MICROSOFT ONLINE SERVICES & PASSWORDS

I’m supporting several businesses using Microsoft Online Services to host their Outlook mailboxes. It’s been very satisfying in almost every way. For a small monthly subscription fee, small businesses can get the full value of Exchange Server:

MULTIPLE COMPUTERS  The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.

MULTIPLE LOCATIONS  Office workers can be linked together and share Outlook folders even if they are in different offices.

WEBMAIL  Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.

PHONE  Windows Mobile 6 devices can sync email, calendar, and contacts over the air continuously.

SHARING  Calendars and address lists can be shared with other people in the office.

SECURITY  Microsoft provides virus and spam filtering.

REDUCED COSTS  Microsoft is responsible for backups, database maintenance, security updates, and upgrades.

Recently the system was upgraded to support Outlook 2003 as well as Outlook 2007. Each mailbox has a default size of 5Gb (and can be expanded), and MOS now supports file attachments up to 30Mb. Service for my clients has been smooth and uneventful.

With one exception.

Access to a mailbox on Microsoft Online Services is controlled by a password. Microsoft provides a slick utility to memorize the password on each computer so it doesn’t have to be manually entered each day. After a few days or a week, most people forget that there’s a password at all. (The password has to be entered to use Outlook Web Access but many users never open their mailbox outside the office.)

And that’s where the problem comes from. Microsoft has an inflexible security requirement: passwords have to be changed every 90 days. The passwords have to be complex (lower case, upper case, numbers) and no portion of the old password can be reused for a long time.

It’s driving people nuts! The process to change the password has been a bit confusing for some people but the real problem is just the concept – many people just don’t want to think about passwords and they resent having to deal with it. They procrastinate when the reminder comes up until one day their mailbox won’t open.

I’m not going to present the reasons that I think this is a reasonable security requirement. You can guess what I’d say. But I can tell you that I’ve got a calendar entry for most of my MOS clients every 85 days to help them get through password changes before they have a chance to get frustrated.

Just a reminder: I am a Microsoft partner authorized to sell and support Microsoft Online Services. If you're interested, please call me or drop me a note! I do not need to be in your geographic area to assist you with this.

Labels: mail, Microsoft, Outlook, web_services

posted by Bruce Berls at 7/02/2009 12:53:00 AM | permalink

EXCHANGE DEFENDER SOFTWARE

This is for my clients whose mail is protected by Exchange Defender.

Some background for the rest of you: Exchange Defender is an inexpensive service that filters and archives all the mail sent to a business. It strips all virus attachments, drops all misaddressed messages, and holds onto the spam. Only legitimate messages are delivered to the server at the business. The effect is to drastically reduce the load on the server and the business’ Internet connection. In addition, Exchange Defender keeps a searchable archive of all messages sent and received by the business for as long as a year, providing an additional layer of protection in a crisis. It has a very, very low rate of false positives - legitimate messages are rarely caught by mistake.

(It’s well suited for any business running Small Business Server; almost all my clients with SBS rely on Exchange Defender. You need a partner to set it up for your business. If you’re interested, drop me a note or give me a call.)

Until now, the best method to review spam messages was a daily email report listing all the messages. Now those are becoming impractical; the daily messages aren’t timely enough for some people and they’re only getting longer (and easier to ignore) as the volume of spam grows.

If your mail is filtered by Exchange Defender and you use Outlook 2007, consider installing an Outlook add-in that will give you tools for checking your spam and reacting to it in Outlook. You can download the “Exchange Defender Outlook 2007 Agent” from this page. To install it:

• Exit Outlook by clicking on File / Exit. (If you just click the X in the upper right, several Outlook processes will probably continue running. If you click on File / Exit, it closes completely.)
• You’ll download and save a Zip file. After it’s downloaded, click on it and click on “Extract files.” Save them somewhere you can find them.
• Find the extracted files and click on setup.exe to install the agent.

When Outlook starts, you’ll have to log in with your email address and your Exchange Defender password.

The result is a new toolbar with buttons to view quarantined messages in real time and react if necessary to add senders to your white list or release messages trapped by mistake. There’s also an interesting statistics window. Mine is particularly egregious because I’ve been using my email address freely for a long time.

Yup, that’s 1800-2400 messages each day. It makes me feel kind of proud. Exchange Defender filters it and I only see the little tiny bar on the right each day.

The Outlook agent does not work in Outlook 2003. If you want some increased access to information about your spam but you don’t have Outlook 2007, you can download a desktop agent from the same page that sits down by the clock, alerting you every hour to new spam messages. Or you can follow these brief instructions to create a desktop shortcut that takes you automatically to the Exchange Defender portal for reviewing spam and changing settings.

The company that runs Exchange Defender believes strongly that this software should replace the daily reports. If you want help installing it, please give me a call – it only takes a moment!

Labels: mail, Outlook, SBS, web_services

posted by Bruce Berls at 6/04/2009 01:06:00 AM | permalink

EMAIL OVERLOAD

You know the email system wasn’t designed for what you’re doing, don’t you? It’s a nice system for a few messages each day. But you can’t control yourself! Hundreds of messages every day, huge file attachments, a complete inability to hit the “Delete” key – look, it’s time for a little refresher course.

FIND ANOTHER WAY TO MOVE BIG FILES

If you want to send files to someone that are bigger than 10Mb total, don’t use email. You’ll clog up your Internet connection and slow down your computer and the files won’t arrive and I won’t help you. Maybe your mail program will crash and burn, maybe your company mail server or ISP or mail host blocks bigger file attachments, maybe there are similar blocks at the recipient’s end. Just don’t do it! And especially don’t tell me anecdotes about how your friend Charlie sends 5Gb movies by email all the time and how come I can’t make it work. I’ll get irritable and put ugly wallpaper on your desktop.

Look, there’s no shortage of ways to send files to people.

• Set up an account with YouSendIt.
• Install the Outlook add-in from YouSendIt or Acrobat.com.
• Figure out how to use Windows Live Skydrive to share files online. Or use Windows Live Photo Gallery to create online albums where photos can be viewed or downloaded. Or set up a shared folder with Live Mesh or Windows Live Sync.
• Read what I have to say tomorrow about sending files with LogMeIn Pro and get an account.
• Burn a CD and put it in the mail.

It doesn’t matter which one you choose. There’s a learning curve for each one. But if you’re trying to mail 50Mb of photos to your mom, or trying to send huge PDFs to opposing counsel, or trying to send pirated movies to your friends – give up on email and figure something out!

DELETE DELETE DELETE

We’re allowed to have big mailboxes now. The online services now allow virtually unlimited mailboxes. Outlook 2007 can handle bigger mailboxes than Outlook 2003. That’s not an excuse to let things pile up!

You can check the size of your Outlook mailbox by clicking on Tools / Mailbox Cleanup / View Mailbox Size.  At 2Gb, Outlook 2003 starts to fall apart. At 3Gb, all operations in all versions of Outlook start to drag. At 4Gb and above, you’re still technically within the limits of what Outlook 2007 can handle but problems will start to show up, I just guarantee it. The program will run slowly, backups get to be a headache, it’s much more difficult and time-consuming to recover from a problem, it takes forever to rebuild the mailbox on a new computer – really, it’s just not worth it.

I know, it’s all terribly valuable work-related stuff. Except it’s not. For goodness' sake, will you delete the stupid movies and the funny pictures after they’ve gotten the 3 seconds of attention they deserve? (And by the way, don’t send movies or forward them. If they’re truly irresistible, find them on YouTube and send a link to them.) Delete the spam and advertisements. Delete the messages that say, “OK” and “See you Tuesday,” and “The meeting has been cancelled.”

An inbox with 20,000 messages in it is not much more useful than an inbox with 0 messages in it.

If you’ve been sending large email attachments, go into the Sent Items folder every so often and sort the messages by size. (In Outlook, click at the top of the message list where it says “Arranged by:”.) Get rid of all the messages with attachments that are 5Mb or larger. You almost certainly have those files somewhere else. Save the attachments if you need to but get them out of your mailbox.

Oh, and one more thing - the Deleted Items folder is a wastebasket. It’s not a filing cabinet. It will be emptied. You should empty it occasionally. Do not use Deleted Items as a place to store things you want to keep. It’s the trash and I will not feel guilty if I empty it while I’m working on your computer. I see Deleted Items folders with thousands of messages in them and it makes me wonder what those people’s houses are like.

USE GOOD EMAIL ETIQUETTE

Many of you don’t need a scolding about these things. This is for the people who never learned good manners.

• Don’t hit “Reply to All” unless every person on the list needs to see your contribution. It’s lazy and inconsiderate.
• If you’re sending a message to a group of people who don’t know each other, don’t put all their email addresses on the “TO:” line. Address the message to yourself and put their addresses on the “BCC:” line. Some people want their email addresses to be private. (In a new message in Outlook 2007, click on Options to find the “Show BCC:” button. In a new message in Outlook 2003, click on View / BCC: Field.)
• Don’t send messages to more than 25 people at a time. It will be trapped as spam and most of them won’t receive it.

I know people who are so overloaded with work e-mail that it has become the least effective way to communicate. Too many business mailboxes are effectively useless because the volume so far exceeds what people can absorb. There are more and more nervous jokes about declaring email bankruptcy and starting over with an empty inbox, or giving up email altogether. Start managing your own mailbox more carefully, and be considerate of other people’s mailboxes, ok?

(Thanks to friend and colleague Brian Dent, who suggested this post after struggling with oversized mailboxes until he felt like his head would explode.)

Labels: file_sharing, mail, Outlook

posted by Bruce Berls at 5/06/2009 12:23:00 AM | permalink

OUTLOOK AUTO-COMPLETE

You know the drop-down list in Outlook when you start to type a name in the TO: box? It’s not an address book! Use it for convenience but don’t rely on it! You’re setting yourself up for heartbreak. I hate being the bearer of bad tidings when those names disappear unexpectedly.

That list was never intended to be something that people depend on.

• The list of names is stored in a file named [ProfileName].NK2, usually in a hidden folder - Documents and Settings (Windows XP) or Users (Vista) \[User Name]\Application Data\Microsoft\Outlook.
• The .NK2 file cannot be directly edited. If it gets corrupted or replaced with an empty nickname cache, it is frequently impossible to recover the list of names.
• The list does not travel from computer to computer, and it can disappear as part of a number of different Outlook events – when Outlook is upgraded to a new version, for example, or when a new Outlook profile is created for some reason.
• It’s not a file that’s likely to get backed up by most backup programs.
• It tells you something that when there’s a problem, Microsoft only has instructions about how to wipe out an .NK2 file and start over, not how to repair it.

That’s why I want all you Outlook users to get in the habit of adding names and email addresses to your Contacts folder. If someone sends you a message, you can right-click on the sender’s name in Outlook’s preview pane or in a message window and add the sender to your Outlook Contacts in two clicks (Add to Outlook Contacts / Save and Close). Do that routinely! Your Contacts folder should be stuffed with names.

Once you get in the habit of putting names in your Contacts folder, you don’t need that drop-down list as much as you think. Just type someone’s name in the TO: field. If the nickname list doesn't help, then Outlook will look up the name in your Contacts folder automatically, 2-3 seconds after you click away from the TO: field. Some people move quickly and mistakenly decide that Outlook doesn't have an auto-complete feature.

• You can type a few letters, then press Ctrl-K to force Outlook to look up the name immediately. (There's also a "Check Names" button that you've never noticed.)
• If you type a name and there's only one person in your Contacts folder with that name, you'll see Outlook change the name to the recipient's e-mail address automatically as soon as you move away from the TO: field.
• If there's more than one contact matching the name you typed, a squiggly line will appear under the name. You can right-click on the name and choose from a list of possibilities.
• If you don't choose the name ahead of time, Outlook will stop and ask for clarification before it sends the message.

Labels: mail, Outlook

posted by Bruce Berls at 4/10/2009 12:05:00 AM | permalink

EXCHANGE ONLINE INCREASES STORAGE

Microsoft Online Services offers hosted Exchange mailboxes, allowing small businesses to access their Outlook folders from anywhere – office or home computers, laptop, Windows Mobile handheld device, or remotely from anywhere with Outlook Web Access. Here’s what I wrote about Microsoft Online Services when it became available in November. Consider it for your small business or law firm!

My only reservation was the allocation of 1Gb per mailbox. Additional space was available for a fee but it seemed rather chintzy.

An announcement appeared today with no fanfare that all Exchange Online mailboxes are being increased to 5Gb, effective immediately. That’s exciting news! It puts the Microsoft offering ahead of the other companies offering hosted Exchange mailboxes and makes the pricing seem even more reasonable. Call me if you want more information about hosted Exchange mailboxes for your business.

Labels: mail, Microsoft, Outlook, web_services

posted by bruceb at 1/23/2009 12:05:00 AM | permalink

SECURITY UPDATE 2009

Several people have asked me about the most recent variations on old, old themes. Email warnings about dangerous messages, like the one on the right. Newspaper articles about the latest virus.

Nothing is new. The latest threats are the same as the old threats. Let’s go through the basics of PC security in 2009.

• Install updates from Microsoft promptly. (Look for the gold shield in the lower right corner. If you use Windows Live OneCare, keep the icon green.)
• Install antivirus software and keep it up to date.
• If you’re running Vista, you have adware/spyware protection.
• If ypu’re running Windows XP, make sure your security software includes adware/spyware protection, or install Windows Defender.
• Antivirus software will not always protect you against malware if you click OK at the wrong time. Read and think before you click OK.
• Don't click on links to web sites unless you know exactly where you’re going.
• Follow links with carefree abandon to and from legitimate sites, but don't click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.
• Don’t click on links in email messages unless you deeply trust the judgment of the person who sent the message.
• Don’t click on links in forwarded messages.
• Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.
• The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse.

The most prevalent malware does not arrive as an email attachment. Instead, it’s a link to a malicious web site – it’s the web site that attempts to install the malware or tries to fool you into installing it. The email about “Obama acceptance speech” doesn’t have an attachment, it has a link to a malicious web site that puts up a phony windows about installing an “update to Flash.” A few months ago, it was phony CNN headlines. Next month it will be something else.

And one more thing if you’re considering a new computer. Vista users are far more secure than Windows XP users; the security improvements are built deep in the operating system and go far beyond what XP can provide. I can understand the desire to stick with Windows XP, hoping for a familiar and unchanging place to work. Unfortunately, it’s not possible to obtain that. There is no stable, unchanging place in computing, no matter how much you try – not on a PC, not on a Mac. It’s unfortunate, it’s upsetting, it’s frustrating, but security has to take precedence over just about everything else when we use a computer.

Be careful out there!

Labels: computers, mail, security, spam, Vista, WinXP

posted by bruceb at 1/22/2009 11:38:00 AM | permalink

WORKING ON OUTLOOK ATTACHMENTS

If you open an email attachment from Outlook and intend to work on it - edit a Word document or Excel spreadsheet, for example - the first thing you should do is click on "Save As" and save a copy of it wherever you normally store files.

When you open an email attachment directly from Outlook, it uses a temporary folder on your hard drive to hold a copy of the file. The temporary folder is deeply hidden, locked up with security restrictions, and not intended ever to see the light. If you work on the attachment and save your changes to the copy in that temporary folder, there is a good chance that you will lose all your work.

The temporary folders are usually in these locations:

• Windows XP / Outlook 2003: C:\Documents and Settings\UserName\Local Settings\Temporary Internet Files\OLK<series of numbers>
• Windows XP / Outlook 2007: C:\Documents and Settings\UserName\Local Settings\Temporary Internet Files\Content.Outlook\<random letters and numbers>
• Windows Vista: C:\Users\UserName\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\<random letters and numbers>

Very occasionally, I can find a file that was opened from Outlook, edited, and saved unknowingly in one of those temporary folders. It's arduous work to find the edited file and there's no guarantee of success.

Don't lose work! Open the attachment and immediately click on Save As and turn it into a file stored in My Documents, or in the shared folder on the server, or somewhere it can be found later. Then work for hours and hit Save with confidence that your work won't be lost if Word crashes unexpectedly.

Labels: mail, Office, Outlook, software

posted by bruceb at 1/08/2009 12:56:00 AM | permalink

OUTLOOK EXPRESS & OTHER OLD THINGS

Lately I've seen this message turn up out of nowhere on Windows XP computers that do not run Outlook Express.

I don't know why it's turning up now after years of staying quiet but it reminds me that Outlook Express is one of several obsolete Windows components that can be safely removed from most Windows XP computers.

Open Control Panel / Add or Remove Programs and click on the left on Add/Remove Windows Components.

I routinely remove some of the items in the list that comes up. If you think you might be using any of them, please do not uninstall them. I don't want any silly mistakes.

• MSN Explorer  This was Microsoft's attempt to create a customized browser that looks like America Online. It's unclear why anyone would want to look like America Online.
• Outlook Express  This is now obsolete and replaced by Windows Live Mail. Look, let me reiterate - if you're using Outlook Express for your mail, don't uninstall it! This is not the same program as Microsoft Outlook, of course; if you're using Outlook, you can safely uninstall Outlook Express.
• Windows Messenger  This is NOT the same program as Windows Live Messenger, the one that most people use. If you have a useless instant messenger icon down by the clock that's always said "Not connected," it's probably a remnant of this program.

Uninstall them by unchecking the box by each item.

You may see an error message about MSN Explorer. I don't know what it means but in my experience it's harmless if you click OK.

Labels: mail, Microsoft, software, WinXP

posted by bruceb at 12/16/2008 01:52:00 PM | permalink

SBS 2008 - MIGRATION GLITCHES

Let me leave a few notes behind about some of the glitches during the migration from SBS 2003 to SBS 2008. I don't have many answers but perhaps it will help someone to know that I'm able to commiserate with them. (Loyal clients - this is not aimed at you and it won't help you get your work done. I'll be back to general interest topics next week!)

As background: I was migrating an SBS 2003 server with a very basic configuration - no ISA, no use of Sharepoint, a single NIC and external firewall, and no particular pre-existing issues.

MIGRATION WIZARD

Microsoft provides a detailed guide to the migration procedure. (Have you noticed that Microsoft's documentation has been getting better and better lately? There's much less ambiguity about what to click next - each step is described in precise and accurate detail.) The guide was great.

SBS 2008 begins a migration when a USB stick with an answer file is inserted in the new server before the SBS 2008 installation starts. Several people have reported that the USB stick has to be present when the server is turned on or SBS 2008 is likely to miss it. After installation, the first and most important item on the SBS 2008 is the "migration wizard" that leads through all the steps required to be successful.

I was about two-thirds of the way through the wizard when I took a break and installed the Server 2008 updates that were waiting. When the server restarted, the migration wizard crashed with a mysterious error that proved impossible to fix. I researched it and got nowhere. I removed a couple of the updates that conceivably might have unsettled something and got nowhere.

The wizard never came back to life. Fortunately most of its steps only lead to help files that describe the process for actually accomplishing each task by going into AD or MMC consoles or the like. I think - I think - I was able to finish the migration and cover the remaining steps without the wizard. There is still room for some surprise glitch - I'm going to cross my fingers when I demote the source server.

MAIL MIGRATION

I expected the mailbox migration to be slow but was still surprised. The Exchange 2003 mailbox store was about 25Gb after I pruned and archived as much as I could from the biggest mailboxes. The mailbox move took just about ten hours.

PUBLIC FOLDERS

I had no luck moving the public folders, and didn't really expect to, given the reports I had read. That may have been the result of a pre-existing glitch on the source server - this server, like several other of my SBS 2003 servers, throws up an error message when I try to do anything to the public folders in Exchange Server Manager. I've researched that one, too; I've removed the SSL requirement from EXADMIN in IIS, and a few other things suggested in other places, to no avail. I exported the public folders to a PST and stored them for now, since public folders were not being actively used and may not need to be implemented at all on the new server.

BACKUP

The most mysterious problem involves the backup system. The firm had been using ShadowProtect to back up to an NAS and two rotated external Maxtor hard drives. The backup built into SBS 2008 looks like it will be just fine but it does not directly back up to an NAS. I connected a Maxtor drive, formatted it, and ran the backup wizard. Hmm. Error message at the very end.

Since the message says "Cannot configure backup schedule," I started trying every scheduling option - once a day, twice a day - as well as swapping in the other (identical) hard drive, and couldn't get anywhere. I couldn't find anything in the logs at all. I got the flavor that it might be caused by the server disliking the external hard drives.

I'd like to talk to the person who thought it would be helpful to write: "If this problem persists, contact the person who provides you with technical support." It made me irritable.

ShadowProtect claims that the current version will back up SBS 2008 servers. With any luck I'll be able to install that and never know the answer to this one.

PHONE PASSCODES

This isn't a glitch, just something to warn your users about. By default, Exchange 2007 enforces a new passcode requirement on Windows Mobile phones (and iPhones) syncing with the server. Users are forced to set up a four-digit password that will be tapped in every time the phone is used. I'm sympathetic to all the reasons that this is an important security measure, but I'm also sympathetic to the desire to keep my job and not be fired by the attorneys who began flipping out immediately. It's possible to turn the requirement off in Exchange Management Console / Organization Configuration / Client Access / Windows SBS Mobile Mailbox Policy, which then allows it to be turned off on the phones. The iPhone balked and refuses to relax, even after the policy was changed, which apparently is a known glitch.

SERVER CERTIFICATE

I was determined to allow my users to continue to use the familiar URL for remote access, even though it didn't match the naming scheme preferred by SBS 2008. The email domain is www.bigfirm.com, say, and my users have been reaching RWW at www.bigfirmnet.com for years. I have a GoDaddy SSL certificate for www.bigfirmnet.com and heck, I just like it. Plus I've got migrations coming up where I know it will be difficult to work with the web hosting company to set up a subdomain and MX records for the primary domain name.

The Internet address wizard insists on getting the primary address and only allowing RWW to be reached at the same address with a prefix - remote.bigfirm.com or something like it. I had to work around that by lying to the wizard that the primary domain name was bigfirmnet.com, which (in Advanced Settings) would then let www.bigfirmnet.com be the remote access address.

When that was in place, then I could set the primary email addresses back to @bigfirm.com in Exchange Manager / Organization / Hub Transport / Email address policies / Windows SBS Email Address Policy.

ONECARE

Windows Live OneCare has been a trusted friend but it does make me a little crazy sometimes. SBS 2008 expects to get feedback from each workstation about its security status and apparently OneCare isn't set up to let that happen. So far I haven't found the firewall port or other hack that will let the workstations report in, so they're all showing in the server console as "unknown." I can't even find a definitive statement that it's possible or impossible with the standalone version of OneCare. I'm not going to install OneCare for Server so I may just not get good feedback in the console until we switch to Trend Micro. I was hoping to procrastinate on that - everyone has been used to OneCare for a long time - but change happens.

DRIVE MAPPING

Drive mapping is supposed to be accomplished in Group Policy now. I was comforted that other people online said they had trouble with it, because I couldn't make a mapped drive appear on a workstation no matter what I did in Group Policy. After a fruitless half hour of researching and trying things, I put the nice simple logon script in the folder and assigned it to everybody. I feel kind of crude, but it works.

SHARED PRINTERS

Another little headache - it was easy to install 64-bit drivers for network printers and share them from the server. At least, it was easy once I stopped clicking on the "Add printer" button and getting an "Access denied" message when it tried to set up a TCP/IP port. Right-click in the Printers folder and click on Run As Administrator / Add printer - ah, that's intuitive! Sheesh.

Out at the first workstation, I was reminded forcibly that there were no 32-bit drivers around, so I downloaded the corresponding 32-bit drivers for a few of the printers (a couple of HP Laserjets and a Toshiba copier) and went to add them on the server using Additional Drivers on the Sharing tab. The server thought that was a terrible idea - it never agreed that the 32-bit drivers corresponded with the 64-bit drivers. (I read somewhere that it was known problem with some HP drivers but I had the same epxerience with the Toshiba drivers.) So I parked the 32-bit drivers where I could get to them, went back to the workstation, and browsed to the 32-bit drivers when the workstation tried to connect to the shared printer and rejected the 64-bit drivers. Nope! The workstation also didn't agree that it was a match. It was the closest match, trust me - these were the identical 32-bit and 64-bit drivers for the same model running the same PCL level.

Fortunately, we already had reason to be running a Windows XP virtual machine on the second server with Hyper-V. I've shared all the printers from there and I bet it's rock solid.

A migration is a complex project! I think it went smoothly. These are the kind of glitches that happen constantly, every day at every level. Some of them will happen to me the next time, others will come up that are brand new. It's the nature of IT today. With luck I'll bring good instincts and a lot of experience and use them both the next time I come to your office!

Labels: computers, domains, mail, Microsoft, mobile, network, OneCare, printers, SBS, security, software

posted by bruceb at 12/05/2008 12:09:00 AM | permalink

SBS 2008 - SSL CERTIFICATES

Let me give you a quick overview of the kind of issue that makes it fun to be a consultant.

When you go to a web site where any personal information is going to be exchanged, you're likely to see the web site address change from http:// to https://. The data is encrypted (has a "Secure Sockets Layer" or SSL) and is reasonably well protected against eavesdroppers. You'll see it at banking sites or almost anything involving money or payment, as well as on web sites for access to company networks and other places where data should be confidential.

When you go to http://www.wellsfargo.com/, the bank's web server presents its security certificate from a known certificate authority, a big company that has done some checking to ensure that the server actually belongs to the company whose name is on the web site. Your browser examines it and agrees that it looks authentic, then it does some cryptographic things that convince it that the certificate was really issued by the big trusted authority. When it's satisfied, it proceeds automatically to https://www.wellsfargo.com/ and shows you a happy padlock icon in the address bar.

Until recently, SSL certificates were only used by big companies: they were expensive, required annoying paperwork, and the whole process was technically difficult.

Small Business Server 2003 wanted remote users to log into its great Remote Web Workplace over a secure SSL connection but couldn't saddle small businesses with the headache of buying expensive certificates, so it used a workaround. By default an SBS 2003 server presents a "self-signed certificate." Essentially the server vouches for itself and tells your browser that it's safe and trustworthy.

That sounds a bit flaky but it worked well enough for a long time, until security concerns began to trump everything else. Business people began buying Windows Mobile phones to sync their Outlook folders over the air and for a while it was possible to convince them to accept the SBS server's self-signed certificate, but it got harder and harder to accomplish - it required finding the right tool to install the certificate on the phone and the manufacturers were nervous about giving people access to the depths of the phone's operating system to do that. Now it's almost always impossible.

Meanwhile Microsoft began to add new security warnings to Internet Explorer as part of its hardening over the last few years. Now when you go to a site with an SBS 2003 certificate, you get this ominous warning:

If you go past the scary warning to the company's RWW site, you get the unhappy red IE address bar instead of the happy padlock:

Fortunately, a few companies began offering inexpensive SSL certificates with a minimum of fuss. GoDaddy.com offers SSL certificates for only thirty dollars per year that are accepted by most computers, phones and other devices. SBS consultants began to work out elaborate documentation for installing them on SBS servers. Many consultants made it a standard part of setting up a server running SBS 2003.

SBS 2008 still begins with a self-signed certificate but a wizard is included in the initial setup checklist to help purchase a third-party certificate.

The wizard wasn't helpful to me in a migration where I already had a domain name with an existing certificate. I found myself burrowing deeply into IIS and feeling my way through the process. I was successful but it took some interesting tricks to get everything to work correctly.

The experience exposed another interesting feature of Exchange 2007. If a company runs the web site http://www.bigfirm.com/, it can set up http://remote.bigfirm.com/ as a subdomain that leads to their internal company network. Set the company's MX record for incoming mail to http://remote.bigfirm.com/ and give that address to the business people for remote access. SBS 2008 has wizards to help get the domain names registered and set up in Exchange.

Then if a business person goes home and sets up Outlook 2007 for an Exchange Server at http://remote.bigfirm.com/, Outlook will configure itself automatically with the settings to connect over the Internet to Exchange Server at the office. It's not necessary in that case to configure the deep proxy settings that have been required until now to set up Outlook for RPC over HTTP. Microsoft thinks the technology is so cool that it blessed it with a new brand name, "Outlook Anywhere." (SBS 2008 does some of the magic to accomplish that, thank goodness - otherwise it requires deep surgery in ADSIEDIT and the Exchange command line console.)

That works fine, I'm sure, but I used a different naming scheme when I bought domain names for all my SBS clients for their remote access. SBS 2008 does not like that arrangement one little bit. And it's only easy to set up a subdomain and manipulate MX records if you have full DNS control over the ISP for http://www.bigfirm.com/. A small business will frequently have set up their web site with small hosting companies and web site designers that are, shall we say, not always easy to work with.

You see what I mean, I'm sure - it's fun!

Labels: domains, IE, Internet, mail, Microsoft, mobile, Outlook, phone, remote, SBS, security

posted by bruceb at 12/03/2008 12:46:00 AM | permalink

MICROSOFT ONLINE SERVICES

I am happy to announce that Microsoft formally unveiled Microsoft Online Services today.

I am a Microsoft partner authorized to sell and support Microsoft Online Services. I expect to set up many of my clients with Exchange Online for their mail. If you're interested, please call me or drop me a note! I do not need to be in your geographic area to assist you with this.

This is the first big step by Microsoft to deliver online services directly to customers, part of its effort to redefine the entire company and move some of your data to the online cloud. I've already written up the background information you need to understand Microsoft Online Services - click here for information about where this comes from and how it fits in your world.

Basically, each Outlook mailbox is hosted by Microsoft for a monthly fee. (An Outlook "mailbox" is the term for the entire set of Outlook folders, including contacts, tasks and calendar.) The hosted Exchange service allows you to connect to your Outlook folders in a variety of ways:

• MULTIPLE COMPUTERS  The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• MULTIPLE LOCATIONS  Office workers can be linked together and share Outlook folders even if they are in different offices.
• WEBMAIL  Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• PHONE  Windows Mobile 6 devices can sync email, calendar, and contacts over the air continuously.
• SHARING  Calendars and address lists can be shared with other people in the office.
• SECURITY  Microsoft provides virus and spam filtering.
• REDUCED COSTS  Microsoft is responsible for backups, database maintenance, security updates, and upgrades.

Microsoft has put together a very robust service that will be used by businesses of all sizes, including big enterprises that want to outsource their mail. It is best suited for small businesses if they fit within these parameters:

• The company has a domain name for mail, or wants to begin using one.
• There are a minimum of five email users.
• All computers are running Windows XP Professional or Windows Vista Business (or Ultimate), and all computers have Microsoft Outlook 2007 (or are prepared to buy it).
• The company is not set up with Small Business Server, which already includes Exchange Server. (It's possible to combine service from Microsoft with the onsite Small Business Server but I'm not sure the benefit would justify the cost for very small businesses.)
• In addition to the $10/month cost per mailbox, there will be some setup costs. You don't want to set this service up without assistance! As with anything new these days, I'm learning about hundreds of quirks and potential pitfalls as I set up clients. Call me before you sign up!

Here's Microsoft's press release about the new services, which include Sharepoint and other online services.

Other companies also offer hosted Exchange mailboxes which might be better matches for some people. I'll write more about those soon. Start to think about the advantages of having access to your Outlook folders from anywhere!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 11/18/2008 12:05:00 AM | permalink

SPAM HOST CUT OFF

The volume of junk e-mail sent worldwide plummeted on Tuesday after a company providing the servers for the spammers was taken offline.

The bad guys install malware on computers that they can control in vast networks, primarily to send spam for counterfeit pharmaceuticals and designer goods, fake security products and child pornography. Approximately 190 billion spam messages are sent every day from more than 1.5 million hijacked computers. The spammers set up servers to control the hijacked computers and to display web pages offering illicit goods for sale.

The spammers don't buy their own servers. They buy server space from hosting companies, which are shielded from liability in many cases and not directly responsible for the actions of their customers. That has made it difficult to find the spammers and prosecute them, leaving law enforcement frustrated and frequently ineffective.

Reports were published recently identifying McColo Corp., a San Jose company, as the hosting company of choice for virtually all the top botnets blasting out spam or malware attacks. The company has offices in a 30-story office tower in downtown San Jose and apparently its entire business is devoted to providing a platform for bad guys and diverting any attempt to pursue the spammers by refusing to cooperate with law enforcement and shifting the spam networks around to help them evade detection. Researchers estimated that networks run through McColo servers were responsible for 75% of the world's spam.

In an interesting twist, security researchers contacted the two companies providing the Internet connection to the building. Both companies became convinced that McColo Corp. was evil and decided to cut off the company's Internet connections on Tuesday without fuss or delay.

The volume of spam worldwide dropped by more than forty percent immediately.

Lots of companies monitor spam and all of them noticed the huge decline, with estimates of drops in global spam from 40%-75% when McColo was forced offline.

This won't permanently reduce the volume of spam. It won't take long for McColo to find other Internet connections or for other companies to step up in its place. Trying to shut down the bad guys is like playing Whack A Mole - a law enforcement victory here, a broken Internet connection there, but they keep popping up.

It's always nice to have a moment of triumph, though, and this was a particularly dramatic one.

It was reporting by Brian Krebs of the Washington Post that got the carriers' attention - here's his article about the effect of the disconnect.

Labels: business, Internet, mail, security, spam

posted by bruceb at 11/13/2008 12:03:00 AM | permalink

HOW SPAMMERS MAKE MONEY

Spammers can turn a profit even if they only get one response from every 12 million emails they send. When you see a ridiculous spam message and think, who in their right mind would respond to that?, the answer is, almost no one - but it only takes a handful of responses for the spammers to think their campaign was worthwhile.

Last year researchers from UC Berkeley and UC San Diego infiltrated a spam network and took over a portion of the network, diverting the spam sent out by over 75,000 hijacked computers (out of more than a million in the entire spam network). They set up a fake pharmacy web site, similar to the ones operated by the spammers, and sent 350 million spam messages in about a month inviting people to buy drugs online.

They only got 28 responses in a month from people who pushed the button to make a purchase. The researchers are good guys, so they didn't capture the credit card details or take any money, but they measured how much they would have made, about $2,700.

The interesting part happens if you scale that up to the size of the full spam network, where the same miniscule rate of return would net $9,500/day or about $3.5 million dollars in a year. That's not a huge amount but it's probably sufficient to earn a profit after subtracting the cost of developing the code to exploit security holes and hijack computers, and to run servers worldwide to sell Viagra and process credit card payments.

Meanwhile, the researchers saw 10% of recipients clicking on a link to download and install the malware that hijacks computers and turns them into bots sending out those spam messages night and day. Ten percent! The researchers estimate that would allow the spammers to add between 3,500 and 8,500 new hijacked computers every day.

Here's a Washington Post article about the UC study, and here's another summary from the BBC.

Meanwhile, security analyst Jesper Johansson wrote a followup to his study of "XP Antivirus," one of the prevalent bits of malware circulating now. Here are my notes about his study. In this scam, you are led to a web site that puts up a very convincing display about viruses on your computer that need to be cleaned off, with details that make the process look genuine and convincing. Almost any click anywhere on the screen leads you to a request for a credit card payment, and one wrong move will install popup bubbles and screens that insistently take you back to the payment demands. Most variations of this malware are not destructive but I've seen it several times and the bubbles are incredibly annoying, making it almost impossible to use your computer until deep surgery is done to remove the offending files. Some variations of the this adware can be removed with a reasonable amount of effort, but some come along with the kind of malware that can only be dealt with by reformatting the hard drive. If you pay the fifty bucks, you'll get some software that claims to have successfully removed the infected files, but the infection was fictitious and the software doesn't do anything.

Recently a hacker broke into an accounting computer run by one of the scammers responsible for distributing XP Antivirus and posted some internal accounting details online. There's a lot of money at stake! Believe it or not, the software is distributed through an affiliate program that pays a significant portion of the sale proceeds to affiliates spreading the malware. The most successful affiliate earned $158,00 in a week, and even the small-time affiliates were making hundreds of thousands of dollars a year. Here's an article about the financial details.

I've cleaned up several computers recently with XP Antivirus and other bits of malware. At the risk of being a nag, let me reiterate:

Antivirus software will not always protect you against malware if you click OK at the wrong time!

Don't click on strange URLs! Follow links with carefree abandon to and from legitimate sites, but don't click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.

Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.

The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse.

Please, be careful out there!

Labels: business, computers, mail, security, spam

posted by bruceb at 11/11/2008 01:31:00 AM | permalink

WINDOWS AZURE & LIFE IN THE CLOUD

"Windows Azure" is a terrible name but you need to be aware of it anyway. Windows Azure is a breathtakingly ambitious platform outlined by Microsoft at last week's Professional Developer Conference, another attempt by Microsoft to position itself to profit from a paradigm shift that will be just as important as the move to the Internet in the 90s.

Yesterday I used word processing as an easy example to imagine what it would be like if you had universal access to your files with the ability to open and edit them from any computer. Of course, it's just as easy to imagine having easy access from anywhere to your Excel spreadsheets and Powerpoint presentations, with the programs running in a browser if you don't have a copy installed on the computer nearby.

Okay, now stretch a little bit. Imagine that you could have something like the same experience on your phone - Windows Mobile can sync folders using Live Mesh and it runs little tiny versions of Word and Excel. Photos can be moved around from computer to computer and/or stored online, too, so you might not be surprised by this anecdote from someone who tried using Live Mesh on his phone to sync the folder where the phone stores pictures. There were the pictures on his computer a few minutes later with no muss, no fuss, no action required at all. The camera on the phone looks a lot more usable all of a sudden!

But now let's take a big step. Windows Azure is a platform that will allow you to run programs that are identical to programs installed on your computer but which are actually running from Microsoft's online servers. Microsoft's goal is to have all of its programs run from Microsoft's data centers in such a way that you cannot tell the difference between a program hosted online and a program on your computer. The developer tools will allow all the other software vendors to do the same thing.

Some of you already have experience with that. Businesses running on Small Business Server use Outlook to connect to mailboxes stored in Exchange Server. At the office, people open Outlook to do their work; away from the office, they might use Outlook on their notebook computer, or they might check their mail or calendar on their Windows Mobile phone, or they might use Outlook Web Access to display their Outlook folders in a web browser. Outlook Web Access is already significantly improved in Exchange 2007 so it more closely resembles Outlook, and it only takes a small leap of faith to imagine the experience being identical to using the full program.

The Azure framework is intended to give developers the ability to present their programs to you over your Internet connection so that virtually all the hard work is done by the online servers. Microsoft or Google or Amazon have responsibility for holding the data and backing it up; when a program is updated, the updates are applied at the source instead of requiring you to take steps to install updates on each of your computers.

I'll be writing more about Live Framework, the unified underpinning of the various Windows Live services as they become increasingly integrated, and Microsoft Online Services, which will introduce hosted online Exchange mailboxes to many of my clients. They're early signs of this movement to online services that will change your life, whether you're ready or not. There are many miles and many competitors and the future is not assured for Microsoft, but make no mistake - the company has staked its future on this ambitious transformation.

Here are some more early comments on Windows Azure: Dan Farber on "Microsoft's Manhattan Project"; Robert Scoble says not to underestimate Microsoft's ability to turn a corner; CBS News on the Azure launch; and Joe Wilcox on the significance of the project:

"I simply cannot overstate how enormous an undertaking is Azure. Microsoft plans to support cloud services in every product. Azure is hugely ambitious and will transform Microsoft, whether or not the vision stated on Monday makes it to market. As such, Azure is enormously risky and its success as envisioned is uncertain."

Labels: business, computers, file_sharing, Google, Internet, mail, Microsoft, mobile, Outlook, photos, software, web_services

posted by bruceb at 11/04/2008 12:05:00 AM | permalink

INCREASE IN BANK PHISHING ATTACKS

There are reports of increased phishing attacks purporting to be messages from various banks. Be alert! The bad guys create email messages that appear to be from banks, with links to malicious web sites that attempt to install viruses or adware or fool you into entering account information. The messages and web sites are increasingly professional, to the point that they are indistinguishable from the real thing.

The current wave of bank activity might make it plausible that your bank would contact you by email, but I don't want anyone fooled. In today's environment, no bank or other company will ever send you an unsolicited email message about your account; the only communication you will receive from any company will either be advertising or a response to something you initiated. If you're unsure, always doublecheck by phone, or by going to the company's web site directly instead of by clicking on a link in a message.

Be safe out there!

Labels: mail, security, spam

posted by bruceb at 10/08/2008 12:05:00 AM | permalink

GOOGLE ANDROID

T-Mobile introduced the first cell phone based on Google's Android operating system to much fanfare a few days ago. Although Android has some interesting features and much promise, I don't expect to see anyone holding the T-Mobile G1 in Sonoma County for a while, since T-Mobile is a fringe player with limited coverage up here (and certainly no connection anywhere nearby to its high speed 3G data network).

Android is a work in progress; comparisons to the iPhone are inevitable and at the moment Android comes up a bit short, but it's early to make any decisions. In this first iteration, Android is tied in very closely to Google's online mail, calendar and contact services, which are fully integrated and reportedly work smoothly. It's not as smooth for everyone else, since the integration is thin or nonexistent for other sources of mail and there is essentially no support for other calendar/contact programs.

In particular, businesses should be aware that there is no support for ActiveSync, the software that connects a mobile device to an Exchange Server. A Google Android phone is not currently a good choice for an office using Small Business Server. It's the same situation that an SBS user faces with a Blackberry - a solution for email can be cobbled together from forwarded messages and BCCs and the like, but it is clearly a kludge compared to the true integration provided by a Windows Mobile phone or an iPhone running ActiveSync. (It bears repeating that using an iPhone with ActiveSync causes it to suck battery power so fast it actually makes slurping noises.)

There's one other design decision for the T-Mobile device that has caused a fuss - instead of a standard headphone connector, they chose an oddball, mostly proprietary "ExtUSB" headphone connector that requires a weird dongle for every kind of headphone or earbud except the terrible earbuds that come with the phone. No one knows why but everybody hates it.

Somebody - Google or a third party - will likely make the financial arrangements with Microsoft and write an ActiveSync connector for Android, and the other carriers will be releasing their own Android devices with different hardware designs. We'll talk more about it then.

Labels: Apple, audio, Google, mail, mobile, phone, SBS

posted by bruceb at 9/29/2008 12:05:00 PM | permalink

RESIZING OUTLOOK PHOTO ATTACHMENTS

Here's a tip about Microsoft Outlook that I discovered by accident.

A common problem - you'd like to send an email to a friend with a number of photos attached. If you send the photos straight from the camera, the files are too large. Typical photos from a digital camera are 1.5-2.5Mb each, too big for an email attachment. Attach two or three or more and your message is likely not to be delivered, blocked by filters for oversized mail on your company mail server or your ISP's outgoing mail server or the recipient's incoming mail server or mail program.

There are many workarounds to resize the image for easy sharing. The photos can be shared online, or they can be resized by one of the many programs that can work with Outlook - Windows Live Photo Gallery and Photoshop Elements and many more.

There's another way to resize the attachments in Outlook and it's even easier. (If you don't use Outlook for mail, this isn't for you. Chat amongst yourselves for a few minutes.)

• Attach the photos to the outgoing message without any regard for their original size.
• Open the sidebar for "Attachment Options."
• Outlook 2003: button on the right of the attachment line.
• Outlook 2007: little arrow under the Message / Include buttons.
• Voila! An option to resize pictures automatically before the picture is sent. Pick a small/medium/large setting, push Send, and the message is on its way with reasonably sized attachments.

That's great stuff! Here's how those buttons look.

OUTLOOK 2003

OUTLOOK 2007

Labels: mail, Outlook, photos

posted by bruceb at 9/24/2008 01:08:00 AM | permalink

OUTLOOK SHORTCUTS

Here's a tip for getting around in Outlook: it's possible to switch between mail, contacts, and calendar using hotkeys on the keyboard instead of reaching for the mouse to click the navigation pane. Who knew?

Don't overlook an even better Outlook tip from a few months ago - opening multiple Outlook windows simultaneously.

Labels: mail, Outlook, software

posted by bruceb at 9/12/2008 03:24:00 PM | permalink

AT&T TECH SUPPORT vs. ETERNAL DAMNATION - A TOSSUP

I'm occasionally asked why I have such a negative opinion of AT&T's DSL service.

This chilling account should answer that question - a complete log of one person's experiences on two different occasions, dealing each time with more than a dozen customer support reps over a period of more than three hours each, on problems that should have been simple. A slow DSL connection at home, a failed login to AT&T wireless service, problems that should have required five minutes but turned into hellish nightmares.

I'll add one more awful, unforgiveable story, just the latest in my own run of unhappy experiences with AT&T.

Last week, AT&T started blocking all outgoing email with no notice for one of my clients running Small Business Server. A business was suddenly, unexpectedly cut off from communicating with its customers. For better or worse, businesses live by email! This was potentially devastating.

When I investigated, I found that port 25 was completely blocked, so no other outgoing email server could be used; AT&T's email servers could only be accessed over port 465 with SSL authentication, which is not supported by Exchange 2003. I researched the problem online and discovered that there was no solution; a handful of people who had survived AT&T's stupefyingly awful tech support process had been told that AT&T was simply not handling outgoing email for anyone with an Exchange Server - no apology, no excuse, no solution.

(This is a variation of the problem I ran into a few months ago. I solved it this time by buying service from NoIP.com that sends outgoing mail on a nonstandard port. Later I learned that ExchangeDefender also can be set up on a nonstandard port. I'm still going to insist that both clients leave AT&T.)

It's still possible to sign up for DSL service with Sonic.net, which consistently employs the nicest people in the world. If you are signing up for DSL service, don't even consider signing up with AT&T. If you currently have AT&T service and you want to do something proactive for your future mental health, think about switching your service. If you're a business, make it a priority.

Labels: broadband, Internet, mail

posted by bruceb at 8/25/2008 12:33:00 AM | permalink

GLITCHES & ANNOYANCES

Tough week! Here are the kind of things that fill my days. And bear in mind, these are all stories about software and services that I love dearly - this is the good stuff, these are what I recommend because they're better than the rest!

Client with hosted Exchange mailbox at 1and1.com. Mailbox doesn't connect this morning, so no incoming or outgoing mail. Try it from a different computer, try Outlook Web Access - nothing works. Call tech support in India and get through without delay. "Very sorry! That server is down. The experts are working on it." Any idea when it will come back? "No, I'm sorry. But the experts are working on it." It's been down a day and a half now, still no word.

Putting Jungle Disk on a Windows Home Server for online backups. The process to sign up for Amazon's online storage system is not completely straightforward but I've done it before, I know about the "Access Key ID" and the "Secret Access Key," so I'm in business in short order, except the Jungle Disk software delivers an error message, error 403, "NotSignedUp." There are a few dozen lines of gibberish in the detailed error message but it's clear that Amazon doesn't think the service is set up correctly yet. Log in to the Amazon Web Services portal and there's a message about problems with payment for the account - payment that was set up on an Amazon credit card. Hmm. Spent half an hour wrestling with payment options, putting in one good credit card after another and getting more error messages about payment problems, and just about gave up - I was actually drafting the note to the client about the failure when Amazon showed the service was working just fine, thanks, even though I hadn't actually changed anything for a while. Jungle Disk started doing a backup. What was that about?

Setting up Live Mesh to transfer large files between people working in several locations. Installed it on the client's desktop and laptop, created a folder, it started syncing all over the place, everything was automatic and swell, great stuff! Set up Windows Live IDs for three employees, shared a Live Mesh folder with employee number 1, went to that employee's computer and clicked on the invitation to Live Mesh that appeared promptly in the mailbox. Web site pops up inviting me to "Connect," then "Sign In," then displays a message that Live Mesh is only available in the US and they're happy to put me on a waiting list when it's offered in my country. I looked around. It looked a lot like the US where I was standing. I poked around in the Live Mesh forums and found a suggestion that the Windows Live ID account information needed to be updated with the correct country information so I went over there and found it was completely hosed - no matter how many times I picked "United States" and clicked Apply, the front page would stubbornly complain that no country had been chosen. I could change it to the Virgin Islands - that worked fine! It was only the US that it ignored. I dropped it, wrote off the hour that had been spent fussing with it, went back a couple of hours later, and everything worked right away, Live Mesh installed immediately, no issues at all.

Client with a SonicWall firewall/router and a Small Business Server that hadn't been set up to use Remote Web Workplace or the other features that make SBS so lovable. There were a few odd networking settings on the SonicWall but nothing alarming. I set up port forwarding on the ports that make SBS do its tricks (80, 443, 4125) and bang! the network went down, all Internet traffic stopped, the workstations couldn't connect to the server, couldn't browse or ping anywhere. Spent an hour and a half backing out of anything that I might conceivably have touched, nearly gave a credit card number to SonicWall tech support, when it came back up. Two days later I set up port forwarding in what I swear was exactly the same way and it works like a charm. I still don't have any idea what that was about, but it scared the hell out of me.

Tried to buy licenses online for StorageCraft's remarkable backup program, ShadowProtect. Everything went perfectly, right up until the final "Finish" button when I was told that the billing address for the credit card didn't match the information on file at the bank. Just for fun, I tried three different credit cards at two different addresses - all of them plausible choices, not trying to pull anything. Same message each time. (Just for fun, I logged in to my bank's web site and confirmed that there were six or eight "pending" charges showing on the various cards. They went away eventually.) Couple of days later, went back and the transaction went through immediately. (And this story doesn't really count, because after I dropped them a note that night, the company immediately put me in touch with a reseller who would have sold me the licenses, then had one of the company's business manager follow up with a phone call to make sure the problem was resolved. Nice folks, great software, great support.)

Set up Netgear Rangemax USB wireless adapters on three workstations. Windows XP doesn't have any builtin drivers so the CD is required, and the CD doesn't have the drivers stored separately - the Netgear software has to be installed, which of course demands to take over control of the wireless settings from the perfectly adequate Windows XP wireless controls. The next morning, no one can get online, all the networking is mucked up, I have to travel onsite and get the stupid Netgear software to stop popping up with its incomprehensible dials and control panels and graphs. I couldn't find any way to get the Netgear software to hand control back to Windows - that required removing and reinstalling the software to get the startup dialog to appear again so I could check the box telling the Netgear software to get out of the way. Once I did that, the connections were immediately rock solid.

And so it goes. This is the good guys, the cream of the crop - I've also had battles with spyware and rootkits and the rest. Some weeks are more tiring than others. Back to the news soon, I promise!

Labels: backup, computers, file_sharing, hardware, Home_Server, mail, network, SBS, software, web_services

posted by bruceb at 8/21/2008 01:15:00 AM | permalink

UPS SPAM

The latest outbreak of virus-laden spam purports to be a message from UPS about an undeliverable package. The attachment is a ZIP file with an executable program inside that does something evil - blows up a cruise boat or something.

These messages appear and morph and tomorrow this might be a message from FedEx or the IRS or anything else. Your first defense is your common sense: never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.

Never.

Many of my clients use Exchange Defender to filter out spam and viruses from incoming mail. Here's the update on ED's struggle with this new outbreak.

"It has been quite an evening at ExchangeDefender as we continue to fight the outbreak of the UPS trojan. You may have seen this:

Subject: UPS Tracking Number 6431834482

Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient's address is not correct.

Please print out the invoice copy attached and collect the package at our office

Your UPS

"What is interesting about this is that the message does look fraudulent to the casual observers and people that do domestic business with UPS. However, we have encountered this format (with attachments and all) being used by UPS Commercial shipping departments in the past, which is why messages with the specific patterns received lower SPAM scores and were allowed through.

"We still stripped the attachments but the attachments inside the ZIP file are passing through AV scanners as the variants change. We are now up to over thirty definitions used to track this specific worm and have taken the following steps:

UPS messages are only processed if they come from UPS.

UPS Tracking numbers are only accepted as valid if they start with 1Z.

UPS messages instigate a callback function against UPS servers.

"Dealing with these extended rulesets and checks has made mail move a little slower today as we've dealt with onslaught of messages while this worm becomes more prevalent. UPS is also issuing a warning on their behalf:

"We currently have this issue under control and it should not pose any further problems. However, expect the UPS messages to be taken with higher scrutiny and always warn users not to open executable attachments."

Labels: mail, security, spam

posted by bruceb at 7/24/2008 09:50:00 AM | permalink

MICROSOFT ONLINE SERVICES

Two weeks ago, Microsoft announced new services that might drastically change the email technology used by small businesses. Let me give you some background, then give you some information about Microsoft Online Services - a way for a small business to have its Outlook folders stored online by Microsoft.

Companies running Exchange Server for Outlook reap tremendous benefits. For example:

• The same Outlook folders can be displayed on multiple computers at multiple locations. You can use your Outlook folders seamlessly from a desktop computer at the office, a desktop computer at home, and a notebook computer on the road, and Outlook is always up to date at all locations.
• Calendars and address lists can be shared.
• Outlook folders can be accessed online through Outlook Web Access - full access to all Outlook folders presented in Internet Explorer, like other webmail services.
• Windows Mobile devices can sync over the air.

It's a rich environment.

Traditionally that has required a small business to run its own Exchange Server (included with the Small Business Server suite). A small business does not strain Exchange Server, which is remarkably robust and frequently troublefree, but make no mistake - it is fiercely complex and problems can happen. I dive for the phone to pay Microsoft for support when there's a problem with an Exchange database.

Microsoft developed a community of partners - big companies offering "hosted Exchange" mailboxes. A small business would pay a monthly fee to the big company to have the Exchange database stored online for all the business users. Outlook works completely smoothly with that arrangement; for the users, there's literally no difference between that setup and having the Exchange Server down the hall. The responsibility for backups, database maintenance, security updates, and upgrades is shifted to the big company.

Until recently, small companies mostly stayed away from hosted Exchange accounts. The big companies were unfamiliar (heck, the whole concept was unfamiliar), and the prices were just high enough to dissuade business owners from moving away from traditional standalone copies of Outlook. (I set up several people with individual hosted Exchange accounts, offered by 1and1.com, but even those were tough because people weren't familiar with the concept.)

Two weeks ago Microsoft announced the details of Microsoft Online Services. Microsoft is bypassing its partners and offering hosted Exchange services directly. Pricing is still not cheap - $10 per user per month for 1Gb of mailbox storage space, with more space available at a cost for oversized mailboxes. But it comes with Microsoft's name behind it and it comes at a time when people are being bombarded with references to storing things "in the cloud." People are becoming familiar with the idea of having important data stored online.

As always, there are a lot of details to process. You can see from the chart that there are many levels of service, and other services in addition to Exchange. I've been testing the beta and there were kinks getting things set up. It's possible to integrate this service with an existing onsite Exchange Server, and it's possible to migrate from an onsite server to the hosted service, but there will be some technical hurdles to make that work.

Meanwhile the partner community is reeling, feeling betrayed, because this puts Microsoft in the position of competing with them directly and even potentially taking customers from the partners. Microsoft has set up an elaborate commission structure to try to soothe them but there is a lot of bitterness out there. I don't think that will slow things down but be alert for yet another round of Microsoft-bashing.

This might be one of those moments that changes the standard setup of computer services for a small business. The demand is already there for universal access to email, calendar and contact lists; this responds to some very real needs being expressed by every business. I expect to be talking about this with many of my clients that do not presently have a server.

Even more interesting, there are consultants in the Small Business Server community who wonder whether this will be such a compelling alternative that they should not recommend Small Business Server 2008. It could be that a small business will have a server onsite to do nothing more than file and printer sharing, and all the other company technology will be online services.

There are changes ahead! This is another one that deserves some attention. Here's more information about the presentation of Microsoft Online Services at the Microsoft Worldwide Partner Conference in early July. There's a demo at the MOS beta site. Here's an overview of Microsoft's step into this space. It's interesting stuff!

Labels: business, mail, Microsoft, mobile, Outlook, SBS, web_services

posted by bruceb at 7/23/2008 01:52:00 AM | permalink

OUTLOOK vs. GMAIL

Microsoft Exchange and Outlook dominate the market for corporate email. Small businesses running Exchange Server use Outlook almost exclusively. Until recently, even individuals and businesses without a server would use Outlook with their POP3 mail accounts.

But in the last couple of years, almost everyone has started to chafe at a singular disadvantage of an individual copy of Outlook: it can't be used easily anywhere except by sitting at the computer where it's installed.

We want to read our mail from any computer, anywhere. We want to use more than one computer - a desktop in the office, another one at home, or perhaps a notebook for the road - and we want our email on all of them. We want our mail on a Blackberry or iPhone or Windows Mobile device. All of those things can be done with Outlook but not easily and not without compromises.

It's driving people to set up their mail online with Google Gmail or Microsoft's Windows Live Hotmail or Yahoo Mail. There are some compromises there, too, but the convenience is starting to outweigh everything else. The webmail providers are adding features right and left, so it's possible now to use the online services without regret.

Google Gmail has devoted followers who love its presentation of messages in organized threads and unparalleled search options. Google is constantly tweaking it to offer more storage space, more options for displaying mail on more devices, and more features.

Here's a lengthy comparison of Outlook and Gmail. It's worth reading - your attention will be drawn to things you might not have considered, and you may find yourself nodding unexpectedly at one choice or the other. I think the author undersells Outlook a bit. (One point he doesn't mention, for example: people are very upset when they click "Send by email" in Internet Explorer or Word and nothing useful happens - the webmail services don't integrate with Windows that way.) And in the end, personal taste may outweigh any of these features; some people hate Outlook; personally, I can't use Gmail - I find it unintuitive and clumsy and unattractive.

The next few years will be a blur. Outlook's profile is dropping for home users; Microsoft does not even include Outlook with the Home and Student Edition of Office 2007, presumably because more people are using the online services instead (and perhaps because Vista's Windows Mail is a really nice mail program, better suited for many people who don't need Outlook's complexity).

On the other hand, Microsoft just announced a new program that may change the game completely for small businesses and keep them with Outlook. I'll tell you about that on Wednesday.

Labels: Google, mail, Microsoft, Outlook, software, web_services

posted by bruceb at 7/21/2008 01:45:00 AM | permalink

iPHONE 2.0

The new iPhone will be available next week, including support for Microsoft Exchange and Windows Mobile/ActiveSync. That means businesspeople in companies run by Small Business Server 2003 should be able to connect to their Outlook email, calendar and contacts over the air, continuously updating both directions. Well, we'll see - time will tell whether there are glitches or unexpected shortcomings. (I've seen one early unconfirmed report that using Exchange over the air sucks the battery dry in short order.)

David Pogue's column in the New York Times today mentions one thing that I had misunderstood. Apparently the iPhone 2.0 software will also be rolled out to current iPhone owners, enabling them to do exactly the same things.

That means all iPhone owners will have access to the new applications being developed on the iPhone 2.0 platform - there will be thousands of them, a rich new area for blogs to write about endlessly. You might see some that look tempting:

"One coming program, called iCall, will give you free phone calls when you're in a Wi-Fi hot spot. Another, called G-Park, exploits G.P.S. to help you find where you parked. Yet another, Urbanspoon, is "a cross between a magic eight ball and a slot machine:" you shake the phone, and it randomly displays the name of a good restaurant nearby, using the iPhone's G.P.S. and motion sensor.

"You can also expect to see a time and expense tracker, home-automation remote control, voice recorder, Etch-a-Sketch, a recipe box, tip calculator, currency converter, e-book reader and so on.

"Above all, the iPhone is about to become a dazzling hand-held game machine. The games revealed so far feature smooth 3-D graphics and tilt control; in one driving simulator, you turn the iPhone itself like a steering wheel, and your 3-D car on the screen banks accordingly. Other games exploit the multitouch screen, so you and a buddy can sit at opposite ends of the screen and fire at each other."

I'm a bit skeptical because I'm dull and unimaginative. There are hundreds of gadgets that can be added to Vista's sidebar, but I kinda turned off the sidebar because they weren't all that interesting. There are thousands and thousands of applications for Windows Mobile devices but once my phone started syncing reliably with Outlook, I was pretty much done with twiddling with it.

Interesting stuff. Just remember, the iPhone is an expensive thing to have in your pocket and there's no way around its Achilles heel.

Oh, and I finally found the map showing the Sonoma County coverage of AT&T's higher speed 3G network.

If you're outside the shaded area, data speeds will continue to be limited by AT&T's slower EDGE network, roughly the same as having web pages delivered to you by a glacier.

Labels: Apple, mail, mobile, phone, SBS

posted by bruceb at 7/10/2008 12:20:00 AM | permalink

BLACKBERRY MANIA

Blackberry smartphones are mindbogglingly popular. I'm being asked about them more often than iPhones. That shouldn't be a surprise - almost half the smartphones sold in the first quarter of 2008 were Blackberry devices, a significant increase over the previous quarter, while the market share of iPhones took a nose dive in the same period, according to the Associated Press.

I wrote some cautionary notes a few months ago about the Blackberry. Let me try to be more specific.

• If you work in a company that supports the Blackberry, it is a tremendous device. The company runs big servers to make it so.
• Small businesses can get similar software for their server; licenses are cheap or free. Count on a significant cost to set up the Blackberry server software and get things working - and prepare for the risk not only that it might not work smoothly, but also that it might muck up your server in other ways. Remember, the reason your server runs so smoothly is because we change it as little as possible. I've heard stories, that's all I'm saying.
• If you are an individual with a single POP3 email address, the Blackberry is a good phone and a decent email device. You'll have to fuss with a couple of settings in your mail program to leave messages on your mail provider's server so Blackberry can retrieve them; that can occasionally go sideways, resulting in your mail program or Blackberry receiving twelve duplicate copies of messages or something, but on the whole it will be fine.
• You won't be syncing over the air with your computer's calendar or address book. You can sync in a cradle attached to the computer if you install Blackberry's software. Personally, I find the software to be fairly hideous and unintuitive, but it does its job, if you're lucky. Heck, hideous unintuitive software is easy to come by - I've seen worse.
• If you have a Google GMail or Yahoo mail account, the Blackberry integrates beautifully with them. Google, in particular, is cooking up ways to connect to a Blackberry and has released a program to sync the Blackberry calendar with a Google calendar. You know, if you're using a Google calendar. (If you're using a Google calendar, you're young and devouring new technology at a furious pace and the last thing you need is condescending advice from an old fogey. Go and Twitter in peace.)
• If you work in a company run by Microsoft Small Business Server, the Blackberry is very, very wrong for you.
• If you get a device running Windows Mobile 5 or 6, I can set you up in three minutes with your Outlook calendar, contacts, and email syncing over the air, continuously, both directions.
• If you get a Blackberry, I can create a clumsy, half-baked flow of messages to the Blackberry that is divorced from your Outlook folders. Everything about it will be a compromise. You'll blame me. I'll be defensive.

The smartphone is becoming a platform that is as important for many people as their computer. Shop carefully and look ahead - a lot will be happening in the next year to improve the process of making your information available everywhere!

Labels: Google, mail, mobile, phone, SBS

posted by bruceb at 6/12/2008 12:50:00 AM | permalink

WINDOWS LIVE NAMING CONFUSION

Microsoft has done a terrible job of branding things in the last few years. "Microsoft Network" morphed into "MSN," which has at various times been a software package, a collection of TV-like programming, a brand for web services like Hotmail and Messenger, a dialup Internet provider, and a web portal.

Many MSN services were included in a reorganization under the new brand name "Windows Live" in 2006, and Microsoft began creating more and more services with the Windows Live name, including some that have no obvious relationship to each other. The Wikipedia list of Live-branded services is pretty daunting!

Some of the services will be dying quietly soon - Microsoft just announced that it will be closing down Windows Live Expo, intended to be a competitor to Craigslist, joining recently deceased Live Search Books and Live Search Academic.

I find myself joining clients and friends now in stumbling over one particularly poor bit of naming.

Vista comes with Windows Photo Gallery, a simple but useful photo program that's well suited for many people.

Later, Microsoft released Windows Live Photo Gallery, a free download for Vista and Windows XP. It's almost identical, but changes some things around on the menus and makes it easy to put photos online in free photo galleries for sharing.

When Windows Live Photo Gallery is installed on a Vista computer, it does not replace Windows Photo Gallery. They're visually indistinguishable, so the only way to tell which one you're using is the name on the title bar in the upper left corner.

Frankly, most of the time it won't make any difference. The two programs both display the same pictures and the same tags and almost all of the same features. But why do that to people? When it's time to put pictures on a DVD and someone looks for the "Burn" button, why should they have no idea why it's under "Make," instead? The access to online services will appear and disappear randomly if people aren't careful to click on the right program.

The situation is basically the same with Windows Mail (Vista's mail program) and Windows Live Mail (a separate program for Vista and an upgrade for Outlook Express on Windows XP).

Didn't Microsoft learn anything from the years of confusion caused by "Outlook" and "Outlook Express"?

Labels: mail, Microsoft, photos, Vista, web_services, WinXP

posted by bruceb at 6/08/2008 03:24:00 PM | permalink

AT&T DSL & MAIL WOES

AT&T has a special place in my heart.

One of my clients is a small business with its own domain name and several users receiving POP3 mail addressed to that domain name - gertrude@businessname.com, for example.

The business has an AT&T DSL line.

A couple of months ago, they started having trouble sending mail - AT&T's SMTP server refused to take outgoing messages from Outlook.

Eventually we discovered that AT&T had sent this message a few months earlier, warning that its SMTP servers would only accept outgoing messages on an AT&T DSL line if certain conditions were met.

The first condition wasn't terribly unusual - Outlook had to be set up to authenticate itself to the SMTP server with an AT&T account - an email address and password. The business had set one up as part of the DSL account (businessname@pacbell.net) and we were able to dig that information out.

But wait! There's more! The outgoing mail also had to be set up as an SSL connection for additional security, on a non-standard port. You know, the settings in Outlook under Tools / Account Settings / Change / More Settings / Advanced - surely you've been there? Yeah, right.

I sympathize with the difficulty for ISPs of dealing with an unimaginable amount of spam, but this is a terrible, unforgivable thing to do to people.

We were able to get the mail flowing again for a couple of months. It stopped again with no warning.

I've spent more than two hours and although I found a workaround, I'm still pretty horrified at what appears to be going on.

I tried every combination of SMTP server name, authentication on/off, SSL on/off, port 25/465, with no success. The returned messages had an unfamiliar error in them - the sender's address was not "verified" to use the SMTP server.

AT&T and Yahoo have set up an extraordinary labyrinth of conflicting sites to log in with a @pacbell.net account. Eventually I found the Yahoo login page and was able to get to Member Center / My Account & Billing, where there was a reference to "Alternate email addresses."

"Your alternate email address is an address you can add to your AT&T Yahoo! account for use with a variety of products and services across the AT&T Yahoo! network. An alternate email address can be used any time you don't want to use your AT&T Yahoo! member ID for a particular function."

Great! Put in the business email addresses, respond to an email confirmation, and the addresses showed up as "Verified." Problem solved!

Not. Outgoing mail was rejected just as firmly. I kept typing test messages and pushing "Send" over and over, because I couldn't think of anything else to do.

I located an ominous sentence in an AT&T support document -

"Please make sure that you have entered your AT&T Yahoo! Business Email address as the "From" address in your email client. You will not be able to send mail if you have entered another address."

If I read it correctly, that support document only applies to people using an "AT&T Yahoo! Business Email address," whatever that might be.

But on a hunch, I went back to the account settings in Outlook and entered the @pacbell.net email address on the first screen for a POP3 account.

Outgoing mail immediately started flowing. And every outgoing message shows the sender is businessname@pacbell.net, from every computer onsite.

I spent more time and got nowhere. I thought about the horror of calling AT&T for technical support on an issue like this and put the idea out of my head. We may get to that point but my hourly rate becomes a very real consideration for this kind of headache.

And that's where things stand. Somewhere there's an answer. It can't be the case that a business cannot send email using its own domain name on an AT&T DSL line - but, well, that's where it stands.

By coincidence, Susan Bradley complained recently about changes AT&T has made to her incoming mail at an @pacbell.net address that make the account virtually unusable.

Sonic is still taking orders for DSL, and I'm hoping this business will just switch over and we can put this behind us. But what will we do when AT&T is the only DSL provider left?

[Postscript 05/30 1pm: after more experimenting, I found that mail.pacbell.net is apparently still running - messages can be sent from the business address. (Settings: authentication required; port 25; no SSL.) It's not clear whether this is a permanent solution or whether AT&T intends to shut down those servers, as their support letter suggests. But for the moment, the business can use its mail again]

Labels: broadband, mail, Outlook

posted by bruceb at 5/30/2008 01:05:00 AM | permalink

EMAIL NO LONGER RELIABLE BUSINESS TOOL

An interesting problem has developed, and there's no good answer in sight. Email is no longer a reliable business tool. We're going to keep using it but there will be more occasions when I have no good answer to mail-related complaints.

Spam is the primary reason that things are falling apart. It's at record high levels and I've seen predictions that this is the calm before the storm.

For a while we could deal with that at the Exchange Server - drop messages that are not addressed to valid recipients in the business, turn off non-delivery reports, rely on Outlook's junk mail filter and supplement it with Exchange's Intelligent Message Filter after Exchange Service Pack 2.

After a while that's not enough. Servers are using processor power and bandwidth just to drop thousands of misaddressed messages. Most of my business clients have now been set up with Exchange Defender, a third party service that filters spam and viruses. That will work for a while. Most people will read the daily reports from ED at first, until the spam builds to a volume that makes the daily reports overwhelming.

The third party services frequently don't filter messages that seem to have been returned as "undeliverable," leading to the recent waves of "NDR spam," flooding mailboxes with hundreds of messages per hour for a day or two. I've gotten a call about this every day or two for the last month or more, helping people set up an Outlook rule to delete any message with "Undeliverable" in the subject. It undermines our confidence in the mail system a little more - and ensures we will never find out that we've accidentally sent a misaddressed message.

Spam is not the only thing undermining our confidence in email. We're dealing with larger and larger files, and at the same time we're doing more work outside the office or collaborating with people all over the world. The world's email systems were not designed for large file attachments! I'm constantly hearing the frustration of people whose messages with 20Mb PDF attachments do not get where they're going. There is no answer - except to learn to use a different method because email is not a reliable business tool to exchange files.

Another problem is going to affect more small businesses in the next year or two. Outlook folders are exploding in size in a way that was never intended by the designers of Exchange Server. It's convenient to exchange huge files with co-workers down the hall by email, or to use email to send the PDFs scanned by the cool copier, but the result is that mailboxes are far exceeding the sizes called for by best practices. Outlook's built-in archiving is confusing and fragile - people just don't understand the process and have no idea what to do with an unruly collection of .PST files. (Not to mention the backup problem - PST files should not be stored on a company server but desktop computers are generally not backed up, putting those PST archives at risk.)

It's wildly expensive to set up a second Exchange Server and maintain it; third party archiving and hosting solutions are out there but not exactly easy or affordable for a small business with no onsite IT employees. But mailboxes that are 4 and 6 and 8Gb in size are going to run slowly and are at far greater risk to become corrupted, either on the local computer (requiring a long, slow process to rebuild the local cached copy), or worse yet, on the server, where the process of recovering a mailbox is painful to think about. Yeah, I can set mandatory size limits and automatically disappear mail after a certain time. I can also be fired, which would be one of the likely side effects if I try that.

I'm watching a slow deterioration in our confidence in business email, with no idea what to do about it.

Labels: business, mail, SBS, spam

posted by bruceb at 5/15/2008 12:29:00 AM | permalink

MICROSOFT & THE CLOUD

Microsoft is working on a package of software and online services that might be exactly right for students and home computer users.

Although Vista includes important features out of the box, it does not include Microsoft Office - Word, Excel, and Powerpoint. That's surprising to many people. (Dell will preinstall Office if you remember to check the box, but all the other manufacturers leave it off to keep the computer sale price down.) I talk to a lot of people about why they have to make an unexpected trip to Costco or Office Depot to buy a copy of Office.

The computer manufacturer may include security software but all too often it's a bloated suite from whatever vendor paid the most to be included, or it's only a trial version.

Similarly, most people have a poor experience with badly designed software for editing and sharing photos that comes preinstalled with their new computer or installed along with the driver for a new printer or camera.

These are not deep mysteries. Any technically adept person is able to jump in and clean things up! Uninstall the crap. Sign up for online services - lots of people have favorites of the hundreds available. Use Google Docs or OpenOffice for free or buy a copy of Office 2007 Home & Student Edition.

The package from Microsoft isn't aimed at those people.

Instead, Microsoft will be packaging up a collection that's good enough for people who want the choices to be made for them and presented in a neat, easy-to-use package. And Microsoft will be experimenting with selling the package as a cheap monthly subscription instead of an expensive box at Best Buy. (Microsoft sees subscriptions as an inevitable shift in the long run but it's had trouble figuring out how to jump in without cannibalizing its current license fees.)

The "software plus service" bundle is code-named "Albany" during testing. Let's fantasize and assume that Microsoft delivers a well-designed integrated experience. Here's the way it will go sometime this fall.

• If you don't have one, you'll get a free Windows Live ID.
• You'll agree to pay a monthly fee - not yet determined but probably $10-15/month.
• A single installer will download and install these programs on your new computer, and set up access to their online components:
  • Microsoft Office 2007 Home And Student - Word, Excel, Powerpoint, and OneNote
  • Windows Live Office Workplace - online file storage and sharing for Office files, integrated with the Office programs, as easy as clicking a button; files can then be viewed and retrieved from any computer
  • Windows Live OneCare - easy-to-understand program for antivirus, spyware protection, firewall management, backups, printer sharing, and system maintenance
  • Windows Live Photo Gallery - the easiest and best-designed program for working with the photos on your computer and sharing them online
  • Windows Live Mail - full-featured and safe mail program, better than Outlook for home users, easy to integrate with Hotmail so mail can be viewed from anywhere
  • Windows Live Messenger

The programs would then all be updated automatically.

There's nothing new about the package except the integration and the subscription pricing. Most of those components are free; Office 2007 Home & Student is about $140 and Live OneCare is $49.99 or less, so this is under two hundred dollars of software.

But the integrated experience is everything! If I've learned anything over the last ten years, it's that many people don't want to think about their computers. They want to sit down and do stuff! If this package was installed on a nice cleaned-up computer, people would be able to do stuff with a minimum of fuss. I think it's a winner.

Here's an article about Microsoft's official acknowledgement that this package would enter beta testing soon, leading to a final release sometime this fall.

Labels: computers, mail, Microsoft, Office, OneCare, photos, security, software, Vista, web_services

posted by bruceb at 4/23/2008 01:28:00 AM | permalink

NDR SPAM

I've gotten several calls recently about an odd type of spam attack that also happened to me a few days ago.

As other clients had reported, I began getting "non-delivery reports" - messages from mail servers all over the world that messages from me had not been delivered. Typically the sender is "System Administrator" or the like. Of course, I hadn't sent any such messages.

In the next hour or two, similar messages started coming in faster and faster until they were arriving every minute or two.

They tapered off after a while and stopped in a couple of days.

If you're running current antivirus software, chances are good that you don't have a virus and nothing is originating from your computer. These messages are yet another attempt to get through your spam filter. It works this way:

• The spammer finds an email server that sends NDRs when a message arrives that does not match anyone in the company. The mail server for @fictitiouscompany.com might take a message for john@fictitiouscompany.com, but would send an NDR if a message arrives for oswaldrabbit@fictitiouscompany.com.
• The spammer decides to send you spam. Presumably you and a million others, but you're the most special, right?
• The spammer sends his spam to fictitiouscompany.com. He shows your email address as the sender and intentionally sends it to a bad email address that doesn't exist on the fictitiouscompany.com server.
• Since the server is sending NDRs, it does as it's told and sends a message to you that the message wasn't delivered.
• Here's the trick - the original email (the spam) is usually attached to the NDR. Voila! The spammer has bypassed your spam filter and you have his spam.

Very few people will open the attachment to a non-delivery report, and fewer still will respond to it or click on a link in it, but spammers are working on volume. They only need a very, very small number of people to respond for their scheme to work.

This is nothing new. I don't know why it's happening in volume all of a sudden. There's an easy workaround if it happens to you while you're using Outlook: create a rule that deletes all messages with "undeliverable" in the subject line.

My clients running Small Business Server are not contributing to this problem - I've turned on recipient filtering in Exchange Server. If a message arrives that is not addressed to an active mailbox, the message is dropped with no notice to the sender. More and more servers worldwide are being set up that way but there will always be some servers for the spammers to exploit.

Labels: mail, security, spam

posted by bruceb at 4/17/2008 12:32:00 AM | permalink

IPHONE & EXCHANGE

Apple announced today that it has licensed ActiveSync technology from Microsoft, allowing the iPhone to sync mail, contacts, and calendars with Exchange Server.  Apple also released a development kit which will result in an explosion of third party applications for the iPhone.

The iPhone is poised to be a compelling choice for businesses, including my clients running Small Business Server. Blackberry and Windows Mobile devices suddenly look very drab in comparison.

The update for the iPhone is scheduled to be delivered in June. The iPhone will still be tethered to AT&T for the foreseeable future. There is no official word about whether the iPhone will be upgraded to permit a faster 3G Internet connection but the rumor mills are predicting a 3G iPhone in June to go along with the enterprise features.

Here's an article about today's announcement of ActiveSync support for Exchange, and here's an overview of the entire Apple press conference. Apple unveiled a web site devoted to the iPhone Enterprise program and Microsoft concurrently issued a press release.

This has the potential to make the iPhone a bigger deal than anything Apple is doing with computers, and might even eclipse Apple's success in changing the music industry with the iPod. Pay attention to this story!

Labels: Apple, mail, Outlook, phone, SBS

posted by bruceb at 3/07/2008 12:57:00 AM | permalink

BLACKBERRY - THE ENVY & THE REALITY

Blackberry is making some very appealing phone/mail devices.

They don't work the way you think they do. Some of you won't have any fun with them at all.

Businesspeople have made Blackberries into corporate icons, as omnipresent as iPods on 24-year-olds. Serious users aren't bothered by jokes about "crackberry addicts" - they just keep on moving their thumbs with their heads down through meetings and in airports and on dates and riding ski lifts and during dental surgery.

The mail comes in, the mail goes out, the phones look stylish. Great, right?

How does the mail get to the Blackberry? Aye, there's the rub.

Medium to large companies run lots of servers, with lots of IT staff employed to keep them working. These days, one or more of those servers runs enterprise software from Blackberry. Blackberry Enterprise Server integrates with the company's mail servers to push mail to the company's Blackberry users. This is more than "software" - it is a dead serious, expensive, enterprise-level platform that requires committed onsite IT staff for setup and support.

You - my loyal small business clients, my friends with home computers - you don't have a Blackberry Enterprise Server.

But if you buy a Blackberry, it can get your mail! You can send mail! It says so in all the ads!

You get to run Blackberry Desktop Software on your desktop PC. It hooks into your mail program and pushes incoming messages out to your Blackberry. Perfect! Works like a charm, right?

Maybe. Some people use it happily. But consider this.

It only works if you use Outlook. (Or Lotus Notes or Novell Groupwise. I don't want to leave out Notes and Groupwise users. Why don't you go off to the corner of the room and chat amongst yourselves?) Using another mail program or web mail? There's other ways to set up the Blackberry - maybe - but you'll need help and you have no guarantees.

It only works if Outlook is running on your desktop computer. Your desktop computer has to be turned on, logged in to your desk, with Outlook running, or nothing arrives at your Blackberry, period. The mail to your Blackberry stops if you're using a notebook, or if your desktop computer goes to sleep, or you forget to leave Outlook running, or the computer restarts after installing an update, or the power blinks, or the Internet connection goes down, or anything else at all interferes.

The Blackberry software is like too many other programs. It works reasonably well for many people but when it goes wrong, it is obnoxious to troubleshoot. I've been there. It feels fragile and unfriendly. I had one particularly bitter experience that still makes me shudder, on behalf of a client who has developed a close relationship with Blackberry's tech support department trying to work out the persistent problems.

Small businesses and law firms running Microsoft Small Business Server 2003 have a mail system built on Exchange Server, which can be set up to integrate seamlessly with phone/PDAs running Windows Mobile software. Not everyone loves Windows Mobile - a bit cluttered, a bit slow - but I can set it up in minutes to sync e-mail, address books and calendars over the air, with full two-way communication back to the server. Messages sent from the mobile device show up in Outlook's Sent Items, phone numbers and appointments entered on the fly are immediately displayed back at the office.

Blackberry recently introduced Blackberry Professional, a simplified version of the enterprise platform for small businesses with up to 30 employees. It's reasonably inexpensive ($499/5 users, $849/10 users) and it can theoretically be installed on a server that is also being used for other tasks. There are stories about successful installations on servers running Small Business Server 2003, although I've also seen horror stories about server slowdowns and crashes for the same setup.

I'm discouraging my clients from asking me to take them down that road because I'm old and cynical. If this could be installed and work right away with a minimum of fuss, that would be swell. Except it wouldn't go that way, because nothing does. Instead, there'd be dozens of hours spent learning the tricks and tweaks and details necessary to keep things running smoothly. The payback just isn't there.

At some point I'll set up Blackberry Professional. If the experience is elegant and troublefree, I promise I'll come back and retract all these negative vibes and try to be less cranky. In the meantime, take a look at Windows Mobile devices - I know what to do with those.

Labels: hardware, mail, mobile, phone, SBS, software

posted by bruceb at 1/30/2008 12:32:00 AM | permalink

SEND TEXT MESSAGES BY E-MAIL
You can send e-mail messages and have them show up as a text message on an SMS-enabled phone, if you know the cell phone carrier used by the recipient. Here's a list that may come in handy, courtesy of a post on the QuarterToThree forums:

T-Mobile
Format: 10-digit cell phone number @ tmomail.net
Example: 3335551111@tmomail.net

Verizon Wireless
Format: 10-digit cell phone number @ vtext.com
Example: 3335551111@vtext.com

Rogers Wireless
Format: 10-digit cell phone number @ pcs.rogers.com
Example: 3335551111@pcs.rogers.com

Sprint PCS
Format: 10-digit cell phone number @ messaging.sprintpcs.com
Example: 3335551111@messaging.sprintpcs.com

Cingular Wireless
Format: 1 + 10-digit cell phone number @ cingularme.com
Example: 13335551111@cingularme.com

AT&T PCS
Format: 10-digit cell phone number @ txt.att.net
Example: 3335551111@txt.att.net

Bell Atlantic
Format: 10-digit cell phone number @ message.bam.com
Example: 3335551111@message.bam.com

Bell Mobility (Canada)
Format: 10-digit cell phone number @ txt.bell.ca
Example: 3335551111@txt.bell.ca

Cellular One
Format: 10-digit cell phone number @ mobile.celloneusa.com
Example: 3335551111@mobile.celloneusa.com

Comcast
Format: 10-digit cell phone number @ comcastpcs.textmsg.com
Example: 3335551111@comcastpcs.textmsg.com

Fido
Format: 10-digit cell phone number @ fido.ca
Example: 3335551111@fido.ca

Telus
Format: 10-digit cell phone number @ msg.telus.com
Example: 3335551111@msg.telus.com

Labels: mail, mobile, phone

posted by bruceb at 10/24/2007 04:47:00 PM | permalink

E-MAIL CONVERSATIONS
Google Mail sorts e-mail messages into "conversations" - basically, all the messages with the same subject line are stacked on top of each other. If a new message comes in, the entire stack moves to the top. You can immediately see the context for a message. Labeling and archiving happens to entire conversations.

Some people engage in lengthy exchanges with a group of correspondents with the same subject line used continuously. Those people love Google Mail's conversation view. They can't understand why anyone would use Outlook and display messages in chronological order.

(Personally, I find conversation view to be infuriating. My mind doesn't work that way, my e-mail flow doesn't happen that way, and at some deep level I just don't get it. I'm much more in tune with all the people who find this page when they look for a way to disable Google Mail's conversation view. It can't be turned off, by the way.)

Outlook 2003 and 2007 both permit folders to be arranged in conversations. (Click on View / Arrange By - weird, huh? It was there all along.)

The conversation arrangement in Outlook does not gather messages from all folders, and that makes it fairly useless. Your half of the conversation is stored in Sent Items and won't show up in the conversation threads in your Inbox.

Microsoft's Outlook team just wrote a description of the "ultimate Inbox" - how to set up a rule that automatically moves your outgoing messages to your Inbox, where they can be included in the conversation view. Interesting trick!

Labels: Google, mail, Outlook

posted by bruceb at 10/09/2007 12:05:00 AM | permalink

SENDING & SHARING LARGE FILES
Exchanging documents by e-mail is commonplace in business because it seems so easy, but there are two recurring problems:

• There is no easy way to track documents traveling by e-mail. The controls in Microsoft Word for tracking changes are complex (most people ignore them), and there's no easy way to tell who has control of the most recent version of a document. Many people open file attachments directly from Outlook and don't realize the temporary copy of the file that's open won't be stored in the company's normal file folders until it's explicitly saved there.
• The e-mail system is not designed for large files. Offices bravely create 25Mb PDF files, then can't figure out how to share them with anyone.

There are many services that want to help solve those problems. Let me try to simplify the options. The services I mention are just examples!

1. For a one-way transmittal, use a service like YouSendIt.com. The file is copied to an online server; you send the recipient a password; the recipient receives a link to download the file. Very easy for sender & recipient; free or nearly free.
2. For collaboration back and forth on a small number of files, use a service like XDrive. The files are copied to an online server; you give the recipient permission to open or edit the files, and send the recipient a link. Files appear as they do in your office, stored in various folders. Moderately easy; sometimes requires a similar learning curve for recipients; free or nearly free.
3. For frequent collaboration with the same people, services like WebEx WebOffice allow online file storage plus document management and online meetings. Moderately difficult; similar learning curve (and possible cost) for recipients; monthly fee.

XDrive was purchased recently by AOL and has some very appealing features. Free, easy registration gets 5Gb of storage space and a polished web interface. Any kind of file can be uploaded, and an individual file can be as large as 2.5Gb. Individual files can be shared by a link in an e-mail message; the first 5 people to retrieve an individual file can do so immediately, without being required to sign up for an XDrive account of their own. Entire folders can be shared, although the recipients then have to get their own login name and password.

This puts XDrive way ahead of Microsoft's Windows Live SkyDrive, which is currently limited to 500Mb and won't accept an individual file larger than 50Mb. Windows Live Skydrive requires everyone to have a Windows Live ID, even a casual recipient of a single file. Windows Live ID is also just a free system for creating a login name and password - but there's something about it that confuses people.

(I hope you appreciate how confusing it is to recommend something owned by America Online. It goes against all my instincts.)

Google is due to jump into this space. It currently offers generous online file storage space but only for Google Mail accounts and Picasa photo storage. Many people expect Google to roll out free file storage soon as a way to direct attention to its office word processing and spreadsheet applications.

Labels: file_sharing, mail, web_services

posted by bruceb at 9/10/2007 12:05:00 AM | permalink

HOTMAIL UPDATE & OUTLOOK CONNECTOR
There are new reasons to use Microsoft's Windows Live Hotmail for your e-mail.

Hotmail got a facelift a few months ago that made it speedy and attractive, but the interface will get some additional tweaks and performance will be improved in August. Small but welcome changes: you'll be able to set up an out-of-office or vacation message; you can forward incoming mail to other e-mail addresses; and you can go straight to your Inbox without a stop at the "Today" page. Here's a blog post about the upcoming improvements.

All of us are struggling with oversize mailboxes. Hotmail will be increasing the maximum mailbox sizes to 5Gb for free accounts, 10Gb for paid accounts.

The software to connect Hotmail to Outlook is out of beta and officially released. The Hotmail account appears in Outlook separately from any other personal folders or Exchange mailbox, and is kept in sync with Hotmail continuously. If you have a Hotmail account and Outlook 2003 or 2007, you can download the final release of the Outlook Connector here.

The Outlook connector is free, but only mail and contacts are synced for a free Hotmail account. A paid Hotmail subscriber can also sync calendar, tasks and notes.

The interesting thing is that Hotmail is not limited to e-mail addresses named "@hotmail.com." It's easy to set up Hotmail to handle all the mail for another domain name. For example, I could set up Hotmail to process mail addressed to all "@bruceb.com" addresses, using Microsoft's free "Windows Live Custom Domains" service.

When this is set up, you can use Outlook to display your mailbox on your desktop computer (or multiple computers, if you like), and you can access the same mailbox online from any computer, using Hotmail's slick interface.

There's a downside for Outlook power users. Hotmail accounts can have multiple folders for messages, but none of them can be sub-folders. Many people have elaborate nested folders in their Outlook mailboxes; a Hotmail account would have to be organized differently.

Labels: mail, Outlook, web_services

posted by bruceb at 8/17/2007 12:41:00 AM | permalink

ONLINE FILE HOSTING & SHARING
Slowly but surely the world is migrating away from software running on your computer to services hosted online. The only divisions at Microsoft that are profitable rely on sales of software - Windows, Office, and Windows Server - but even Microsoft has begun to acknowledge that the future belongs to web-based services. Here's an article about some recent vague announcements about "cloud computing" that will power future Microsoft services, according to CEO Steve Ballmer.

There are two problems commonly faced by small businesses today: moving large files from place to place, and making files accessible online for collaboration. E-mail is inefficient for large files; many of the online portals for large companies are only practical with expensive hardware and full-time tech support staff.

There is no shortage of companies to fill these needs! Here's a list of eighty web-based companies offering online backup services, sending services for large files, and online storage and file sharing. Many are free or have basic free services; prices are typically low on the rest. I haven't sampled more than a handful but so far I haven't found services that have the right combination of features, ease of use, security, and longevity. Things to consider:

• Does it work? When I tried Mozy's online backup, it did not work. How much time do we have for testing?
• Is it so easy that busy people can figure it out intuitively? Services for sending large files typically put a copy of your file online, then send a link by e-mail for a specific recipient to download the file. Will the recipient know what to do when that message arrives, in an age where we trust nothing that arrives by e-mail? There are a lot of businesspeople and lawyers whose lives revolve around their e-mail but have only a rudimentary knowledge of what to do with anything more complicated than a file attachment.
• How can security be arranged for the online file so only approved people can get to the file? Services that facilitate setting up little areas with password-protected access quickly become too complicated for small businesses without an onsite tech person.
• And last, an intangible but important consideration: how long will the online service be in business? Using any of these services regularly requires an investment of time and emotion to learn them and trust them. When one of them disappears, it feels like a betrayal.

All of the eighty services in that article are worth looking into, but I haven't found any that I'm actively recommending yet. My guess is that a few of them will rise to the top in the next few years.

Labels: backup, file_sharing, mail, network, remote, web_services

posted by bruceb at 7/31/2007 12:30:00 AM | permalink

VIRUS ALERT - IT'S RAINING POSTCARDS
The latest barrage of virus-laden spam e-mails announce that you've received "a postcard from a family member." Here's a security vendor confirming what you already knew - if you click on the links in the messages, you'll be taken to web sites that will attack your computer with dozens of exploits, searching out computers that haven't gotten all of their security updates.

In the last couple of days, the messages have begun morphing to refer to a greeting card or ecard, from a colleague/worshipper/admirer/neighbor etc.

It's been going on for almost a week; I'm getting 20-30/day right now.

My clients have many kinds of protection on their office computers against this kind of attack, but the best defense continues to be your common sense and alertness. As always:

• Never, ever click on an unexpected attachment to an e-mail message.
• Never, ever click on strange URLs. Follow links with carefree abandon to and from legitimate web sites, but don't click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.

Labels: mail, security, spam

posted by bruceb at 7/02/2007 12:05:00 AM | permalink

iPHONE & EXCHANGE/OUTLOOK
Here's an interesting possibility - an unconfirmed report that the iPhone will be able to sync with Outlook and Microsoft Exchange Server, using the same ActiveSync technology found in Windows Mobile-based phones. That would open a lot of doors for the iPhone in the business community. Watch for an official announcement before you go stand in line.

Labels: Apple, mail, mobile, Outlook, phone

posted by bruceb at 6/26/2007 11:15:00 PM | permalink

WINDOWS LIVE HOTMAIL - OUTLOOK CONNECTOR
If you've been following along, you know that you can get a free Hotmail address and use the very attractive new Windows Live Hotmail online service to read your mail.

Microsoft has now released the free "Outlook Connector" that allows you to use Microsoft Outlook 2003 or 2007 on your home or office computer, and always be in sync with the online webmail. E-mail and contacts are synced immediately and continuously.

• I've been talking about this for a while - here and here.


• Microsoft's team developing Windows Live Hotmail made this announcement.


• Microsoft set up this page with more information.


• There's an extensive review and screenshots here.


• Download the Outlook Connector here.

It's possible to sync your Outlook calendar with the online Windows Live Hotmail calendar, so you have access to your calendar wherever you are, as well as allowing others to see and edit your calendar if you choose. Disappointingly, the calendar sync is not free - it requires a paid premium Hotmail subscription or a subscription to Office Live.

If you're using Outlook but you want to be able to view your mail and contacts while you're away from your home or office, it's finally possible. Look into it, or ask me about it!

Labels: mail, Outlook, remote, web_services

posted by bruceb at 6/18/2007 01:10:00 AM | permalink

WINDOWS LIVE MAIL
Windows Live Mail has been released in nearly final form for Windows XP and Vista. It's an important step forward but only if you're able to keep Microsoft's e-mail programs straight.

These programs run on your computer:

• Microsoft Outlook - full-featured mail/calendar/address book program sold as part of Microsoft Office


• Outlook Express - streamlined mail program included with Windows XP


• Windows Mail - updated version of Outlook Express included with Windows Vista


• Windows Live Mail - the brand new mail software for Windows XP & Vista; when installed, it replaces Outlook Express and Windows Mail

These e-mail services run online in Internet Explorer:

• Hotmail - Microsoft's longtime free webmail client


• Windows Live Hotmail - the new name for Hotmail, now with an optional new interface that closely resembles the various desktop programs

Windows Live Mail was released a few days ago. Here's one of the announcements, and here's where you can download it.

It does one important new thing - such a wonderful trick that it may change the way some of you handle your mail. Windows Live Mail automatically syncs with Windows Live Hotmail.

• While you're at your computer, you can use Windows Live Mail - a fast, dedicated program with none of the disadvantages of webmail. Right-clicking always does something helpful and you'll never accidentally browse to a different page in the middle of checking your mail.


• While you're away, you can log in to Windows Live Hotmail from any computer and see exactly the same things in the mail folders and in the address book.

If you send a message from your desk, the message will be in Sent Items when you check Hotmail online. If you update an e-mail address on Hotmail, the new address will quickly be in your desktop address book.

The Windows Live Hotmail team has promised a connector to Microsoft Outlook that will sync mail, contacts and calendar items. No word yet on when to expect that connector, although it should be soon. But many of you don't need the full version of Outlook (and it's no longer included with the inexpensive Student version of Microsoft Office 2007). Windows Live Mail is a very nice mail program, with up-to-date security features and built-in spam filtering, just perfect for many people.

If you've been using another webmail service and wishing it was better, or using Outlook Express and wishing you could check your mail when you're away from your computer, think about whether you can change to a Hotmail address. This combination makes it worthwhile.

Labels: mail, Microsoft, Outlook, remote, web_services

posted by bruceb at 6/04/2007 12:05:00 AM | permalink

WINDOWS LIVE HOTMAIL & OUTLOOK

Windows Live Hotmail got its official launch yesterday, and the announcement included a compelling detail: Microsoft will make a free connector available to sync Windows Live Hotmail with Outlook. This may affect you more than you expect.

A month ago I wrote up some notes about the improvements in the new generation of web mail clients - Windows Live Hotmail and Yahoo Mail. Yesterday's announcement adds an important piece that wasn't clear before. Let me try and explain why this is exciting news for individuals and small businesses without a server.

• Many of us prefer using Outlook for its rich integration with other programs on our computers, for the well-designed e-mail interface, the junk mail filter, and the full-featured calendar and address book. It has been increasingly frustrating, though, that Outlook is only available when we are sitting at our computers. Remote access solutions are available, hosted Exchange accounts are available, but those are workarounds, not elegant solutions.


• The webmail clients are available anywhere, and the new generation is quite nice to work with onscreen - but it's not quite the same as having a program running locally on our own computer, and they don't integrate as well with other programs or handhelds.

The free Outlook connector for Hotmail is the answer to both needs. When you're sitting at your computer, you can use Outlook. When you're away from your computer, you can access the same information - the same mail folders, calendar, contacts and tasks - using Windows Live Hotmail in a web browser. And the key to it is that Outlook syncs with Windows Live Hotmail, so changes in one place are transmitted to the other. Write a message in Outlook, it will turn up in the Sent Mail folder on Windows Live Hotmail. Add an appointment in Hotmail, it will be in the Outlook calendar.

There are three things to bear in mind:

• This is a brilliant, long-needed improvement to e-mail systems for individuals and small businesses without a server - if it works, meaning it does its job with a minimum of bugs and technical glitches.


• It won't be available for a few weeks.


• And there's one requirement that's inherent in the system: for most of you, it will require using a Hotmail e-mail address.

It's possible to use your existing address but it requires fumbling a bit to forward your existing mail to your new Hotmail address, and your messages will have an odd sender - "FROM: bruceb@hotmail.com on behalf of bruceb@bruceb.com."

The Windows Live system can also take over all mail addressed to a domain name ("@bruceb.com"), or help set up a new one. That's a cool idea - families can set up domain names and each person can have their own e-mail address, accessible via webmail or Outlook or both. It's well-hidden but available under the name Windows Live Custom Domains.

I'll let you know when the Outlook connector is available!

Addendum: here's a lengthy review of the new Windows Live Hotmail, and here's a deeper discussion of the relationship between Outlook, Windows Live Hotmail, and the Windows Live Mail desktop program that will be rolled out soon.

Labels: mail, Outlook, remote, web_services

posted by bruceb at 5/08/2007 12:05:00 AM | permalink

EMAIL RANTING
The Wall Street Journal has a front-page story today following the path of an e-mail message by a 22-year old Kaiser employee criticizing the technology being rolled out by Kaiser for patient records. The article isn't so much about the pros or cons of Kaiser's Health Connect system. Instead, it's a sobering reminder to reflect before pushing the Send button, because information can spread further than you might guess.

The Kaiser employee had reviewed publicly available information about the Health Connect technology and accumulated a large list of internal e-mail addresses to receive his message. He wrote 2,000 words about why he thought the project was wasteful and reflected poorly on Kaiser leadership, and sent it out on a Friday afternoon. Kaiser's IT department attempted unsuccessfully to remove it from people's mailboxes, but it was nonetheless received by a large number of Kaiser employees on Monday morning, as well as being leaked online. That led to official responses by Kaiser execs, the (possibly unrelated) departure of Kaiser's chief information officer, negative press, internal investigations, state agency review, and a huge online buzz. The 22-year old was called a hero by some bloggers, but wound up being fired by Kaiser.

(It's worth making clear that although the message caused much excitement, Health Connect was not tarnished - investigations largely confirmed that it was well-designed and effective at keeping Kaiser in the forefront of the move to electronic medical records.)

Information wants to be free. If you don't want something to be public, don't write it down!

Labels: mail

posted by bruceb at 4/28/2007 12:05:00 AM | permalink

OUTLOOK JUNK MAIL OPTIONS
Here's two good tips to configure the junk mail filtering in Outlook 2003 and 2007. There's an easily overlooked checkbox that will automatically add everyone you e-mail to your "Safe Senders" list. There's also a list of countries whose mail can be turned off - most of us can turn off mail from all countries except the US. (The column suggests leaving Canada turned on also. That's fair. I like Canada.)

Follow the link for complete instructions and screen shots.

Labels: mail, Outlook

posted by bruceb at 4/19/2007 12:05:00 AM | permalink

MASSIVE SPAM BLAST
There's a massive spam blast in progress. ComputerWorld reports that the spam outbreak is setting records, 50 to 60 times the normal volume of spam, with subjects like Worm Alert!, Worm Detected, Spyware Detected!, and Virus Activity Detected!, and carrying ZIP file attachments containing the "Storm Trojan" virus.

"Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through e-mail. Spam rates have jumped as well; Postini said 79% of all e-mail is now spam, while rival MessageLabs Ltd. reported a 13% jump in spam's slice of all messages in just one hour.

"'Expect this to grow much larger,' Swidler said. 'It should top out at 60 million messages within the next 24 hours.'"

With luck, most of you will never see these reach your mailbox, and your up-to-date security programs will keep you safe. Still, it always bears repeating: never never never open unexpected e-mail attachments.

Labels: mail, spam

posted by bruceb at 4/13/2007 04:21:00 PM | permalink

WEBMAIL ADVANCES
Many of us cannot imagine life without Outlook. In addition to e-mail, it handles our calendar and address book and to-do list; it fills our handheld devices and addresses envelopes in Word. But it typically lives on a single computer and is not readily accessible anywhere else.

Small Business Server users have it easy: they can use Outlook Web Access, a reasonably good imitation of their Outlook folders presented in Internet Explorer; and Outlook can be set up on a notebook or home computer with a live connection over the Internet to Small Business Server at the office, allowing Outlook to be used from anywhere.

It's not easy for individuals to use Outlook on multiple computers or from different locations. Some people have used subscription services to access their computers remotely - GoToMyPC, LogMeIn, or the rest. (Here's some slightly dated information and links about those programs.) That requires the main Outlook computer to be always on, always logged in, and never to crash when you're on vacation.

It's possible to set up a "hosted Exchange" mailbox for an individual - a small monthly fee buys a set of Outlook folders on a server run by a big company that can be accessed on the web or from a copy of Outlook that's been specially configured on one or more computers. I've set up several people with a hosted Exchange mailbox but it's been frustrating - difficult to understand, tricky to set up, and hiccups in the service that are hard to trace. 1and1.com offered cheap rates but their support has been poor lately. I just got a solicitation from Register.com for a hosted Exchange mailbox that was relatively expensive; hidden in the small print was a note that the mailbox size is limited to an absurdly small 100Mb, which some of us now exceed in a single week.

Yahoo Mail got an overhaul a few months ago. It's gorgeous. There's new web technology that permits applications to run in Internet Explorer as if they were desktop programs, with right-click menus and drag-and-drop actions. Next month Yahoo has promised that it will remove all size limits on mailboxes.

Hotmail is getting the same kind of overhaul. "Windows Live Hotmail" is in its final testing stages. It's even closer to the look and feel of Outlook. It's still described as a "beta" but you can sign up for it and use it now.

It's possible to integrate your existing e-mail addresses with these services. Say your address is kurt@vonnegut.com. You sign up with Hotmail; your Hotmail address is kurt12345@hotmail.com. You can forward all your incoming mail to the Hotmail address, and have your outgoing Hotmail messages display kurt@vonnegut.com as your return address - making the Hotmail address invisible to the outside world. Then use Windows Live Hotmail as your only mail program. Go take a look! It's not the Hotmail you remember, not by a long shot.

Windows Live Hotmail can assume responsibility for all the mail addressed to a domain name - all mail addressed to any name @vonnegut.com would be sent to Windows Live Hotmail. (You can register a domain name during the Windows Live Hotmail setup.) Addresses can then be set up readily using the Windows Live Hotmail control panel. Families can set up kurt@vonnegut.com, tralfamadore@vonnegut.com, and the like, far more easily than most controls for domain mail provided by ISPs.

It's even possible to integrate the webmail services with Outlook. Well, that's what they say. I kind of want to see it before I believe it.

Here's a roundup of the webmail services from PC Magazine, and here's details about the Windows Live Hotmail service (including screenshots). Leaving Outlook would be wrenching in some ways, but easy access to mail folders from anywhere is increasingly tempting.

Labels: mail, Outlook, web_services

posted by bruceb at 4/12/2007 12:05:00 AM | permalink

PRINTING OUTLOOK MESSAGE HEADERS
Two clients reported problems printing e-mail messages from Outlook 2003 - the message headers weren't printing, the part that shows Date:, To:, From: and Subject. In each case, it was erratic - some messages would print correctly, others would be missing the header info.

Apparently there's a bug in the way Outlook 2003 interacts with Internet Explorer 7 - something to do with the IE7 feature that shrinks pages so they print properly. (Have you noticed that the right side of the page isn't cut off any more on your printouts from web pages?)

Microsoft has issued a hotfix - the information about it is here. Hotfixes cannot be downloaded directly; Microsoft has a rigorous testing process before patches are made available for downloading and hotfixes have not finished that process. They're free but it takes a call to Microsoft.

If you're one of my clients and you notice this problem, call me and I'll get the hotfix to you.

Labels: mail, Outlook, printers

posted by bruceb at 3/28/2007 12:05:00 AM | permalink

PROBLEMS WITH 1AND1
Yet another tale of woe.

1and1.com is one of the largest web hosting companies in the world. They established themselves in Europe before making a big splashy entrance in the US a couple of years ago, with huge advertising sections on thick glossy paper in dozens of magazines. They offer rock bottom prices, a wide range of services, and well-designed online control panels.

I started using them and recommending them for domain name registration ($5.99/year), web hosting, and hosted Exchange mailboxes. A year ago I had a couple of reasonably good experiences with customer support.

A client called up a few months ago and complained that he had a terrible experience with an aggressively incompetent tech support person in India. Hmm.

Two friends had so much trouble with the hosted Exchange service that they cancelled the service. Another lost access to his Exchange mailbox for a day and got no satisfaction from his phone calls.

Today a business client learned that 1and1.com had locked his account, turned off his web site, and stopped the company e-mail, with no notice whatsoever - no e-mail, no letter. There was an issue with the company credit card - details are hazy, but let's assume the card lapsed.

The lack of notice was inexcusable. This has the potential to do serious harm to a business that lives by its e-mail.

The reaction from 1and1's customer support was worse. A bored customer service rep explained that the account had been turned over to a collection agency, and nothing could be done until the business "negotiated" a payment through the collection agency - at which point 1and1 would have to be called again to throw the switch on the domain names. There would then be even more of a delay, another 24 hours, before the domain came to life and the mail started to flow.

This is very bad.

Many businesses with millions of customers get treated to web pages like this one full of complaints, but that doesn't make it any more pleasant to run across them, and it's a little hard to find people praising 1and1 recently. There are some anecdotes about support being outsourced and company properties being relocated - and a persistent theme that things at 1and1 have deteriorated fast in the last six months.

Sonic does domain name registration and web hosting. Their mail handling for domains is primitive, their online controls are clumsy - heck, even their sales pitches are a bit confusing. But I don't think Sonic would allow your domain to go dead without notifying you, and so far Sonic hasn't started routing support calls to India.

Hmmm . . .

Labels: domains, Internet, mail

posted by bruceb at 3/16/2007 01:47:00 PM | permalink

E-MAIL RETENTION AND THE NEW FEDERAL RULES
Changes in the Federal Rules of Civil Procedure have imposed new requirements for retention and production of electronic records in federal court litigation, especially e-mail. Here's my notes when the changes first came to my attention.

A quick reading of some of the articles about the new FRCP revisions gives the impression that businesses should drastically change their practices to ensure long-term retention of e-mail and backup tapes, but that's not quite correct. Here's some quick thoughts on a more nuanced reading of the new rules:

"As long as in the normal course of your business you routinely make backups over the top of the same data, routinely delete emails, routinely... etc etc..... there are no issues whatsoever and no changes you need to make. Once you are involved in a federal court case, that's when you need to reevaluate your process. But for now, it's business as usual."

Labels: backup, law, mail

posted by bruceb at 12/12/2006 10:24:00 AM | permalink

EARTHLINK & MISSING E-MAIL
Remember Earthlink? It's still in business but not particularly relevant. (Companies providing dialup access became an anachronism when the telcos and cable companies shut them out of broadband access. Earthlink all but disappeared, and AOL is following it down the same path - AOL is just taking longer to go away.)

Well-known tech columnist Robert X. Cringeley has written an interesting tale of a friend who discovered almost by accident in June that Earthlink was dropping 9 out of 10 of his e-mail messages - they weren't being bounced, they were just disappearing. Messages were supposed to be delivered to his Earthlink mailbox and also forwarded to a Blackberry address; for every 10 messages during a bunch of testing, 1-2 would get to the Earthlink mailbox, 1-2 would get to the Blackberry (but not necessarily the same ones), and all would appear in a GMail mailbox used for comparison. An Earthlink tech support rep eventually acknowledged that Earthlink's mail servers were so overloaded that some users with Earthlink-hosted domains or aliased addresses were missing up to 90% of their incoming mail.

A spokesman for Earthlink turned up today with an unapologetic description of what sounds like a completely different problem - "Yup, our equipment was overloaded and crapped out in October but we fixed it right away, you betcha!"

There are three lessons.

• If you are still an Earthlink subscriber, it's long past time to move on. If you are considering signing up with Earthlink, your computer should be confiscated while you attend classes bringing you up to date on developments in technology and communications companies in the last ten years.
• This is not just an Earthlink issue. Other ISPs are going to drop mail periodically without admitting it. If you have mail that isn't delivered, it is very, very hard to figure out where it has gone.
• Finally, this may happen with increasing frequency because of the recent onslaught of spam, predicted to get worse next year. It is hard to comprehend the volume of spam but my impression is that it's worse than we have any idea, simply mind-boggling. ISPs are struggling and will sometimes fall down; ultimately the fault belongs with the bad guys sending the crap.

Labels: Internet, mail, spam

posted by bruceb at 12/08/2006 11:36:00 AM | permalink

SPAM IS BACK
You've probably noticed it, and here's a New York Times article to confirm it: after a respite for a year or two, the volume of spam has risen sharply in the last few months; worldwide spam volumes have doubled since last year and it currently accounts for more than 9 out of every 10 e-mail messages delivered worldwide.

The article has some fascinating details about the "image spam" flooding your inboxes with penny stock offers. It's all about evading spam filters - that's why the text is hidden in an image, that's why the image has speckles or designs in the background, that's why the image has a few pixels changed in each and every message.

You've probably wondered who in their right mind would buy a penny stock based on a bizarre piece of e-mail spam. The answer is that e-mail is not sent only to people in their right mind. The spammers buy the penny stock, then send their messages by the millions; enough people buy the stock that the spammers can sell their shares in one or two days and make a 5-6% profit. Amazing, isn't it?

There's no magic bullet - the bad guys are outracing the good guys again. As always, your best friend is the Delete key.

Labels: mail, spam

posted by bruceb at 12/06/2006 03:45:00 PM | permalink

DISPOSABLE E-MAIL ADDRESSES
Some web sites require an e-mail address and send a confirming e-mail message to activate an account. The "confirmation" might be an excuse to get an e-mail address that can become a spam target.

Ten Minute Mail sets up a temporary e-mail address that expires after ten minutes - just long enough to get the validation message. Here's an article about the Ten Minute Mail site.

It's worth noting another useful site, BugMeNot.com, a huge collection of login names and passwords for sites with content behind a free "registration" requirement.

The Slashdot community reacted to the story about Ten Minute Mail by comparing it to their favorite services for temporary e-mail addresses and other anonymity tools. There's a lot of them - no surprise in these paranoid times.

Labels: mail

posted by bruceb at 11/28/2006 04:50:00 PM | permalink

WINDOWS MOBILE TAKING OVER HANDHELD MARKET
This article highlights a startling statistic - sales of Windows Mobile-equipped handheld devices grew by 90% last year. Not that long ago, the Palm-based Treo 650 was the only reasonable phone/PDA device, but all of a sudden there's more than 100 Windows Mobile phones shipping. (The Motorola Q is very cool looking - check it out!)

Palm is still out there but its spirit has been broken. The Treo 700p is nice but overshadowed by the explosion of Windows Mobile alternatives. There's no evidence that Palm has anything in the pipeline to generate any momentum.

There are a number of ways to get e-mail to appear on a handheld device. Windows Mobile devices can be made to connect directly to an Exchange Server, so businesses running Small Business Server can have seamless access to their Outlook folders on the road. But the process for configuring the phone is obscure and so technically complex that it's infuriating.

Blackberry maker RIM has also been churning out handhelds that sound appealing based on Blackberry's reputation - e-mail just appears on them, right? Many people don't realize that large companies run dedicated Blackberry servers to accomplish that mail delivery. Mail doesn't appear on an individual's Blackberry unless the office computer is logged in and running Outlook and some Blackberry software. And like too many things today, the Blackberry software is delicate - difficult to configure and capable of generating endless frustration if a problem develops.

Labels: mail, mobile, phone

posted by bruceb at 7/24/2006 12:25:00 PM | permalink

WEB MAIL GROWS UP
Microsoft and Yahoo have both begun testing overhauls of their web mail clients. Here's an article about the new look for HotMail, scheduled for rollout next year.

The new Hotmail closely resembles Outlook 2003, and supports drag-and-drop, right-clicking, selection of multiple items, and full-featured contacts and calendar folders.

More of you are demanding 24x7 access to your Outlook folders. The improved web mail clients will increase that pressure - it will seem limiting to be cut off from Outlook when you leave the office. Forwarding messages to the web mail clients may become more common.

There is also new Microsoft technology in Exchange Server 2003 that permits connection to your Outlook folders from anywhere, either from Outlook directly in your office or using Outlook Web Access from any Internet browser. I expect it to become more popular and easier to set up - once you use it, it's impossible to go back. It's built into Small Business Server 2003, but you don't need your own server to run it - you can set it up for your individual Outlook folders thru companies like 1and1.com. (Look for "hosted Exchange e-mail" at $6.99/month.)

Labels: mail, Outlook, remote

posted by bruceb at 10/09/2005 11:52:00 PM | permalink

SENDING LARGE E-MAIL ATTACHMENTS
E-mail was not designed to exchange large files. Many people attempt to send big files by e-mail - 10 or 20 or 30Mb of photos or PDFs or the like - and feel disappointed when the recipient never gets the message. Or perhaps you've been on the receiving end and had your mail delivery disrupted by a large attachment that pushes you over your storage limits or causes your mail program to time out.

There's no perfect answer, but I recently learned about a free, easy service that may be important for you. YouSendIt.com assists in sending large files to anyone - and the files can be up to a gigabyte in size. Did I mention that it was free?

It's the model of simplicity - go to the YouSendIt.com web site, enter the recipient's e-mail address, and browse to the file you're sending. The file will be uploaded to the YouSendIt servers and kept for seven days. The recipient will get an e-mail message with a link to the file. Done!

It's free because there's Google-style advertising on the screen when the file is downloaded. (Only time will tell if that's a viable business model.)

There's a couple of shortcomings for offices. You won't have quite the same e-mail trail to show that you sent the file, although you do receive a confirmation that a message was sent. More importantly, there's no way to be completely confident that the file will be secure and private, at the level that a business or law firm might demand - although YouSendIt says all the right words in their service guarantee.

For most purposes, though, this is a great find! Keep the attachments out of the mail system, keep your Outlook folders to a reasonable size, keep from overwhelming your recipients - it's a win for everyone.

(When you try it, make sure you leave the browser window open after you begin uploading a file. If you navigate away or close the window, the file won't be uploaded successfully.)

Labels: file_sharing, mail, web_services

posted by bruceb at 10/08/2005 12:06:00 AM | permalink