Winmail.dat Received by Non-Exchange Mail Server Without Attachment Included from Exchange 2007 Server

August 7, 2008

Situation: Exchange 2007 has a contact (not a mailbox) within the GAL that end-user use to email instead of using the actual non-exchange email address. The non-exchange (network solutions) user does not get attachment sent (Word, Excel, etc.), but does get a winmail.dat file attached.

Fix: Launch Exchange Management Console, goto Recipient Configuration/Mail Contact container, open up contact you’re having the issue with, on the ‘general’ tab change the ‘Use MAPI rich text format’ drop-down to ‘Never’ and test.

Advertisements

Barcodes from Online Documents Don’t Print

September 12, 2007

Dynamically generated documents printed online may not print correctly if the settings for your printer print graphics in “Vector” format instead of “Raster” format.  Examples of this include airline boarding passes and shipping labels printed online.  To check and correct this setting, go to the Advanced tab in the printing preferences for your printer.  Sorry I cant put up step-by-step instructions as they very for each printer.  The only printer I’ve confirmed this on so far is an HP 1160.


How to Use Netgear Wireless Routers as an AP

September 5, 2007

Netgear wireless routers can be used as an AP using the following supported method from Netgear:

http://kbserver.netgear.com/kb_web_files/n101496.asp


Tips for browsing the web on your smartphone

August 28, 2007

http://www.informationweek.com/story/showArticle.jhtml?articleID=201204229&cid=RSSfeed_IWK_News


Better Business Bureau Fraud Emails (microsoft.dll / microsoft.exe)

August 28, 2007

There is a phishing attempt circulating that sends emails claiming to be from the Better Business Bureau.  The subject line is: “BBB Complaint for {Recipient Name} [Case id: #7dcd4491d93a6cd1f1ac30ad32b4d18d]”  The email that I’ve seen came from: “25153F@bbb.com” although I’m sure there are many.  The email body looks like this:

=================================================

Dear Mr./Mrs. {Recipient Name} ({Company Name})

You have received a complaint in regards to your business services. Use the link below to view the complaint details:

CLICK HERE TO DOWNLOAD AND VIEW DOCUMENTS FOR CASE #B48944

Complaint Case Number: B48944
Complaint Made by Consumer Mrs. Marcia E. Worthington
Complaint Registered Against: {Recipient Name} of {Company Name}

Date: 05/14/2007

Instructions on how to resolve this complaint as well as a copy of the original complaint can be obtained using the link below:

CLICK HERE TO DOWNLOAD AND VIEW DOCUMENTS FOR CASE #B48944

Disputes involving consumer products and/or services may be arbitrated. Unless they directly relate to the contract that is the basis of this dispute, the following claims will be considered for arbitration only if all parties agree in writing that the arbitrator may consider them:

• Claims based on product liability;
• Claims for personal injuries;
• Claims that have been resolved by a previous court action, arbitration, or written agreement between the parties.

The decision as to whether your dispute or any part of it can be arbitrated rests solely with the BBB.

The BBB offers its members a binding arbitration service for disputes involving marketplace transactions. Arbitration is a convenient, civilized way to settle disputes quickly and fairly, without the costs associated with other legal options.

© 2007 Council of Better Business Bureaus, Inc. All Rights Reserved.

=================================================

I apologize for not being able to provide the actual message header, the email message was deleted by the client. This email contains the following link, under the title: “CLICK HERE TO DOWNLOAD AND VIEW DOCUMENTS FOR CASE #B48944”

http://document-repository.com/redirect.htm?209696923c59b2a19753c85920ddbbb6=435509f28a129b997621ee35cf93402a&63cdd5074896eab1c730678c5c801d31=9e290c3ad8ccbce688f33cdd6073d0fe

This link directs the user to a webpage containing the BBB logo and a single hyperlink:

http://document-repository.com/Complaint_Details_363619942.doc.exe

Upon clicking on the link on this page, a file called “Complaint_Details_363619942.doc.exe” is executed and the following actions are performed:

Files Created:

C:\microsoft.exe (Virus!  For more details, click here)
C:\microsoft.dll

Registry Entries Created:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run: [Win32KernelStart] “C:\microsoft.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce: [Win32KernelStart] “C:\microsoft.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices: [Win32KernelStart] “C:\microsoft.exe”

Registry Keys Changed:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\Utility Manager\Magnifier\Application Path\ Changed “magnify.exe” to “C:\Microsoft.exe”

The files mentioned above can be removed by first deleting Microsoft.dll then Microsoft.exe using a program called Killbox. The registry keys can be deleted manually, but the last one mentioned above must be changed back to its original value of “magnify.exe.


Exchange 2007 Certificate Issues – Avoid them the easy way.

August 27, 2007

In most pre-Exchange 2007 organizations that were using OWA, a third-party cert for the public FQDN of your mail server was all you needed.  In Exchange 2007, things changed a bit and certificates play a much larger role in the organization.  One of the lingering issues I’ve seen was a certificate error internally saying that the certificate name did not match the name of the server.  This was because the certificate was a third-party issued cert using the public FQDN of the server and not the internal hostname of the server.  To avoid running into this issue any longer, I followed another article I found online and simply created a new forward lookup zone in the internal DNS for the public domain name of our organization (i.e. kazmarek.com).  In that forward lookup zone I created the host (A) record for the mail server and pointed it to the internal IP.  Next, following the article (see link below) I changed the links in Exchange 2007 so that they would reference the public FQDN even when working internally.  What this does is effectively use the same public FQDN for all transactions with the Exchange 2007 server so it will match your existing third-party cert.

http://forums.msexchange.org/m_1800444783/mpage_1/key_/tm.htm#1800444783
(Search down to the section that reads: “Next we need to change the URLs used autodiscover”)


E2K3 Public folder management – SSL certificate server name is incorrect error

August 24, 2007

Credit: http://mostlyexchange.blogspot.com/2006/11/e2k3-public-folder-management-ssl.html

I ran in to a problem where I was trying to remove a public folder store from a front-end server. The SSL certificate on the front-end server is wrong (wrong FQDN/CN, unknown CA, and it is expired). I could not manage the public folder hierarchy using Exchange System Manager.

Depending on what I was trying to do, I got this error:

The SSL certificate server name is incorrect.
ID no: c103b404 Exchange System Manager

I also saw this error:
The token supplied to the function is invalid
ID no 80090308

Lots of newsgroup and web discussion forms pointed to this KB article indicating that the problem might be related to SSL being required on the /ExAdmin virtual directory. “You receive an SSL Certificate error message when you view public folders in Exchange System Manager” http://support.microsoft.com/kb/324345 I checked that and it was NOT the case.

Finally found some instructions in a newsgroup that worked. This requires ADSIEDIT and a little bit of Exchange configuration editing.
Run ADSIEDIT  ( DOWNLOAD HERE: http://www.computerperformance.co.uk/w2k3/utilities/adsi_edit.htm )

Navigate to the following object: CN=Configuration, then CN=Services, CN=Microsoft Exchange, CN=, CN=Administrative Groups, CN=First Administrative Group, CN=Servers, CN=Protocols, CN=HTTP, CN=1, CN=Exadmin
Display the properties of the CN=Exadmin object
Locate the msExchSecureBindings attribute, highlight it and click Edit button
If it has a value of :443:, select that value in the Values list, click Remove.
Click OK twice and then close ADSIEDIT
Give this a few minutes to replicate through Active Directory and try it again!