Security

Safari, Meet Windows: Apple’s cool browser comes with security holes

One of the 12 reasons Apple says “you’ll love” Safari for Windows – “Now you can enjoy worry-free web browsing on any computer. Apple engineers designed Safari to be secure from day one.” Apparently, it didn’t take security researchers/experts like Thor Larholm, David Maynor and Aviv Raff too long to uncover the security holes in […]

More →

CAS In DMZ Redux: Time For an OWA Appliance?

The number of times I continue to field this question is amazing – Can the Client Access Server be located in the perimeter (DMZ) network? I wrote about it not too long ago [read previous post titled “Locating Exchange Server 2007 CAS role in the perimeter?“]. Exchange folks continue to get the standard requirement/mandate from […]

More →

Released: Update Rollup 2 for Exchange Server 2007 (KB935490)

Microsoft has just released Update Rollup 2 for Exchange Server 2007 (KB935490). This update comes less than 3 weeks after the previous rollup – Update Rollup 1. It includes updates for 4 vulnerabilities in Microsoft Exchange Server – (including a critical remote code execution vulnerability from the way MIME messages are decoded), as outlined in […]

More →

Computerworld: The deal on the Windows DNS bug

The still unpatched Windows DNS Server bug has been the topic of many a security discussions during the past few days. If you’re running your DNS on a Windows Server (using DNS Server service), this affects you. Computerworld’s Gregg Keizer has a nice write-up about this issue that I just stumbled upon, thanks to Sunbelt […]

More →

RFC 2821, HELO again: Validating the HELO/EHLO domain

RFCs 2821 and 1869 specify the format of HELO/EHLO commands issued by a SMTP client to initiate a SMTP session. RFC 2821 on HELO/EHLO command: 4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO) These commands are used to identify the SMTP client to the SMTP server. The argument field contains the fully-qualified domain name of the […]

More →

Exchange Server 2007: Managing And Filtering Anti-Spam Agent Logs

Exchange 2007 includes a number of anti-spam agents to filter spam. The anti-spam agents log their actions in (anti-spam) agent logs. The default agent log locations: Exchange 2010: \Exchange Server\V14\TransportRoles\Logs\AgentLog Exchange 2007: \Exchange Server\TransportRoles\Logs\AgentLog Agent Log Configuration You can’t change the agent log location. Here are the available config options: Enable/Disable agent log: On transport […]

More →

Email Archiving and Compliance: Learning from email issues that plague the White House

Over the weekend, Wall Street Journal reported “White House Probes More Lost Emails” (external links do not work, WSJ.com requires subscription to read this article). The Journal’s John D. McKinnon reports, “The White House, already under pressure to explain missing emails from officials using a Republican Party system, says it is investigating reports that many […]

More →

Internetnews.com: Surprise, Microsoft Listed as Most Secure OS!

Microsoft has no dearth of critics as far as security goes, particularly from the open source bandwagon. Apple’s commercials certainly show no mercy when talking about this issue, and frankly the commercials are quite funny and well-executed, imo (..but then isn’t marketing the art or science of being as far removed from the facts as […]

More →

Locating Exchange Server 2007 CAS role in the perimeter?

Where should you locate Exchange Server 2007 servers with the Client Access Server (CAS) role? Is it more secure to locate them in perimeter network (aka “DMZ” or demilitarized zone)? Security folks in many organizations insist that any server that needs to be accessed from external networks (i.e. the Internet) should reside in perimeter networks. […]

More →

HOW TO: Assign SendAs right using Exchange shell

In Exchange Server 2007 (and Exchange 2010), recipients are managed from the Exchange Management Console (EMC) or Exchange Management Shell (aka the Shell). EMC does not have a Security tab for recipients. You can still use Active Directory Users & Computers (ADUC) console to modify permissions on a recipient, as the documentation suggests [“How to […]

More →

← Previous Entries

Next Entries →