World Synergy Blog
Your eBusiness Partner
World Synergy Blog

What is Sender Policy Framework (SPF)?

Sender Policy Framework (SPF) is has been designed to reduce or stop forged email from being sent.

The domain the sender says that it is from gets checked by the Sender Policy Framework(SPF) and checks if the sender is allowed (according to the DNS entry) to send email from that domain. In this case, the offender tries to send mail from a fake address, then the message will be rejected.

To accomplish this you will need to add a text record to the DNS to define the mail servers allowed to send on behalf of the domain.


An excellent resource for learning more about SPF records on how to create them is OpenSPF.org.

Posted by Michael Mack at 5/2/2008 3:11 PM | Add Comment

What is email spoofing?

Email spoofing refers to the sending email from one source, but making it appear message was sent from a different source. The email comes from spam@spam.com but it appears to be from you@yourdomain.com. Also, making the email appear to come from an unknown user within your domain name. For example, the message appears to be idontworkhere@yourdomain.com.

OK, it does not mean you should immediately think a hacker has taken control of your network or email. It simply means someone has created a workaround to send email as another domain. Not to minimize that this can be extremely annoying as it typically yields many return receipts. I advise taking action to combat this by adding an SPF record to DNS.


Posted by Michael Mack at 5/2/2008 3:10 PM | Add Comment

Remoteapp requirement...

I am trying to find anyone who has a copy of RDC 6.1. In reading technet & testing I have found that Microsoft 2008 Server Terminal Services feature for Remoteapp requires RDC 6.1, which at the current time is only available 3 ways 1. Server 2008 2. Vista SP1 3. XP SP3.

Posted by Michael Mack at 5/2/2008 3:04 PM | Add Comment

To have a windstream modem do one-to-one NAT

Don't remember the exact brand....
  1. Log into modem: admin
  2. Go to WAN interface
  3. Click on "PPOE"
  4. Select number of PPOE sessions as 1 --> Next
  5. On login and password screen --> Next
  6. Leave next screen --> Next
  7. PPP Static IP: First useable (.82 for Summit Steel) --> Next
  8. Check box "NAT"
  9. Put in static IP on network outside of DHCP range (10.0.0.1) --> Next

Posted by Michael Mack at 5/2/2008 3:03 PM | Add Comment

Outgoing Mail won't send, SBC

This issue is when people can't send out email messages from outlook, or they periodically won't send, or some messages are delayed for an extended period of time.
 
SBC has a known issue with their outgoing SMTP server. If you simply change the name of the outgoing server in ALL of the POP3 accounts to smtpauth.sbcglobal.net this will fix the error.

Posted by Michael Mack at 5/2/2008 3:02 PM | Add Comment

How do I enable the tar pit feature?

How do I enable the tar pit feature?

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/) How to back up and restore the registry in Windows


The tar pit feature can be enabled and configured by setting a registry key. To do this, follow these steps.

Note If the TarpitTime registry entry does not exist, Exchange behaves as if the value of this registry entry were set to 0. When the registry entry has a value of 0, there is no delay when the SMTP address verification responses are sent.
1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click to select the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC\Parameters
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type TarpitTime as the registry entry name, and then press ENTER.
5. On the Edit menu, click Modify.
6. Click Decimal.
7. In the Value data box, type the number of seconds that you want to delay SMTP address verification responses for each address that does not exist. Then, click OK. For example, type 5, and then click OK. This delays SMTP address verification responses for 5 seconds.
8. Quit Registry Editor.
9. Restart the Simple Mail Transport Protocol (SMTP) service

Posted by Michael Mack at 5/2/2008 3:01 PM | Add Comment

Clean up the Exchange Server's SMTP queues

Clean up the Exchange Server's SMTP queues


Warning During this process, ALL messages that are destined for external SMTP recipients are deleted. Internal e-mail and incoming e-mail from the Internet are not affected. The settings below are temporary and steps to undo these changes will be included later in this section.

Note A webcast is available that demonstrates how to clean up the Exchange Server's SMTP queues. To view this webcast, click the following link:
http://support.microsoft.com/servicedesks/ShowMeHow/101904_3.asx (http://support.microsoft.com/?scid=http:%2f%2fsupport.microsoft.com%2fservicedesks%2fshowmehow%2f101904_3.asx)
1. In Exchange System Manager, click SmallBusiness SMTP Connector under Connectors. This phase requires an SMTP connector. If the Exchange server does not have an SMTP connector, create one. To do this, follow these steps:
a. Right-click Connectors, click New, and then click SMTP Connector.
b. On the General tab, type a temporary name (Temp Connector, for example) in the Name box.
c. Click Add at the bottom, select the server name and its associated SMTP Virtual Server, and then click OK.
d. Click Address Space.
e. Click Add, click SMTP, and then click OK.
f. In the Internet Address Space Properties dialog box, leave the default settings (E-mail domain * and Cost 1), and then click OK.
g. Click the General tab, and then go to step 4.
2. Right-click SmallBusiness SMTP Connector, and then click Properties. If you have more than one SMTP Connector, the one that you want to work with in the following steps is the one that contains the "*" (asterisk) for the SMTP address on the Address Space tab.

3. Click the General tab. Make a note of all the settings on this tab. You have to return these settings later in this article.
4. Click Forward all mail through this connector to the following smart hosts.
5. In the field provided, type a false IP address and enclose it in brackets. For example, type [99.99.99.99].
6. Click the Deliver Options tab .
7. Click Specify when messages are sent through this connector.
8. In the Connection Time list, click Run daily at 11:00 PM.
9. Click OK to close the SMTP Connector Properties dialog box.
10. Expand Servers, expand Servername, expand Protocols, expand SMTP. Right-click the Default SMTP Virtual Server, and then click Stop.
11. It may take several minutes for the SMTP Virtual Server to stop. After the Default SMTP Virtual Server has stopped, right-click the Default SMTP Virtual Server again, and then click Start. It may take several minutes for the Default SMTP Virtual Server to start.
12. After the Default SMTP Virtual Server has started, wait about 10 minutes.

Now the Default SMTP Virtual Server can re-enumerate the messages and put them in a single queue for the SmallBusiness SMTP Connector or for the one that you named when you created it in step 1.b.
13. After about 10 minutes, expand Default SMTP Virtual Server, and then click Queues.
14. Note the total number of messages on the right next to the Small Business SMTP Connector.

This number has to stabilize so that all the messages can be deleted at the same time.
15. Right-click Queues, and then click Refresh approximately every 15 minutes.
16. Repeat step 15 until the total number of messages remains constant.
17. Locate the queue for the SmallBusiness SMTP Connector. The queue is indicated by the small red clock on the yellow folder icon.
18. Depending on your version of Small Business Server installation, follow the appropriate section to delete the messages from the queues:
Small Business Server 2003: Right-click SmallBusiness SMTP Connector, and then click Find Messages. In the corresponding box, click the dropdown and select an appropriate number in Number of messages to be listed in the search. Click Find Now. In the results, select all the messages (SHIFT+PAGE DOWN). Right-click the selected messages, and then click Delete All Messages (No NDR).
Small Business Server 2000: Right-click SmallBusiness SMTP Connector, and then click Delete All Messages (No NDR).
19. Click Yes when you are prompted with the question of whether to delete messages in the selected queue. Deleting these message may take some time, depending on the number of messages in the queue.
20. After the messages are deleted, right-click Queues, and then click Refresh.
21. Note the total number of messages for the SmallBusiness SMTP Connector queue. The number is zero.
22. Wait approximately 5 minutes, and then refresh Queues again. The goal is to have the number of messages in the SmallBusiness SMTP Connector queue reach zero and stay at zero. If this number increases, the Exchange server is still processing messages for external delivery through the SmallBusiness SMTP Connector. Repeat this step until the number stabilizes again.
23. Repeat steps 19 through 23 until the number of messages in the SmallBusiness SMTP Connector queue is consistently zero. When it is, the Exchange server's SMTP queues have been purged of the unsolicited commercial e-mail.


After Exchange has been cleaned of the unsolicited commercial e-mail, you have to undo the changes that you made in steps 2 through 8. To undo the changes, follow these steps:
1. In Exchange System Manager, expand Connectors, right-click the SmallBusiness SMTP Connector, and then click Properties.

If you created a temporary SMTP connector in step 1, click Delete instead of Properties, and then go to step 7.
2. On the General tab, change these settings to those documented in step 3 under Clean Up the Exchange Server's SMTP Queues.
3. Click the Delivery Options tab.
4. Verify that Specify when messages are sent through this connector is selected.
5. In the Connection Time list, click Always Run.
6. Click OK.
7. Expand Servers, expand Servername, expand Protocols, and then expand SMTP. Right-click Default SMTP Virtual Server, and then click Stop.
8. After the SMTP Virtual Server has stopped, right-click Default SMTP Virtual Server again, and then click Start.
Now you have configured the Exchange server to block open SMTP relaying and you have removed the unsolicited commercial e-mail from Exchange Server's SMTP queues. The next step is to clean up the file system.

Posted by Michael Mack at 5/2/2008 3:00 PM | Add Comment

Setup Outlook via the Internet

Using Outlook via the Internet

If you are using Microsoft® Office Outlook® 2003, you can connect to the computer running Windows® Small Business Server through the Internet using the feature called RPC over HTTP. This means you can remotely access your server e-mail account from the Internet when you are working outside your organization's firewall. You do not need security-related hardware or software (such as smart cards or security tokens), and you do not have to establish a virtual private network (VPN) connection to the server.

Comparing RPC over HTTP and Outlook Web Access

When using RPC over HTTP to access your mailbox, you get the full functionality of Outlook 2003. For example, you can work offline, use Microsoft Office Word 2003 as your e-mail editor, and easily organize your mailbox.

To use Outlook via the Internet

Ensure that the following requirements have been met on the client computer:

Verify that the computer is running Microsoft Windows XP Service Pack 1 or later

  • Click Start, right-click My Computer, and then click Properties.
    The version of the operating system and service pack is displayed under System. If you do not see a service pack version, there is no service pack installed.

Verify that Windows update Q331320 is installed on the computer (not required if you are running Windows XP Service Pack 2 or later)

  1. Click Start, click Control Panel, and then open Add or Remove Programs.
  2. Under Currently installed programs, search for the item Windows XP Hotfix (SP2) Q331320.
  3. If the item is not present, go to the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=18651) and follow the instructions to download and install it.

Verify that the computer is running Outlook 2003 or later

  1. Open Outlook.
  2. Click the Help menu, and then click About Microsoft Office Outlook. The version number appears at the top of the box.

Verify that the computer trusts the certificate used by the server

  1. Open Internet Explorer, and then in the address bar type:

    https://host.yourdomain.com/remote

    • If the certificate is trusted, a certificate warning does not appear. In this case, continue with step 1 under Ensure that you have an Outlook profile configured for the server.
    • If the certificate is not trusted, a warning appears. Click View Certificate, click Install Certificate, and then follow the instructions.

Ensure that you have an Outlook profile configured for the server

  1. Click Start, and then click Control Panel.
    • If you are viewing Control Panel in the default Category view, switch to Classic view, and then double-click Mail.
    • If you are viewing Control Panel in Classic view, double-click Mail.
  2. In the Mail Setup dialog box, click Show Profiles. If your profile appears in the list, select your profile, click Properties, click E-mail Accounts, select View or change existing e-mail accounts, and then click Next. If your profile does not appear, open Outlook and follow the instructions to create a profile before proceeding.
    • If Microsoft Exchange Server does not appear in the list, the existing profile is not associated with a Microsoft Exchange Server e-mail account. Click Cancel, and then click Close. Continue with step 3 to add a profile.
    • If there is an existing Microsoft Exchange Server profile, continue with step 3 under Configure the computer for RPC over HTTP.
  3. Click Add. The New Profile dialog box appears.
  4. In the Profile Name box, type a name for the new profile, and then click OK. The E-mail Accounts dialog box appears.
  5. Under E-mail, select Add a new e-mail account, and then click Next. The Server Type dialog box appears.
  6. Click Microsoft Exchange Server, and then click Next.
  7. Continue with step 4 under Configure the computer for RPC over HTTP.

Configure the computer for RPC over HTTP

  1. Click Start, and then click Control Panel.
    • If you are viewing Control Panel in the default Category view, switch to Classic view, and then double-click Mail.
    • If you are viewing Control Panel in Classic view, double-click Mail.
  2. In the Mail Setup dialog box, click E-mail accounts, click View or change existing e-mail accounts, and then click Next.
  3. In the E-mail accounts dialog box, click Microsoft Exchange Server, and then click Change.
  4. In the Microsoft Exchange Server box, type the local name of the Exchange server:

    mailserver.yourdomain.local

  5. In the User Name box, type the user name that you use to log on to the Remote Web Workplace. Do not click Check Name.
  6. In the Exchange Server settings page, click More Settings.
  7. On the Connection tab, under Exchange over the Internet, select Connect to my Exchange mailbox using HTTP, and then click Exchange Proxy Settings. The Exchange Proxy Settings dialog box appears.
  8. Under Use this URL to connect to my proxy server for Exchange, type the following URL:

    sbs.worldsynergy.com

  9. Select Connect using SSL only, and then select Mutually authenticate the session when connecting with SSL.
  10. In the Principal name for proxy server box, type the following text:

    msstd:host.yourdomain.com

  11. Select On slow networks, connect using HTTP first, then connect using TCP/IP.
  12. Under Proxy authentication settings, select Basic Authentication.
  13. Click OK, and then click OK again. Click Next, and then click Finish. Click Close.
  14. In the Mail dialog box, if Always use this profile is selected, choose the newly configured profile.
  15. Open Outlook and type your Windows Small Business Server user name (in the format WS\user name) and password. You can now work with your Outlook mailbox.

Posted by Michael Mack at 5/2/2008 2:57 PM | Add Comment

What is Infopath?

InfoPath is an application that is part of recent versions of Microsoft Office System on Windows. The application serves as both a form-design environment as well as a form-fill environment.

A properly-designed InfoPath form makes it easy to electronically gather data, validate it on the client via JavaScript, and submit it over email or to a Web Service.
If you really want to dive into what InfoPath is, check out the InfoPath Team blog.

Posted by Michael Mack at 5/2/2008 2:55 PM | Add Comment

Top 10 best Practices for users preventing and protecting against SPAM by an email user.

1. Turn off automatic processing of meeting requests and read and delivery receipts Spammers sometimes resort to sending meeting requests and messages with delivery receipts requested. Responding to meeting requests and read and delivery receipts automatically makes you vulnerable to Web beacons.

2. Limit where you post your e-mail address Be cautious about posting your e-mail address on public Web sites, and remove your e-mail address from your personal Web site. If you list or link to your e-mail address, you can expect to be spammed.

3. Disguise (or "munge") your e-mail address when you post it to a newsgroup, chat room, bulletin board, or other public places For example, you can give your e-mail address as "s0me0ne@example.c0m" by using the number zero instead of the letter "o." This way, a person can interpret your address, but the automated programs that spammers use cannot.

4. Use multiple e-mail addresses for different purposes You might set up one for personal use to correspond with friends, family, or colleagues, and use another for more public activities, such as requesting information, shopping, or for subscribing to newsletters, discussion lists, and newsgroups.

5. Review the privacy policies of Web sites When you sign up for online banking, shopping, and newsletters, review the privacy policy closely before you reveal your e-mail address and other personal information. Look at the Web site for a link (usually at the bottom of the home page) or section called "Privacy Statement," "Privacy Policy," "Terms and Conditions," or "Terms of Use." If the Web site does not explain how it will use your personal information, think twice about using that service.

6. Watch out for check boxes that are already selected When you buy things online, companies sometimes add a check box (already selected!) to indicate that it is fine to sell or give your e-mail address to other businesses (third parties). Clear the check box so that your e-mail address won't be shared.

7. Don't reply to spam Don't reply even to unsubscribe unless you know and trust the sender. Answering spam just confirms that your e-mail address is live.

8. If a company uses e-mail messages to ask for personal information, don't respond by sending a message. Most legitimate companies will not ask for personal information in e-mail. Be suspicious if they do. It could be a spoofed e-mail message meant to look like a legitimate one. This tactic is known as "phishing" because, as the name implies, the spam is used as a means to "fish" for your credentials, such as your account number and passwords that are necessary to access and manipulate your financial accounts. If the spam is from a company that you do business with — for example, your credit card company — call the company, but don't use a phone number provided on the e-mail. Use a number that you find yourself, either through directory assistance, a bank statement, a bill, or other source. If it is a legitimate request, the telephone operator should be able to help you.

9. Don't contribute to a charity based on a request in e-mail. Unfortunately, some spammers prey on your good will. If you receive an appeal from a charity, treat it as spam. If it is a charity that you want to support, find their number elsewhere and call them to find out how you can make a contribution.

10. Don't forward chain e-mail messages Besides causing more traffic over the line, forwarding a chain e-mail message might be furthering a hoax, and you lose control over who sees your e-mail address.

Posted by Michael Mack at 5/2/2008 2:45 PM | Add Comment
Your eBusiness Partner