Windows 7 RC Blamed for Internet Slow Downs

Posted by Ken Thompson in Journal on May 7, 2009

iTnews Australia has reported that there have been slow-downs for Australian internet users as a result of the Windows 7 RC release. There has been a 50% spike in traffic from the Akamai server farm which is believe to host the files for download; as they host and deliver (amongst many other things) Windows Updates. It’s really great to see such a positive take up of Windows 7 RC, obviously they have made a fantastic product but their marketting efforts are obviously really hitting home. From the reaction of the general public, hopefully we will see a large take up of Windows 7 and related technologies and won’t be dealing with any laggards or haters stilling clinching on to their Windows XP machines after a couple of years.

But then again, maybe that increase in traffic from Akamai was just me furiously downloading updates on our freshly setup WSUS servers…we definitely got throttled because of that, Internode data blocks to the rescue though!

No Comments

Microsoft Exchange 2003 SMTP Relay to Smart Hosts

Posted by Ken Thompson in Brain Busters, I.T. Certification, Projects, The PCs That Kevin Built on May 6, 2009

Sitting behind a dynamic IP means that your going to get blocked by a lot of SMTP servers if you send directly from that IP address. Most ISPs allow their SMTP servers to be used as relay Smart Hosts; so when you send an email out to the internet it will relay to your ISPs SMTP server and then send from there…from that IP address.

Its a pretty simple thing to set up in Exchange System Manager:

  1. In Connectors, right-click on Internet Mail SMTP Connector and choose Properties.
  2. Change the radio buttons to: Forward all mail through this connector to the following smart hosts
  3. Enter your ISPs SMTP server in here, if you have the IP be sure to enter it within square brackets, below is the address for iiNet in Australia.

exchange_smarthost2

  1. All SMTP servers these days require authentication to send outbound through them, so select the Advanced tab.
  2. Then click Outbound Security
  3. Choose Basic authentication
  4. Click Modify
  5. Enter your ISP user name and password and click OKexchange_smarthost

The Exchange server is now setup to relay outbound mail through your ISP, so that should see all your mail successfully arrive at it’s destination 100% of the time. But be sure to test it out and check that your ISP allows the use of a Smart Host.

For inbound email I have also now added a 2nd MX record for my domains which points to my web server (which is how I used to have email set up), which means I will have another layer of redundancy for inbound emails, should I lose my ISP connection for the server or it crashes etc.

Now time to kick back and wait for the emails to flood in, though not SPAM anymore!

No Comments

Microsoft Exchange 2003 Spam Protection

Posted by Ken Thompson in Brain Busters, I.T. Certification, Projects, The PCs That Kevin Built on May 6, 2009

So now that I have Exchange all hooked up and chugging away, I still had a few issues to sort out before I could (In Demtel’s Words) “Set it and Forget It!”. Namely, now that my domain’s MX records pointed straight to my server, there was no SPAM protection (when hosted on my web server, I had SPAM Assassin). On another SPAM related issue, because I am behind a dynamic IP, a lot of SPAM black lists block these ranges so I was getting a few bounce backs as a result of that… so I need to enable the exact same filtering that is blocking my outgoing emails currently!

So firstly, I setup my Exchange server to cross reference emails against a publicly available SPAM black list, SpamHaus. You do this via adding a connection filtering rule in message delivery properties (in the Exchange System Manager snap-in):

  1. Under Global Settings, right-click Message Delivery and select Properties
  2. Select the Connection Filtering tab
  3. Click Add
  4. Enter zen.spamhaus.org as the DNS Suffix of Provider and Display Name
  5. Clock Ok

exchange_spam

Next you have to manually enable filtering with this rule on your SMTP Virtual Server. To do this:

  1. Under Servers > *Server Name* > Protocols > SMTP, right-click your SMTP server and select Properties
  2. Click Advanced next to IP Address
  3. Click Edit
  4. Tick all the Check Boxes in this window and choose OK

exchange_spam2

 

So now that has blocked dynamic IP ranges and publicly known SPAM servers / address ranges for sending you email, too easy! As I don’t have that many address on my domains, this and some basic SCL filtering is thus far proving to be very effective at blocking SPAM. Obviously on an enterprise level you will need some 3rd party SPAM / Virus software on top of this basic SPAM protection available in Exchange.

2 Comments

Exchange 2003 – All Systems Go

Posted by Ken Thompson in I.T. Certification, Journal, Projects, The PCs That Kevin Built on May 4, 2009

ms-exchange-2003

Well it has been a few weeks now since I got my server going and I had yet to get Exchange fully functional. I had only got as far as installing it and having all the services running, but hadn’t hooked it up to my websites or started using it rather than my web server’s POP3 email accounts.

I have started studying for my 70-284 (Implementing and Managing Microsoft Exchange Server 2003), so that inspired me to get everything going; especially as it’s exactly what I am learning about right now. I have actually decided that I will sit this exam next as I am finding it very interest (and a little easy!) and it will break up the studies a bit. I want to do the exam within the next 2 weeks as I really need to get some of these exams out of the way and get back on my certification war path.

I really didn’t have that much to do, and I’m pleased to say everything went exactly to plan and I had everything hooked up and working in no time at all; a pleasant surprise to the norm. So I changed my domain’s MX records to point to my FQDN address, which is a dynamic forwarder (as I have a dynamic IP from my ISP, the router updates this FQDN any time it changes). Then I setup the following port forwards to my server:

    • 80 – HTTP (already activated for other services)
    • 25 – SMTP
    • 110 – POP3
    • 443 – Outlook Web Access
    • 389 – LDAP (required for remote access user authentication)
    • 143 – IMAP4

Then I enabled and started the POP3 and IMAP services (for access on PC’s I have linked to other Domains & Exchange Accounts) and I was in business. Too easy!

I did hit one stumbling block though. I want to use one exchange account which is configured with 2 SMTP accounts for different domain names (Pixsoul and XXIV) which works perfectly for receiving email from either account. However when you send email it address it from the default SMTP account, so you can only send email from one of the accounts – no choice. I have done a lot of playing and poking around but it appears the only way to have this work is to create 2 separate user accounts in AD, linking each individual email to their accounts…I will keep searching though and post up on the success / failure of that tomorrow.

1 Comment

Fresh Aussie Hip Hop – MC Phrase

Posted by Ken Thompson in Journal on May 4, 2009

phrase-clockwork

I have been hanging out for this album since I heard Phrase’s first single Clockwork in mid 2008. I love my Aussie Hip Hop and this album has definitely raised the bar, looking forward to see what Phrase will bring in the future with a killer first album like this.

I’ll be at the corner raising my glass, and banging my head in July for sure!

No Comments

Medieval Tech Support

Posted by Ken Thompson in Journal, Work on May 3, 2009

Found this on Flixxy, a clever comedic parody of Medieval Tech Support. Flixxy also have links to some other very interesting videos, of particular interest is a crazy guy who services high voltage powerlines by crawling along them after being dropped onto them by a helicopter!

No Comments

Windows 7 – Learning Portal

Posted by Ken Thompson in I.T. Certification, Journal on May 3, 2009

GYI0051176240.JPG

Well unfortunately I missed out on getting a shot at the beta Windows 7 exam. But in reality, it’s no skin off my nose as I won’t be using or deploying until mid to late 2010 at the earliest; the only benefit of doing now was that it was free, the professional relevance was irrelevant.

Despite that I am still using Windows 7 and won’t be going back to Vista or XP (except at work, an XP environment) at all. I am still learning the ropes of the OS and came across a new resource for learning Windows 7:

http://www.microsoft.com/learning/windows-7/default.mspx

A few more bits and bobs there to look into, namely sample chapters of new Windows 7 documentation. The timing couldn’t be better either, with Windows 7 RC1 being officially released on the 5th of May. But I expect all you fellow Windows 7 geeks to already have the leaked version! I’m yet to install mine, but definitely looking forward to the Windows XP inbuilt VM; I will post more on this when I use it a little bit.

No Comments

Growing Pains

Posted by Ken Thompson in Journal, Work on April 26, 2009

We have been having an odd issue on our Citrix servers at work since we upgraded them from Windows Server 2000 to Windows Server 2003 in late February. You can’t open MS Access files by double clicking on them, it just does nothing. All the file associations are correct, as are permissions, it’s just a strange occurrence. It hasn’t been high on the priority list to do as users can still open the files from within MS Access using File > Open and navigating to the file from within Access. To be honest, I had completely forgotten about the issue as we had not put in place our ticketting system until recently; I only got it fully setup and functioning last week.

I fixed them up today, we have about 50-60 of our employees using both of these servers at work so it’s impossible to do serious work on them (involving reboots; or risking it) during business hours. Fortunately I can do the work remotely in the comfort of my own home, all rugged up (it’s getting wintery in Melbourne). So fixing the problem didn’t end up being overly difficult, I did a full uninstall of Microsoft Office on our servers (We have 2 in our Citrix “farm”), rebooted them, re-installed Microsoft Office 2003, applied all the updates and rebooted again. I tested both servers and everything looked to be functioning correctly under several different test and live user logins.

During all of the testing I noticed that the scripts for some users were running of a domain controller at another of our sites…not the 2 domain controllers which are at the same site as the Citrix Servers. It wasn’t a big issue, logins functioned, but were just slower than usual as they would travel on a 2MBPS VPN link to the other site (about 10km away), authorize and pull the scripts back down to the Citrix box when a user logged on. When they should have been using 1 of the 2 DC’s in the same room, connected to the same 1GBPS switch! The problem was that Active Directory Sites and Services was incorrectly setup; the DC at the other site was sitting in the main office’s Site OU, not it’s own. So I moved it over, checked that the correct subnets were assigned to the appropriate sites (which they were) and viola; when logging in to Citrix it would now do it faster and use one of the 2 DC’s in the same server room.

Which leads me to the point of my post; our work has grown (and continues to) very rapidly and our IT infrastructure structure and systems were not designed adequately to cope with this. It’s not that anything there is drastically wrong, we have around 150 users who are all working happily away and the systems are performing well enough. But the systems were never designed for much expansion, they were designed to cater for the problems at the time, quick fixes. As such, we have a lot of ad-hoc solutions to problems that have sprung up along the way. It’s like a kid’s tree house with little odd rooms tacked on all over the place!

But quite frankly, I love it! Of course, everything needs to be fixed, a lot of it completely re-designed and implemented from scratch. But it is a great experience for me starting out in IT, I am learning so much every day and putting in place everything I am learning in my Microsoft Certifications. Obviously the aim is to get everything working as smooth and efficient as possible, but it does make me think that if it was all running as smoothly as I plan to have it, work would be very boring.

No Comments

Pixsoulating The World

Posted by Ken Thompson in Design on April 26, 2009

avatar_inv_steam

Now that all my computers are functioning, one of the next things on my list was to step up my own personal brand; Pixsoul. I’ve never had a consistent brand that I applied to everything I do such as websites, profiles, avatars etc. and it was about time I got organised and did it. I already had a logo, I just needed to create a loose style guide which I would apply to anywhere on the Internet that I had information about myself; ultimately so people know that what they are looking at is mine.

I’ve just applied the above logo (which is new!) as well as my main logo and some loose style guides to the following:

  • Favicon
  • Instant Messaging Avatars
  • Gaming Avatars
  • Email Signature
  • Online Profile Avatars

Now for some updates to the blog, I haven’t finished fleshing out the Design page and I want to add in a Photography gallery also with my favourite shots. Hopefully I can integrate this with some kind of gallery plugin, as I also need to upload the pictures and story of the ever eventful computer builds.

The new logo reminds me…I was supposed to book a driving lesson in this weekend, but I was too busy at work and kept forgetting; 24 and still without a license. It’s definitely on the agenda to get ASAP this year though, if nothing else it is becoming essential for work.

3 Comments

Why are the best ISPs based in SA/WA?

Posted by Ken Thompson in Journal on April 24, 2009

I was just having a look around at ISP’s as I do every few weeks thinking that someone might have magically changed their quota’s to a bazillion gigabytes, thus tempting me away from my current provider.

It got me thinking though; all the providers I check, which I consider to be the best ISP’s in Australia, are all based in WA / SA.

  • Westnet
  • ADAM
  • iiNet
  • Internode

Which makes me wonder why…why are all the best ISP’s based in some of the lowest populated areas in Australia? Why have we not seen similar success from companies based in VIC / NSW?

Maybe they get more grants over there, or have less competition from the big guys. Or maybe it is one of those “necessity is the mother of invention” deals, where the big guys just aren’t offering adequate service in those states / areas , thus paving the way for small providers to capture a broad range of the market.

Anyway, I would be interested in hearing peoples thoughts, opinions…facts!

No Comments