David Lemson's WebLog

What's the story with WINS?

Recently, someone asked the following question on an internal Microsoft distribution list:

Can someone please outline the ways in which Exchange 2003 is dependant upon WINS..?

Here's the answer I wrote back:

Exchange 2003 is dependent upon three different things that are related to WINS:

a) Netbios name resolver - this is a service that uses subnet broadcast to let you find the IP addresses of other hosts on your network, based on the name.  This is what lets me, on my desktop machine at home, type in \\server\videos and see the share from my server, without any DNS or AD setup.  This works fine but only if all of your admin consoles and servers are on the same subnet!

b) WINS - this allows netbios name resolution between machines on multiple subnets

Exchange 12 unveiled

Where have I been?  I have been so very bad at blog posting.  I like to think that I favor quality over quantity :-), but I'm afraid I've been a huge slacker when it comes to this blog.  But I'm going to try to change and blog more often, now that we're starting to go more public with Exchange "12". 

In case you missed it from the EHLO blog, our first Exchange "12" CTP is now available to TechNet subscribers. I encourage you to check it out.

Also, I will create some posts about my recent Media Center adventures.  I built a new theater room in my bonus room, and I'm using the app from "timmmoore" at thegreenbutton.com that uses IEEE-1394 to stream broadcast channels off of a cable box

We are doing webcasts this week on TechNet, you should join in to hear about Exchange "12"!  I am doing the webcast on Thursday, Client Access and Web Services in Exchange "12".  Today, Tuesday, at 1 pm Pacific, you can see Terry Myerson, the Exchange General Manager, doing an overview of Exchange "12" session.

TechEd Day 1&2 from an Exchange perspective

Want to work on mobile/web access technologies in the Exchange Team?

See my post on the Exchange Blog for details on some job openings in my team.  As a bonus, can you guess who I am channeling in the first paragraph? (hint: there's a lot of rhetorical questions)

My favorite spot on the MS campus

I was just reading a not-so-old post on Adam Barr's blog about his favorite spots on the MS campus and then a follow-up to it, and I thought I'd write about my favorite spot.  The other day, we were coming back from a meeting in building 31 on our way to the building 34 cafeteria and decided to go through this spot.  Next to 163rd Ave NE there is a stand of trees with a path that winds through it in a meandering way.  It was obviously deliberately set up to be this way, but for just a minute, you feel like you are out on a hike in the forest.  I know there are tons of places in Seattle that are like that (which always surprises someone like me, who spent many years in the midwest), but it's really amazing to be like that right next to your modern office building.  Not to try to show up Adam or anything, but here's the overhead view of the spot!

 

Great MCE 2005 feature: Info on Movies

It seems like every day I find a Media Center 2005 feature that makes me say, "wow isn't that cool!"  Today's is "More Info" on Movies. 

First, when you want to pick something to watch, it treats movies separately, you can see what movies are on now, on in the next hour, etc.:

This was interesting but didn't knock my socks off.  Then, we get to the cool stuff.  I am an IMDB junkie, I love seeing what actors were in what movies. So I was delighted to see this, when I hit the "Info" button while watching a movie, and then selecting "Cast & More":

You can see what seems (in my small sample size I've looked at) to be a complete list of the credits, a real, critical review of the movie, and a list of other movies you might like to see.  Then, if you click on someone in the credits (in this case, Sean Connery):

You can see the other movies that Sean Connery was in, and if they are in the guide on a channel you receive, it will tell you what channel and when.  Of course, you can click on it to record it.  Neat!

Quiet MCE, Part Deux

Earlier this year, after being a TiVo fan for quite a few years (I have the little plush toy they sent me in my window at Microsoft :-), I decided to see what Microsoft's solution was all about and installed a Media Center 2005 machine.  Now that we've been using it, the plan is to ditch the DirecTiVos and get Media Center Extenders instead... it is an excellent solution.  The only downside for me was that the Dell 400sc I was using was not very living-room-friendly.   The ATI 9800 Pro that I need for HD OTA playback sounded like a jet engine, the case was sideways in the bookshelf next to the TV, etc.  So I figured I'd use the holiday downtime to put together a new incarnation of the MCE machine... part Deux. 

My first step was to quiet the video card.  A few months ago, I had bought a VGA Silencer but had not gotten around to affixing it - the steps seemed somewhat daunting, plus it eats up a PCI slot and I didn't want to give up one of the 5 slots I had in the Dell. I figured I'd try it in the Dell first to get a baseline.  I pulled out the $10 internal modem card I was using to get Caller ID info on the screen (built into MCE - how nice is that?) and set to modify my 9800 Pro.  It turned out that the instructions were much simpler and the procedure much more straightforward than I had figured.  You pull off the existing jet engine fan and heatsink, clean the chip, add included super duper thermal grease, set the heat sink on, connect the wire, and screw it on via a clip on the back of the card.  The difference is amazing.  There are two modes: Silent and Much Quieter Than The Stock Fan.  I thought about stopping right here... but I was determined...

The next step was to turn it into a home theater component.  I kept reading good things about the Ahanix cases, including the fact that a number of people at Microsoft had the D.Vine 4 cases.  I finally settled on that case and ordered one from Newegg.  The box it shipped from had a sticker that said "must be double boxed when shipping by UPS or FedEx", and mine shipped by FedEx was not, but the case seemed to be in fine shape.  I read a bit more and settled on a Zalman CNPS7000B-AlCu CPU cooler to make the CPU silent.

Regarding the motherboard, my other goal was to switch to digital connection between the PC and the amplifier.  I was actually pretty satisfied with the sound from my Creative Audigy 2 with the analog 5.1 cables going to the amp, but it just seemed "unclean".  I knew from some friends and co-workers that the best solution is to use an nVidia nForce 2 Ultra motherboard, which has something called 'SoundStorm', which does real time Dolby Digital encoding of whatever source you are using.   I was considering buying one, when I realized that the last machine I put together for KC had some kind of fancy motherboard, and was an AthlonXP, so I busted it open and sure enough it had one of the nicest motherboards that fit my bill, the ASUS A7N8X-E Deluxe.  She had an Athlon 2600+ on there, which should work OK (the Dell was a P4 2.8C and CPU was never an issue).  Long story short, I swapped her HD and the Creative card (so she can still have Firewire for camcorder capture) into the Dell, that was about the easiest part of the story.  Dell has the best hardware engineering I have ever seen from a computer manufacturer, the case design is phenomenal. 

Anyway, I set to putting together the machine with the new case.  One of the first things to happen was that I was sliding it across the carpet and one of the rubber legs fell off.  Oops, factory glue wasn't too strong there.  Re-glued. (it fell off again later but I glued it hopefully the final time right before I later installed it)  I installed the motherboard, CPU cooler (used 99% isopropyl alcohol to clean the CPU of its original heat sink grease as some web sites suggested), cards.  When I got to installing the video card with its massive cooler, I noticed something annoying - the PCI slots are closer to the AGP slot than they were in the Dell - the video card's cooler now covers two PCI slots.  One has the heat sink's heat exhaust, the other was blocked, so I used that slot to shoehorn in the motherboard's external firewire header.  I got the other cards in and booted up.

Here's another rant... and it bites me every time... in the course of doing this, I decided to just have one disk in this machine, for noise, so I planned to have that one disk the 200 GB Seagate 7200.7 SATA drive that I had in the Dell as a data storage disk.  Well of course Windows XP doesn't have the VIA SATA controller built into it, so you have to hit F6 during setup to add the driver.  And of course I didn't put a floppy drive into this machine.  So I ended up with this frankenstein thing with a floppy drive hanging out the side until I got it set up.  The other twist is that I now know the definition of irony: a few weeks ago, when I was using Ghost on my server machine to move the system partition from an old to a new disk, I needed a floppy disk.  The only floppy disk I could find in the whole house was one I stole out of a motherboard box from the garage... you guessed it, the ASUS A7N8X-E Deluxe box, and it was the VIA SATA driver disk. 

Once I got the system installed, I noticed something.  It was really loud.  It was clear that the problem was not the CPU fan - when I used the "FanMate 2" to turn the speed down, it was pretty quiet.  It wasn't the video card.  It wasn't the hard drive, that was always quiet.  It was the power supply.  This thing came with a "pre-installed 'Silent' 350W PSU" from Ahanix.  Except it was far from Silent.  I figured I had better solve this before installing it.  I read some stuff on the web, decided that I wanted some PSU that had a 120 mm fan, and headed to Fry's.  The good news is that the PSU ATX standard is really a standard, and I could use any PSU in the case.

At Fry's, I encountered the least helpful employee ever, hanging around the PSU aisle.  He asked if he could help me, sure, I'm looking for a quiet power supply. "Uh I don't think there are any quiet ones.  I have one that's supposedly silent and it's pretty loud. Of course the CPU is pretty loud too".   I suggested he might want to look into the Zalman silent CPU coolers they sell, he apparently had never heard of them, despite working in the computer department.  With him properly dispatched to going back to re-stocking ethernet cables in the wrong bins, I started searching through the power supplies.  Man, these things are annoying.  The boxes have almost no information on them, aside from the purported wattage and what color the LEDs behind the fans are (usually blue).  I was standing there looking up "brand names" which did not seem like real brand names into google on my Pocket PC Phone.  I finally found one that seemed to have a 120 mm fan, and had a reputable review on silentpcreview.com: the Seasonic Super Tornado 300W.  The trick on these is that a 120 mm fan doesn't fit on the back of the case, which is where most fans are - it has to go on the side of the PSU inside.  This case has a "honeycomb" on the back - it just lets air out the entire rear of the PSU.  This actually helps because the wind is diffused, and you get no wind rush noise.  Of course, KC had a good dose of common sense when her first question was, "if it's supposed to be quiet, why is it called a Tornado?"  Looking at the web site, it looks like the Super Tornado is quieter than the Super Silencer.  Go figure.  One last note about buying it at Fry's... buying computer parts at that place is like playing the lottery.  I won, on this one: surprise, $10 mail in rebate.  If they actually rigorously advertised their rebates on shelves, I think they would sell a lot more of those items.  Anyway, installation of the PSU was a breeze and it really is silent (plus, the case is cooler than it was with the stock PSU).

Now, the CPU fan is the loudest thing.  No problem, with it turned down all the way, it's fairly silent.  I drilled more holes in the TV cabinet to run the VGA cable and got the thing installed over the TV.  Everything was great, and then I noticed that the hard drive seeks were very loud.  The drive is mounted in a kind of dumb way: there is a 3.5" cage screwed to the front panel of the case.  So every vibration from the drive is amplified across the entire front of the case.  I also learned that Seagate locked their SATA drives to "loud mode" aka "performance mode" - where seeks go as fast as they can, no matter the seek loudness, while the PATA drives are locked to "quiet mode".  So I will definately be taking that into account when I replace that drive with something bigger.  In the mean time, I read a review on silentpcreview of an interesting little drive mount that uses rubber bands to hold the drive to a 5 1/4" tray, which fits in the unused 5 1/4" mount under the DVD.  It should be arriving today and we'll have to see how motivated I am to take the thing down and install it.  I think probably pretty motivated, based on how annoyed I was at the seek noise when I was recording two things at once last night.

HELLOMOTO

Today, our second Exchange ActiveSync licensee announced their upcoming device with direct Exchange Server connectivity: Motorola and their upcoming A780.  Of course Motorola has several Windows Mobile devices (the now-shipping MPX 220 and upcoming MPx) which, like all Windows Mobile devices, can also connect directly to Exchange Server, but the A780 is remarkable because it is using a Motorola-customized OS and will have the ActiveSync capability.

Treo 650 and Exchange ActiveSync

I am sorely overdue in posting, and I apologize about that.  I will hide behind the sorry excuse that the vast majority of what I do nowadays is work on an upcoming release of Exchange that we aren't talking about yet, so I feel like I can't blog all that much about my current work.  But last week we had an exciting piece of news hit the world: we have licensed the Exchange ActiveSync protocol to palmOne and the new Treo 650 phone includes it in its VersaMail application.  This means that every Treo 650 phone, out of the box with no extra software, can be configured to sync email and calendar directly from an Exchange 2003 server.  This is super cool! 

You can read a lot more about this feature on the palmOne web site: http://www.palmone.com/us/products/smartphones/treo650/activesync.epl

This announcement was made at CTIA Wireless last week, and there were a whole slough of other Windows Mobile device announcements as well, including several carriers announcing they will be carrying the "Blue Angel" device in the US.  This is a great device because it combines the full screen size of the current XDA/MDA/ T-Mobile Pocket PC Phone Edition with a keyboard that slides open when you need to use it. 

The RFC 2821 "Covenant"

In a recent comment, Mark Hicks asks:

Is there a way to accept a message for an invlaid recipient and then delete it without generating an NDR to the (usually fake) sender? I still want to generate an NDR for my internal users when mail cannot be delivered to an external recipient. -Thanks.

No, Mark, Exchange doesn't have that built in. And while as a mail administrator, in certain circumstances, I can see why you might want to do that, in general that would be a feature that would let people “shoot themselves in the foot”.  The reason is that this would break a fundamental rule in the way that Internet mail works.  Quoting from RFC 2821, Section 3.7 - Relaying:

If an SMTP server has accepted the task of relaying the mail and
later finds that the destination is incorrect or that the mail cannot
be delivered for some other reason, then it MUST construct an
"undeliverable mail" notification message and send it to the
originator of the undeliverable mail (as indicated by the reverse-
path).

Put a lot more simply: imagine your grandma was sending you a mail.  Instead of markhicks@hostname.com, she accidentally typed markhixks@hostname.com.  It gets to the right host, and with your request, that mail would just disappear.  RFC 2821 requires that your grandma get an error message telling her that her mail didn't get through. Either your server, or the machine that was trying to submit the message to you, needs to create that error notification.  Now, whether or not the error message is formatted so bizarrely such that your grandma has a hope in understanding that reason is another thing... but at least she's going to call you and ask you why you're refusing her mail!

Incidentally, the next line of that RFC is interesting for Exchange 5.5 aficionados:

Formats specified for non-delivery reports by other standards
(see, for example, [24, 25]) SHOULD be used if possible.

For reference, [24] is RFC 1891 and [25] is RFC 1894.  When Exchange 5.5 was the most prevalent version of Exchange out there, we got a fair amount of heat for the fact that Exchange 5.5 does not generate RFC 1894-compliant non-delivery reports, although it does support RFC 1891.  I won't debate whether or not that was the right thing to do, but I will point out that SHOULD in there.  Of course, we did support RFC 1894 reports fully starting in Windows 2000 SMTP / Exchange 2000, so we're all good now.  And, finally, I am proud of the fact that Exchange users who use Outlook or Outlook Web Access don't have to see the potentially-confusing format of RFC 1894 notifications, we have a nice readable non-delivery report error form, which in Outlook includes a “send again” button, which is mighty handy.

Blogging from TechEd: Exchange SP1 and IMF released

I'm sure you've read it elsewhere, but here's one more link.  It was hard to sit on this as people were commenting their lament over not being able to get IMF, but trust me, it's worth the wait.  You can find both SP1 and IMF linked off of http://www.microsoft.com/exchange, and here's the IMF directly: http://www.microsoft.com/exchange/downloads/2003/imf/default.asp.

Elsewhere at TechEd, the weather in San Diego makes the mood good.  The convention center is huge and thus makes the crowds seem not so big, because there is a lot of room for people to spread out.  We have a new concept this year called “cabanas” and it gives people a place to drop in, hang out, meet experts, and talk about their favorite topic (in the case of Cabana 10, it's Exchange!).  They're encouraging speakers to spend all of their free time there, so you can always find 5 or 10 Exchange product group team members there.  Drop by, I'll be there most of the day Tuesday and Wednesday (except during Dave Thompson's keynote on Tuesday morning, where they'll formally announce IMF release).

Exchange Development at TechEd

What have I been spending my time on this week?  Polishing my presentation on Exchange Development!  I'm presenting a MSG330:Exchange Development at TechEd San Diego this year, 5:30 pm Wednesday, room 32AB for those of you who are attending.  Many of you have no doubt seen Mindy Martin give a presentation with the same name in years past.  While I did start with her presentation and demos, I promise you that you will see new content and new demos!  (well, if the demos work, but isn't that always the case?)  If you have any areas you want to make sure I cover, now is the time to comment here or send me mail.  There may be time to squeeze a slide or two in if I wasn't already planning to talk about it. 

And, here's a chance to plug your favorite Exchange development-related web site.  I have a few slides of links at the end and I am always looking for more gems to reference.  Help your fellow Exchange developers by listing great sites and I'll put them in the deck. (and we'll make sure they're linked off of the Exchange web sites too)

IMF settings

Several people have commented or emailed me asking me for my IMF settings, since I mentioned that I am using the IMF on my personal mail server.  There are basically three settings for IMF:

1. The Spam Confidence Level threshold for acting at the gateway, as part of the SMTP conversation
2. What to do if you act on the message at the gateway (reject, accept and archive, or accept and delete)
3. The Spam Confidence Level threshold for putting messages into a user's Junk Mail folder

If you have acquired IMF, hopefully you looked at the documentation, which tells you about the performance counters that you can use to look at how many messages the IMF has classified into each bucket.  The best way to determine what your threshold should be is to run the IMF on your normal mail load and look at how many messages fall into each bucket (1-9).  9 is the messages most likely to be spam, 1 is the messages least likely to be spam.

Now, on to actually answering the question: I run 8 as the threshold to reject at the gateway, and 4 as the threshold to put messages into the Junk Mail folder.  I have noticed a few false positives at this level, but for me it's acceptable and I look at the junk mail folder periodically.  I get about 50 messages in my junk mail folder per day, with an average of 0.25 false positive per day.  I get an average of 2 false negative (spam that makes it into my inbox) per day.  This is vastly superior to what I was getting with Spamassassin before I switched my mail to Exchange 2003 several months ago.  I run 4 as the junk mail folder threshold because I really get very little important mail to this domain, so I would rather err on the side of putting things into the junk mail folder.

Note: other spam marking software may use different criteria to set the SCL, so these numbers are only valid for the Microsoft IMF.

ResolveP2, RerouteViaStore, and its equivalent in Exchange 2003

Recently I have encounted a number of people who asked what the ResolveP2 reg key in Exchange 5.5 was meant for, and how to emulate it in Exchange 2003.

--

ResolveP2 in Exchange 5.5

ResolveP2 tells the Exchange server “when the server is storing MIME content, and needs to convert it to MAPI properties, does it try to resolve the SMTP addresses in the RFC 822 fields and turn them into Exchange Distinguished Names (DN)?“  And, you can specify the exact fields that it will resolve because the regkey is a bitfield.

Here's the situation where you'd want to enable and disable this:

Enable: Imagine you have an Exchange user who sends mail to an Internet listserv, and the listserv has other Exchange users as members. When that user sends to the listserv, the mail comes in From: this internal user via SMTP.  If you want your internal users to see this mail and be able to double-click on the sender and see the normal Exchange properties of this user, then you must be sure to set the ResolveP2 key to resolve From:. (which is “ADDRESS_CONVERT_SENDER“, so you add “1“ to the value).

Disable: Imagine that you have someone on the Internet sending mail in to your users, pretending to be the CEO of the company.  They spoof their From: address to be the CEO's SMTP address.  The mail comes in and when the user double clicks on the From: field in Outlook, they see the CEO's details just as though it really came from the CEO.  In this case, you would want to set ResolveP2 so that the From: field was not resolved.  When it's not resolved, then when they double click on the sender, they will see this three-line dialog that shows the display name, address type, and SMTP address. Outlook 2002 and 2003 do even better because they show this distinction on the From: field without needing to double-click: the name will show up like Bob CEO [bob@company.com], whereas real mail from Bob shows up as “Bob CEO“.

So as you can imagine, different situations will require different settings.  In Exchange 4.0, the setting was to resolve all fields by default.  For some reason (I do not know the reason exactly), they changed the default in Exchange 5.5 so that no fields were resolved.  We found that there were a large number of PSS calls from people who needed to turn on resolution in 5.5.  It has occurred to me writing this that the reason is that the KB articles around ResolveP2 are really confusing.  I am engaging the right people to get that fixed.

Exchange 2000

In Exchange 2000 SP1, we come up with a similar solution.  However it was missing something: ReRouteViaStore.

Adding RerouteViaStore

The above all works great for messages that come in via SMTP and are either locally delivered to a user or goes out via RPC or X.400 via the MTA, because in those cases, the message is saved to the Exchange store and the MIME -> MAPI translation takes place.  But if the message comes in via SMTP and goes straight back out via SMTP,  then the MIME -> MAPI conversion that I described above would never occur.  The solution in Exchange 5.5 was a regkey called RerouteViaStore. 

The combination of ResolveP2 + RerouteViaStore helps in the situation where you have two mail systems: company.com and unix.company.com. company.com is the Exchange 5.5 system and accepts all of the mail from the Internet. The users on unix.company.com funnel their mail out through the Exchange system.

Their From: might be From: user@unix.company.com, but you don't want to expose that address on the Internet. So you have a user or contact in the AD for each user on the unix.company.com system, with a secondary address of "smtp:user@unix.company.com" and a primary address of "SMTP:user@company.com". If the mail came in and went out via SMTP, address rewrite will cause the Exchange 5.5 machine to look up the address in the From: (and Reply-To) to find a proxy that matches, and rewrite the address with the primary address on that user or contact. This is also described in a KB article.

Exchange 2003

Exchange 2000 was lacking the RerouteViaStore capability.  The only solution in Exchange 2000 was to write a custom transport event sink that modified the headers, which can be tough work to get right.  In Exchange 2003, the transport team added RerouteViaStore capability.  The way you turn it on is via a special utility that has recently been published to the web called Address Rewrite Config (click to download).  Remember that this utility only works with Exchange 2003.  What it does is to force messages that come in on an SMTP VS to be committed to the store, so that the MIME -> MAPI translation takes place, which is exactly what RerouteViaStore did. Like RewriteViaStore, this can cause a performance degradation, but depending on your message load, it may not be a big deal.  You can imagine the difference between storing the message, untouched, as a MIME stream as a file in the queue directory on disk and then just reading that and sending it out, versus saving to the Exchange store, having it be converted to MAPI properties and then reading it back out of the store, which causes a conversion back from MAPI to MIME.

Sharing a domain between two Exchange orgs

Luke asks:

I am in the process of migrating from Exchange 5.5 to Exchange 2003 for a company that has multiple small (less than 5 users) branch offices.

They want to migrate slowly, so here's my dilemma: The current Exchange 5.5 will still be active for a while. I'm using the Exchange Migration Wizard in Exchange 2003 to migrate the mailbox data over.

All incoming mail needs to be split between the two servers, as the new Exchange 2003 server will be gradually hosting more & more of the users.

Can you point me in the right direction where I can learn to write an SMTP event sink to route some recipients to one server, & others to the other? Thanks!

I can't join the Exchange 2003 server to the same Exchange 5.5 site, as it's in a different domain.

Luke, first a question and an assumption.  When you say that the Exchange 2003 and Exchange 5.5 servers are in different domains, do you really mean that they're in different AD Forests?  That you haven't done anything to join the two together, that you just want to start fresh with a new AD that just has the Exchange 2003 server in it?  I'm assuming so.  There's no need to write any code to do what you want to do.  What you want to do is exactly the same as sharing an SMTP domain between two totally separate Exchange orgs.  What you need to do is to make one the “hub” for the domain, where all inbound mail comes in to, and it forwards other mail to the other system.  And good news, there's a KB article that tells you how to do it:

XADM: How to Set Up Centralized SMTP Domain Sharing in Exchange 2000 Server for Independent Organizations