You have to ask: is there malware on my system? You can be 100 per cent certain there is no malware that you can detect, but less than 100 per cent certain that there is no malware at all. Now, ladies and gentlemen, isn’t this true of every computer we already have? There is [...]
White Paper: Configuring Virtual Organizations and Address List Segregation in Exchange 2007
February 8, 2008 By Leave a Comment
Microsoft has released their own white paper containing guidance on configuring Exchange 2007 for Address List separation. This is something that was pretty easy in Exchange 2003, but suddenly made a lot more complicated and less obvious in Exchange 2007. A bunch of home brew solutions came about some time after Exchange 2007 was released [...]
Exchange Server 2007 SP1 disables Exchange Anti-spam updates
February 6, 2008 By 1 Comment
Here is the anti-spam configuration on an Exchange Server 2007 RTM server: [PS] C:>Get-AntispamUpdates UpdateMode : Automatic LatestContentFilterVersion : 3.3.4604.600 SpamSignatureUpdatesEnabled : True LatestSpamSignatureVersion : 3.3.4604.600 IPReputationUpdatesEnabled : True LatestIPReputationVersion : 3.3.4604.001 MicrosoftUpdate : NotConfigured And here is the same Exchange Server 2007 server immediately after upgrading to Service Pack 1: [PS] C:>Get-AntispamUpdates UpdateMode : [...]
Restricting outbound email with Exchange Server 2007 Transport Rules
February 5, 2008 By Leave a Comment
In prior versions of Exchange an organisation that wished to restrict who could send outbound internet emails could apply the restriction on an SMTP connector. In this example emails sent to the * address space are rejected by default unless sent by a group listed in the “Accept messages from:” list, for example a group [...]
Security Spin Cycles
October 17, 2007 By Leave a Comment
Jeff Jones posted a blog entry to celebrate Red Hat fixing their 1000th unique security vulnerability. He also draws attention to a Red Hat post on their “Truth Happens” blog back in August, which itself quotes a post on Lxer.com. Jeff posts quarterly statistics on his blog that show how many vulnerabilities have been patched for various [...]
Tom Shinder on “hardware” firewalls
August 31, 2007 By 3 Comments
Tom Shinder of ISAServer.org takes an amusing shot at the myth in some circles that a “hardware” firewall or “firewall appliance” offers more security than a Microsoft ISA Server firewall. I was drawn to a particular quote in his article about the relative security of ISA Server to other popular firewalls in the context of [...]
