My Blog
I decided to finally get with it and create my own Blog. I don't know how often I'll be blogging, as I stay fairly busy, but I'll try to post here every so often. Since most of the work I do relates to Microsoft Exchange, probably much of what I blog about will relate to that, but I'm sure that there will be occasional (or frequent) blogs about my family.
About Me
- Name: Ben Winzenz
- Location: Keller, Texas, United States
I grew up near Ann Arbor, Michigan and went to college at BYU (Brigham Young University). In 1992, I took 2 years off from school to serve a full-time mission for my Church (the Church of Jesus Christ of Latter-day Saints) in Frankfurt, Germany. I've been married for 11 years and have 4 beautiful children. I have been working with Exchange since 1999.
Subscribe to this Blog
Subscribe to my Blog
Contact Me
E-mail me
Other Blogs
MS Exchange Blog
Mark Fugatt's Blog
You Had me at EHLO
David Lemson's Blog [MSFT]
Evan Dodd's Blog [PSS]
KC Lemson's Blog
Michael Palermiti's Blog [PSS]
Michael B. Smith's Blog
Andy Webb's Blog
Chad Gross [SBS]
E2K Security
Glen's Exchange Dev Blog
Bharat Suneja's Blog
Exchange Cookbook
Kevin Weilbacher [SBS]
Sigfried Weber
Susan Bradley's SBS Blog
Tim Rains' Weblog
Robert Hensing's Blog
Robert Scoble's Blog
WitNit
Jim McBee's Mostly Exchange Blog
Ant Drewery
Exchange-ing Ideas - Missy Koslosky
Donna's Security Flash
What's in Store - WinFS blog
Microsoft Security Response Center
Jason Langridge's WebLog - MR Mobile!
Gerod Serafin's Blog
XP Source
Mark's Sysinternals Blog
Jesper Johansson's Blog
ExchangeIS - Ben Hoffman's Blog
Ray Ozzie's Blog
Monad Team Blog
Devin Ganger - (e)Mail Insecurity
Steve Riley's Blog
Henrik Walther's Exchange Blog
Search
Archives
September 2004October 2004
November 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
A Collection of Random Thoughts
Friday, January 20, 2006
Understanding NDR's
I see requests for help on NDR's all the time on the newsgroups.
What many people don't understand is that when you get an NDR, there is a difference between the server that issued the error, and the server that generated the NDR.
Often, your server will be the one that generated the NDR. By that, it simply means that your server was the one that ultimately delivered the NDR to you. It doesn't mean it was the one that issued the error, though your server certainly can do both.
Understanding NDR's fully means that one needs to have an understanding of how SMTP works. Per the RFC's, a 500-level error is a permanent fatal error message.
Often, when you receive an NDR back, it's because the remote server issued a 500-level response at some point during the SMTP conversation itself.
When will the remote server generate the NDR? When the message has been accepted by that server (indicated by 250 Message Queued for Delivery, or similar message). This is a problem that Exchange has when dealing with Spam, that to my knowledge is still a problem (although not a vulnerability for relaying mail).
Back on topic. Once a server has accepted a message, it then becomes responsible for delivering it, and if it can't, it is then responsible for generating and delivering the NDR. When might you see a remote server issue an NDR (not just the error message)?
1. Mailbox over the limit.
2. Invalid address where the server isn't checking the address against a directory during the conversation.
How about from your server?
1. Above example where you ARE doing address checking (filter recipients not in the directory, for Exchange)
2. Attempting to relay a message to a non-local domain.
3. Message size too large (if enhanced SMTP commands are enabled).
Obviously, this doesn't cover every reason that can cause NDR's or who generates them - they are just a few examples.
I'll try to post some real NDR's and decipher them in the coming days. If you've got any samples you'd like posted (you can take out any sensitive info), feel free to send them to me, otherwise I'll probably use some generic ones on the internet.
- posted by Ben Winzenz @ 9:48 AM 0 comments
In recent news...Google promotes children's access to pornography
I know - inflammatory title. My apologies for that.
Of the 4 major Internet companies that were subpoenaed to provide data by the Justice Department, only Google has been unwilling to provide the data requested in any fashion.
At stake? The Government is attempting to defend the Child Online Protection act, aimed at shielding children from pornography online. The Child Online Protection Act was passed in 1998 and attempts to protect children from harmful sexual content on the Internet, though the law has never taken effect as it was blocked by courts. The Supreme Court recently upheld rulings of the lower courts that the law is unconstitutional as defined. The government is now scrambling to save this law and defend its assertion that it is constitutionally sound, hence the subpoenas.
Why is Google resisting this request? The other 3 Internet companies, which were MSN, Yahoo and AOL, have all apparently supplied at least some information to the DOJ. The request, in and of itself, doesn't appear at first glance to violate any privacy, as the DOJ has not requested any personal information, just search queries, so why the fight?
Google, do you not want to protect children from pornography? Look, I'll be the first to admit that I'm not sure a law like this would do a lot, but then again, you never know. We ought to be doing everything we can to protect children from online smut like pornography. YES, parents ought to be more involved in the activities of children online. The sad truth is that there are WAY too many parents who aren't involved. IF parents would be involved, then no laws like this would be required.
See, I'm lucky. I use and understand technology every day as it relates to computers. For a lot of parents, that isn't the case. Their kids know more about computers and the Internet than they do! I know that I can protect my kids. DAMN straight I am going to do everything in my power to protect them. What I can't figure out is why Google won't. Their excuse? It would potentially divulge trade secrets. Gimme a freaking break. Thanks, Google, for all your work to protect our children. I'll switch my search engine back to MSN now.
- posted by Ben Winzenz @ 8:42 AM 4 comments
Wednesday, January 18, 2006
Have you ever wanted to create a one-node standalone cluster?
I had to do this very thing recently, with the catch that there was no shared storage. But a one-node cluster isn't a cluster at all, you say? I suppose it isn't in the normal sense of the word, but it was configured using Cluster Administrator, and there is an Exchange Virtual Server object created in Exchange System Manager.
The biggest catch to configuring this was that there was no shared storage available, so everything was configured locally. Thankfully, Windows 2003 is smart enough to see when there is no shared quorum resource available, and it creates a Local quorum drive.
The problem with this approach is that in order to install Exchange on a clustered system, a Distributed Transaction Coordinator resource must exist. No problem, you say - I'll just create one. Oops - it won't start. Turns out that there is a hotfix available that allows the DTC resource to see a local quorum drive. KB 897667 details a COM+ hotfix that must be applied. The problem is detailed in KB 899426. Once you apply this hotfix, the DTC resource will successfully come online, and then you can install Exchange.
Why go to all this trouble, you ask? Clusters behave differently. In this case, I needed to bring up 3 clustered Exchange servers to reproduce a problem. Since I didn't have shared storage readily available, this was the next best option.
- posted by Ben Winzenz @ 2:56 PM 0 comments
Tuesday, January 17, 2006
Installing Apple Quicktime
I was just thinking about my installation experience the last time I needed to install Quicktime, and how I (seemingly) had to install iTunes with it (which I didn't want, or need), and just saw Susan Bradley's blog talking about this very thing.
Funny enough, the second time I installed it, I managed to find the quicktime only download, but it sure doesn't make me happy when software companies such as Apple try and intentionally make it difficult to only download quicktime player without any additional "stuff". In fact, it makes me want to avoid installing it altogether.
Go to the Quicktime download site, and see if you can find the standalone installed for Quicktime, without looking REALLY hard for it.
Newsflash to Apple: You aren't earning fans by doing this.
- posted by Ben Winzenz @ 9:47 AM 0 comments
Been a little busy lately :-)
I haven't posted anything to my blog in almost a week. Check that - a little over a week. Things have been a little crazy around here. We've been doing some internal Beta testing of new applications here at work, my wife has been busy having our baby
(insert sound of scratching record...)
Oh yeah...
My wife gave birth to the newest member of our family, Carli Hart Winzenz, at 8:53am on Saturday January 14th, 2006. This was a bit surprising, because she was almost 4 weeks early at that point. All 3 of our other children were born roughly on their due dates, or within a few days of it (none of them were late though). The nurses all joked and blamed it on the full moon. They said there were a TON of births this past weekend.
Anyway, Carli was 5 lbs 15 oz, and 18 inches long. She's TINY! At least compared to our other kids. Despite being almost 4 weeks early, she seems to be thriving. Her lungs definitely work (though her cries aren't really loud yet), and she doesn't like diaper changes.
I'm also posting the obligatory few pictures (just a smattering of the many we took). Carli is child number 4 for us, and we're absolutely thrilled to have her.
- posted by Ben Winzenz @ 9:25 AM 1 comments
Sunday, January 08, 2006
Vista Upgrade Pain (build 5270)
I've got a few computers running Windows Vista. The first one is a desktop machine with an Athlon XP 2200+, 512mb ram and an older video card (very soon to be replaced). The second is an HP Pavilion ZD7000 laptop, with a 2.66Ghz P4, also with 512mb ram, and a GeForce FX5600 Go. I haven't had anything important on my desktop PC, because, well, it's pretty much dedicated to Beta testing at the moment. Since no one else uses it but me, it's fairly easy to keep it clean. However, the laptop is what we are using as a home PC at the moment. Nothing like trying to load some kids games to give Vista a good test :-) Anyway, because it gets used as our home PC, there was quite a bit of information that I didn't want to lose if I could help it.
Right before Christmas, build 5270 was made available to beta testers (it's on MSDN now...). so I figured it was time to load it up on these PC's. The desktop PC was no problem - I formatted the hard drive so as to get a clean build. Installation went fine and everything was up and running fairly quickly. I did notice that 5270 includes some additional drivers that previously weren't there (my USB wireless adapter), so that was nice.
The laptop was a different story. Since I wanted to keep some of the data, I decided to try and to a new install without formatting. Big mistake. The process went something like this:
1. Boot from Vista DVD - start setup.
2. Choose existing partition. Setup informs me that it has detected an existing Windows installation and if I continue, it will rename the windows directory to windows.old, etc. Fine by me.
3. Setup continues (and takes a LONG time). It reboots the first time and resumes setup (as normal), but after appearing to finish and rebooting a final time, the only thing I get is a black bootup screen telling me that Windows has detected problems with the bootup environment (or something similar). Specifically, it tells me that ntoskrnl.exe is missing.
Ok, I've got an external USB hard drive case for laptop hard drives (it's really more just a circuit board with the IDE connector going to a USB connector), so I pull out my hard drive and hook it up to my other laptop (running XP). I browse the directories, and I see that the old Windows directory was renamed properly (old user profiles were moved inside the Windows.old directory), and when I look in the windows\system32 directory, sure enough, there is no ntoskrnl.exe file present. That's weird!
I think to myself that it must have just been a glitch with the setup proces, so I'll do it over. Oops - now there isn't enough space left. Vista needs 8gb of free space in order to run setup. I had to go in and whack the windows directory that setup created along with a bunch of the temp installation files (note to Vista team - make sure that setup cleans up any temp files once it RTM's). Once that's done, I run setup again. SAME result. Unfortunatlely, I don't know how to extract that one file from the DVD (note to self - need to find this out), so I try asking around for a copy. I was desperate! Anyway, no one had a copy immediately available, and no one seemed to have encountered this problem before (my newsgroup question still remains unanswered to this day).
The end result (there was no "solution") was that I used my new DVD burner that I got for Christmas to back up all the documents, pictures, and other data that I wanted (though somehow I forgot our PST file - bummer). Once that was done, I formatted and got Vista to install with no problems. Ugh.
Now for the next part of the story. We had been using Office 2003 on the previous Vista build with no issues whatsoever. However, when I installed Office 2003 on this build, Outlook would not download any mail from my POP accounts. Totally weird! I tried everything I could think of, including completely removing office, deleting the office directory, re-creating the mail profile, etc. etc. Nothing seemed to work. So, I'm also on the Office 12 beta and decide to try and install that, or rather "upgrade" to Office 12. I'm mystified that right at the end of setup, there are some registry keys that setup doesn't seem to be able to access. When I check the keys, the owner shows up as a SID, and I can't change permisssions (System only had read access as well as Administrators). I tried changing permissions on all the keys that it mentioned to no avail. Finally, I completely removed Office 2003, then installed Office 12 and it worked fine. As soon as I installed Office 12 and configured Outlook, it began pulling down all my mail again. PHEW! At least we had webmail access to the mail for the period of time it took to sort this out. What a mess!
Do you have an upgrade horror story? Send me your link.
- posted by Ben Winzenz @ 11:05 PM 0 comments
Thursday, January 05, 2006
Microsoft provides patch early
Microsoft has released a patch for the WMF vulnerability that could potentially result in an attacker taking control of a compromised system. Initially, Microsoft was going to wait and release the patch next Tuesday on "Patch Tuesday", however, based on customer feedback, they have decided to make it available immediately.
I have verified that it is available via Microsoft Update (Windows Update should be the same). I'd suspect that folks that use SUS and WUS will download it tonight (or the next time their servers check). It's also available on the Microsoft Download center should you want to use that.
You can read about the details of the vulnerability here. I'd recommend applying this update immediately. A reboot may be required once it has been applied. I can't say for certain, as I applied another update along with this one.
- posted by Ben Winzenz @ 2:33 PM 0 comments
Hook 'em Horns!
I must shamelessly admit that I am a University of Texas fan, and a sports junkie!
As I'm sure many of you did, I watched the Rose Bowl last night. We gathered at a friends house and watched it on this. A-ma-zing. Very clear picture. I WANT ONE!
Anyway, have you ever noticed that you get into a game a lot more when you are gathered with others? I was sitting on the edge of my seat almost the entire time. I'm surprised I didn't lose my voice last night - we were all yelling and screaming for most of the game.
Coming off watching the Orange Bowl the previous night where it went to triple overtime, I wasn't sure the Rose Bowl would live up to all the hype, but boy did it ever. Talk about 2 competitive (and good!) teams...
Congratulations to Vince Young and the rest of the University of Texas team on winning the College Football National Championship. They deserved it, and played like they deserved it as well.
- posted by Ben Winzenz @ 8:44 AM 0 comments
Tuesday, January 03, 2006
MSN Spaces getting a lot of (negative) press
I'd venture to say that it isn't very positive either. Robert Scoble was one of the first to bring this news to light in the mainstream blogs and he's not real happy about it. I'm not really sure where I stand here. On one hand, the Code of Conduct for MSN Spaces does seem to quite clearly spell out the rules and seems to quite clearly state that at their sole discretion, they may remove content, delete postings, ban users, etc. Listed here is the Code of Conduct from MSN Spaces.
Prohibited Uses
Violations of the MSN Spaces Code of Conduct may result in the termination of access to MSN Spaces services or deletion of content without notice.
You will not upload, post, transmit, transfer, disseminate, distribute, or facilitate distribution of any content, including text, images, sound, data, information, or software, that:
- incites, advocates, or expresses pornography, obscenity, vulgarity, profanity, hatred, bigotry, racism, or gratuitous violence.
- misrepresents the source of anything you post, including impersonation of another individual or entity.
- provides or create links to external sites that violate this Code of Conduct.
is intended to harm or exploit minors in any way. - is designed to solicit, or collect personally identifiable information of any minor (anyone under 18 years old), including, but not limited to: name, email address, home address, phone number, or the name of their school.
- invades anyone's privacy by attempting to harvest, collect, store, or publish private or personally identifiable information, such as passwords, account information, credit card numbers, addresses, or other contact information without their foreknowledge and willing consent.
- is illegal or violates any local and national laws that apply to your location; including but not limited to child pornography, illegal drugs, copyright material and intellectual property not belonging to you.
- is intended to threaten, stalk, defame, defraud, degrade, victimize, or intimidate an individual or group of individuals for any reason; including on the basis of age, gender, disability, ethnicity, sexual orientation, race, or religion; or to incite or encourage any one else to do so.
- intends to harm or disrupt another user's computer or would allow others to illegally access software or bypass security on Web sites, or servers, including but not limited to spamming.
- attempts to impersonate a Microsoft employee, agent, manager, host, another user, or any other person though any means.
Termination and Cancellation
Microsoft reserves the right, at its sole discretion, to review and remove user-created services and content at will and without notice, and delete postings or ban participants that are deemed objectionable.
On the other hand is the question of whether this type of censorship is good for blogs. Isn't the whole point of blogging being able to express yourself? Plus, who exactly is determining if content meets these criteria? Is it individual people? A group of people? An automated engine that searches for certain criteria? What constitutes grounds for removing the blog (space)? Do users get any warnings?
I'll be the first to admit that I don't know what type of content was being posted by Zhao Jing(Michael Anti). The limited information I've read seems to indicate that he pushes the boundaries of what is acceptable. Is that like Howard Stern on US Radio where he was fined by the FCC? I don't know. I'll publish any updates as I see more information on this.
- posted by Ben Winzenz @ 3:37 PM 2 comments
