August 2004 - Posts
Ouch. I was up until 3:30am last night because I noticed my Exchange 2003 server was sending a ton of messages. I noticed this because I was trying to diagnose another, unrelated, problem and happened to look in the outbound Queue in Exchange System Manager. My SMTP connector showed several hundred queued outgoing messages. Given that I have about 6 users on my Exchange server and none of them send more than 2 or 3 messages a day...
I panicked. How could my SMTP server be acting as a relay for spam? It was totally locked down:
- It only allowed anonymous connections.
- Only one PC on my LAN could relay through it (my home automation server).
- I do not have "Allow all computers which successfully authenticat to relay, regardless of the list above" checked.
- I have security auditing on and SMTP diagnostics logging on.
- I am careful to ensure that all accounts (domain and local machine) have strong passwords and Guest is disabled everywhere.
What I saw was hundreds of messages in the Find Message functionality in the Queues thing in ESM with a sender address of postmaster@kindel.com. The recipients were the typical "recpients" of spam. Unfortunately the Find Message functionality does not allow you to view the contents of the outgoing message; if it had, I would not have been up until 3:30am and would not have spent 3 additional hours today trying to figure this out.
When I looked at my SMTP logs, I saw that someone was sending these messages through my SMTP service, but the logs had blank entries for the IP address! This freaked me out, because I thought that the only way that could have happened was for some agent to be on my server! I ran anti-virus checks, SpyBot Search And Destroy, and looked for obvious rogue processes. Nothing.
I had several guys from the Exchange team look at my settings. They assured me that my SMTP server was configured correctly.
We ran Network Monitor (netmon) to see what the actually SMTP traffic looked like. This provided the clue that finally gave us the answer: the recipients I was seeing in the messages queued to go out matched the senders of spam that was incoming to my system. For those incomming messages the recipients were bogus aliases on my domain (e.g. fred@kindel.com).
All those queued messages were NDR (Non Delivery Report) messages; basically saying "hey, this user (fred@kindel.com) doesn't exist. They weren't outgoing spam at all!
So, my system hasn't been compromised, but I don't like the fact that I'm generating thousands of emails a day! My ISP might think I am a spammer.
To fix this I enabled "Filter recipients who are not in the Directory" in the Recipient Filtering tab of the Message Delivery object (under Global Settings in ESM).
This causes Exchange to reject any incomming message that is destined for an unknown user.
The only downside of this is that I can see is that messages where people accidentially spell a real alias incorrectly (e.g. chalrie@kindel.com) will not get a NDR. Small price to pay I think.
I've also now installed Exchange 2003 SP1 and the Intelligent Message Filter which will reduce the amount of spam I get, which is tons.
Yankee Group says 86% of midsize and smaller companies use Small Business Server.
Microsoft's Small Business Server is a remarkable hit, said a research firm Monday as it released the results of a survey that claimed an astounding 86% of small and midsize businesses either use the server bundle or are planning to deploy it.
"Who knew this was going to be such as huge hit?" says Laura DiDio, the Yankee Group senior analyst who conducted the survey of some 500 small and midsize businesses, as well as resellers and consultants.
I work closely with the guys who build SBS. They deserve to be damn proud of their accomplishment with SBS 2003. It is a marvel of integration, refinement, and focus on customer problems.
While I was up in the mountains of Colorado with my Bisque friends, I asked them what they were using for their company's infrastructure these days. They had recently had a VAR setup SBS 2003 for them and they loved it!
A post on the Windows Off Topic mailing list today on multi-monitor reminded me of the fun we had debugging Windows 3.0 applications.
In the early DOS and Windows days (I did this with Windows/386 and up) you could have both a EGA, CGA, or VGA adapter and a Hercules monochrome adapter in your system. The CodeView debugger could be configured to run on the monochrome monitor freeing the Windows GUI from the debugger. You could also re-direct OutputDebugString() output to spew on the monochrome monitor. It was the only way to fly in those days!
Multi-monitor rocks today. And you don't even have to have 2 monitors connected to your PC to use it. See this blog entry from earlier this year for details on MaxiVista...
When I married my wife Julie I inherited some close family friends of hers: the Bisque family. A big family with so many names that I'll just focus on the 4 brothers who I have deep respect for: Steve, Tom, Dan, and Matt.
In 1991 when I first met the guys at Software Bisque, they had two products: A DOS based astronomy packaged called The_Sky and some funky financial modelling package they had built for my father-in-law. The_Sky was the cool thing. It had an amazing graphics engine that could display a real-time view of the universe above using real data. You could click on any object (star, planet, whatever) and get more information. You could change the perspective, zoom in/out, etc... I'm not really into astronomy, but I loved playing with it.
At the time I was a developer support engineer for the Windows SDK and I gave the Bisque brothers a copy of the Windows 3.0 SDK. About 4 weeks later Dan called me to tell me they had ported The_Sky to Windows!
Recently SoftwareBisque released TheSky Six, the 6th version of TheSky (along the way they lost the space in SoftwareBisque and the underscore in The_Sky). If you have any interest in astronomy you owe it to yourself to check out TheSky (and their other products). They have a Pocket PC version as well.
Last week I was in Colorado on vacation with the Bisques. We were at a "resort" called Budges White River Resort deep in the mountains of Western Colorado. Roughly a 2 hour 4x4 drive from Eagle CO. Tom Bisque had his SoftwareBisque powered telescope up there and we did some amazing stargazing. Here's how it worked:
- I said "Tom, I'd like to see a galaxy on edge."
- Tom would say to Steve, "How about NGC4565?"
- Steve would say, "Yea, that's probably visible tonight."
- Tom would sit down at the laptop in the tent, and using TheSky would right-click on the object labelled NGC4565 and choose the command to tell the telescope to slew to it.
- The un-believably cool, red-anodized-finely-machined-aluminium Paramount ME Robotic Telescope Mount would "whirr" for a few seconds like a robot on an assembly line and then stop.
- I'd look through the eyepiece, and smack dab in the center was NGC4565 in all it's glory. A galaxy a bazillion miles away, on edge, looking just like a flying saucer.
- While I watched I could hear the slight hum of the Paramount as it carefully kept the telescope pointed at NGC4565. I could have watched for an hour and it would have stayed dead center in the eyepiece!
We did this over and over with nebulae, galaxies, binary stars, star clusters, and so forth.
Tom didn't have it setup, but if he did, we could have taken CCD images of what we were looking at and viewed them right on the laptop. It would have looked like this:
Check out
this page for tons of pictures that were taken with TheSky powered telescopes.
The telescope setup Tom had up there was worth about $20,000 including the base, the Paramount ME, the CCD camera, and the laptop. Just 5-10 years ago a telescope setup with the accuracy and capabilities of this setup would have cost easily $500K to $1M.
The
innovative software that the Bisque brother's have built, on Windows, is enabling an order of magnitude more people to view deeply into the sky in amazing new ways!
One guy discovered 5 (five!) comets using their software. Universities and other institutions are using TheSky to control Paramount ME enabled telescopes remotely over the Internet! (check out
www.ibisque.com for details on SoftwareBisque's program for this). I just think that's cool, and I'm thankful that I am friends with them.
Like many enthusiasts, I tend to build my own PCs rather than purchase them from OEMs. A few times in the past I've gone the other way and bought a DELL, HP, or other brand-name PC, but in the end I always regretted it. Invariably I would crack open the case right away anyway to change something...the video card, a hard disk or two, whatever. Then I'd want to upgrade the CPU or memory only to find that the OEM did something proprietary.
So now I'm a committed build my own machine guy.
My main desktop at home is long overdue to be upgraded and I figured I'd share the formula I'm using for my new machine and blogging about how it all goes. Maybe some of you readers less experienced than I will find this useful.
My current machine happens to be one of those boxes I bought from an OEM. An HP something or other. You wouldn't know that by looking at it because it no longer has the original case (the HP case's power supply was insufficient and was of a proprietary size!). Sure, when it boots you see the HP BIOS screen, but beyond the mobo and memory there's nothing left in it original. It's a Pentium 4 2.2 GHz box (upgraded from something slower long ago), with a Radeon 9800 GPU, 1GB RAM, a Gigabit Ethernet adapter, and a single 60GB 7200 IDE HD. It has a DVD drive and a CD-R recorder in it as well. Nice machine, but dated for a cutting edge guy like myself.
In addition it is experiencing bit rot (also known as bit decay): the OS and applications are acting funny enough, and the start menu fills 5 columns with junk I don't even remember installing. Sometimes IE instances refuse to close. Visual Studio takes 2 minutes to start. You all know that the only way to fix this sort of chaos is to format the HD and re-install from scratch. It's been 2 years since I've done this on this machine, and while Windows and other software have gotten much better in this regard, that's a long time for a serious user like me to go without wiping clean. (Seriously, I remember when a wipe-and-clean was required every 4-6 months).
Lastly, my kids need their own PC now. Julie is tired of them sharing hers in the kitchen; they actually use the PC for real work now. So after I build my new machine, they will get this one (wiped-and-cleaned of course).
I *was* going to wait a bit longer to do this. There are a bunch of new hardware innovations occurring right now that will significantly change what you put in a PC. Some are real now, but still very expensive. Others are due out in 3-4 months, and others are maybe 6-8 months off. For example:
- AMD Althlon 64 processors in the 939 package. The 939 pin package is the future of AMD processors. These are out now, but are significantly more expensive than the 754 package that is predominant now (with little perf gain). 3-4 months from now these guys will be mainstream and priced respectively.
- PCI Express. PCI Express is better than AGP for video. You can buy PCI Express mobos today, but what I really want is one with multiple PCI Express slots and those are not really due in quantity until later this year.
- BTX form-factor. Most mobos and cases today adhere to the ATX or mini-ATX form factor. A new layout is coming called BTX that promises better heat and space management. But there's really nothing good out there yet.
However, I just happen to be given a brand new Epox 8KDA3+ motherboard and Athlon 64 3400+ processor. A side-effect of my job, if you will. The Epox motherboard is currently a top-ranked, highly respected nVIDIA nForce3 mobo for the socket 754 Athlon 64 processor. 2-3 months ago it would have been just about the best you could get. Never one to look a gift-horse in the mouth I decided to bite the bullet (I love mixing metaphors) and build my new desktop about 6 months ahead of schedule based around this motherboard and CPU.
I have the mobo and the processor and I've ordered everything else I need. Here's a component list with my justification for each.
- Epox 8KDA3+ mobo. It was free. I love the fact that it is based on the nVIDIA nForce3 250Gb chipset; I'm a big fan of what nVIDIA is doing with their PC chipsets. Great integration of SATA RAID, Gigabit Ethernet, HyperTransport, and the SoundStorm audio processor.
- Athlon 64 3400 754 pin CPU. It was free. However, I'd go with an Athlon 64 anyway; IMHO AMD offers the best price/performance CPUs and Intel's x64 CPUs are just showing up and are an unproven quantity. I have 3 other machines (at work) with these CPUs in them and they scream. Plus they can run the 64 bit versions of Windows XP and Server 2003 (beta).
- 2 74GB Western Digital WD740 10,000rpm Raptor hard drives. $178 (minus $20 rebate) each from newegg.com. I will set these up in RAID 1 configuration for reliability. For my desktop I prefer performance over capacity and all of my important stuff is stored on my home server (which has several TBs of storage space); 74GB is more than sufficient for my desktop.
- Liteon SHOW-832S DVD+/-RW dual layer optical drive. $82 from newegg.com. Dual layer enables 8.5GB per DVD and this drive is as fast as they get. Liteon has a reputation for quality, quiet optical drives. I can't believe it only cost $82.
- EVGA GeForce 6800 256MB AGP video card. $589 (ouch!) from newegg.com. Frankly, this was the only GeForce 6800 Ultra I could find in-stock at any of the online stores I use. I am not a fan of ATI's drivers, and while the ATI X800 is generally cheaper and only takes up one slot I prefer nVIDIA products. I also play FarCry which is better on the 6800.
- 1.5GB Corsair DDR400 memory (3 DIMMs @ 512MB each). $82 each at newegg.com. Good price/performance.
- Antec P160 aluminium case. $120.99 from newegg.com. Found this by accident, and then read up on it. I recently bought another Antec case and was very impressed, plus all the reviews were very positive. It has the right balance of features for my use.
- Ultra X-Connect 500W power supply. $129 from TigerDirect.com. This power supply has *bitchen* cable setup. Read this review at and you'll know why I wanted this PSU.
- Mitsumi USB 2.0 digital card reader w/ floppy drive. $28 from newegg.com. Combines USB 2.0 card reader with a floppy drive. Seems like a good idea. We'll see.
When the components arrive in the next few days I'll put the machine together and let you know how it goes.
I forgot to mention a key (pun intended) command that MCE Controller supports in the 1.0.3 documentation. The "key:" command allows you to simulate any alphanumeric keyboard key press. For example "key:3" is the same thing as pressing the 3 key on the keyboard. This command is implemented internally in MCE Controller rather than via the MCEControl.commands configuration file; which is why I forgot to document it.
I will update the readme file next time I release a version of MCE Controller.
More Posts