Ant Drewery

We take our disaster recovery very seriously and like to think that we’re prepared for most eventualities. Exchange 2003 Recovery Storage Groups make it very easy to recover mailbox stores, specific mailboxes and even specific messages but what options do we have for public folders?

Firstly you should have deleted item retention enabled on your public folder stores. That can get you out of a hole when someone deletes something they shouldn’t. However, if you need messages or folders restored prior to your retention period your options are limited.

An approach that we’ve used very successfully here is ‘Alternate Server Recovery’. The basic concept is to install a an entirely independent forest and Exchange org on a DR server. The AD domain and server can be called anything you like but the Exchange org and Administrative Group names must be the same as your live system. You’ll also need to change the LegacyExchangeDN attribute by following this article. Once everything is in place you’ll be able to restore and mount a backup of your public folder store, then simply connect an Outlook client and export any folders or messages that you need to PST.

Well I finally crumbled and bought myself a new black 60GB iPod video. My previous MP3 player was a 5GB Zen Micro which was pretty good but limited in space and lacked the slick interface of the iPod.

Despite my music collection being in WMA format, iTunes and the iPod swung it for me on a few key points:

And finally, video playback. I download a lot of US TV shows as I get fed up waiting for them to come to the UK, if indeed they ever do. I also like the fact that I can watch them on my Media Center whenever I like and I’m not governed by programming schedules. I like to be able to watch my downloaded TV on train journeys and with an additional cable I can also hook my iPod to any TV in the house to view them.

People criticise the iPod for it’s lack of supported formats but conversion is a simple process using a single free tool (which I’ll blog about soon). They also criticise the screen size but let’s face I’m never going to sit and watch the Lord Of The Rings trilogy. In my opinion the screen is fine for watching a TV show. Previously I’ve used an iPaq and an i-Mate Jam to watch shows on the go but have ditched these devices in favour of my Blackberry. My most recent gadget for portable video viewing was the Play-Yan cartridge for my Game Boy Advanced. This allows you to view/listen to media stored on a SD card. The snag is that the interface is in Japanese but you soon find your way around. This has now been ditched in favour of my iPod.

It’s official, I hate RBLs. For sometime I’ve tolerated and indeed used well run and respected lists like SURBL but then SURBL works differently to the rest. SURBL does not block listed hosts but rather allows you to block messages based on the URIs that they contain. It works well in conjunction with our MailSweeper servers.

The main problem with these types of service is that no one governs them. I could set one up tomorrow and list whoever I liked. Of course, you’d have to chose to use my list with your systems.

Most of these services make it fairly painless to be removed so although inconvenient it’s not the end of the world if you are listed in error, and indeed if you are an open relay then it can be a justified kick up the backside. However, there are some real cowboys out there.

Today we’ve found one of our gateways listed with such a cowboy http://www.us.sorbs.net/. I’ve scanned the box for Trojans and viruses with 2 different products and have thrown every relay test I know against it. Nada. So how did it get listed? SORBS claim that our box sent an email (not a spam, just a regular email) to one of its honey trap addresses. That’s just plain crazy. It could have been an NDR or virus notification in response to a message that spoofed the SORBS address. To make things worse SORBS want a fine to have our box de-listed. This fine is in the form of a donation which I guess gets them round any extortion charges. What a joke.

I’m even more shocked to find a company like Vodafone uses this list as part of their anti-spam measures. Their admins should be shot.

That’s my rant over for now. I need to get back to getting de-listed.

We have quiet a complex public folder structure. It’s a result of combining the Exchange 5.5 orgs of 5 different shipping lines who were all heavy public folder users. The folders are distributed between 4 dedicated Exchange 2003 public folder servers in three different regions. Some of our global public folder usage is hampered by replicas so, as we have a very good WAN infrastructure, we rely on public folder referrals wherever possible.

We are working to consolidate and clean up our folders but it’s been slow going. However, the new public folder management features in Exchange 2003 SP2 have made things a whole lot easier.

The first feature that we made use of was the ability to append a user or group to the permissions on a tree of folders. Whist we try to control folder access with groups as much as possible it can sometimes be a very tedious process modifying permissions. Previously if you made a change to a top level and replicated it down it would overwrite the permissions on all folders below. Now you have the choice to add, remove or replace specific permissions. This allowed us to crate a Public Folders Admins group and assign it Owner rights to the entire folder structure.

Another feature that has helped with our consolidation is the management of replicas. In the same style as the permissions management you can add, remove or replace a replica on a tree of folders without disturbing other replicas. Watch out for content replication storms though else you may need the final feature I’m going to mention.

With SP2 you can now easily halt content replication if you find yourself subject to a content replication storm. Simply right click the very top level of your org in ESM and select ‘Stop Public Folder Content Replication’. You can then check/modify your replica settings and re-enable content replication at a more suitable time i.e. outside of business hours. You should note that using this feature this will also stop content replication between your existing replicas.

So if your organisation makes use of public folders I’d recommend upgrading to Exchange 2003 SP2 to make the management of them easier.

It’s been a bit light on the postings front for the last few days due to work commitments and some DR exercises we’re running. As a result of this though I should have some interesting topics to blog about very soon.