CommVault Systems – Free White Paper
- SMTP AUTH Attacks: Readers Respond
- New White Paper on Exchange 2003 Deployment
- Microsoft IT Forum 2003, November 11-14, Copenhagen, Denmark
- COMDEX Las Vegas 2003
3. Resources - Exchange 2003's Antispam Infrastructure
- Featured Thread: Improperly Updated Inboxes
- Outlook Tip: Printing Header Fields in Unsent Messages
- "Plan, Migrate, Manage: Shifting Seamlessly from NT4 to Windows 2003"
5. New and Improved
- Back Up Email Messages
- Tell Us About a Hot Product and Get a T-Shirt!
6. Contact Us
- See this section for a list of ways to contact us.
~~~~ Sponsor: CommVault Systems ~~~~
Today's e-mails and instant messages are a mixed blessing to corporations. They're critical to business -- an awful lot of messages and attachments contain vital company knowledge. Messages are also critical in defending companies against expensive non-compliance charges and lawsuits. But this same great tool is also a storage manager's greatest challenge. Messaging data (e-mail messages and attachments), like from Microsoft Exchange, strains networks and storage to their limits. So how do you intelligently manage message stores when you can barely keep up with capacity? What's an IT administrator to do? Order free white paper, "Managing the Infinite Mailbox" today.
==== 1. Commentary: SMTP AUTH Attacks: Readers Respond ==== by Paul Robichaux, News Editor, [email protected]
Last week's UPDATE column about SMTP AUTH attacks (see the first URL below) struck a chord with readers. I received an interesting variety of questions, suggestions, and personal stories about your experiences with this kind of attack.
Dr. Thomas Shinder (a Microsoft MVP for Microsoft Internet Security and Acceleration--ISA--Server and author of two excellent books about deploying ISA Server) wrote to point out that you can use ISA Server to log SMTP AUTH traffic. Exchange Server doesn't log these transactions, but you can configure a perimeter firewall or SMTP proxy to monitor the rate of arriving commands and alert you when an attack appears to be underway. The rate of authentication requests that signals an attack will vary: A large company that typically receives 1000 requests per hour will need to set a higher threshold than a small university that receives only a few hundred requests per hour.
Several readers pointed out attack-related discussions on the North American Network Operators Group (NANOG) mailing list (see the second URL below). One report on the list claims that blocking a range of IP addresss from China will block SMTP AUTH attacks, but unless you're suffering from an extremely high volume of requests, this solution is likely to cause more problems than the attack itself.
Some readers wondered why someone would even bother to attempt to compromise random Internet-connected desktop machines. The answer: cold hard cash. Brian McWilliams' "WIRED" article "Cloaking Device Made for Spammers" (see the third URL below) describes how spammers are using compromised PCs to obscure the real location of the spammers' Web sites. If you haven't done so already, now would be a good time to have your users run an antivirus tool and a tool such as PestPatrol's free PestScan scanner (see the fourth URL below) to scan their machines. Rebuild any infected machines; don't try to clean them--getting rid of all the spyware is extremely difficult.
One thing is perfectly clear: Attacks such as the SMTP AUTH attack will continue. Spammers make their living by using large amounts of cheap computer power to flood the world with messages; now these miscreants are stealing computer power from others. We all need to be vigilant in making sure that our systems are secured and configured properly to reduce this type of abuse.
"A New Kind of Attack"
North American Network Operators Group (NANOG)
"Cloaking Device Made for Spammers"
~~~~ Sponsor: IntelliReach MessageScreen ~~~~
Want to finally beat Spam and Viruses? Don't miss the free webcast, "How to Fight the New Breed of Spam and Viruses". To view this webcast, go to:
This free webcast will cover:
- How spammers consistently defeat most anti-spam techniques
- What every IT manager needs to know to stop spam and viruses
- The latest developments in multi-tiered and gateway-level filtering
- How to stop over 97% of porn and objectionable email
Don't miss IntelliReach's latest webcast and learn to keep spam and viruses out of your email system.
==== 2. Announcements ==== (from Windows & .NET Magazine and its partners)
New White Paper on Exchange 2003 Deployment
In this timely white paper, author and Microsoft Exchange expert Kieran McCorry, from HP's Consulting and Integration Technology Group, outlines the best options for organizations migrating to Exchange Server 2003. The paper outlines inter- and intra-organizational migration issues and the benefits of server consolidation during deployment. Get your copy today!
Microsoft IT Forum 2003, November 11-14, Copenhagen, Denmark
Explore best practices for managing your systems and strengthening your security, gain effective guidance for planning and implementing rollouts of a host of Microsoft products and technologies, including Exchange Server 2003, Windows Server 2003, and others in the Windows Server System. Save 300 EUROS, register today.
COMDEX Las Vegas 2003
At COMDEX, you'll have the opportunity to learn the ins and outs of the most prominent platform of the enterprise, data center, and desktop. Key elements include in-depth sessions on Windows Server 2003, Exchange Server 2003, reducing spam with Exchange Server 2003 and Outlook 2003. Come to Las Vegas this November 16-20 and take charge.
==== 3. Resources ====
Exchange 2003's Antispam Infrastructure
The Anti-Spam section of the Exchange Server 2003 software development kit (SDK) describes Exchange's antispam infrastructure in detail. Learn more at the following URL:
Featured Thread: Improperly Updated Inboxes
A forum reader has a problem with Exchange 2000 Server on Windows 2000 Server: Some users' Inboxes aren't being updated properly. To offer your advice or join the discussion, go to the following URL:
Outlook Tip: Printing Header Fields in Unsent Messages by Sue Mosher, [email protected]
Q: Why doesn't Outlook 2002 print the To, From, and Subject fields when I print a new message that I'm composing?
A: If you don't see these header fields on printouts of unsent messages, you're probably using Microsoft Word 2002 as your email editor in Outlook--a configuration that's known as WordMail. WordMail is the default editor in Microsoft Office XP, but WordMail's behavior in Office XP is somewhat different from WordMail's behavior in Office 2000. Missing header fields in printouts of unsent messages is one difference.
You can turn off WordMail by choosing Tools, Options, Mail Format and clearing the "Use Microsoft Word to edit email messages" check box. If you then compose a message in the regular Outlook editor, the printout will include those header fields.
If you prefer to keep using WordMail but still want those header fields on your printouts, print the message after you've sent it. The copy in the Sent Items folder prints with the To, From, and Subject fields.
See the Exchange & Outlook Administrator Web site for more great tips from Sue Mosher.
==== 4. Events ==== (brought to you by Windows & .NET Magazine)
"Plan, Migrate, Manage: Shifting Seamlessly from NT4 to Windows 2003"
Your Active Directory environment can make or break your entire Windows NT 4.0 to Windows Server 2003 migration project. This free Web seminar features best practices for migration planning and administration, tips and tricks for ensuring Exchange Server and Active Directory health, and guidance for managing your directory for maximum availability and performance during migration and beyond. Register now!
==== 5. New and Improved ==== by Carolyn Mader, [email protected]
Back Up Email Messages
WinGuides released Email Saver Xe 2.0, an email-backup utility that supports Outlook, Outlook Express, Eudora, Netscape Messenger, and Opera. Email Saver Xe lets you quickly transfer email information from one computer to another for use during an upgrade, migration, or business trip. The software ensures that users always have a recent copy of their messages, and you can use the automatic backup feature to schedule regular unattended backups. Email Saver Xe runs on Windows XP/2000/NT/Me/9x systems and costs $29.95. Contact WinGuides at 877-576-2445.
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]
==== Sponsored Links ====
Free Download - NEW NetOp 7.6 - faster, more secure, remote support
Eliminate spam once and for all. MailFrontier Anti-Spam Gateway.
==== 6. Contact Us ====
About the newsletter -- [email protected]
About technical questions -- http://www.winnetmag.com/forums
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]
This email newsletter is brought to you by Exchange & Outlook Administrator, the print newsletter with practical advice, tips, and techniques covering migration, backup and restoration, security, and much more. Subscribe today.
Copyright 2003, Penton Media, Inc.