Security

Exchange 2007 Content Filter: How to move messages to Junk Mail folder

You’ve setup Exchange Server 2007, and configured the shiny new Content Filter agent (CFA), which is more than just a rewrite of the equally loved and hated Intelligent Message Filter (IMF) from Exchange Server 2003. How do you configure it? Spam Confidence Level (SCL) Thresholds in Exchange 2007/2010 The CFA has the following three thresholds, […]

More →

Configuring firewalls and name resolution for Edge Transport servers

If you’re planning to deploy the Edge Transport server role in a perimeter network (aka “DMZ”), here are the ports you’ll need to open: Inbound:From external network (internet) to Edge server: SMTP – tcp port 25From Edge server to Hub Transport servers on internal network: SMTP – tcp port 25 Outbound:From Edge to external network/internet: […]

More →

A Late New Year’s Resolution: Do Not Resolve Anonymous Senders

It’s probably a little late to make another New Year’s resolution, but I’ll try to convince you to make one nevertheless. By default, when an internal/authenticated user sends you a message, you see the user’s display name (for example Joe Adams) in Outlook/OWA and other email clients. Messages from unauthenticated senders, including those from Internet […]

More →

What is the *real* maximum password length?

I’ve for long been an advocate of using long passwords, using entire phrases/sentences instead of a single more complex but short password. Some Windows Server 2003 documentation states the maximum password length is 28 characters (e.g. Enforcing Strong Password Usage Throughout Your Organization says “Although Windows 2000, Windows XP, and Windows Server 2003 support passwords […]

More →

Forwarding office email to personal email accounts

CNET News.com has a report titled “Firms fret as office e-mail jumps security walls“. Many organizations are concerned about employees forwarding work email to their personal, often web-based email accounts provided by free services like Yahoo! Mail, Google’s Gmail, or Microsoft’s Hotmail/Windows Live Mail. At times employees may do this to simply get to their […]

More →

Enabled by default: SMTP Tarpit in Exchange Server 2007

From a recent discussion, and something I’ve been wanting to post about for a while: SMTP tarpitting is enabled by default on Receive Connectors in Exchange 2007 (and Exchange 210). What is SMTP tarpitting? It’s the process of introducing a delay in SMTP connections from hosts that are suspected of inappropriate SMTP behavior – for […]

More →

How To Allow Relaying in Exchange 2010 and Exchange 2007

In Exchange Server 2003, you can allow anonymous SMTP hosts to relay mail by adding their IP address(es) in SMTP Virtual Server Properties | Access tab | Relay. Hosts that require anonymous relay capability include application servers and devices such as copiers, which scan documents and send them as email attachments. Figure 1: Controlling relay […]

More →

Windows Vista RoI: BitLocker drive encryption enough to justify upgrades?

According to analyst Jon Oltsik of Enterprise Strategy Group, Windows Vista’s BitLocker drive encryption system provides enough RoI to justify the upgrade for enterprise customers. PC encryption tools have now become a “must-have” and most enterprises are considering deploying such tools. Standalone drive encryption utilities cost $100-$200 per system in acquisition cost alone. Add to […]

More →

MS06-076: Cumulative Security Update for Outlook Express

As part of its monthly security patch releases, Microsoft has published a security bulletin (MS06-076) – a cumulative update for Outlook Express. Even if you use Microsoft Outlook for email and do not use Outlook Express at all, do remember this is installed by default on all Windows computers and as such it makes sense […]

More →

Short complex passwords easier to crack than simple long ones

Infoworld columnist Roger Grimes provides some interesting information in his Security Adviser column about (short) complex passwords being easier to crack than longer “non-complex” ones. I’ve always encouraged users to use phrases or short sentences as passwords rather than sticking to the short password lengths imposed by I.T. departments, and Grimes confirms that. Some interesting […]

More →

← Previous Entries

Next Entries →