Hopefully, you’ve heard about the Do Not Call registry (located at https://donotcall.gov/) and already have registered your phone number on this site.  This site is a great tool to block telemarketers who follow the laws, but medical organizations, political campaigns; not-for-profits are exempt from this list and can call you regardless!

So what can we do about the rest of these telemarketers?  Back when the telephone system was invented, several special tones were conceived to send information over the line for remote telephone routers, callers, and other purposes.  Just as a very brief side note, telephone hacking was popular back in the 1970’s and had a term called Phreaking, and Steve Wozniak, the co-founder of Apple was actually a hobby based phone phreak (hacker).  Anyways, back to topic, today I learned that the TeleZapper ™ is a $50 device that simply plays the special tone for “this line has been disconnected”, which is 3 beeps that progressively get higher in frequency.  This works because it costs telemarketers money to call your phone and they share similar phone number databases.  When the telemarketers come across a disconnected line, they will update that database accordingly to save them money (there is no sense in calling a disconnected number, right?).

Since 99% of telemarketing calls are automated by computers, the computers are typically programmed to be efficient and save the telemarketer money, meaning the computer will disconnect / update the number if they come across certain special codes.  If they don’t, they’ll redirect your call to a human that is being paid to market a product to you.  The human costs the most, so the idea is to keep this cost as minimal and as profitable as possible.

So now the basic idea, what happens if we play the special tone on our voice mail message?  Our voice mail is the very first  thing that plays if we don’t answer the phone ourselves, and furthermore, we can turn off the automated “the number you have reached…” message to simply allow our own recorded message to play immediately after the 4^th ring.  Telemarketing computers typically ignore the ring, so if the special disconnect code is the first thing that plays upon connection, the computer will usually assume that the line is disconnected.

Today, I added this tone to the very beginning of my voicemail, and then I proceed to give my normal message.  I know that if anyone important really wants to talk to me, they’ll leave a message past the 3 tones because my voice explains why it’s there in the first place.  So if you’re willing to take an easy chance at stopping the telemarketing calls, try this, you never know what might happen!

If you’d like the tone to download, you may grab it at this link: http://famousphil.com/wp-content/uploads/2012/05/disconnected.wav 

Finally, one last thought: since I’m on the topic of phones, I got a great graphic about the dangers of Cell Phones a while back from a Mr. Tony Shin, you may view his graphic at http://www.onlinemastersdegree.com/cell-phones-kill/

The IT industry in past years has become highly standardized and this means that many certification tests have evolved to enable people to prove that their skills are at par. Certifications tend to provide a higher probability that the person who passed will obtain a better job and will be able to perform at the job’s expectations. Certifications tend to require renewal every 5-10 years as well to ensure that the person who is certified remains knowledgeable in the ever evolving technology that surrounds them.

I might as well add in that I am not certified in anything at this point in time, but I have a computer science degree (BS and MS) from an accredited university. I tend to do IT work solely as a hobby, since my true abilities are in programming, and the theory around programming and how computers work. The difference between IT and CS is simply the amount of math and theory that you have to learn about. IT is basically really simplified practical computer science if you ask me.

Now for an actual review of UCertify. They were kind enough to provide me with a full access license to their Windows Exam (MCTS) Preparation Kit. I had to download a 15MB program that installed itself to my computer and then provided me with a nice user interface to begin learning the components of the exam. The interface was very simple and easy to understand, it was broken into a learning mode (which starts at the basics and advances) and a test mode. In learning mode, you’re simply learning about what general windows administrators need to know, there are also several quiz questions to verify that you understand what you read. In test mode, you can answer several questions and attempt to meet a goal (like a passing score for example).

I only went through a very small subset of both sections, but I was surprised to see some material that I wasn’t entirely familiar with (although I’ve heard of it), with this said, I’d strongly recommend the service as a whole for someone who needs to get certified. Certification exams assume that you will need to know everything at some point, so they test for just about everything. Unfortunately, many uncertified professionals are only exposed to what they need to know, so sometimes it can take a few minutes for someone such as me to arrive at the same conclusion that a certified person might already know. In any event, certification in the relevant field almost always guarantees that a candidate can get a specified job before someone who is uncertified for the same position.

I’d like to thank Manjari from UCertify for contacting me about this service, if you have any questions about their service, I’d suggest you email him directly at manjari [at/@] ucertify [./dot] com. I learned a little from what I have done with the service and who knows, it might even help me in the future. Hopefully this can be useful for some of my readers out there. Finally, for all of the skeptics out there, I wasn’t paid to write this review although I did get temporary free access to the windows certification prepkit to review it.

Unfortunate for all of us, the internet was built on an openness model and NOTHING that is placed onto the internet should be considered private!  However, many people usually ignore this fact and give information to a “protected” service which they then believe inside will never become exposed.  This is generally true if you carefully read all the privacy statements and verify that there are no loopholes, since most providers won’t release information without a court order, and they do take a lot of precautions to store the data that you openly give them.  But all too often, those users will use a weak password or volunteer the information to a third party without thinking (remember the allow access button above?).

Being in the software development field now for the past 5 years, I can safely say that the old saying “there is no such thing as a free lunch” holds, if something is free, you should scrutinize it and figure out why it is “free” to use!  Often times, these applications will collect and store your data, and at a later time, sell it off to third parties (hence the product was never entirely free).  I’m sure that there are a few truly free products out there (e.g. open source, not-for-profit organization applications, etc), but you the consumer, need to be very careful about who you allow to get to your seemingly private data.  If you ever are concerned about what data is being collected and stored, a good first step is to contact who is offering the service and ask them about what they exactly collect and store / how they make money, then proceed from there.

So now for an example that I’m skeptical of.  Below is a screenshot of a calendar facebook application that I was invited to use for adding myself to a virtual yearbook at my old high school.  If you notice, it is requesting access to a lot of legitimate data, but this is also scary.  I will admit that there is information in my profile that others have added that I hide (since I cannot modify it if it is harmful to my online presence), and this data would be available to a third party application.  Ultimately, I declined the access to the application and removed other applications that I don’t use.

I guess the bottom line is be careful about who you give access to, it could unintentionally harm your image in the future.  Google has recently put together a site about being safe online, I’d highly recommend visiting it: http://www.google.com/goodtoknow/

The media spends a lot of air time talking about identity theft, but many of the suggestions you see on the news may not be the best ways to protect your identity. While it is still true that identity thieves often try to acquire your physical credit cards and charge purchases to them until they are maxed out before you notice that they are missing; the number of those who need only your credit card number to steal your whole identity is rapidly rising.

No one is completely immune to the possibility of having their identity stolen, but with a bit of knowledge in identity theft tactics; you can work to stay one step ahead of potential thieves, and keep your identity safe.

1. Identity thieves can steal your identity without your credit card number.

There are many other personal documents that can allow a thief to steal your identity. Keep documents such as social security cards, birth certificates, passports and other identification, and credit cards not in use under lock and key at home or in a safe deposit box at the bank. Do not carry these documents with you on a regular basis; only take them out if you actually need them

2. Seemingly innocent nonfinancial information online can be plenty for a thief to steal your identity.

It may not seem like much to work with, but a smart thief can steal your identity with nonfinancial personal facts about you, such as your home address, phone number, or full birthdate. Never list this type of information on social-networking sites, job-search sites, or any other website that you use for business or personal reasons and have used your card with.

3. Keep a close eye on your physical mail.

Know when to expect incoming credit card and other bills to arrive. If they don’t show up, it could be an indicator that an identity thief has accessed your account and changed the billing address. If you need to order checks, pick them up at the bank personally; if you have them delivered, they could be stolen from your mailbox, altered, and cashed by a thief.

4. Review your financial statements regularly. Check statements for your bank accounts and credit cards at the very least monthly. More often is better. Look specifically for very small charges, less than a dollar that you can’t remember making as that could be a credit card authorizing a charge. Finding one could be an indicator that someone is looking to buy your credit information in a block of stolen card numbers. If you find such a charge, inform your bank or credit company that they should be on the lookout for fraudulent activity on your account.

5. If anything about an ATM or credit terminal doesn’t look quite right, don’t use it. Skimmers are electronic devices that can be placed on ATMs or in-store credit terminals by identity thieves to collect your data when you swipe your card. If you don’t notice until after you have already swiped your card, alert your credit company or bank as soon as possible so that they can keep a close watch on your account for any suspicious activity.

6. If you are a tourist or traveler, you are at greater risk of having your identity stolen. Travelers are often more focused on getting where they are going on enjoying the sights than the people around them. Keep an eye out for strangers lurking around if you are using a public phone, or paying with your credit card. It is also recommended that you don’t use unsecured public wifi connections, unless your computer has advanced security features.

7. Learn to be sneakier than those who may want to steal your identity. A few sneaky little tricks can help protect your credit and bank cards from being stolen at all. Most thieves won’t bother with cards that still have the “please activate” sticker still on them, because they know you need the phone number on file with the credit company to activate it, and thus it is basically worthless. Also sign your cards with permanent marker instead of pen, so that it is harder to remove and write over.

8. Stay alert while checking out. Normally a cashier has no reason to take your card, as most stores have a terminal where you swipe your card personally, but if a cashier takes your card, and turns their back to you, or takes longer than is normal for such transaction, they may be collecting your information. This can be done with a handheld skimming terminal, by taking photos of both sides of your card with a cellphone, or even replacing your card with a similar looking one that isn’t yours. Always check that the card you were given back actually belongs to you.

9. Take advantage of the option to go paperless. By viewing all of your credit and bank statements online, you lessen the chance of someone stealing snail mail with valuable information on it from your box. If you do have credit slips, or paper bills, shred them before throwing them away. If it has your card number, name, phone number, or address on it, shred it first to prevent a potential thief from gaining this personal information.

10. Read the fine print before you sign up for identity theft insurance. While having identity theft insurance can pay off, most companies that offer it only cover the money you spend to repair your lost identity, not the money lost due to the theft. Check your homeowner’s policy as it may currently include identity theft in your insurance, before signing up with another company incurring extra expense.

Author Box

The article is shared by George Martin. George Martin understands nitty gritties of credit cards. Apart from that if you need any answer on credit card, debt or other money then you can contact him.

When building new applications, it always seems like I start with the grand picture requiring no massive data storage and shortly after I begin, I find myself needing a database connection.  I’ve made the mistake several times now of not starting with a dedicated database class that connects to MySQL, and I always find myself googling for pre-made classes that don’t do exactly what I need, so I’ve decided to post my own for future reference.  As a result, I’m going to make sure that when I Google, I find my own reference before someone else’s  Hopefully this is useful to someone else.

PHP’s MySQL singleton class:

<?php
// Copyright (c) 2012 Philip Matuskiewicz www.famousphil.com

// To use:
// require_once("Mysql.php");
// $db = new Mysql();
class Mysql{
    private $server = "localhost";
    private $username = "";
    private $password = "";
    private $database_table = "";
    private static $instance;

    private function __construct(){
        $this->connect();
    }

    public function connect(){
        mysql_connect($this->server, $this->username, $this->password);
        mysql_select_db($this->database_table);
        $this->q("set names 'utf8'");
    }

    //query the database
    public function q($query){
        $r = mysql_query($query);
        return $r;
    }

    //returns an array containing all the rows that were returned
    public function qr($query){
        $r = $this->q($query);
        if (mysql_num_rows($r) > 0) {
            $res = array();
            while ($arr = mysql_fetch_array($r)) {
               array_push($res, $arr);
            }
            return $res;
        } else {
            return null;
        }
    }

    //number of rows returned
    public function nr($query){
        return mysql_num_rows($this->q($query));
    }

    //last inserted row id is returned
    public function lid(){
        return mysql_insert_id();
    }

    //close the database connection
    public function c(){
        mysql_close();
    }

    public static function singleton(){
        if (!isset(self::$instance)) {
            $c = __class__;
            self::$instance = new $c;
        }
        return self::$instance;
    }

    public function __clone(){
        trigger_error('no clone', E_USER_ERROR);
    }
}

?>

The Python MySQL singleton implementation is similar, but includes an external file named config.py in this example

--> config.py (configuration information for the MySQL class)
dbhost = "localhost";
dblogin = "";
dbpassword = "";
dbname = "";

--> MySQL.py (The MySQL class)
#!/usr/bin/env python
# Copyright (c) 2012 Philip Matuskiewicz www.famousphil.com

#to include / use, insert the following lines in the code
#import imp;
#mysql = imp.load_source("MySQLConnector", "PATH_TO_PYTHON_FILE/mysql.py").MySQLConnector();
#result = mysql.tryquery("Mysql Query Here");

import sys;
import os;
import string;
import base64;
import MySQLdb;#mysql library (you will need to install this on the system)

#MySQL Singleton Class
class MySQLConnector(object):
        _connection = None;
        _instance = None;

        def __init__(self):
                try:
                        if MySQLConnector._instance == None:
                                MySQLConnector._instance = self;
                                MySQLConnector._instance.connect();
                except Exception, e:
                        print "MySQL Error "+str(e);

        def instance(self):
                return MySQLConnector._instance;

        def get_connection(self):
                return MySQLConnector._connection;

        def connect(self, debug=False):
                try:
                        for line in open('includes/config.py'):
                                #this can be dangerous, but sources / executes lines in config.py, which contains the db info
                                #alternatively, you can just set the variables here manually
                                exec('%s = %s' % tuple(line.split('=', 1)));
                        MySQLConnector._connection = MySQLdb.connect(dbhost, dblogin, dbpassword, dbname);
                        if debug:
                                print "INFO: Database connection successfully established";
                except Exception, e:
                        print "ERROR: MySQL Connection Couldn't be created... Fatal Error! "+str(e);
                        sys.exit();

        def disconnect(self):
                try:
                        MySQLConnector._connection.close();
                except:
                        pass;#connection not open

        #returns escaped data for insertion into mysql
        def esc(self, esc):
                return MySQLdb.escape_string(str(esc));

        #query with no result returned
        def query(self, sql):
                cur = MySQLConnector._connection.cursor();
                return cur.execute(sql);

        def tryquery(self, sql):
                try:
                        cur = MySQLConnector._connection.cursor();
                        return cur.execute(sql);
                except:
                        return False;

        #inserts and returns the inserted row id (last row id in PHP version)
        def insert(self, sql):
                cur = MySQLConnector._connection.cursor();
                cur.execute(sql);
                return self._connection.insert_id();

        def tryinsert(self, sql):
                try:
                        cur = MySQLConnector._connection.cursor();
                        cur.execute(sql);
                        return self._connection.insert_id();
                except:
                        return -1;

        #returns the first item of data
        def queryrow(self, sql):
                cur = MySQLConnector._connection.cursor();
                cur.execute(sql);
                return cur.fetchone();

        #returns a list of data (array)
        def queryrows(self, sql):
                cur = MySQLConnector._connection.cursor();
                cur.execute(sql);
                return cur.fetchmany();

#end class MySQLConnector

Listen To Your Music In Spotify For Free Without Wine

Music aficionados who delight in listening to millions of tracks through Spotify’s free version but feel petered out of needing Wine at the same time have just got some good news to enjoy. The DRM-based music streaming service now announces a new free version specifically for Linux users. Spotify for free will now enable listeners to indulge in gripping tunes without calling out for Wine.

Integrated with a host of great user –friendly features, the music streaming application allows users to listen to millions of songs, any time they like. One can simply rifle through Spotify for a particular song and start playing in unprecedented clarity. For those unaware, Spotify is music based software which provides users with an intuitive medium to search download and play their favorite songs.

Almost like a new music collection, Spotify brings forth convenient access to unlimited tracks and features compatibility with home audio systems and smartphones. The app also lends support to users’ desktop and Mac for tunes that should follow everywhere. At the same time, the app allows users to discover and share music with their closed ones. In fact, users can even hear what their friends are listening to – just by hitting ‘play’ on any music post.

However, Spotify distinguishes from Last FM and Pandora in a couple of significant ways. To state, the app lets music buffs listen to entire albums on demand. But, be careful as there are certain obnoxiously genre-defying advertisements contained. Irrespective of the pros and cons that it comes with, the app still emerges to be an ideal pick. With this one around, people can seamlessly search up and down for songs and share them with amigos.

Although Spotify was extended to several platforms, the software did arch shoulders for those who would always need Wine just to listen to the music. Previously, the Linux version for Spotify used to function merely with paid accounts. Nevertheless, the free version of Spotify for Linux is now anticipated to make things simpler for enthusiasts by large.

The native Linux adaptation starts up pretty quickly and does not gulp down much of a listener’s time while delivering a better experience than Wine. As far as the enrollment is concerned, users will be required to register for an account at Spotify’s official website before kicking off their musical journey. But, a bit to dismay, registering feels a dearth of a Facebook account since the company has made it mandatory to have an account on the stated social networking site.

Besides Spotify for free without Wine, the music streaming service can be downloaded either in Premium which makes users shell our £9.99 per month or in Unlimited which costs just about £4.99 per month. Those who do not wish to fork their pennies out can simply download the free version. However, irrespective of which subscription has been settled upon, the software ensures a thorough, rich music experience. So, what are you waiting for? Just head towards Spotify and we believe the rest you know!

About the author: Rebecca is a blogger by profession. She loves writing on environment and technology. Beside this she is fond of books. She recently bought a AGP Graphics Card. These days she is busy in writing an article on  Magnetic Earrings.

URL shortening sites like Tinyurl.com and Bitly.com are the new haunts for Tweeters who do not want long URLs to consume their restricted typing space. However, shortened URLs have another, more insidious use. They allow spammers and hackers to evade the timeworn email filters and gain entry to your inbox.

Most email anti-spam counteragents were generated even before the usage of embedded URLs in emails, not to mention abridged ones. Most contemporary anti-spam programs track back the URL to see if the site it originates from is hazardous. However, a shortened URL can be utilized by hackers in two distinctive ways.

The first way is simple. They tie the site they want you to get directed to into one of the identified and reliable URL shortening sites available for free to the community. Because the URL shortening site itself is reliable, the link is trusted. However, the link does not connect you to the URL shortening site; it connects you where it was originally fixated.

Secondly, hackers can get especially resourceful. Once the email program’s anti-spam filters determine the misapplication of the URL shortening sites, as some have already done, hackers produce their own URL shortening sites. Basically, they shorten a site that’s previously shortened. So, when you click on the link, you get forwarded not once, but twice. The first transferal is safe, the next is a hackers.

This is “yet another example of cyber-criminals adopting new technology to bypass traditional security measures,” said Bradley Anstis, vice-president of technical strategy at M86.

“A lot of the traditional anti-spam engines were developed before Twitter, so they are not geared up to recognize embedded URLs as seen in blended email threats in spam, let alone shortened URLs that link to malicious, or compromised Web pages,” Anstis said.

Some frightening statistics:

In May 2011, the global ratio of spam in email traffic from new and previously unknown bad sources increased by 2.9 percentage points since April 2011 to 75.8% (1 in 1.32 emails).

The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 222.3 emails (0.450 percent) in May, a decrease of 0.143 percentage points since April. (From Net-security.org)

So, what can you do to guard yourself from hackers? For one, never click on an email link if you do not have confidence in the sender. Two, even if you do have faith in the sender, do your best to get to the link organically, meaning follow the regular method. If you are tracking a delivery, go through the main website in the place of clicking on the link. These modestactivities will help to keep your computer, and the data it holds, safe from hackers.

Author Bio

Melanie Slaugh is enthusiastic about the growing prospects and opportunities of various industries and writing articles on various consumer goods and services as a freelance writer. She writes extensively for internet service providers and also topics related to internet providers in my area for presenting the consumers, the information they need to choose the right Internet package for them. She can be reached at slaugh.slaugh907 @ gmail.com.

First, I had Server 2008 R2 Datacenter as my operating system on both the existing server (denoted double) and the new server (denoted ruby).  The servers could clearly communicate with each other within the same datacenter as well so that file / data transfers could be effective.  The first thing to adding any server is to give the new server a name and know its network configuration details ahead of time.  I’m not going to go into details about how to install Windows, since it’s pretty simple.  Just make sure that you have the correct drivers installed for your server after the installation completes.

Note about installing Windows: just so that you don’t run into any issues with your system, make sure that your primary hard drive is attached to the first port for your motherboard’s interface, in my case, the first hard drive was connected to SATA 0.  If you don’t do this, you’ll run into a lot of problems and waste a lot of time (like I did!).  In addition, make sure that your BIOS has AHCI enabled prior to installing Windows, this also caused problems in my scenario.  Once Windows is installed, make sure that you can disable write caching on your hard disk without the operating system freezing (in computer management, under storage, right click the disk and optimize for quick removal).  If you followed the above, this shouldn’t cause Windows to hang, and will prevent Active Directory from incapacitating your system during the restart phase of the installation.  In addition, this is a good time to name your computer, join it to some default workgroup, add remote administration features, and change the time zone / clock settings.

Before continuing, I’d also recommend disabling Internet Explorer’s advanced security features; this is done by going to the computer management main screen and scrolling down, finding IE ESC and turning it off (acknowledging all of the warnings).  If you keep them on, you’ll find yourself doing way too much work to download necessary applications, etc.  These features are only useful if you plan on doing general web surfing on the server (which I would not recommend for security reasons).  I also activated windows, ran all the necessary windows updates (several reboots and optional updates as well).  After this all has been done, I ended up rebooting the machine a final time.

At this point, I installed several applications (using IE to get Google Chrome initially).

• Google Chrome (http://chrome.google.com) for web surfing / downloading the rest of these
• Adblock plus for chrome (http://adblockplus.org/en/) to block malware / ads
• 7zip (http://www.7-zip.org/download.html) for good archive file support
• Microsoft Security Essentials (http://windows.microsoft.com/en-US/windows/products/security-essentials), Windows 7 version works fine, this is a quick, safe, free antivirus solution for all of those who hate Symantec’s ability to slow down the entire system (hey, that’s me!)   This is also good for desktop users!  I would recommend disabling the scheduled Sunday scan since real-time protection is sufficient in my case.
• Magic ISO (http://www.magiciso.com/tutorials/miso-magicdisc-overview.htm) to mount ISO images (including the Exchange 2010 ISO if you downloaded it from MSDN like I did).
• Office Filter Packs which are a prerequisite for Exchange 2010 (http://www.microsoft.com/download/en/details.aspx?id=17062)

At this point, I added 2 custom firewall rules on both servers that allowed unrestricted incoming traffic from each server.  I then started the Active Directory installer by installing the AD User Service Role, and then ran DCPromo.exe as suggested by the installer.  I did an advanced mode install, adding a new controller to an existing domain in an existing forest, installing the DNS role locally, and I let it install.  For the AD Restore Password, make sure you remember what you set it to since this will be the password to the local (inaccessible) administrator account on the server incase everything fails.  At this point, the server should reboot at least once on its own.

Next, I mounted the Exchange ISO and went through the step by step screens to install it.  For me, I installed the mailbox, client access, hub transport, and management tools roles.  I told it that the client role would be internet facing to the OWA website (matthouse.org).  Exchange takes roughly 3 hours to install at this point.  After it is done, you should enter the Exchange Management Console (EMC), enter a product key to active it, and add a send connector for your organization (for the new server specifically).  If you’re wondering why your server isn’t sending mail (and you’re new to this and installing Exchange for the first time), try adding a send connector that is internet facing and allows *, that will fix your problem.

You will want to run Windows updates again and make sure that all of the Exchange updates are installed before continuing.  This may require several reboots of the server.

At this point, Exchange should be synched with the other server mostly so it’s time to start migrating services.  I first recommend changing all of your DNS records for mail over to the new server and give them time to propagate (as per the Time to Live [TTL] value on the record).  I also did mailbox remove requests (through the EMC) to the database on the new server; this should be fairly intuitive for anyone with a background in at least some systems administration.  I also went through all the client access role options and made sure that the internal / external sites for IMAP, POP, OWA, OAB, and ECP were properly set up for my main OWA address (matthouse.org).

Since Exchange by default requires https://server/owa to gain access to Outlook Web Access [OWA], I needed to add a few files to the web root of the domain to properly forward the user onto the OWA website when they went to the main website.  To do this, simply go to the IIS manager, go to the Default Website, and right click and open the document root.  In here, add 2 files as follows:

Web.config:
<?xml version=”1.0″ encoding=”UTF-8″?>
<configuration>
<system.webServer>
<httpErrors>
<error statusCode=”403″ subStatusCode=”4″ path=”https://matthouse.org” responseMode=”Redirect” />
</httpErrors>
</system.webServer>
</configuration>

Default.aspx

<script language=”c#” runat=”server”>
private void Page_Load(object sender, System.EventArgs e)
{
Response.Status = “301 Moved Permanently”;
Response.AddHeader(“Location”,”https://matthouse.org/owa”);
}
</script>

Basically, these 2 files will forward anyone from the web root to the appropriate OWA directory in SSL (https) mode.  I figure that anyone competent can figure out what needs to be changed, it isn’t rocket science, after all.

At this point, I added a real RapidSSL certificate to the server.  To do this, I went to the Exchange Management Console, went to the server tab, found the place to generate a CSR (Certificate Signing Request) and I created one.  I pasted everything from the CA (Certificate Authority) and imported it to Exchange and set all the services to use it (IIS, SMTP, POPS, IMAPS).  I also found the remote desktop session host manager window, right clicked the configuration of the server, and right clicked on rdp-tcp and went to properties.  I selected the general tab, selected the appropriate already installed certificate and ok’d everything, after restarting my RDP session, I had the new secure connection.

For anyone who is curious about anti-spam, there is a hidden anti-spam feature on the Exchange Hub Transport role, to get this, you can run the below steps in the Exchange PowerShell environment.  Afterwards, you will see an Anti-spam option in the Hub Transport role node under the Organization Configuration node of the EMC.  As for me, I opted for Forefront Protection 2010 (formerly Forefront Security 2010) since it provides a much more sophisticated scanning engine, although it does cost more and takes a lot more memory and configuration to get running smoothly.

• cd /
• cd c:\
• cd program files
• cd microsoft
• cd exchange server
• cd v14
• cd scripts
• ./install-AntispamAgents.ps1
• Restart-Service MSExchangeTransport

After all of this, I also found an IE9 / EMC interoperability bug where you can’t close the EMC if IE9 is installed on the system, this seems to be a bug with the Microsoft Management Console (MMC), so the patch can be directly downloaded from Microsoft, I would recommend searching Google for hotfix 2624899 to get the patch.  Keep in mind that a hotfix rollup in the future will include this patch from Microsoft so I’d recommend only installing it if you have this issue.

At this point, I’d recommend securing the firewall, RDP’s port, and adding some backup scripts.

Next, it is time to remove the old server.  I ran the following in the Exchange Management Power Shell Environment: “Get-Mailbox -Arbitration -Database db1 | New-MoveRequest -TargetDatabase db2”, where db1 is on the old server, and db2 is on the new server.  In EMC, I went to the organization node > mailbox > offline address book (OAB), added a new OAB generated by the new server and removed the existing one generated by the old server.  I also went to hub transport under organization, went to send connectors and removed the old server from the send connector.

On the new server, go to Active Directory Sites and Services under Administrative Tools and find each domain controller and view the properties.  Make sure the new domain controller is a global catalog and the old domain controller is not a global catalog server (respectively), these will be under the NTDS settings properties page.  Next, we need to transfer several roles, I used (http://www.petri.co.il/seizing_fsmo_roles.htm) as a guide for this.

• open command prompt (run cmd)
• ntdisutil
• roles
• connections
• connect to server <new domain controller>
• q
• transfer naming master
• transfer infrastructure master
• transfer PDC
• transfer RID master
• transfer schema master
• q

On the old server, remove the Active Directory Certificate Services role if it exists (you can probably ignore any warnings since Exchange should be using external certificates).  You may have to reboot the server.  Finally, go to add/remove programs on the old server, and remove Exchange 2010 by deselecting all of the roles.  Exchange automatically detects if it is safe to remove everything and will transfer anything left behind over to the new server.  Do the same for Active Directory by running DCPromo.exe (under the Active Directory node of the server management console), and running through the prompt.  If you get any warnings / errors when attempting to remove Exchange / Active Directory, take the advice and don’t continue since you might end up creating a lot more work for yourself.

Once everything is removed, you can trash the old server from the network and Exchange has been successfully moved.  For me, I ended up having about 4 reboots that affected OWA for users for a total of roughly 5 minutes each while Exchange rebooted.

As usual, thanks for reading.  Disclaimer: this information is provided on an as-is basis, I do not guarantee that this will work in your scenario, but I hope that it can help someone else out that is having similar difficulties to the ones that I’ve described.

I bring you a guest post from Sarah James ( contactsarahjames [at] gmail [dot] com), this post is more or less Sarah’s view of Charter Communications which is a Cable ISP.

The Charter internet service is great when it works – not so much when it doesn’t. That’s not fully Charter’s fault of course, or at least it wasn’t in my case – the root of my problem was the fact that my new office existed on a street that has only just been built, and which had yet to be registered with any database up to and including the ne held by the Post Office.

Not ideal, especially when the Charter internet guys were due to show up on day one and install the system for me. Here’s how my tale of woes began:

The Post Office eventually updated my street address. But that updated didn’t appear anywhere outside of the Post Office’s own database for three weeks. I’m assuming that delivering fast internet updates isn’t a priority for an organisation that sometimes has problems delivering letters on time, if at all.

The Post Office was only the start of my problems. I had to order my Charter internet connection based on the address of a nearby building, which meant, when Charter came out to install it, that they wouldn’t fit it in the building I actually own. Fair enough. But it took ages to sort the whole thing out, going backwards and forwards between the Poster Office and Charter until I was blue in the face and a cast of thousands had turned up at both my actual address, and the address down the street I’d been using to get my stuff delivered in the first place.

I tried talking to Charter directly but of course you either end up in a queue a mile long or you have to use the online web chat assistant – who, given the speed and clarity of the Charter internet connection (once you’ve finally had it installed0, went unbelievably slowly. It was kind of like talking to a backwards six year old.

Question: with all this internet power at their fingertips, why are the web companies so bad at direct communication with their customers? On the one hand they sell these amazing services, which allow you to segue all sorts of communications requirements into a single connection (the payment plan is good too) – and on the other, they make communicating with them next to impossible (unless you’ve got all day to sit around doing nothing else except trying to get through to them).

Fortunately my Charter internet service has now been sorted – and I am enjoying the rapid broadband connection that I was promised in the first place. I have no beef with the quality of the service and the capabilities of the connection. I would just like to know why it takes around 12 different engineers to install a simple web connection. Though as I say the business with the Post Office can’t have helped much.

So come on, Charter, get it together in the back operations department. Use your own technology to power your online web assistant and maybe we’ll be able to get something done!

About the author:

Sarah James is associated with various internet security related companies including broadband expert as their freelance and staff writer. She has been linked with some of the best web media companies and offers various ways for internet solutions. She excels in writing articles related to internet security, charter internet plans, comcast deals etc.

Unfortunately, computers are not able to think and identify patterns without a lot of help and special cases already entered into databases for them to compare against.  Thankfully, emailing lists have certain unique identifiers that allow this application to effectively identify and remove users from mailing lists, although I will not disclose exactly how it is done since that research was done on company time and therefore remains property of Conceptual.ly.  But I did want to take the time to publish a cheat sheet for those of you who need to communicate with IMAP servers via telnet.

CONNECTING: The general command to telnet to an insecure IMAP server is “telnet imap.server.com 143”, remembering that IMAP runs on port 143.  If you’d like to connect through IMAPS over port 993, your computer will need OpenSSL and the command to do so is “openssl s_client -connect imap.server.com:993”.  OpenSSL will take care of all the connection securing / establishing for you, the commands following the initial connection are exactly the same.

IDENTIFIERS: IMAP commands start with an identifier, I’ve seen “. “ as the identifier (a dot followed by a space) and I’ve also seen “a1 “ (a1 followed by a space) as the identifier.  I’ve also seen incrementing the 1 to 2, 3, etc work, and reading the RFC was not specific to what had to be used.  I typically use “. “ as my identifier and fall back to using a1 for all of the commands I enter, it has worked for every IMAP implementation I’ve dealt with thus far (including Gmail, Dovecot, AOL, and Exchange).

LOGIN: To login to the IMAP server, you need to enter the identifier followed by “login username password” replacing username and password with the appropriate login information.  Note that your username may be your email address.

LIST: This command is typically followed by a login and lists all of the available mailboxes in the IMAP account.  The syntax for this command is list “” “*”  which simply gets all of the mailboxes and subfolders.  The usual response is * LIST (\HasNoChildren) “.” “INBOX” which can easily be parsed, the \HasNoChildren can change if there are children.  Usually with children, the output will make the actual folder (the last segment of the output) contain the parent and a . so that you can simply use this to formulate a connection to a specific folder to retrieve messages, etc.  This isn’t always the case, so it is helpful to use IMAP over telnet to verify the response of the command for the specific IMAP server that you are connecting to.

STATUS: This command will return information about the folder you inquire about, I’ve only seen it return the total messages and unread messages in a folder in my experiences.  The syntax of this command is “STATUS FOLDER (flags which are optional)”.

SELECT: In order to search or retrieve items from a folder, you must first select that folder.  The syntax of this command is “SELECT FOLDER”.

SEARCH: This command has some ambiguity that caused me some difficulty that I will get to shortly.  The syntax for search is “SEARCH (PARAMS)”.  The parameters are identified in the RFC3501, but there are some specifics I’d like to talk about.  First, I’ve found that SENTSINCE does not need to be in (), instead you would do “SEARCH SENTSINCE 01-01-11 (PARAMS)”.  Next, if you want to search for more than 2 items using the OR syntax, you would need to use nested ORs, this might look like the following: “(OR (OR HEADER From yahoo.com BODY hello) BODY phil)” to search for a message that might be from yahoo.com (partial match) with the body containing hello, or just having “phil” in the body.  This works similarly for the AND parameter.  When search returns, it returns a space separated array of numbers which are identifiers for the FETCH command.  Remember that to search, you have to SELECT the folder to search first.

FETCH: This command will retrieve messages from a folder, you must have selected that folder first before you can retrieve a message.  Typically, messages are identified by a number which the FETCH command uses, so a SEARCH is generally executed before fetching messages.  The syntax is “IDENTIFIER FETCH (PARAMS)”.  IDENTIFIER is the number that search returned, and there are numerous PARAMS that you can do.  I’ve seen (RFC822) work at grabbing the entire raw message source (both headers and body), but in AOL’s implementation it does not, so I’ve reverted back to getting the header and body of each message through 2 fetches, the first parameter is (RFC822.HEADER) and the second is (RFC822.TEXT).  I do not believe that IMAP servers return a decoded version of the message in all cases, so I also used an email parsing engine in Python to decode the message source that these commands returned.

LOGOUT: The syntax for this command is “LOGOUT”.  It simply disconnects you properly from the IMAP server.

For the needs of my program, these were all the commands I needed, so I’d strongly suggest that you look at RFC 3501 at http://tools.ietf.org/html/rfc3501 for more information about the IMAP protocol and its usage.

I would also like to note that GMail has added commands to their implementation that better follow the speed and reliability of their web interface, those commands can be found at http://code.google.com/apis/gmail/imap/ (this was kind of hidden from my initial searches for information about GMail’s IMAP implementation, so I wanted to make this more visible).  If you use standard IMAP commands on Gmail, you can expect it to be much slower than other IMAP servers and much slower than their web interface.

Finally, AOL’s IMAP implementation doesn’t allow searching certain header fields and the body of the message, so I’d recommend testing your commands ahead of time to ensure you are getting responses that you expect.  As a tradeoff, AOL’s IMAP implementation is very fast at returning messages via the FETCH command, so where the SEARCH lacks ability on AOL’s IMAP server, the speed in downloading messages far makes up for this lack of functionality.  It is also possible that AOL’s IMAP implementation has certain extensions that I didn’t notice, so you may want to look into that possibility also if you’re dealing with their IMAP servers.

Hopefully this blog post can help someone save time so that they don’t have to do as much searching as I had to for connecting to IMAP servers.