Thursday, May 29, 2008

ESM: Public folder says "the token supplied to the function is invalid"

I was creating a mail enabled public folder today, and I had to go into ESM, right click on it and check it out, but I got this error:

After some research, apparently it has something to do with the SSL cert. Anyway, this was the solution:

Remove SSL from the Exadmin virtual root in IIS:
1.Click Start, point to Programs, click Administrative Tools, and then click Internet Services Manager.
2.Click your server, and then expand the Web site that contains the Exadmin virtual root (the default Web site is "Default Web Site").
3.Right-click Exadmin, and then click Properties.
4.Click the Directory Security tab.
5.Under Secure Communications, click Edit.
6.Click to clear the Require secure channel (SSL) check box. If Require 128-bit encryption is shaded, click to select Require secure channel (SSL), click to clear Require 128-bit encryption, and then click to clear the Require secure channel (SSL) check box again.
7.Click OK two times.
8.Restart Exchange System Manager.

Saturday, May 24, 2008

DHCP Server not functioning - disable RPC filter in ISA

I found a weird situation on one of my SBS servers where DHCP wasn't working. When I went into the DHCP management console, I saw this:

After some investigation, I had to disable this RPC filter in the ISA firewall. Of the 9 SBS boxes I manage that all serve DHCP, this is the only box I've ever had to do this with. So weird. Here is the RPC filter in application filters I had to disable:

Sunday, May 18, 2008

Hundreds of underliverable emails you never sent

This blog entry's goal is to give a lay person's explanation as to why a user might be receiving hundreds of delivery failures for messages that he/she never sent.

Email is insecure and very exploitable. This is a fact. The standard for email was designed in the late 60s and early 70s, long before spam and other types of abuse existed or were even thought of. Today, we live with the repercussions of the insecurity and exploitability of the original designs of the email standard. For more detail on the email standard and why it's exploitable, please see my advanced user's explanation (forthcoming as of 5/18/08).

What's happening is that an unethical spammer somewhere in the world has set up his/her own email server and is sending out spam. The exploitability of email is that this spammer can send out emails with any email address he/she wants. He can use; he can use; he can use The spammer can send using any address he/she wants - but the email standard does not require that the spammer be a legitimate sender of that domain. The email standard also does not require that the receiving email server check to see that an email is coming from the legitimate server for that domain.

So the spammer can send emails to anyone he/she wants with YOUR address. He/she can be doing that from his/her house in China, Norway, or next door. We have no control over this because it can be done from anywhere in the world. And this spammer is sending emails potentially with YOUR address (as well as other people's addresses) to other people. This process does not involve your server and is not disallowed in the email standard, so we have no control over it.

In these instances where a user gets several hundred undeliverable emails ... the spammer sends out spams to a random list of email addresses (many of which do not exist). And then the recipient's email server sends a bounceback to the sender's address (your email address) that says "undeliverable - this address does not exist."

So what can be done about this? Not a lot, unfortunately. The spammer is taking advantage of an exploitable part of the email standard. It may be unethical and improper, but it's not preventable.

The standard way to deal with this issue is to ignore the emails. Oftentimes, the spammer will send out 200 to 500 of theses emails over a period of 2 to 5 hours and then stop.

For additional questions on this issue, please email me:

Thursday, May 8, 2008

Rescue and Recovery takes up huge amounts of room on Lenovos

I'm working with a Lenovo ThinkPad T60 right now. It has a 68 GB hard drive with only 5 GB free. After some investigation, I found a folder called RRBackups was taking up 22+ GB of space. It's supposed to be some kind of baller additional backup program. Well, I have my own backup scheme, I don't need this one. So I uninstalled it, rebooted, and then deleted the RRBackups folder and voila - there is now 27 GB free on the drive.

Wednesday, May 7, 2008

Google Desktop disables Outlook from being able to open MSG files

I got a call from a client today who said she couldn't open attached email messages. Meaning when someone forwarded her an email and it would appear as an attached .MSG file, she could not open it. On site, I copied the MSG file to the desktop, and I couldn't open it there either. After some research, I came across this:

After upgrading to the newest version of Google Desktop, the problem went away. How strange.

Friday, May 2, 2008

Virtual Private Network Connection option is greyed out when creating a VPN

I had set up a VPN for a user, but when she tried to use it today, the option wasn't there. There were no VPNs. I decided to create it again, but when creating a new connection, the option for Virtual Private Network Connection was greyed out. So weird. After some research, it turns out that her remote access connections service had been disabled. Looking at my XP machine, it should be set to manual, and then it works correctly.

It should look like this:

Thursday, May 1, 2008

Network adapter order

The first time I came across this problem, I was flabbergasted. I had a laptop that was connected to a wireless network and had a wired ethernet cord plugged in. It was using the wireless for all its network connections. From then on, I have checked the network adapter priority on each and every laptop I see. On Vista and XP, I still see the occasional laptop with wireless a high priority than a wired connection. There is NO scenario where that makes sense. Anyway, here is how you change it.

Network Connections -> Advanced -> Advanced Settings

Then you just change the order of the network adapters in the top box here.