The most common question I have received as a result of this post on mail server misconfigurations is “how do I change my SMTP banner?” This article will tell you how to do so on several common mail server platforms. But first, let’s discuss why you want to.

Bad guys frequently use banner grabbing techniques as a part of the initial recon. It is a fairly innocuous activity that takes advantage of expected behaviours. To determine the type and version of mail server you are using, a bad guy need only connect to it on port 25, just like any other system would that is trying to send an email to one of your clients. IPS/IDS systems won’t alert on this, since to them it looks just like any other mail server trying to send mail, and unless you review every single log item, you probably won’t notice a connection that doesn’t actually send an email.

If, however, your SMTP does not reveal its version, all the bad guy knows is that he connected to your mail server. He is going to have to work a lot harder to identify your server, and that may be enough to trip an IDS/IPS alarm. Or, he may simply move on to easier pickings. Either way, make him work for it…don’t just give up all the information in your banner. Intrigued? Read on to learn how to change the SMTP banner on several popular mail server platforms.

Continue reading How to change your SMTP banner for fun and profit

Whether you admin Exchange, Sendmail, MailEnable, Lotus Notes, or any other Internet email system, there are certain things that all these systems have in common. There are certain configurations that must be supported, and others that must not be, which newly live systems often miss. Whether you are an experienced admin, or  relatively new to the world of email, the seven deadly sins of mail server misconfiguration can pop up and bite you. Take heed, and check your systems to ensure you are good to go. Failing to do so can result in very bad things, like being added to DNS Blacklists.

Continue reading 7 Deadly Sins of Mail Server Misconfigurations

One of the frequent challenges I have faced as an email administrator is trying to troubleshoot a system from the outside. That is to say, while I am viewing the system from the inside, and have administrative rights to it, the problem I am working on may be related to something outside my control, and I have limited visibility into what is happening from the perspective of other systems. It can be just as important to know how other mail systems interact with your systems and to see this from the outside perspective as it is to review your own logs. Unless I had access to another email system, my Gmail account was my best, albeit limited, resource to use for testing.

Fortunately, I have found several online resources through the years to help with setting up, testing, and troubleshooting email systems. The following fourteen are those that I have found to be the most useful. Some are single purpose, others have lots of great tools. Together, they let me validate/test just about any aspect of my email system, both from a server perspective, and from a client’s. This post will divide them up into categories for their best use, provide links, and share a little about what you can use these for and what to expect.

Continue reading 14 online resources for email admins

Most people would think that usernames are minor problems. But for the end user who has been working at a company for a long time and then suddenly they find their login does not work it can be a source of frustration that, if not fixed soon, can disrupt their workflow and diminish their productivity.

So administrators should treat and end users login problems due to unrecognized usernames with degrees of priority that escalate upwards at an increasing rate the longer a user is unable to login to their email accounts.

There are more than a couple scenarios that users can unknowingly lose their login privileges.

If an end user has recently left the company for whatever reason then an administrator will need to follow a (hopefully) predefined procedure which will allow for the removal of a now inactive account from the system.

One method that inexperienced administrators will use is to try to reuse the existing account of the newly changed employee. This means that rather than creating a new account and removing the old account an administrator will simply rename the existing account within Active Directory using a new employee’s information. Unfortunately this method does not guarantee that the old user’s accounts – and username – are not entirely removed from the system. Somewhere in the internals of the system, the directories and any databases – in this case Active Directory – there are remnants of the previous user’s information. A likely repository of information is the Exchange server that can contain the old user’s information such as their username. Continue reading Troubleshooting Username Issues

Every data center has many projects running that are in various stages of completion. Sometimes the project is hardware rollout and the server has already gone through the final testing and evaluation stages. Other times it is a software project, specifically an email software project, which involves either the Outlook client or the Exchange server.

It might be that the decision has been made to upgrade the Exchange server software to a newer version. If this is the case then much planning will be needed. A good rule of thumb is to allocate eighty percent of the project’s time to planning and twenty percent of the project’s time for implementation.

During the implementation phase one of the activities where problems can occur is in the area of moving mailboxes from one server to another.

Here are two scenarios where the problem can be resolved using the same solution. Continue reading Troubleshooting Moving Mailboxes

I have faith that readers of this blog have enough good sense not to use social networking sites to send important emails. However, some of your users may lack that good sense, and so it behooves us all to send out a common sense reminder every now and then—only use your official corporate email for anything important or sensitive! Save the Facebook email messages for updates about parties, casual observations, and idle gossip.

Wall Street Journal reporter Zach Seward got to have a glimpse of some of that idle gossip last week after Facebook made a major blunder, and some people received emails from complete strangers that were meant for somebody else. Seward gives us a glimpse of what goes on in Facebook with a few unnamed excerpts. The editor became privy to love triangles, petty jealousies, teenage parties and other truly fascinating but private missives.

The glitch was caught shortly after it started and was resolved, but not before several emails were incorrectly routed. Although there is no data being released as to how many users were affected, Facebook noted that “During our regular code push early Wednesday evening, a bug caused some misrouting to a small number of users for a short period of time.”

There have been other security blunders in the past, including a glitch in March 2008 that made it possible to publicly view photos that had been marked as private.

A report on the Wall Street Journal details the experience of a Journal editor who received several of the errant messages. According to the report, the editor received over 100 messages, ranging from ordinary to explicit.

Facebook recently redesigned its inbox interface to make it resemble Gmail.

Most everyone likes to have their systems auto complete or auto resolve names of recipients as they type. It makes for a more productive working environment.

But sometimes your end users will find that auto complete is not working. Other users might be typing a partial name in the To: field but when they hit the tab button it will take a couple seconds or so to auto resolve the recipient’s name.

For the users that are having the problem of auto resolve not working it can be a more than frustrating experience. For those users, an administrator can have them manually prompt for an auto resolve by trying the Check Name button or by pressing the CTRL+K keystroke sequence.

Another area of potential trouble is the cache that is used with the automatic completion mechanism. When names are resolved as users type in recipient names there is a nickname list that is automatically generated and maintained by Outlook. This nickname list is used for both the automatic name checking and the automatic completion. The nickname list is a collection of all the email addresses that have been used for sending email that show up on the To, Cc or Bcc fields. This is one of the first locations that Outlook checks for name checking and name resolutions.

When your users are experiencing name completion problems or problems with name checking it can be caused by a corrupted name cache. Such problems can be manifested by misidentifications of recipients resulting in name resolutions which look like amalgams of company mergers and acquisitions. Other miscues can include incorrect recipient’s names being produced or, worse, messages actually being sent to unintended recipients.

If you are using Microsoft Windows XP and you suspect that the nickname cache is corrupted you can try to clean it out by following the steps outlined below. Make sure that Outlook is not running before starting the steps below. Continue reading Troubleshooting Name Checking and Resolving Issues

Context can groom an unruly inbox.

As important as email has become as a productivity tool, it remains for many a mystery. Wrestling with an unruly inbox can feel like grappling with an alligator in a tar pit.

One reason for that is that many people treat email messages as discrete items unrelated to each other. Imagine a To Do list where for every item completed, six are added. That’s what an inbox can become without imposing some context on the messages arriving in it.

Up to now, tools within email programs to create a context for messages remain relatively primitive, but in the future, they will gain sophistication. That doesn’t mean, however, that even with today’s rudimentary tools a measure of context can be imposed on incoming and outgoing mail.

Most email applications have the ability to create folders and filters for messages. They can be tailored to create context. For example, there are people with whom you correspond that need to be elevated out of the daily din of electronic epistles. A folder for people you report to might make sense. After creating the folder, you can create filters based on their email addresses that will automatically funnel messages to and from them into the folder. By the same token, you might want to create folders for individual clients to capture correspondence between you and them.

Working on a project? A folder can be created for that, too. Within the folder, subfolders can be created for project milestones and filters made to channel messages from team members into those subfolders.

Continue reading Control email bloat with context strategies

Email attachments must be sent, received, opened and closed on a daily basis. When a user cannot open an attachment you can be sure that an administrator is going to hear about it. Sometimes there are problems with saving attachments; other times the problems show up when a user attempts to open an attachment.

Some error messages are related to Outlook’s attachment security settings. Other times the error message might be a result of a suspected virus as reported by the user’s anti-virus software.

The most common error message displayed will be something like:

“Cannot create file: file name. Right-click the folder you want to create the file in and click Properties on the shortcut menu to check your permissions for the folder.”

This error message can be an indication of a lack of sufficient permissions of the Temporary Internet Files folder stored on a server. You can fix this problem by configuring Outlook to use a specific folder for temporary internet files.

If Outlook 2000 is being used then you’ll have to make changes to the Registry. As always, before making any edits to the Registry you should always make a backup. That way if any errors are made then you will have a good working backup point that you can restore to.

Continue reading Outlook Cannot Create or Open Attachment

In another post I discussed the situation of emails that are not sent and are instead stuck in the email outbox. The flip side of that problem is when emails that are in the email inbox seemingly disappear. This can occur after email messages have been read. It can also happen if the preview pane has been opened and the email has not yet been read.

What might be happening is that a filter is being applied that only displays unread messages. Obviously what needs to happen is to either remove the filter or modify it.

If you want to reset to a known state you can also just remove all filters. This is a very easy procedure.

• In Outlook 2000 bring up the View menu and move to the Current View.
• Once there you can click on Customize Current View.
• This will bring up a View Summary dialog box where you can then choose Filter which will pop up the Filter dialog box.
• Here you’ll want to click on Clear All and then click OK or hit enter a couple times to exit the dialog.
• You should now be able to view all email messages whether they are read or unread.

There is another possible cause for disappearing emails. If one of your end users has managed to set Outlook so that email delivery is pointed at a personal folder file such as a pst file then this can have the undesirable consequence of disappearing email.

Continue reading How to prevent emails disappearing from the inbox