I had an issue recently where I was getting an absurd amount of draft messages into my Outlook Client. The message was one that I already had sent to a co-worker over a week ago. I had already deleted over 400 messages from my drafts to this point. I tried running the Skype for Business tool to see if it would clear the cache of temp files and hopefully stop this from happening.
No dice, I restarted my computer multiple times and the Skype for Business application itself. The problem still persisted. I then did what most people today, I complained on Twitter.
— Luigi Danakos (@NerdBlurt) May 24, 2016
I felt vindicated briefly, but the problem was still there, then having a few free minutes I went to the Googles.
That is where I found the answer! User Jordan Nolan pointed another user to the solution and right location of the culprit file!
It is not really clear as to why this happens, One thing I did observe is the user I was interacting with had just moved to Office 365, I am still on Exchange. I like the other users are in a mixed application shop meaning, I installed the latest version of Skype over an older install. There maybe some bug I am unaware of that doesn’t play nice with the different versions
This was a simple fix, and I am hoping it doesn’t happen again as it is more annoying then anything as a user to have to do this. I do not like hundreds of drafts in my draft folder and seeing that number made me cringe every-time.
Recently a customer asked us to track who sent an email, typically if this was done on an Exchange server I had a few more logs to look at, however the email was from a Gmail account. First thing I do to track an email is to check the SMTP header and verify it was sent from a specific server, which in this case (gmail.com) it appears to be. Short version of the story I don’t know of any way to track down a message but the client insisted we can so this is my story. Any tips would be greatly appreciate if I missed something.
The SMTP headers in the email only states it was sent from a Gmail server, it shows no reference that it was sent from any of the customer servers. If the message was sent from the customers server then we could see logs; the logs might show us the IP address of the device so long as it was on your network (mobile device, laptop etc…) and the time the message was sent, the user account logged in from that device but again the message headers of the email do not show any of that.
I have highlighted some parts of the message header that would be relevant.
The line below shows us that the spam filtering server, which acts as an SMTP relay received an SMTP request from a server called mail-ve0-f195.google.com at IP address 184.108.40.206 by our spam filter smtprelay.domain.com, being sent to [email protected] A simple ping confirms the name resolution from the sending server. SMTP has a very simple authentication process, basically the SMTP server of the sender issues a series of commands (which as an aside are very easy to spoof with any free SMTP service). If in fact the person who sent the message spoofed a gmail address using a different SMTP server, such as smtp.fakedomain.com, we would see that as the sending server.
Received: from mail-ve0-f195.google.com (mail-ve0-f195.google.com [220.127.116.11]) by smtprelay.domain.com with ESMTP id XXXXXXXXXXXXXXXXX for [email protected]
To show the difference, you can see in the screenshot below I sent an email to an account I use for junk mail, email@example.com from [email protected] by spoofing the gmail.com domain through a generic SMTP server. It is actually very easy to “spoof” a from email address but the sending server, to my knowledge, can NOT be spoofed.
Now the difference here, since it wasn’t really sent from Gmail, the from server is NOT google.com, it was from startdedicated.com. As we see in the SMTP header from the message we were asked to investigate, it its coming from google.com.
Received: from 127.0.0.1 (EHLO zebra732.startdedicated.com) (18.104.22.168) by mta1367.mail.gq1.yahoo.com with SMTP; Thu, 16 May 2013 06:28:56 -0700
Also, the configuration of the Exchange server is such that it will only accept SMTP connections from specific IP address. This means the person trying this would have had to manually assign an IP address from the allowed server IP addresses in order to relay SMTP commands through the Exchange server. If we assume for a moment they were able to do that, they would have then had to issue SMTP commands on the Exchange server similar to the following:
The message would then be received and appear to be from gmail.com as pictured:
However, further investigating the SMTP header as we did with the Yahoo/Gmail example we would see that it came from yourserver.domain.com
Received: from yourserver.domain.com (yourserver.domain.com [nnn.nnn.nnn.nnn]) by smtprelay.domain.com with ESMTP id for ; Thu, 16 May 2013 10:34:22 -0400 (EDT).
Again, if anyone can teach me a thing or two on this I would be very appreciative.
Now that you are not able to order SSL certificates with internal Subject Alternative Names (SANs) I had a bit of hoop jumping to go through today during an Exchange 2013 install. It was likely just as much a lack of prep-time but figured if it happend to me, it might happen to you. Hopefully this helps someone along the way.
I had an Exchagne 2013 server installed with different URLs for internal and external access, this caused problems as soon as I tried to connect exchange (which I half expected) so it was an easy fix, go through the ECP and change the internal URLs to be internal URLs. Sweet – most of my errors for SSL certs went away.
Next, in order to resolve the external FQ sub-domain name I created a zone called mail.externaldomain.com with a single a record (no name) pointing to the internal IP address. There was still one however in Outlook:
There is a problem with the proxy servers security certificate.
…more errorie stuff…
Outlook is unable to connect to the proxy server. (Error code 10)
To fix this, after several other failed attempts at various DNS trickery, I created an SRV record in my AD zone (ad.local for example)
Service: _autodiscover < < manually typed
Protocol: _tcp < < manually typed
Host offering this service: mail.externaldomain.com <
Now I was able to log in to Outlook with no errors, and connected with ActiveSync.
I didn’t know much about load balancing prior to checking out Kemp Technologies VLM100. It was an interesting journey to learn about which I will share in a later post.
The VLM100 is a virtual appliance, just like it’s physical counter part in performance but in the convenience of adding into your existing virtual infrastructure. Now VLM works with both Microsoft Hyper-V and VMware and is just as easy to install and configure on both.
Virtual LoadMaster installs and runs as a hardened, ‘Guest’ operating OS/Application on a dedicated virtual machine. It provides the same features of the LoadMaster appliance including L4 load balancing, L7 content switching, SSL Offload, Server and Application Health Checking, IP and L7 Persistence, Caching, Compression, IPS and much more. It also supports stateful Active/Hot-standby configuration between two VLMs for redundancy and high-availability. All controlled by the same intuitive, easy-to-use Web User Interface as the hardware-appliance version of the LoadMaster.
The LoadMaster Provides:
This process was fairly simple and straightforward. I added the VMDK to my Fusion install and powered on the machine. Once the vm was loaded You can see in the image below where you are asked for a username and then password
After logging in you are quickly prompted for your license key. You are giving an access code which Kemp Technologies uses to generate your specific key. Each license is tied to the host that the machine is installed on and the key would be different on multiple machines.
The following screens from here are pretty simple and easy to follow and is referred to as the Quick Setup. In this process you will be asked for-
After the values are entered I suggest rebooting the system. You can then access the web interface from any computer with-in your network. I as you can see from my images I tested that the web interface works on an iPad.
As you can see it is pretty simple to read and understand what you are looking at. One thing I have enjoyed during this was how simple it was.
Now you can also modify the system configuration with-in the web client as well. A nice bonus if you don’t want to go into the console.
Along with being able to use the web interface you can use the console as well for some management.
Now for this review I didn’t go way into a lot about the product. I added a few servers for usability purposes. However I am going to run the trial until the end and continue to see how it performs.
This is the only load balancer I have played with. I do not know how other competitors compare with them. I do like how easy are to maintain and install. One major factor for me giving thumbs up to them is the staff has been great. I have been talking with Lauren in their sales department and she was very helpful and not pushy with me at all. This goes along way with me. Not only is this a quality product they have good staff to support the product as well.
If you are in the market for a load balancer I would definitely give them a look. You can try their VLM products free.