sender ##

To set these using the Exchange shell:

Set-Mailbox "Joe Adams" -MaxSendSize 20Mb -MaxReceiveSize 20Mb

Distribution Groups and Contacts (MailContacts) only have maximum receive size in the Exchange console, but both MaxReceiveSize and MaxSendSize properties can be set for them using the Exchange shell.

Global Settings: Besides the above, another set of message size limits can impact Exchange Server 2007 recipients, but it's often overlooked when troubleshooting. This is the one in Exchange Server 2003 Global Settings | Message Delivery -> Properties.




- If you have these configured to a specific value before you upgrade the Organization to Exchange Server 2007, these are left untouched.
- If you have these set to "No Limit" before the Exchange Server 2007 upgrade, these are reset to the Exchange Server 2007 defaults.
- In case Exchange Server 2007's Organization settings (the ones you can set using Set-TransportConfig) conflict with these legacy Global Settings, the lower of the two sizes are used.

The problem is, these are neither visible in the EMC, nor using any of the Exchange shell commands.

If you still have an Exchange Server 2003 server in the Organization, you can use ESM to modify these limits. Alternatively, you can use ADSIEdit to browse to the Configuration container | Services | Microsoft Exchange | YourOrgName | Global Settings | Message Delivery -> Properties, and modify the following attributes as required:
1. delivContentLength -> corresponds to MaxReceiveSize parameter in Set-TransportConfig command.
2. SubmissionContentLength -> corresponds to MaxSendSize parameter in Set-TransportConfig command.
Note: The maximum value for both of the above is 2097151 KB, slightly under 2 Gb.
3. msExchRecipLimit -> corresponds to MaxRecipientEnvelopeLimit parameter in Set-TransportConfig command.

Set these to be the same as the equivalent Organization settings in Exchange Server 2007.

Exchange Server 2007 SP1 makes managing Global Settings easier.

If Global Settings have numeric values (i.e. aren't set to "No Limit"), using Set-TransportConfig to change maxReceiveSize, maxSendSize or maxRecipientEnvelopeLimit also changes the corresponding Global Settings.

Active Directory SiteLink limit: In Exchange Server 2007 SP1, you can also set maximum message size limit on AD Site Links. Exchange Server 2007 uses the AD Site topology to determine the least cost paths. If the message size to be delivered to a remote AD Site exceeds the limit on the AD Site Link, message delivery will fail. By default, the MaxMessageSize on AD Site Links is set to unlimited. This can be changed using the following command:

Set-ADSiteLink "SITE LINK NAME" -MaxMessageSize 20Mb

Routing Group Connector Limit: Routing Group Connectors are used in co-existence scenarios to transfer messages between Exchange Server 2003/2000 Routing Groups and the Exchange Server 2007 Routing Group (yes, there is one under the hood.. ). Messages exchanged between these Routing Groups should be below the message size limits of their respective RGCs. The default is set to unlimited. To set the MaxMessageSize on a Routing Group Connector:

Set-RoutingGroupConnector "CONNECTOR NAME" -MaxMessageSize 20Mb

Content conversion and message size limits

One source of confusion in previous versions of Exchange Server, as far as the message size limits are concerned, is that created by the content conversion process. Content conversion happens when Exchange converts an internet/MIME message into MAPI/Exchange format, and vice versa. Content conversion generally increases the message size - roughly by 30%. If you set a maximum message size of 10Mb., and wonder why a 9 Mb. attachment didn't make it through, consider the content conversion overhead, as also message headers (which are computed along with the DATA portion of the message to calculate the message size), and any actions taken by Transport Rules.

How does Exchange Server 2007 handle such messages? When a message enters the Exchange Server 2007 Org, it gets stamped with an X-MS-Exchange-Organization-OriginalSize header, which indicates the original size of the message before conversion. When considering message size limits, if the message has since ballooned to a larger size due to content conversion, added headers, etc. - the lower of the original message size and the current (converted) message size is considered, eliminating some of the confusion seen with message sizes in previous versions.

Using the Exchange shell to track failed message delivery

You can use the Exchange shell to track messages that could not be delivered because of message size issues. The RecipientStatus field in Message Tracking logs is used to store the SMTP response and enhanced status codes. The Message Tracking EventID we're looking for is FAIL. (Read previous post on message tracking: "Exchange Server 2007: Message Tracking from the command line")

To track messages that failed because of recipient's MaxReceiveSize:

Get-MessageTrackingLog -EventID FAIL | where {$_.RecipientStatus -like "*RecipSizeLimit*"}

To track messages that failed because of the sender's MaxSendSize:

Get-MessageTrackingLog -EventID FAIL | where {$_.RecipientStatus -like "*SendSizeLimit*"}

Entourage 2008: OOFs coming to the Mac

With the release of Office 2008 for the Mac, Entourage users will be able to use Out of Office messages just like the rest of the world (i.e. Windows users with Microsoft Outlook) have been doing forever. Entourage 2008 supports Exchange Server 2007's enhanced OOF functionality, including the ability to schedule OOF start and stop times in advance, and set-up separate OOF messages for co-workers and external recipients.

Nevertheless, Entourage 2008 doesn't come close to Microsoft Office Outlook 2007 as far as features go. There's no capability to schedule resources, and no MAPI (recently rechristened "Outlook-Exchange Transport Protocol"), amongst a long list of other features on Entourage users' wish list. More in Lead Program Manager Andy Ruff's post "Office 2008 Enterprise Series: OOF Coming to Entourage" on the Office for Mac team blog.

One more thing: iPhone's 33% cheaper in 10 weeks

Did you rush out to buy the cool new and way overhyped 8 Gb iPhone on Day 1 for $599? You must love Jobs' announcement this morning - the music player + cell phone + web surfing + email (sans Exchange ActiveSync, of course.. ) device just got a 33% price cut. You can now have it for $399!

No Exchange ActiveSync support announced yet - that's rumored to be in the works with another 33% price cut in early 2008... :)