Lately I've seen this message turn up out of nowhere on Windows XP computers that do not run Outlook Express.

I don't know why it's turning up now after years of staying quiet but it reminds me that Outlook Express is one of several obsolete Windows components that can be safely removed from most Windows XP computers.

Open Control Panel / Add or Remove Programs and click on the left on Add/Remove Windows Components.

I routinely remove some of the items in the list that comes up. If you think you might be using any of them, please do not uninstall them. I don't want any silly mistakes.

• MSN Explorer  This was Microsoft's attempt to create a customized browser that looks like America Online. It's unclear why anyone would want to look like America Online.
• Outlook Express  This is now obsolete and replaced by Windows Live Mail. Look, let me reiterate - if you're using Outlook Express for your mail, don't uninstall it! This is not the same program as Microsoft Outlook, of course; if you're using Outlook, you can safely uninstall Outlook Express.
• Windows Messenger  This is NOT the same program as Windows Live Messenger, the one that most people use. If you have a useless instant messenger icon down by the clock that's always said "Not connected," it's probably a remnant of this program.

Uninstall them by unchecking the box by each item.

You may see an error message about MSN Explorer. I don't know what it means but in my experience it's harmless if you click OK.

Labels: mail, Microsoft, software, WinXP

posted by bruceb at 12/16/2008 01:52:00 PM | permalink

Let me leave a few notes behind about some of the glitches during the migration from SBS 2003 to SBS 2008. I don't have many answers but perhaps it will help someone to know that I'm able to commiserate with them. (Loyal clients - this is not aimed at you and it won't help you get your work done. I'll be back to general interest topics next week!)

As background: I was migrating an SBS 2003 server with a very basic configuration - no ISA, no use of Sharepoint, a single NIC and external firewall, and no particular pre-existing issues.

MIGRATION WIZARD

Microsoft provides a detailed guide to the migration procedure. (Have you noticed that Microsoft's documentation has been getting better and better lately? There's much less ambiguity about what to click next - each step is described in precise and accurate detail.) The guide was great.

SBS 2008 begins a migration when a USB stick with an answer file is inserted in the new server before the SBS 2008 installation starts. Several people have reported that the USB stick has to be present when the server is turned on or SBS 2008 is likely to miss it. After installation, the first and most important item on the SBS 2008 is the "migration wizard" that leads through all the steps required to be successful.

I was about two-thirds of the way through the wizard when I took a break and installed the Server 2008 updates that were waiting. When the server restarted, the migration wizard crashed with a mysterious error that proved impossible to fix. I researched it and got nowhere. I removed a couple of the updates that conceivably might have unsettled something and got nowhere.

The wizard never came back to life. Fortunately most of its steps only lead to help files that describe the process for actually accomplishing each task by going into AD or MMC consoles or the like. I think - I think - I was able to finish the migration and cover the remaining steps without the wizard. There is still room for some surprise glitch - I'm going to cross my fingers when I demote the source server.

MAIL MIGRATION

I expected the mailbox migration to be slow but was still surprised. The Exchange 2003 mailbox store was about 25Gb after I pruned and archived as much as I could from the biggest mailboxes. The mailbox move took just about ten hours.

PUBLIC FOLDERS

I had no luck moving the public folders, and didn't really expect to, given the reports I had read. That may have been the result of a pre-existing glitch on the source server - this server, like several other of my SBS 2003 servers, throws up an error message when I try to do anything to the public folders in Exchange Server Manager. I've researched that one, too; I've removed the SSL requirement from EXADMIN in IIS, and a few other things suggested in other places, to no avail. I exported the public folders to a PST and stored them for now, since public folders were not being actively used and may not need to be implemented at all on the new server.

BACKUP

The most mysterious problem involves the backup system. The firm had been using ShadowProtect to back up to an NAS and two rotated external Maxtor hard drives. The backup built into SBS 2008 looks like it will be just fine but it does not directly back up to an NAS. I connected a Maxtor drive, formatted it, and ran the backup wizard. Hmm. Error message at the very end.

Since the message says "Cannot configure backup schedule," I started trying every scheduling option - once a day, twice a day - as well as swapping in the other (identical) hard drive, and couldn't get anywhere. I couldn't find anything in the logs at all. I got the flavor that it might be caused by the server disliking the external hard drives.

I'd like to talk to the person who thought it would be helpful to write: "If this problem persists, contact the person who provides you with technical support." It made me irritable.

ShadowProtect claims that the current version will back up SBS 2008 servers. With any luck I'll be able to install that and never know the answer to this one.

PHONE PASSCODES

This isn't a glitch, just something to warn your users about. By default, Exchange 2007 enforces a new passcode requirement on Windows Mobile phones (and iPhones) syncing with the server. Users are forced to set up a four-digit password that will be tapped in every time the phone is used. I'm sympathetic to all the reasons that this is an important security measure, but I'm also sympathetic to the desire to keep my job and not be fired by the attorneys who began flipping out immediately. It's possible to turn the requirement off in Exchange Management Console / Organization Configuration / Client Access / Windows SBS Mobile Mailbox Policy, which then allows it to be turned off on the phones. The iPhone balked and refuses to relax, even after the policy was changed, which apparently is a known glitch.

SERVER CERTIFICATE

I was determined to allow my users to continue to use the familiar URL for remote access, even though it didn't match the naming scheme preferred by SBS 2008. The email domain is www.bigfirm.com, say, and my users have been reaching RWW at www.bigfirmnet.com for years. I have a GoDaddy SSL certificate for www.bigfirmnet.com and heck, I just like it. Plus I've got migrations coming up where I know it will be difficult to work with the web hosting company to set up a subdomain and MX records for the primary domain name.

The Internet address wizard insists on getting the primary address and only allowing RWW to be reached at the same address with a prefix - remote.bigfirm.com or something like it. I had to work around that by lying to the wizard that the primary domain name was bigfirmnet.com, which (in Advanced Settings) would then let www.bigfirmnet.com be the remote access address.

When that was in place, then I could set the primary email addresses back to @bigfirm.com in Exchange Manager / Organization / Hub Transport / Email address policies / Windows SBS Email Address Policy.

ONECARE

Windows Live OneCare has been a trusted friend but it does make me a little crazy sometimes. SBS 2008 expects to get feedback from each workstation about its security status and apparently OneCare isn't set up to let that happen. So far I haven't found the firewall port or other hack that will let the workstations report in, so they're all showing in the server console as "unknown." I can't even find a definitive statement that it's possible or impossible with the standalone version of OneCare. I'm not going to install OneCare for Server so I may just not get good feedback in the console until we switch to Trend Micro. I was hoping to procrastinate on that - everyone has been used to OneCare for a long time - but change happens.

DRIVE MAPPING

Drive mapping is supposed to be accomplished in Group Policy now. I was comforted that other people online said they had trouble with it, because I couldn't make a mapped drive appear on a workstation no matter what I did in Group Policy. After a fruitless half hour of researching and trying things, I put the nice simple logon script in the folder and assigned it to everybody. I feel kind of crude, but it works.

SHARED PRINTERS

Another little headache - it was easy to install 64-bit drivers for network printers and share them from the server. At least, it was easy once I stopped clicking on the "Add printer" button and getting an "Access denied" message when it tried to set up a TCP/IP port. Right-click in the Printers folder and click on Run As Administrator / Add printer - ah, that's intuitive! Sheesh.

Out at the first workstation, I was reminded forcibly that there were no 32-bit drivers around, so I downloaded the corresponding 32-bit drivers for a few of the printers (a couple of HP Laserjets and a Toshiba copier) and went to add them on the server using Additional Drivers on the Sharing tab. The server thought that was a terrible idea - it never agreed that the 32-bit drivers corresponded with the 64-bit drivers. (I read somewhere that it was known problem with some HP drivers but I had the same epxerience with the Toshiba drivers.) So I parked the 32-bit drivers where I could get to them, went back to the workstation, and browsed to the 32-bit drivers when the workstation tried to connect to the shared printer and rejected the 64-bit drivers. Nope! The workstation also didn't agree that it was a match. It was the closest match, trust me - these were the identical 32-bit and 64-bit drivers for the same model running the same PCL level.

Fortunately, we already had reason to be running a Windows XP virtual machine on the second server with Hyper-V. I've shared all the printers from there and I bet it's rock solid.

A migration is a complex project! I think it went smoothly. These are the kind of glitches that happen constantly, every day at every level. Some of them will happen to me the next time, others will come up that are brand new. It's the nature of IT today. With luck I'll bring good instincts and a lot of experience and use them both the next time I come to your office!

Labels: computers, domains, mail, Microsoft, mobile, network, OneCare, printers, SBS, security, software

posted by bruceb at 12/05/2008 12:09:00 AM | permalink

Let me give you a quick overview of the kind of issue that makes it fun to be a consultant.

When you go to a web site where any personal information is going to be exchanged, you're likely to see the web site address change from http:// to https://. The data is encrypted (has a "Secure Sockets Layer" or SSL) and is reasonably well protected against eavesdroppers. You'll see it at banking sites or almost anything involving money or payment, as well as on web sites for access to company networks and other places where data should be confidential.

When you go to http://www.wellsfargo.com/, the bank's web server presents its security certificate from a known certificate authority, a big company that has done some checking to ensure that the server actually belongs to the company whose name is on the web site. Your browser examines it and agrees that it looks authentic, then it does some cryptographic things that convince it that the certificate was really issued by the big trusted authority. When it's satisfied, it proceeds automatically to https://www.wellsfargo.com/ and shows you a happy padlock icon in the address bar.

Until recently, SSL certificates were only used by big companies: they were expensive, required annoying paperwork, and the whole process was technically difficult.

Small Business Server 2003 wanted remote users to log into its great Remote Web Workplace over a secure SSL connection but couldn't saddle small businesses with the headache of buying expensive certificates, so it used a workaround. By default an SBS 2003 server presents a "self-signed certificate." Essentially the server vouches for itself and tells your browser that it's safe and trustworthy.

That sounds a bit flaky but it worked well enough for a long time, until security concerns began to trump everything else. Business people began buying Windows Mobile phones to sync their Outlook folders over the air and for a while it was possible to convince them to accept the SBS server's self-signed certificate, but it got harder and harder to accomplish - it required finding the right tool to install the certificate on the phone and the manufacturers were nervous about giving people access to the depths of the phone's operating system to do that. Now it's almost always impossible.

Meanwhile Microsoft began to add new security warnings to Internet Explorer as part of its hardening over the last few years. Now when you go to a site with an SBS 2003 certificate, you get this ominous warning:

If you go past the scary warning to the company's RWW site, you get the unhappy red IE address bar instead of the happy padlock:

Fortunately, a few companies began offering inexpensive SSL certificates with a minimum of fuss. GoDaddy.com offers SSL certificates for only thirty dollars per year that are accepted by most computers, phones and other devices. SBS consultants began to work out elaborate documentation for installing them on SBS servers. Many consultants made it a standard part of setting up a server running SBS 2003.

SBS 2008 still begins with a self-signed certificate but a wizard is included in the initial setup checklist to help purchase a third-party certificate.

The wizard wasn't helpful to me in a migration where I already had a domain name with an existing certificate. I found myself burrowing deeply into IIS and feeling my way through the process. I was successful but it took some interesting tricks to get everything to work correctly.

The experience exposed another interesting feature of Exchange 2007. If a company runs the web site http://www.bigfirm.com/, it can set up http://remote.bigfirm.com/ as a subdomain that leads to their internal company network. Set the company's MX record for incoming mail to http://remote.bigfirm.com/ and give that address to the business people for remote access. SBS 2008 has wizards to help get the domain names registered and set up in Exchange.

Then if a business person goes home and sets up Outlook 2007 for an Exchange Server at http://remote.bigfirm.com/, Outlook will configure itself automatically with the settings to connect over the Internet to Exchange Server at the office. It's not necessary in that case to configure the deep proxy settings that have been required until now to set up Outlook for RPC over HTTP. Microsoft thinks the technology is so cool that it blessed it with a new brand name, "Outlook Anywhere." (SBS 2008 does some of the magic to accomplish that, thank goodness - otherwise it requires deep surgery in ADSIEDIT and the Exchange command line console.)

That works fine, I'm sure, but I used a different naming scheme when I bought domain names for all my SBS clients for their remote access. SBS 2008 does not like that arrangement one little bit. And it's only easy to set up a subdomain and manipulate MX records if you have full DNS control over the ISP for http://www.bigfirm.com/. A small business will frequently have set up their web site with small hosting companies and web site designers that are, shall we say, not always easy to work with.

You see what I mean, I'm sure - it's fun!

Labels: domains, IE, Internet, mail, Microsoft, mobile, Outlook, phone, remote, SBS, security

posted by bruceb at 12/03/2008 12:46:00 AM | permalink

I am happy to announce that Microsoft formally unveiled Microsoft Online Services today.

I am a Microsoft partner authorized to sell and support Microsoft Online Services. I expect to set up many of my clients with Exchange Online for their mail. If you're interested, please call me or drop me a note! I do not need to be in your geographic area to assist you with this.

This is the first big step by Microsoft to deliver online services directly to customers, part of its effort to redefine the entire company and move some of your data to the online cloud. I've already written up the background information you need to understand Microsoft Online Services - click here for information about where this comes from and how it fits in your world.

Basically, each Outlook mailbox is hosted by Microsoft for a monthly fee. (An Outlook "mailbox" is the term for the entire set of Outlook folders, including contacts, tasks and calendar.) The hosted Exchange service allows you to connect to your Outlook folders in a variety of ways:

• MULTIPLE COMPUTERS  The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• MULTIPLE LOCATIONS  Office workers can be linked together and share Outlook folders even if they are in different offices.
• WEBMAIL  Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• PHONE  Windows Mobile 6 devices can sync email, calendar, and contacts over the air continuously.
• SHARING  Calendars and address lists can be shared with other people in the office.
• SECURITY  Microsoft provides virus and spam filtering.
• REDUCED COSTS  Microsoft is responsible for backups, database maintenance, security updates, and upgrades.

Microsoft has put together a very robust service that will be used by businesses of all sizes, including big enterprises that want to outsource their mail. It is best suited for small businesses if they fit within these parameters:

• The company has a domain name for mail, or wants to begin using one.
• There are a minimum of five email users.
• All computers are running Windows XP Professional or Windows Vista Business (or Ultimate), and all computers have Microsoft Outlook 2007 (or are prepared to buy it).
• The company is not set up with Small Business Server, which already includes Exchange Server. (It's possible to combine service from Microsoft with the onsite Small Business Server but I'm not sure the benefit would justify the cost for very small businesses.)
• In addition to the $10/month cost per mailbox, there will be some setup costs. You don't want to set this service up without assistance! As with anything new these days, I'm learning about hundreds of quirks and potential pitfalls as I set up clients. Call me before you sign up!

Here's Microsoft's press release about the new services, which include Sharepoint and other online services.

Other companies also offer hosted Exchange mailboxes which might be better matches for some people. I'll write more about those soon. Start to think about the advantages of having access to your Outlook folders from anywhere!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 11/18/2008 12:05:00 AM | permalink

The volume of junk e-mail sent worldwide plummeted on Tuesday after a company providing the servers for the spammers was taken offline.

The bad guys install malware on computers that they can control in vast networks, primarily to send spam for counterfeit pharmaceuticals and designer goods, fake security products and child pornography. Approximately 190 billion spam messages are sent every day from more than 1.5 million hijacked computers. The spammers set up servers to control the hijacked computers and to display web pages offering illicit goods for sale.

The spammers don't buy their own servers. They buy server space from hosting companies, which are shielded from liability in many cases and not directly responsible for the actions of their customers. That has made it difficult to find the spammers and prosecute them, leaving law enforcement frustrated and frequently ineffective.

Reports were published recently identifying McColo Corp., a San Jose company, as the hosting company of choice for virtually all the top botnets blasting out spam or malware attacks. The company has offices in a 30-story office tower in downtown San Jose and apparently its entire business is devoted to providing a platform for bad guys and diverting any attempt to pursue the spammers by refusing to cooperate with law enforcement and shifting the spam networks around to help them evade detection. Researchers estimated that networks run through McColo servers were responsible for 75% of the world's spam.

In an interesting twist, security researchers contacted the two companies providing the Internet connection to the building. Both companies became convinced that McColo Corp. was evil and decided to cut off the company's Internet connections on Tuesday without fuss or delay.

The volume of spam worldwide dropped by more than forty percent immediately.

Lots of companies monitor spam and all of them noticed the huge decline, with estimates of drops in global spam from 40%-75% when McColo was forced offline.

This won't permanently reduce the volume of spam. It won't take long for McColo to find other Internet connections or for other companies to step up in its place. Trying to shut down the bad guys is like playing Whack A Mole - a law enforcement victory here, a broken Internet connection there, but they keep popping up.

It's always nice to have a moment of triumph, though, and this was a particularly dramatic one.

It was reporting by Brian Krebs of the Washington Post that got the carriers' attention - here's his article about the effect of the disconnect.

Labels: business, Internet, mail, security, spam

posted by bruceb at 11/13/2008 12:03:00 AM | permalink

Spammers can turn a profit even if they only get one response from every 12 million emails they send. When you see a ridiculous spam message and think, who in their right mind would respond to that?, the answer is, almost no one - but it only takes a handful of responses for the spammers to think their campaign was worthwhile.

Last year researchers from UC Berkeley and UC San Diego infiltrated a spam network and took over a portion of the network, diverting the spam sent out by over 75,000 hijacked computers (out of more than a million in the entire spam network). They set up a fake pharmacy web site, similar to the ones operated by the spammers, and sent 350 million spam messages in about a month inviting people to buy drugs online.

They only got 28 responses in a month from people who pushed the button to make a purchase. The researchers are good guys, so they didn't capture the credit card details or take any money, but they measured how much they would have made, about $2,700.

The interesting part happens if you scale that up to the size of the full spam network, where the same miniscule rate of return would net $9,500/day or about $3.5 million dollars in a year. That's not a huge amount but it's probably sufficient to earn a profit after subtracting the cost of developing the code to exploit security holes and hijack computers, and to run servers worldwide to sell Viagra and process credit card payments.

Meanwhile, the researchers saw 10% of recipients clicking on a link to download and install the malware that hijacks computers and turns them into bots sending out those spam messages night and day. Ten percent! The researchers estimate that would allow the spammers to add between 3,500 and 8,500 new hijacked computers every day.

Here's a Washington Post article about the UC study, and here's another summary from the BBC.

Meanwhile, security analyst Jesper Johansson wrote a followup to his study of "XP Antivirus," one of the prevalent bits of malware circulating now. Here are my notes about his study. In this scam, you are led to a web site that puts up a very convincing display about viruses on your computer that need to be cleaned off, with details that make the process look genuine and convincing. Almost any click anywhere on the screen leads you to a request for a credit card payment, and one wrong move will install popup bubbles and screens that insistently take you back to the payment demands. Most variations of this malware are not destructive but I've seen it several times and the bubbles are incredibly annoying, making it almost impossible to use your computer until deep surgery is done to remove the offending files. Some variations of the this adware can be removed with a reasonable amount of effort, but some come along with the kind of malware that can only be dealt with by reformatting the hard drive. If you pay the fifty bucks, you'll get some software that claims to have successfully removed the infected files, but the infection was fictitious and the software doesn't do anything.

Recently a hacker broke into an accounting computer run by one of the scammers responsible for distributing XP Antivirus and posted some internal accounting details online. There's a lot of money at stake! Believe it or not, the software is distributed through an affiliate program that pays a significant portion of the sale proceeds to affiliates spreading the malware. The most successful affiliate earned $158,00 in a week, and even the small-time affiliates were making hundreds of thousands of dollars a year. Here's an article about the financial details.

I've cleaned up several computers recently with XP Antivirus and other bits of malware. At the risk of being a nag, let me reiterate:

Antivirus software will not always protect you against malware if you click OK at the wrong time!

Don't click on strange URLs! Follow links with carefree abandon to and from legitimate sites, but don't click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.

Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.

The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse.

Please, be careful out there!

Labels: business, computers, mail, security, spam

posted by bruceb at 11/11/2008 01:31:00 AM | permalink

"Windows Azure" is a terrible name but you need to be aware of it anyway. Windows Azure is a breathtakingly ambitious platform outlined by Microsoft at last week's Professional Developer Conference, another attempt by Microsoft to position itself to profit from a paradigm shift that will be just as important as the move to the Internet in the 90s.

Yesterday I used word processing as an easy example to imagine what it would be like if you had universal access to your files with the ability to open and edit them from any computer. Of course, it's just as easy to imagine having easy access from anywhere to your Excel spreadsheets and Powerpoint presentations, with the programs running in a browser if you don't have a copy installed on the computer nearby.

Okay, now stretch a little bit. Imagine that you could have something like the same experience on your phone - Windows Mobile can sync folders using Live Mesh and it runs little tiny versions of Word and Excel. Photos can be moved around from computer to computer and/or stored online, too, so you might not be surprised by this anecdote from someone who tried using Live Mesh on his phone to sync the folder where the phone stores pictures. There were the pictures on his computer a few minutes later with no muss, no fuss, no action required at all. The camera on the phone looks a lot more usable all of a sudden!

But now let's take a big step. Windows Azure is a platform that will allow you to run programs that are identical to programs installed on your computer but which are actually running from Microsoft's online servers. Microsoft's goal is to have all of its programs run from Microsoft's data centers in such a way that you cannot tell the difference between a program hosted online and a program on your computer. The developer tools will allow all the other software vendors to do the same thing.

Some of you already have experience with that. Businesses running on Small Business Server use Outlook to connect to mailboxes stored in Exchange Server. At the office, people open Outlook to do their work; away from the office, they might use Outlook on their notebook computer, or they might check their mail or calendar on their Windows Mobile phone, or they might use Outlook Web Access to display their Outlook folders in a web browser. Outlook Web Access is already significantly improved in Exchange 2007 so it more closely resembles Outlook, and it only takes a small leap of faith to imagine the experience being identical to using the full program.

The Azure framework is intended to give developers the ability to present their programs to you over your Internet connection so that virtually all the hard work is done by the online servers. Microsoft or Google or Amazon have responsibility for holding the data and backing it up; when a program is updated, the updates are applied at the source instead of requiring you to take steps to install updates on each of your computers.

I'll be writing more about Live Framework, the unified underpinning of the various Windows Live services as they become increasingly integrated, and Microsoft Online Services, which will introduce hosted online Exchange mailboxes to many of my clients. They're early signs of this movement to online services that will change your life, whether you're ready or not. There are many miles and many competitors and the future is not assured for Microsoft, but make no mistake - the company has staked its future on this ambitious transformation.

Here are some more early comments on Windows Azure: Dan Farber on "Microsoft's Manhattan Project"; Robert Scoble says not to underestimate Microsoft's ability to turn a corner; CBS News on the Azure launch; and Joe Wilcox on the significance of the project:

"I simply cannot overstate how enormous an undertaking is Azure. Microsoft plans to support cloud services in every product. Azure is hugely ambitious and will transform Microsoft, whether or not the vision stated on Monday makes it to market. As such, Azure is enormously risky and its success as envisioned is uncertain."

Labels: business, computers, file_sharing, Google, Internet, mail, Microsoft, mobile, Outlook, photos, software, web_services

posted by bruceb at 11/04/2008 12:05:00 AM | permalink

There are reports of increased phishing attacks purporting to be messages from various banks. Be alert! The bad guys create email messages that appear to be from banks, with links to malicious web sites that attempt to install viruses or adware or fool you into entering account information. The messages and web sites are increasingly professional, to the point that they are indistinguishable from the real thing.

The current wave of bank activity might make it plausible that your bank would contact you by email, but I don't want anyone fooled. In today's environment, no bank or other company will ever send you an unsolicited email message about your account; the only communication you will receive from any company will either be advertising or a response to something you initiated. If you're unsure, always doublecheck by phone, or by going to the company's web site directly instead of by clicking on a link in a message.

Be safe out there!

Labels: mail, security, spam

posted by bruceb at 10/08/2008 12:05:00 AM | permalink

T-Mobile introduced the first cell phone based on Google's Android operating system to much fanfare a few days ago. Although Android has some interesting features and much promise, I don't expect to see anyone holding the T-Mobile G1 in Sonoma County for a while, since T-Mobile is a fringe player with limited coverage up here (and certainly no connection anywhere nearby to its high speed 3G data network).

Android is a work in progress; comparisons to the iPhone are inevitable and at the moment Android comes up a bit short, but it's early to make any decisions. In this first iteration, Android is tied in very closely to Google's online mail, calendar and contact services, which are fully integrated and reportedly work smoothly. It's not as smooth for everyone else, since the integration is thin or nonexistent for other sources of mail and there is essentially no support for other calendar/contact programs.

In particular, businesses should be aware that there is no support for ActiveSync, the software that connects a mobile device to an Exchange Server. A Google Android phone is not currently a good choice for an office using Small Business Server. It's the same situation that an SBS user faces with a Blackberry - a solution for email can be cobbled together from forwarded messages and BCCs and the like, but it is clearly a kludge compared to the true integration provided by a Windows Mobile phone or an iPhone running ActiveSync. (It bears repeating that using an iPhone with ActiveSync causes it to suck battery power so fast it actually makes slurping noises.)

There's one other design decision for the T-Mobile device that has caused a fuss - instead of a standard headphone connector, they chose an oddball, mostly proprietary "ExtUSB" headphone connector that requires a weird dongle for every kind of headphone or earbud except the terrible earbuds that come with the phone. No one knows why but everybody hates it.

Somebody - Google or a third party - will likely make the financial arrangements with Microsoft and write an ActiveSync connector for Android, and the other carriers will be releasing their own Android devices with different hardware designs. We'll talk more about it then.

Labels: Apple, audio, Google, mail, mobile, phone, SBS

posted by bruceb at 9/29/2008 12:05:00 PM | permalink

Here's a tip about Microsoft Outlook that I discovered by accident.

A common problem - you'd like to send an email to a friend with a number of photos attached. If you send the photos straight from the camera, the files are too large. Typical photos from a digital camera are 1.5-2.5Mb each, too big for an email attachment. Attach two or three or more and your message is likely not to be delivered, blocked by filters for oversized mail on your company mail server or your ISP's outgoing mail server or the recipient's incoming mail server or mail program.

There are many workarounds to resize the image for easy sharing. The photos can be shared online, or they can be resized by one of the many programs that can work with Outlook - Windows Live Photo Gallery and Photoshop Elements and many more.

There's another way to resize the attachments in Outlook and it's even easier. (If you don't use Outlook for mail, this isn't for you. Chat amongst yourselves for a few minutes.)

• Attach the photos to the outgoing message without any regard for their original size.
• Open the sidebar for "Attachment Options."
• Outlook 2003: button on the right of the attachment line.
• Outlook 2007: little arrow under the Message / Include buttons.
• Voila! An option to resize pictures automatically before the picture is sent. Pick a small/medium/large setting, push Send, and the message is on its way with reasonably sized attachments.

That's great stuff! Here's how those buttons look.

OUTLOOK 2003

OUTLOOK 2007

Labels: mail, Outlook, photos

posted by bruceb at 9/24/2008 01:08:00 AM | permalink

Here's a tip for getting around in Outlook: it's possible to switch between mail, contacts, and calendar using hotkeys on the keyboard instead of reaching for the mouse to click the navigation pane. Who knew?

Don't overlook an even better Outlook tip from a few months ago - opening multiple Outlook windows simultaneously.

Labels: mail, Outlook, software

posted by bruceb at 9/12/2008 03:24:00 PM | permalink

I'm occasionally asked why I have such a negative opinion of AT&T's DSL service.

This chilling account should answer that question - a complete log of one person's experiences on two different occasions, dealing each time with more than a dozen customer support reps over a period of more than three hours each, on problems that should have been simple. A slow DSL connection at home, a failed login to AT&T wireless service, problems that should have required five minutes but turned into hellish nightmares.

I'll add one more awful, unforgiveable story, just the latest in my own run of unhappy experiences with AT&T.

Last week, AT&T started blocking all outgoing email with no notice for one of my clients running Small Business Server. A business was suddenly, unexpectedly cut off from communicating with its customers. For better or worse, businesses live by email! This was potentially devastating.

When I investigated, I found that port 25 was completely blocked, so no other outgoing email server could be used; AT&T's email servers could only be accessed over port 465 with SSL authentication, which is not supported by Exchange 2003. I researched the problem online and discovered that there was no solution; a handful of people who had survived AT&T's stupefyingly awful tech support process had been told that AT&T was simply not handling outgoing email for anyone with an Exchange Server - no apology, no excuse, no solution.

(This is a variation of the problem I ran into a few months ago. I solved it this time by buying service from NoIP.com that sends outgoing mail on a nonstandard port. Later I learned that ExchangeDefender also can be set up on a nonstandard port. I'm still going to insist that both clients leave AT&T.)

It's still possible to sign up for DSL service with Sonic.net, which consistently employs the nicest people in the world. If you are signing up for DSL service, don't even consider signing up with AT&T. If you currently have AT&T service and you want to do something proactive for your future mental health, think about switching your service. If you're a business, make it a priority.

Labels: broadband, Internet, mail

posted by bruceb at 8/25/2008 12:33:00 AM | permalink

Tough week! Here are the kind of things that fill my days. And bear in mind, these are all stories about software and services that I love dearly - this is the good stuff, these are what I recommend because they're better than the rest!

Client with hosted Exchange mailbox at 1and1.com. Mailbox doesn't connect this morning, so no incoming or outgoing mail. Try it from a different computer, try Outlook Web Access - nothing works. Call tech support in India and get through without delay. "Very sorry! That server is down. The experts are working on it." Any idea when it will come back? "No, I'm sorry. But the experts are working on it." It's been down a day and a half now, still no word.

Putting Jungle Disk on a Windows Home Server for online backups. The process to sign up for Amazon's online storage system is not completely straightforward but I've done it before, I know about the "Access Key ID" and the "Secret Access Key," so I'm in business in short order, except the Jungle Disk software delivers an error message, error 403, "NotSignedUp." There are a few dozen lines of gibberish in the detailed error message but it's clear that Amazon doesn't think the service is set up correctly yet. Log in to the Amazon Web Services portal and there's a message about problems with payment for the account - payment that was set up on an Amazon credit card. Hmm. Spent half an hour wrestling with payment options, putting in one good credit card after another and getting more error messages about payment problems, and just about gave up - I was actually drafting the note to the client about the failure when Amazon showed the service was working just fine, thanks, even though I hadn't actually changed anything for a while. Jungle Disk started doing a backup. What was that about?

Setting up Live Mesh to transfer large files between people working in several locations. Installed it on the client's desktop and laptop, created a folder, it started syncing all over the place, everything was automatic and swell, great stuff! Set up Windows Live IDs for three employees, shared a Live Mesh folder with employee number 1, went to that employee's computer and clicked on the invitation to Live Mesh that appeared promptly in the mailbox. Web site pops up inviting me to "Connect," then "Sign In," then displays a message that Live Mesh is only available in the US and they're happy to put me on a waiting list when it's offered in my country. I looked around. It looked a lot like the US where I was standing. I poked around in the Live Mesh forums and found a suggestion that the Windows Live ID account information needed to be updated with the correct country information so I went over there and found it was completely hosed - no matter how many times I picked "United States" and clicked Apply, the front page would stubbornly complain that no country had been chosen. I could change it to the Virgin Islands - that worked fine! It was only the US that it ignored. I dropped it, wrote off the hour that had been spent fussing with it, went back a couple of hours later, and everything worked right away, Live Mesh installed immediately, no issues at all.

Client with a SonicWall firewall/router and a Small Business Server that hadn't been set up to use Remote Web Workplace or the other features that make SBS so lovable. There were a few odd networking settings on the SonicWall but nothing alarming. I set up port forwarding on the ports that make SBS do its tricks (80, 443, 4125) and bang! the network went down, all Internet traffic stopped, the workstations couldn't connect to the server, couldn't browse or ping anywhere. Spent an hour and a half backing out of anything that I might conceivably have touched, nearly gave a credit card number to SonicWall tech support, when it came back up. Two days later I set up port forwarding in what I swear was exactly the same way and it works like a charm. I still don't have any idea what that was about, but it scared the hell out of me.

Tried to buy licenses online for StorageCraft's remarkable backup program, ShadowProtect. Everything went perfectly, right up until the final "Finish" button when I was told that the billing address for the credit card didn't match the information on file at the bank. Just for fun, I tried three different credit cards at two different addresses - all of them plausible choices, not trying to pull anything. Same message each time. (Just for fun, I logged in to my bank's web site and confirmed that there were six or eight "pending" charges showing on the various cards. They went away eventually.) Couple of days later, went back and the transaction went through immediately. (And this story doesn't really count, because after I dropped them a note that night, the company immediately put me in touch with a reseller who would have sold me the licenses, then had one of the company's business manager follow up with a phone call to make sure the problem was resolved. Nice folks, great software, great support.)

Set up Netgear Rangemax USB wireless adapters on three workstations. Windows XP doesn't have any builtin drivers so the CD is required, and the CD doesn't have the drivers stored separately - the Netgear software has to be installed, which of course demands to take over control of the wireless settings from the perfectly adequate Windows XP wireless controls. The next morning, no one can get online, all the networking is mucked up, I have to travel onsite and get the stupid Netgear software to stop popping up with its incomprehensible dials and control panels and graphs. I couldn't find any way to get the Netgear software to hand control back to Windows - that required removing and reinstalling the software to get the startup dialog to appear again so I could check the box telling the Netgear software to get out of the way. Once I did that, the connections were immediately rock solid.

And so it goes. This is the good guys, the cream of the crop - I've also had battles with spyware and rootkits and the rest. Some weeks are more tiring than others. Back to the news soon, I promise!

Labels: backup, computers, file_sharing, hardware, Home_Server, mail, network, SBS, software, web_services

posted by bruceb at 8/21/2008 01:15:00 AM | permalink

The latest outbreak of virus-laden spam purports to be a message from UPS about an undeliverable package. The attachment is a ZIP file with an executable program inside that does something evil - blows up a cruise boat or something.

These messages appear and morph and tomorrow this might be a message from FedEx or the IRS or anything else. Your first defense is your common sense: never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.

Never.

Many of my clients use Exchange Defender to filter out spam and viruses from incoming mail. Here's the update on ED's struggle with this new outbreak.

"It has been quite an evening at ExchangeDefender as we continue to fight the outbreak of the UPS trojan. You may have seen this:

Subject: UPS Tracking Number 6431834482

Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient's address is not correct.

Please print out the invoice copy attached and collect the package at our office

Your UPS

"What is interesting about this is that the message does look fraudulent to the casual observers and people that do domestic business with UPS. However, we have encountered this format (with attachments and all) being used by UPS Commercial shipping departments in the past, which is why messages with the specific patterns received lower SPAM scores and were allowed through.

"We still stripped the attachments but the attachments inside the ZIP file are passing through AV scanners as the variants change. We are now up to over thirty definitions used to track this specific worm and have taken the following steps:

UPS messages are only processed if they come from UPS.

UPS Tracking numbers are only accepted as valid if they start with 1Z.

UPS messages instigate a callback function against UPS servers.

"Dealing with these extended rulesets and checks has made mail move a little slower today as we've dealt with onslaught of messages while this worm becomes more prevalent. UPS is also issuing a warning on their behalf:

"We currently have this issue under control and it should not pose any further problems. However, expect the UPS messages to be taken with higher scrutiny and always warn users not to open executable attachments."

Labels: mail, security, spam

posted by bruceb at 7/24/2008 09:50:00 AM | permalink

Two weeks ago, Microsoft announced new services that might drastically change the email technology used by small businesses. Let me give you some background, then give you some information about Microsoft Online Services - a way for a small business to have its Outlook folders stored online by Microsoft.

Companies running Exchange Server for Outlook reap tremendous benefits. For example:

• The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• Calendars and address lists can be shared.
• Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• Windows Mobile devices can sync over the air.

It's a rich environment.

Traditionally that has required a small business to run its own Exchange Server (included with the Small Business Server suite). A small business does not strain Exchange Server, which is remarkably robust and frequently troublefree, but make no mistake - it is fiercely complex and problems can happen. I dive for the phone to pay Microsoft for support when there's a problem with an Exchange database.

Microsoft developed a community of partners - big companies offering "hosted Exchange" mailboxes. A small business would pay a monthly fee to the big company to have the Exchange database stored online for all the business users. Outlook works completely smoothly with that arrangement; for the users, there's literally no difference between that setup and having the Exchange Server down the hall. The responsibility for backups, database maintenance, security updates, and upgrades is shifted to the big company.

Until recently, small companies mostly stayed away from hosted Exchange accounts. The big companies were unfamiliar (heck, the whole concept was unfamiliar), and the prices were just high enough to dissuade business owners from moving away from traditional standalone copies of Outlook. (I set up several people with individual hosted Exchange accounts, offered by 1and1.com, but even those were tough because people weren't familiar with the concept.)

Two weeks ago Microsoft announced the details of Microsoft Online Services. Microsoft is bypassing its partners and offering hosted Exchange services directly. Pricing is still not cheap - $10 per user per month for 1Gb of mailbox storage space, with more space available at a cost for oversized mailboxes. But it comes with Microsoft's name behind it and it comes at a time when people are being bombarded with references to storing things "in the cloud." People are becoming familiar with the idea of having important data stored online.

As always, there are a lot of details to process. You can see from the chart that there are many levels of service, and other services in addition to Exchange. I've been testing the beta and there were kinks getting things set up. It's possible to integrate this service with an existing onsite Exchange Server, and it's possible to migrate from an onsite server to the hosted service, but there will be some technical hurdles to make that work.

Meanwhile the partner community is reeling, feeling betrayed, because this puts Microsoft in the position of competing with them directly and even potentially taking customers from the partners. Microsoft has set up an elaborate commission structure to try to soothe them but there is a lot of bitterness out there. I don't think that will slow things down but be alert for yet another round of Microsoft-bashing.

This might be one of those moments that changes the standard setup of computer services for a small business. The demand is already there for universal access to email, calendar and contact lists; this responds to some very real needs being expressed by every business. I expect to be talking about this with many of my clients that do not presently have a server.

Even more interesting, there are consultants in the Small Business Server community who wonder whether this will be such a compelling alternative that they should not recommend Small Business Server 2008. It could be that a small business will have a server onsite to do nothing more than file and printer sharing, and all the other company technology will be online services.

There are changes ahead! This is another one that deserves some attention. Here's more information about the presentation of Microsoft Online Services at the Microsoft Worldwide Partner Conference in early July. There's a demo at the MOS beta site. Here's an overview of Microsoft's step into this space. It's interesting stuff!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 7/23/2008 01:52:00 AM | permalink

Microsoft Exchange and Outlook dominate the market for corporate email. Small businesses running Exchange Server use Outlook almost exclusively. Until recently, even individuals and businesses without a server would use Outlook with their POP3 mail accounts.

But in the last couple of years, almost everyone has started to chafe at a singular disadvantage of an individual copy of Outlook: it can't be used easily anywhere except by sitting at the computer where it's installed.

We want to read our mail from any computer, anywhere. We want to use more than one computer - a desktop in the office, another one at home, or perhaps a notebook for the road - and we want our email on all of them. We want our mail on a Blackberry or iPhone or Windows Mobile device. All of those things can be done with Outlook but not easily and not without compromises.

It's driving people to set up their mail online with Google Gmail or Microsoft's Windows Live Hotmail or Yahoo Mail. There are some compromises there, too, but the convenience is starting to outweigh everything else. The webmail providers are adding features right and left, so it's possible now to use the online services without regret.

Google Gmail has devoted followers who love its presentation of messages in organized threads and unparalleled search options. Google is constantly tweaking it to offer more storage space, more options for displaying mail on more devices, and more features.

Here's a lengthy comparison of Outlook and Gmail. It's worth reading - your attention will be drawn to things you might not have considered, and you may find yourself nodding unexpectedly at one choice or the other. I think the author undersells Outlook a bit. (One point he doesn't mention, for example: people are very upset when they click "Send by email" in Internet Explorer or Word and nothing useful happens - the webmail services don't integrate with Windows that way.) And in the end, personal taste may outweigh any of these features; some people hate Outlook; personally, I can't use Gmail - I find it unintuitive and clumsy and unattractive.

The next few years will be a blur. Outlook's profile is dropping for home users; Microsoft does not even include Outlook with the Home and Student Edition of Office 2007, presumably because more people are using the online services instead (and perhaps because Vista's Windows Mail is a really nice mail program, better suited for many people who don't need Outlook's complexity).

On the other hand, Microsoft just announced a new program that may change the game completely for small businesses and keep them with Outlook. I'll tell you about that on Wednesday.

Labels: Google, mail, Microsoft, Outlook, software, web_services

posted by bruceb at 7/21/2008 01:45:00 AM | permalink

The new iPhone will be available next week, including support for Microsoft Exchange and Windows Mobile/ActiveSync. That means businesspeople in companies run by Small Business Server 2003 should be able to connect to their Outlook email, calendar and contacts over the air, continuously updating both directions. Well, we'll see - time will tell whether there are glitches or unexpected shortcomings. (I've seen one early unconfirmed report that using Exchange over the air sucks the battery dry in short order.)

David Pogue's column in the New York Times today mentions one thing that I had misunderstood. Apparently the iPhone 2.0 software will also be rolled out to current iPhone owners, enabling them to do exactly the same things.

That means all iPhone owners will have access to the new applications being developed on the iPhone 2.0 platform - there will be thousands of them, a rich new area for blogs to write about endlessly. You might see some that look tempting:

"One coming program, called iCall, will give you free phone calls when you're in a Wi-Fi hot spot. Another, called G-Park, exploits G.P.S. to help you find where you parked. Yet another, Urbanspoon, is "a cross between a magic eight ball and a slot machine:" you shake the phone, and it randomly displays the name of a good restaurant nearby, using the iPhone's G.P.S. and motion sensor.

"You can also expect to see a time and expense tracker, home-automation remote control, voice recorder, Etch-a-Sketch, a recipe box, tip calculator, currency converter, e-book reader and so on.

"Above all, the iPhone is about to become a dazzling hand-held game machine. The games revealed so far feature smooth 3-D graphics and tilt control; in one driving simulator, you turn the iPhone itself like a steering wheel, and your 3-D car on the screen banks accordingly. Other games exploit the multitouch screen, so you and a buddy can sit at opposite ends of the screen and fire at each other."

I'm a bit skeptical because I'm dull and unimaginative. There are hundreds of gadgets that can be added to Vista's sidebar, but I kinda turned off the sidebar because they weren't all that interesting. There are thousands and thousands of applications for Windows Mobile devices but once my phone started syncing reliably with Outlook, I was pretty much done with twiddling with it.

Interesting stuff. Just remember, the iPhone is an expensive thing to have in your pocket and there's no way around its Achilles heel.

Oh, and I finally found the map showing the Sonoma County coverage of AT&T's higher speed 3G network.

If you're outside the shaded area, data speeds will continue to be limited by AT&T's slower EDGE network, roughly the same as having web pages delivered to you by a glacier.

Labels: Apple, mail, mobile, phone, SBS

posted by bruceb at 7/10/2008 12:20:00 AM | permalink

Blackberry smartphones are mindbogglingly popular. I'm being asked about them more often than iPhones. That shouldn't be a surprise - almost half the smartphones sold in the first quarter of 2008 were Blackberry devices, a significant increase over the previous quarter, while the market share of iPhones took a nose dive in the same period, according to the Associated Press.

I wrote some cautionary notes a few months ago about the Blackberry. Let me try to be more specific.

• If you work in a company that supports the Blackberry, it is a tremendous device. The company runs big servers to make it so.
• Small businesses can get similar software for their server; licenses are cheap or free. Count on a significant cost to set up the Blackberry server software and get things working - and prepare for the risk not only that it might not work smoothly, but also that it might muck up your server in other ways. Remember, the reason your server runs so smoothly is because we change it as little as possible. I've heard stories, that's all I'm saying.
• If you are an individual with a single POP3 email address, the Blackberry is a good phone and a decent email device. You'll have to fuss with a couple of settings in your mail program to leave messages on your mail provider's server so Blackberry can retrieve them; that can occasionally go sideways, resulting in your mail program or Blackberry receiving twelve duplicate copies of messages or something, but on the whole it will be fine.
• You won't be syncing over the air with your computer's calendar or address book. You can sync in a cradle attached to the computer if you install Blackberry's software. Personally, I find the software to be fairly hideous and unintuitive, but it does its job, if you're lucky. Heck, hideous unintuitive software is easy to come by - I've seen worse.
• If you have a Google GMail or Yahoo mail account, the Blackberry integrates beautifully with them. Google, in particular, is cooking up ways to connect to a Blackberry and has released a program to sync the Blackberry calendar with a Google calendar. You know, if you're using a Google calendar. (If you're using a Google calendar, you're young and devouring new technology at a furious pace and the last thing you need is condescending advice from an old fogey. Go and Twitter in peace.)
• If you work in a company run by Microsoft Small Business Server, the Blackberry is very, very wrong for you.
• If you get a device running Windows Mobile 5 or 6, I can set you up in three minutes with your Outlook calendar, contacts, and email syncing over the air, continuously, both directions.
• If you get a Blackberry, I can create a clumsy, half-baked flow of messages to the Blackberry that is divorced from your Outlook folders. Everything about it will be a compromise. You'll blame me. I'll be defensive.

The smartphone is becoming a platform that is as important for many people as their computer. Shop carefully and look ahead - a lot will be happening in the next year to improve the process of making your information available everywhere!

Labels: Google, mail, mobile, phone, SBS

posted by bruceb at 6/12/2008 12:50:00 AM | permalink

Microsoft has done a terrible job of branding things in the last few years. "Microsoft Network" morphed into "MSN," which has at various times been a software package, a collection of TV-like programming, a brand for web services like Hotmail and Messenger, a dialup Internet provider, and a web portal.

Many MSN services were included in a reorganization under the new brand name "Windows Live" in 2006, and Microsoft began creating more and more services with the Windows Live name, including some that have no obvious relationship to each other. The Wikipedia list of Live-branded services is pretty daunting!

Some of the services will be dying quietly soon - Microsoft just announced that it will be closing down Windows Live Expo, intended to be a competitor to Craigslist, joining recently deceased Live Search Books and Live Search Academic.

I find myself joining clients and friends now in stumbling over one particularly poor bit of naming.

Vista comes with Windows Photo Gallery, a simple but useful photo program that's well suited for many people.

Later, Microsoft released Windows Live Photo Gallery, a free download for Vista and Windows XP. It's almost identical, but changes some things around on the menus and makes it easy to put photos online in free photo galleries for sharing.

When Windows Live Photo Gallery is installed on a Vista computer, it does not replace Windows Photo Gallery. They're visually indistinguishable, so the only way to tell which one you're using is the name on the title bar in the upper left corner.

Frankly, most of the time it won't make any difference. The two programs both display the same pictures and the same tags and almost all of the same features. But why do that to people? When it's time to put pictures on a DVD and someone looks for the "Burn" button, why should they have no idea why it's under "Make," instead? The access to online services will appear and disappear randomly if people aren't careful to click on the right program.

The situation is basically the same with Windows Mail (Vista's mail program) and Windows Live Mail (a separate program for Vista and an upgrade for Outlook Express on Windows XP).

Didn't Microsoft learn anything from the years of confusion caused by "Outlook" and "Outlook Express"?

Labels: mail, Microsoft, photos, Vista, web_services, WinXP

posted by bruceb at 6/08/2008 03:24:00 PM | permalink

AT&T has a special place in my heart.

One of my clients is a small business with its own domain name and several users receiving POP3 mail addressed to that domain name - gertrude@businessname.com, for example.

The business has an AT&T DSL line.

A couple of months ago, they started having trouble sending mail - AT&T's SMTP server refused to take outgoing messages from Outlook.

Eventually we discovered that AT&T had sent this message a few months earlier, warning that its SMTP servers would only accept outgoing messages on an AT&T DSL line if certain conditions were met.

The first condition wasn't terribly unusual - Outlook had to be set up to authenticate itself to the SMTP server with an AT&T account - an email address and password. The business had set one up as part of the DSL account (businessname@pacbell.net) and we were able to dig that information out.

But wait! There's more! The outgoing mail also had to be set up as an SSL connection for additional security, on a non-standard port. You know, the settings in Outlook under Tools / Account Settings / Change / More Settings / Advanced - surely you've been there? Yeah, right.

I sympathize with the difficulty for ISPs of dealing with an unimaginable amount of spam, but this is a terrible, unforgivable thing to do to people.

We were able to get the mail flowing again for a couple of months. It stopped again with no warning.

I've spent more than two hours and although I found a workaround, I'm still pretty horrified at what appears to be going on.

I tried every combination of SMTP server name, authentication on/off, SSL on/off, port 25/465, with no success. The returned messages had an unfamiliar error in them - the sender's address was not "verified" to use the SMTP server.

AT&T and Yahoo have set up an extraordinary labyrinth of conflicting sites to log in with a @pacbell.net account. Eventually I found the Yahoo login page and was able to get to Member Center / My Account & Billing, where there was a reference to "Alternate email addresses."

"Your alternate email address is an address you can add to your AT&T Yahoo! account for use with a variety of products and services across the AT&T Yahoo! network. An alternate email address can be used any time you don't want to use your AT&T Yahoo! member ID for a particular function."

Great! Put in the business email addresses, respond to an email confirmation, and the addresses showed up as "Verified." Problem solved!

Not. Outgoing mail was rejected just as firmly. I kept typing test messages and pushing "Send" over and over, because I couldn't think of anything else to do.

I located an ominous sentence in an AT&T support document -

"Please make sure that you have entered your AT&T Yahoo! Business Email address as the "From" address in your email client. You will not be able to send mail if you have entered another address."

If I read it correctly, that support document only applies to people using an "AT&T Yahoo! Business Email address," whatever that might be.

But on a hunch, I went back to the account settings in Outlook and entered the @pacbell.net email address on the first screen for a POP3 account.

Outgoing mail immediately started flowing. And every outgoing message shows the sender is businessname@pacbell.net, from every computer onsite.

I spent more time and got nowhere. I thought about the horror of calling AT&T for technical support on an issue like this and put the idea out of my head. We may get to that point but my hourly rate becomes a very real consideration for this kind of headache.

And that's where things stand. Somewhere there's an answer. It can't be the case that a business cannot send email using its own domain name on an AT&T DSL line - but, well, that's where it stands.

By coincidence, Susan Bradley complained recently about changes AT&T has made to her incoming mail at an @pacbell.net address that make the account virtually unusable.

Sonic is still taking orders for DSL, and I'm hoping this business will just switch over and we can put this behind us. But what will we do when AT&T is the only DSL provider left?

[Postscript 05/30 1pm: after more experimenting, I found that mail.pacbell.net is apparently still running - messages can be sent from the business address. (Settings: authentication required; port 25; no SSL.) It's not clear whether this is a permanent solution or whether AT&T intends to shut down those servers, as their support letter suggests. But for the moment, the business can use its mail again]

Labels: broadband, mail, Outlook

posted by bruceb at 5/30/2008 01:05:00 AM | permalink

An interesting problem has developed, and there's no good answer in sight. Email is no longer a reliable business tool. We're going to keep using it but there will be more occasions when I have no good answer to mail-related complaints.

Spam is the primary reason that things are falling apart. It's at record high levels and I've seen predictions that this is the calm before the storm.

For a while we could deal with that at the Exchange Server - drop messages that are not addressed to valid recipients in the business, turn off non-delivery reports, rely on Outlook's junk mail filter and supplement it with Exchange's Intelligent Message Filter after Exchange Service Pack 2.

After a while that's not enough. Servers are using processor power and bandwidth just to drop thousands of misaddressed messages. Most of my business clients have now been set up with Exchange Defender, a third party service that filters spam and viruses. That will work for a while. Most people will read the daily reports from ED at first, until the spam builds to a volume that makes the daily reports overwhelming.

The third party services frequently don't filter messages that seem to have been returned as "undeliverable," leading to the recent waves of "NDR spam," flooding mailboxes with hundreds of messages per hour for a day or two. I've gotten a call about this every day or two for the last month or more, helping people set up an Outlook rule to delete any message with "Undeliverable" in the subject. It undermines our confidence in the mail system a little more - and ensures we will never find out that we've accidentally sent a misaddressed message.

Spam is not the only thing undermining our confidence in email. We're deal