Exchange & Outlook UPDATE, Exchange Edition, July 29, 2004


Ensure that your Exchange and Outlook UPDATE isn't mistakenly blocked by antispam software. Add [email protected] to your list of allowed senders and contacts.


==== This Issue Sponsored By ====

Security Administrator

Free Web Seminar from InstallShield


1. Commentary
- Cleaning Up After Classified Email

2. Resources
- Featured Thread: OWA Authentication Problem
- Outlook Tip: Changing a Search Folder's Scope

3. New and Improved
- Organize Outlook Email
- Tell Us About a Hot Product and Get a T-Shirt!


~~~~ Sponsor: Security Administrator ~~~~
Try a Sample Issue of Security Administrator!
Security Administrator is the monthly newsletter from Windows & .NET Magazine that shows you how to protect your network from external intruders and control access for internal users. Sign up now to get a 1-month trial issue--you'll feel more secure just knowing you did. Click here!


Editor's note: Share Your Exchange Discoveries and Get $100
Share your Exchange Server and Outlook discoveries, comments, or problems and solutions for use in the Exchange & Outlook Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected] We edit submissions for style, grammar, and length. If we print your submission, you'll get $100.


==== 1. Commentary: Cleaning Up After Classified Email ==== by Paul Robichaux, News Editor, [email protected]

Los Alamos National Laboratory (LANL), the birthplace of the atomic bomb and one of the most secretive places in the United States, is currently shut down while its director, staff, and a variety of appointed officials try to figure out what to do about several security breaches, including the sending of classified messages over the lab's unclassified email system. US government agencies live by the "once classified, always classified" rule: If a system that's certified for unclassified information gets even one classified message on it, they must treat the disks as classified until those disks have been sanitized according to the requirements set out in a document called DoD 5220.22-M, "National Industrial Security Program Operating Manual." Those requirements call for all affected disks to be degaussed, destroyed, or overwritten with a specific pattern of bits. Of course, that's a bit drastic for those of us who aren't designing nuclear weapons or doing other kinds of classified work. But LANL's problems have got me thinking about the technical challenges of "cleaning" an ordinary email system over which someone has sent confidential or legally sensitive information. It's no easy task. The first thing to do is to figure out where the sensitive message might have been stored on disk. At some point, the Information Store (IS) will have handled the message, so it will certainly be in the .edb files on the systems that hold the sender's and recipient's mailboxes. Message information will also be in the transaction logs. And depending on the version of Exchange you're using and the clients that were used to send and receive the message, the data might be in the Message Transfer Agent (MTA) or SMTP queue directories or the sender, recipient, or gateway .stm files. You might even find copies in your spam filter, postmaster mailbox, or Badmail directory. It's difficult to find all the potential places that a sensitive message might have left traces, so take your time. Once you find whatever remnants might be left on your systems, how do you get rid of this data without destroying your entire Exchange Server? If the scope of the message's distribution was limited, you can delete it by using Outlook, Outlook Web Access (OWA), or the Mdbvu32 utility. If you know the message's subject line, you can use the ExMerge utility to remove the message from the IS. The ExMerge log files also will tell you what mailboxes you need to clean. After you delete the message, you can purge the day's transaction logs. You can perform an offline defragmentation of the databases that contain the message, although doing so isn't guaranteed to immediately remove all traces. You can move the affected mailboxes to a fresh database (after removing the messages), then delete the old database. None of these steps, however, are guaranteed to remove all traces of the sensitive information, and none of them are much help unless you already know exactly where the message has spread. Tools that can search your mail databases according to keywords (Ontrack Data Recovery's Ontrack PowerControls comes to mind) are handy for solving the latter problem. If your line of work involves highly sensitive data, I suggest you think now about how you'd handle the "spilt milk" if some of that data ended up floating around your email system.


~~~~ Sponsor: Free Web Seminar from InstallShield ~~~~
NEW - Best Practices for Managing Software Packaging and Pre-Deployment Preparation
Proper planning and management of the pre-deployment process for a multitude of applications can cut the time and expenses for an IT Department significantly. In this free Web seminar, you'll learn how your organization can benefit from managing the workflow of the pre-deployment process. Plus, we'll identify different business scenarios that show ROI improvements from accurate workflow management. Register today!


==== Announcements ==== (from Windows & .NET Magazine and its partners)

Find Out How to Secure Your Messaging Center
Find out everything you need to know to secure your messaging environment, including information about Antigen antivirus solutions, antispam solutions, and content filtering. Get access to FAQs, free seminars, and the latest articles. Go to the Secure Messaging Center now!

Get Your Free Small Business Servers Toolkit--Includes an eBook Plus 3 Web Seminars!
Don't miss your opportunity to evaluate your server options and discover which Windows version is right for your needs to lower licensing and operating costs. You'll learn how to create a centralized server environment and develop an IT infrastructure plan to get the most out of your systems while minimizing the costs involved. Get your Small Business Servers Toolkit now!

Do You Find Monitoring Windows Servers a Daunting Task?
In this free eBook, we'll examine four main types of monitoring crucial to any network: performance, capacity, availability, and security. For each area, you'll find out the most important events and conditions to monitor to maximize performance, manage capacity, ensure availability, and stay on top of security. Download this free eBook today!

==== 2. Resources ====

Featured Thread: OWA Authentication Problem
A forum reader is looking for help with a problem involving Exchange Server 2003 and Outlook Web Access (OWA). To find out how the problem was solved--or to participate in our forums--go to the following URL:

Outlook Tip: Changing a Search Folder's Scope by Sue Mosher, [email protected]

Q: How can I change the scope of the Unread Mail search folder in Microsoft Office Outlook 2003?

A: The rules that apply to Advanced Find searches also apply to search folders: You can search multiple folders that exist in the same Exchange mailbox or Personal Folders (.pst) file. Typically, you'll want the Unread Mail search folder to monitor your Inbox plus any folders that you use with Outlook rules to organize mail from specific senders or about particular topics. To change the scope of Unread Mail or another existing search folder by adding folders, right-click the search folder, choose Customize This Search Folder, then click Browse to locate the folders you want to add.
You can also create a new search folder with new search criteria and scope by right-clicking Search Folders and choosing New Search Folder. Another way to create a new search folder is to run a search with Advanced Find to test your criteria and folder selections, then choose File, "Save Search as Search Folder".
See the Windows & .NET Magazine Exchange & Outlook Web page for more great tips.

==== Events Central ==== (A complete Web and live events directory brought to you by Windows & .NET Magazine: )

We're Bringing the Experts Directly to You with 2 New IT Pro Workshop Series on Security and Exchange
Don't miss 2 intense workshops designed to give you simple and free tools to better secure your networks and Exchange servers. Discover how to prevent intruders from attacking your network and how to perform a security checkup on your Exchange deployment. Get a free 12-month subscription to Windows & .NET Magazine and enter to win an Xbox! Register now!

==== 3. New and Improved ==== by Angie Brew, [email protected]

Organize Outlook Email
Caelo Software released Nelson Email Organizer Pro (NEO Pro) 3.0, an add-on for Outlook that automatically organizes messages by date, correspondent, mailing list, and attachment. (NEO Pro doesn't change anything in Outlook, it only changes the way the messages appear.) The product features Unified Message Stores, which give users a seamless, searchable view of all their messages. The product indexes all the words in email messages to make messages searchable. The Attachment Manager shows all messages grouped by attachment type and can sort and delete unneeded attachments to free up space. NEO Pro costs $69.95 for a single-user license. Contact Caelo Software at 604-269-9006.

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Links ====

Comparison Paper: The Argent Guardian Easily Beats Out MOM

Free Download--New - Launch NetOp Remote Control from a USB Drive


~~~~ Contact Us ~~~~

About the newsletter -- [email protected]
About technical questions --
About product news -- [email protected]
About your subscription -- [email protected]
About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

View the Windows & .NET Magazine Privacy policy at Windows & .NET Magazine a division of Penton Media Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.