0 Usernames Tried During Authenticated User Attack Over the weekend one of my clients suffered an authenticated user attack on the SMTP interface of the Exchange 2003 server. This was detected by the monitoring tool I use, HoundDog (http://www.hounddogiseasy.com/referrer.html?code=YNPX) . The attack was unsuccessful, as I have all of the authentication options disabled. However what was interesting was the list of usernames that were tried. Som... [More]
0 Successful Exchange 2007 Backup Log Sequence This is for reference really. The events below are the sequence for a successful Backup of an Exchange database on Exchange 2007. It should apply no matter what backup application you are using, as long as it is Exchange aware. When the jobs starts, this is logged: Event Type: Information Event Source: ESE&nb... [More]
0 Exchange 2007 and SMTP Banner Tests When you are setting up your server for SMTP delivery, one of the key things that is looked at is how the server is setup with regards to DNS and how the server announces itself. The latter can be referred to as the SMTP banner or EHLO/HELO. As such, a number of sites, such as dnsreport.com have popped up which will run tests against your server to ensure that its setup is correct. However with ... [More]
0 Did the Spam Originate Inside Your Network? Last year I wrote an article about how spam could not originate from inside your network and go through your Exchange server, because that was simply too much hard work. You can read the original article here: http://blog.sembee.co.uk/archive/2008/03/13/73.aspxAs a brief summary, I basically said that a spammer needs to get their BOT inside the network, find the Outlook installation and then abuse... [More]
0 Why You Shouldn't Use PST Files This is another post in my series of articles on why you shouldn't use certain features in Exchange, even though they are there - although in this post is about an Outlook feature - PST files. The other articles in this series to date are: Why you shouldn't use logos in signatures (http://blog.sembee.co.uk/archive/2008/04/14/76.aspx)Why you shouldn't enable the POP3 Server ... [More]