Blog Archives

Open Source Anti-Spam for Exchange

I have been a long time user of GFI software, relevant to this post is their Mail Essentials for Exchange package.  I find it to be a very powerful and easily setup anti-spam system for Exchange.  I have had very little trouble with it, and it is packed with useful features.  However, recently I had some configuration issues with my spam setup, with rollernet really, not even an issue with Mail Essentials, but it got me thinking about my spam filtration system. 

I am now on a quest to find an open source anti-spam solution for Exchange.  I’m open to Linux based solutions as a gateway of sorts, but would prefer something that resides on the Exchange server running under Windows.  Don’t get me wrong, I have a great respect for SpamAssassin and other gateway type spam fitlers, but it gives the end user a much better experience if the anti-spam software can interact with the user, especially if it integrates with Outlook. 

Surely there must be some kind of solution out there I could try.  At the very least I might install a few different packages under Linux and route incoming mail through them, and from there go to Exchange for evaluation.  I can use server virtualization to allow for an easy evaluation of various types of configurations.  ASSP I hear is very good and there was one other package that I found last night that sounds promising.  I think it could be beneficial to have an additional layer of spam protection at the gateway level before GFI gets the messages and does its thing.  My only concern is false positives.  Lots of services and companies on the internet today do NOT have the proper DNS/MX confiugration and even at a more basic level don’t have their network setup right.  All these network issues can have a major impact on e-mail deliverability.  Its always a risk then when dealing with spam filters that you may block legitimate messages.  I am always watching spam logs to ensure that I keep an eye on how the system is doing.  If web services and companies would do a little work to get their sytems in compliance with RFS’s for SMTP and DNS, and setup the proper network configuration and mail server options, it would be a much better world for mail delivery without false positives. 

Windows Vista Upgrade failed

Last night I was trying to upgrade to Windows Vista on my main XP computer.  I was 3/4 of the way through the installer when the install screen vanished and dropped me back to the XP desktop.  XP still seemed to work, and no matter what I tried, I could not get the installer to resume.  I had no choice but to reboot, but what I didn’t know was that Vista had already copied over its boot files and screwed with the MBR on my hard drive.  So upon reboot, I get a Vista boot loader, which goes to the setup screen, but promptly throws up an error saying (not exactly sure of wording) “Windows could not initialize the installer”.  So XP was dead at this point, sure there are some ways I could have gotten it back, but I really wanted Vista to install. 

I ended up using a Knoppix 4 bootable CD and using the file managers in linux to backup my data on my XP parition to a file share on a server in my network.  After the backup was done, I wiped the partition and loaded the full install of Vista and installed fresh on the clean XP partition.  I am not sure if I am going to go with Vista or not, so I’m installing from the media with no CD key, just to use it in eval mode.  If Liz likes it and can get used to it, we might go ahead and buy the Ultimate edition upgrade.  But for now we’ll give it a try and see how it goes.  So far its running great on my hardware, but I’m a little disappointed with the performance rating of 3.7.  I have a dual core P4 3GHz chip, 2 GB of performance DDR2 RAM, and 256MB ATI X600 PCIe video card running on a nice Abit motherboard.  I was expecting to get a score near or at a 5. 

NoSpamToday has a version for Linux

I just found out that NoSpamToday by Byteplant now has a version of their spam filter for Linux. Take a peek…

Computer problems

Sometimes even us computer professionals make really dumb mistakes on our computers. I was downloading some software last night and messing around a bit, when I opened something I knew I shouldn’t have. I had some zip files on my desktop that I had downloaded and when I tried to open them (without first scanning them for viruses) they just said the archive was damaged. But I could extract them with winrar. So I figured I just did something bad! I was adding and removing software from the PC, when I had to reboot. After the reboot, Windows would load to a blue screen waiting to open the logon box, but instead I just got STOP errors and Winlogon would crash and do a memory dump. So I stayed up till about 11:30 working on it, trying to get it working before Liz got home so she would have her PC today. I was never able to get it working and even tried some live linux CDs just to get her something to use. No luck! So I am going to try a different tool tonight to see if I can get to the system restore feature of Windows XP (since not even Safe Mode will work). If that works it makes it easier for me to backup and then re-load everything, but either way, it looks I’ll spend my weekend re-loading our PC again! I seem to be doing that more and more frequently lately. I wish I had a nice powerful server I could run Virtual server 2005 on, then I could just setup a virtual PC for all my downloading and testing, then it wouldn’t screw up my PC! I think I may also start making routine backups with ghost or something like that once I get it back up and running. I get the feeling that I need to do some hardware swapping too, since the machine seems so slow. Its got good stuff in it, but its just not as fast as it used to be. I could probably use a new hard drive, memory and motherboard. We use our computers a lot, and they run almost all the time, so things do tend to wear out!

Home Network Monitoring

I am again using OpManager from Advent Networks for my home network/server monitoring. I only have 3 servers, 2 PCs and some network gear to montior, along with a few websites (URLs) I need to keep an eye on, so this product is perfect for me. Since I’m a windows shop (not that I have anything against other platforms, I’d actually love to throw some Linux in there), this product works perfectly. I can monitor 10 devices for free, I can setup URL monitoring so I can keep tabs on my website uptime and keep detailed history. I can get notified of failures of any system on my network and even website downtime. I have a scheduled downtime window between 10pm and 7am where my desktop PCs are not monitored in case I shut them down for the night. This is an awesome product, with tons of features and amazing functioanlity. Fully supports, WMI, SNMP, custom montior and just some amazing features. I highly recommend it to anyone who needs to keep tabs on their systems, even for over complicated home users like myself.

Home Network – Part 3

Microsoft Active Directory:
My home network is built on Microsoft’s Active Directory. I use active directory to organize my user accounts (all two of them), my computer and group policies. With group policies I can set common variables for all my workstations, servers, etc. This way I don’t have to hand configure everything, its all automatic. Group Policies are a great way to manage your network workstations or servers. There are other solutions here, some people like to run Linux at home, and I’ll admit, I do too from time to time. I love linux, but there are still too many apps I use that require Windows. From time to time I demo some of the latest Linux distributions and try things out. I think its great, and if I had a 4th computer to run it on, I’d probably run a linux server or desktop as well. Some people like novell, some people like MAC, its up to you. This is just how I am doing thing. I have group policies set to add customization to my desktop mainly. Things like a browser title, automatic update settings, common software distribution, etc.

Domains, e-mail and more:
I guess I can’t go much further without explaining how I also do my domain names and websites. I’ll write more about this topic later on as a how to and what you should know for getting your own domain and website. But for now, I’ll keep it simple. I own several domain names which I use for various purposes. I have one domain that is for all my server equipment, like my hosting server that hosts my website and some other websites I host for people (for free unfortunately). These servers are in a data center and I simply “rent” the server from them on a month to month basis because its cheap and does what I want it to do. Plus they take care of maintenance and problems. Then I have a primary domain name I used to use for my hosting company’s website. The backend server domain ended with a .net and the primary domain is a .com. These extensions can be anything you like, but I stuck with a traditional format. Then I have a third domain for my personal website which is mainly for my family and my blog, etc. Here is where the bulk of my incoming and ougoing e-mail comes from, the other two domains are mainly for servers and a now closed hosting company. I do have some other domains, but don’t really used them yet. I’ll be expanding that later on as well.

E-mail:
So now you know I have a shared hosting server which hosts my websites and most functions of my domain names. Now when it comes to e-mail, you’d naturally assume this server also handled mail for my domains as well right? If you said yes, you’d be wrong. I’m using a service called Rollernet which is a mail forwarding service. Since my ISP restricts incoming traffic on port 25, it was necessary to setup SMTP on a non-custom port. However, this causes a problem because when someone on the internet sends me an e-mail, most mail servers only send mail on port 25. So if I’m running SMTP on a non-custom port, how do I get my mail? Here is how. Rollernet’s servers are listed as the MX records for my domains. This means, that when you send me an e-mail, its actually received on port 25 by rollernet. They take the mail, queue it, do some scans on it for viruses, spam etc, then they forward that mail to my home mail server on a custom SMTP port. Of course I have this port setup in my cable modem and firewall to allow it to be forwarded to my mail server which resided on my LAN. Now here is the complicated part. My home mail server received mail on a custom SMTP port and is received by NoSpamToday, which is my SMTP level SPAM filter. NoSpamToday (NST for short), filters for SPAM, viruses etc, and basically makes sure that the message is valid before it allows it in to my mailbox. Now NST is not a mail server, its just a SMTP server, so another component is needed here, thats where 602 Lan Suite (LS for short) comes in. NST received a message for me on a custom SMTP port. Once it makes sure that the message is valid, it then forwards that message to 602LS which receives the message on the standard SMTP Port 25. 602LS receives the message and performes a few checks of its own, like scanning it again for viruses, doing aother SPAM check and finally delivering it to my mailbox. 602LS also has a built in webmail server, so I can check my webmail from anywhere in the world. This is also where port forwarding comes in as the ports for webmail need to be setup to route to my home mail server from the outsite. Using my public DNS zone, I can add a record for webmail to my domain, so I can go to http://webamil.mydomain.com/mail and get to my web interface. This way I don’t have to use DynDNS or any of those services, since my public IP on my cable modem rarely changes. Now if it were to change, I’d have to manually update that in my DNS zone. So watch out for that if your using this scenario. I am aware of it and know what to do, so for me its not a big deal, but if your new to this, don’t set this up and wonder why it breaks 9 months later. Keep an eye on your public IP.

Lets now talk about outgoing mail. I don’t know if your like me, but I find myself in situations at work and abroad where I find that my company network or hotel network restricts SMTP servers to their own servers and won’t let you send mail using your own SMTP configuration. For example, at work I run a simple server monitor that sends alerts. But my company has a firewall in place that limits outgoing SMTP traffic on port 25. Now I bet your wondering where the SMTP component from IIS comes in to the picture from my previous post. Here it is. I am running IIS on my mail server but only the SMPT component. So I setup Microsoft’s SMTP service to listen on a custom port (different from my incoming SMTP port for normal e-mail from Rollernet). This way, I can setup my monitoring server to use my custom SMTP server at home to send the alerts. So in my situation, my monitor program detects a problem with a server in my office, it sends an alert to my home mail server on a custom SMTP port. My SMTP server then relays that message to my shared hosting server which then sends it to the desired recipient on a standard SMTP port. This way, I can use SMTP wherever I am, still get my messages or alerts sent and accomplish my tasks. This custom SMTP service is protected by a username and password and relaying with it is denied. Relaying on NST is also forbidden. Ok, so how about my home PC? Ok, simple, we use outlook on our home PC, so outlook is setup to send/receive mail from 602LS through POP3 and standard SMTP. We send a message from outlook, it is received by my home mail server on port 25, which then forwards that mail to my shared hosting server. Some ISPs also restrict outgoing SMTP traffic, so here you may need to setup a custom port on your public SMTP server and configure your mail server to send all outgoing mail over a “SmartHost” or custom SMTP configuration. My shared hosting server then delivers the mail over standard SMTP to the recipient’s mail server.

So in summary, yes this is a complicated setup, and no it may not be for everyone. But I will say this, there is a degree of pride that goes into setting soemthing like this up. Now I’m a Microsoft Engineer, so I’ve been doing networking for a long time. No this is not the way to go about setting up a business or large company. Obviously I’d recommend using Exchange or more powerful mail servers and betters ISP connections. But if your a techie and want to setup a really cool home network, this guide might just help point you in the right direction.

Other Services:
Lets talk remote access. So how do I manage this home network when I’m not home. Easy, RDP. There are lots of people around that don’t like RDP, its not very secure, and has its issues like any other software or technology. For me however, its perfect. I simply forward port 3389 from my cable modem to my firewall and from my firewall to my PC, I can remotely manage any machine on my home network. Now I took it a step further, and actually setup a custom RDP port on my other machines, like my servers and second desktop. This has the advantage of being easy to individually RDP into any machine on my home network without first having to remote into my home pc and then into another machine. In conjunction with DNS for easy naming, its a snap. All you need to remember is the custom port number for each machine. I only have a few so its no big deal, if you have many machines I’d recommend finding a better way, such as VPN. Through RDP I can remote control, and virtually manage any server or desktop on my home network.

Web management: I also use a program called Remotely Anywhere (www.remotelyanywhere.com). Its a great application that runs as a service on Windows. With it, you can remote control, Transfer files, totally manage all aspects of the machine right from a web browser. Its very robust and powerful, with tons of additional features too numberous to mention. Its one of the best web based remote control/management solutions I know of. This can also be setup on a custom port, so it will need port forwarding configured for it as well.

FTP: I used to have a NAS server with FTP setup so I could FTP directly to my RAID5 storage device. Now that its gone, I don’t really use FTP anymore so I removed it. I use an FTP site on my shared hosting server temporarily if I ever need to send anything through FTP. I can grab it from home later.

Internet Access: Because my cable modem and firewall do NAT, its very easy to provide for internet access to my workstations and servers on my home network. The firewall is the gateway on my network, and Microsof’t DNS handles all DNS related operations on my network. My DNS server is configured to forward all requests for external host names to my ISP’s DNS server. It then caches the results and can reply much faster to any requests my workstations or servers make. Internet access is basically a simple NAT solution provided by my firewall and cable modem.

Points of Failure:
With a system like this there are other considerations that need to be taken into account. Amoung them are power, redundancy, damage, replacement, etc. For example, if my power goes out what happens. Well for me I have my critical equipment on a UPS. Since this is a home network and not a critical system, the UPS will keep my servers and internet connection up and running for 5 minutes. This should be sufficient as long as the power isn’t out for long, which is isn’t usually. What if my firewall or cable modem goes bad. Well then I have a problem, as with my ISP I have to have them come and activate a new cable modem. So I’d first have to buy a replacement and then have them install it. This can be done usually by the next day. So what if my mail server or other network equipment is damaged. Well, for mail, if my home mail server becomes unavailable, mail will queue at rollernet, so I won’t loose any e-mail. I can even redirect that mail to my shared hosting server if I wanted to so I could get to it. If some of my network gear fails, it will obviously need to be replaced. I’d try to repalce it with exactly the same modem so that if it had a configuration with it, I could easily restore a backup config file to immediately get my network back up and running.

Security: What about security, how secure is this setup? Very secure. Even considering I have ports forwarded into my LAN from the outside. This often makes security experts very nervous and for good reason, but again, this is not the NSA, I don’t have anything on my home network worth anything to anyone but me. That is not an excuse for having bad security. First, I have a double NAT solution, so even if someone could hack in past my cable modem, they couldn’t get further than my firewall. If they could get past my firewall by some miracle, they would not be able to access anything on my network, since all network traffic between workstations and server is encrypted through Kerberos. The worst they could do if map out my network and find my IP addresses. DOS attacks are also a possability, but there isn’t much that can be done about that anyway. Again, I’m not saying good security isn’t important, and the measures I’ve taken are sufficient for my needs. Please don’t think I’m advocating bad security measures.

Thanks for taking time to read this post, I know it was long. Keep an eye out for more tech posts in the near future. I’ll also post some images giving you a visual of how all this works. Here is a simple visual aid of what I’m talking about above.]]>

Backups backups backups

After about 9 years of being in IT, I’ve learned how important backups are. I’ve experienced data loss due to not having a good backup several times. It really is worth it to have a good backup plan. Whether at work or at home. At home, I’ve got two 2003 servers, two XP desktops and I always make sure I at least make a ghost image of each one, with just the bare OS and again with all the software I need loaded. For example, my home PC, last night I was having troubles due to some beta software I installed (foolishly). I had planned to use my other XP desktop for software testing, but never seem to do that. The junk always goes on my primary PC, after all its faster and resist crashing longer than the slower desktop. So anyway, long story short, I decide to restore a ghost image of my Home PC with all the software loaded on it. Since I have a domain, my user accounts are still OK, I keep all my data on separate drives and network locations, so I won’t loose anything. But there always seems to be something you forget. Items like desktop downloads, favorites, RSS feeds, etc. now I couldn’t get windows explorer to work long enough to copy anything, so I got out my trusty Knoppix 3.9 bootable CD, inserted my thumb drive, and off I went, I was able to use Linux to get my data off my drive, before I reloaded the ghost image. I finally around 11pm, got all the stuff copied over and my ghost image restored. All I had to do was setup our desktop profiles again, like setting up outlook, and redirecting the my documents folder. Then I was done. So I’m all back up and running, thanks to having a good backup strategy. It only took 4 minutes to restore the ghost image, if I had to reinstall windows and all my apps manually, it would have taken hours! I use NTBACKUP to backup my two servers. The other desktop I don’t care about and will likely give away soon anyway.

Once I lost 2 years of data on a Novell Netware server I had at home. I decided I’d break a mirrored volume in Netware, forgetting I had stuff on it. Once it was broken, my data was gone. Boo hoo hoo. I was recently using a Dell PowerVault NAS 705N for my storage needs, but its a little slow, it was RAID5 which was good, but I decided to sell it, so now its listed on eBay. I hope I can sell it and get another 400GB hard drive. I have about 1TB of storage space in my PC right now. I need it too, I’ve got 200GB of normal data, like CD images, software, downloads, documents, etc. Then I have lost of multimedia, like music, movies, home video recordings and such that take up a lot of space. So I need to get one more drive and that should do it for now. My only concern now is that if any one of these drives fail, I loose all my data, and I don’t have a location on my network with storage large enough to store all that data if I were to back it up. I thought about getting a tape drive, but don’t want to spend the money (that I don’t have) on a tape backup solution which would likely not be large enough to hold all my stuff on a single tape anyway.
]]>