timbarrett – Page 47 – NoGeekLeftBehind.com

July 19, 2007

Message is Larger Than the Current System Limit

From the Help Desk file…

A client running SBS is having problems with large attachments bouncing. They are using SMTP, not POP3:

Each month they get a a particular inbound email from an external sender w/ a sizeable attachment
Last month the attachment was 7,403 KB and it was delivered just fine
This month the attachment was 7,562 KB and it was rejected

Error Message:

“The following recipient(s) could not be reached: This message is larger than the current system limit or the recipient’s mailbox is full. Create a shorter message body or remove attachments and try sending it again.”

Gut Reaction:

The ultimate computer troubleshooting question – “What changed?”

The attachment is bigger (but not much). And it’s likely that the users mailbox has grown in the last month, right? Well, not so fast.

Server Settings:

Mailbox Store Storage Limits: Warn @ 175 MB / Prohibit @ 200 MB
Client mailbox size: 22 MB
Default SMTP Virtual Server Properties: Limit message to size (KB) is unchecked
Exchange Delivery Defaults: 10,240 KB send / 10,240 KB receive
User Delivery Defaults: 10,240 KB send / 10,240 KB receive

So the attachment is well below the 10 MB limit, and the user has plenty of storage space. What gives?

The Smoking Gun:

I did some research and found the following KB Article:

“How to set size limits for messages in Exchange Server”
http://support.microsoft.com/kb/322679

“Note The size of SMTP messages that are sent between routing groups and to the Internet increase by about 30 percent if they contain binary attachments or other 8-bit data.”

Yeah – you read that right, 30% overhead for SMTP email attachments.

Let’s do the math – a 7,562 KB attachment with a 30% increase (7,562 / 0.7) = 10,802 KB. And that’s larger than 10,240 KB folks! I talked to Vlad for validation, and after the obligatory mocking session, he confirmed that’s about right for the overhead. He also said something about an 8-bit attachment going through a 7-bit system, but that’s over my head.

Resolution:

I bumped the limits up to 15,360 KB, so they should be able to receive a 10,752 KB attachment (a true 10 MB), sent another test email, and it worked!

So here’s a rough conversion chart of what your settings need to be to get ‘true’ attachment sizes through the server:

Physical Attachment / Actual Height Needed

5 MB / 7,200 KB

6 MB / 8,600 KB

7 MB / 10,00 KB

8 MB / 11,400 KB

9 MB /12,900 KB

10 MB /14,300 KB

11 MB /15,700 KB

12 MB /17,100 KB

13 MB /18,600 KB

14 MB /20,000 KB

15 MB /21,400 KB

To plug in that setting, just navigate to:

Server Management / Advanced Management / Exchange / Global Setting / Message Delivery / Properties / Defaults tab:

I hope that helps somebody. And thanks Vlad, my favorite Exchange MVP 🙂

Rating: 8.5/10 (2 votes cast)

July 10, 2007July 10, 2007

Official Launch of sbspodcast.com

Today Susanne Dansey and Susan Bradley announced my new pet project, affectionately known as www.sbspodcast.com

This is not another SBS podcast (as the name may imply). Rather, it’s a central point to find all podcasts pertaining to SBS & the SMB space.

Some of these podcasts are IT Pro focused, some are consumer-focused, others deal with business, the community, and geek humor. But the underlying theme (as a whole) tends to be security, because honestly, it’s not easy staying sharp – especially when it comes to security.

Each podcast entry on the site includes:

Podcast name
Host or hosts
Description
Website URL
RSS Feed URL (if available)

The current list of SBS / SMB podcasts includes:

Visitors to the site are encouraged to submit future SBS podcasts to the list.

For the sake of convenience, all podcasts with RSS feeds are rolled up into a single OPML feed (available at the top of the page on the site).

Hopefully this project will give folks a chance to learn about podcasts they’ve never heard of and lower the barrier & learning curve to getting started listening to podcasts.

If you’ve got feedback regarding the site or the project, feel free to post coments on this blog entry.

Rating: 0.0/10 (0 votes cast)

July 9, 2007

Robot Has Detected Abnormal Activity From Your IP Address

I’ve gotten numerous calls about this piece of spam today, so I thought I’d blog it:

From: Administrator <sender changes>
To: <client name>
Sent: Sun Jul 08 18:15:22 2007
Subject: Worm Alert!

Dear Customer,

Our robot has detected an abnormal activity from your IP adress on sending e-mails. Probably it is connected with the last epidemic of a worm which does not have official patches at the moment.

We recommend you to install this patch <url omitted> to remove worm files
and stop email sending, otherwise your account will be blocked.

Administrator

According to PC Tools’ ThreatExpert service, the trojan copies itself to the Windows system folder as ‘windev-72b5-203e.sys’ (md5: 8e2410698872f116620cbd7846adfa34) and registers the file as a service in order to load when Windows is started.

Detection names among vendors vary greatly and include the following:

TR/Small.DBY.DB (AntiVir)
Win32:Tibs-BAC (Avast)
Downloader.Tibs.6.K (AVG)
Trojan.Peed.OQ (BitDefender)
W32/Tibs.MV@mm (Fortinet)
Packed.Win32.Tibs.ab (Ikarus, Kaspersky)
McAfee 5069 07.06.2007 W32/Nuwar@MM (McAfee)
Worm:Win32/Nuwar.JT (Microsoft)
Win32/Nuwar (Nod32)
Tibs.gen124 (Norman)
Mal/Dorf-A (Sophos)
Trojan.Packed.13 (Symantec)
Possible_Nucrp-3 (Trend)

Recommended Action:

Don’t download it – update your anti-virus signatures.

Rating: 0.0/10 (0 votes cast)

June 27, 2007

Cougar Beta 1 DVD is Here

The friendly DHL guy stopped by today, and he always brings the good stuff.

Today he delivered the Windows Server Code Name “Cougar” Beta 1 DVD.

And no, I’m not leaking any news – CRN announced Cougar back in January. But I am posting the info here to thank Kevin Beares and the Microsoft Windows Server team for listening to feedback and really working with the SMB community. You guys rock!!

And if you haven’t done so already, you can thank the team yourself by filling out the SBS WW Community Survey – the deadline has been extended. It takes 2 minutes to fill it out and they really appreciate the feedback.

Rating: 0.0/10 (0 votes cast)

June 15, 2007June 15, 2007

Craziest Event ID Ever – Event ID #34

I see far-out error messages and event IDs all the time (like the recent AVG “Something bad has happened in the application” messages this week). But this one takes the cake…

PROBLEM REPORTED:
Client’s computer was locking up randomly. After it locked up, the three-finger-salute wouldn’t bring it back, only killing the power would do the trick. Once the reboot was complete, the machine would work fine for minutes or hours sometimes, then randomly freeze again. (And in case you’re wondering, the system was free of spyware and virus infections). We checked the event logs and found one single red X error message:

ERROR:
Event Type: Error
Event Source: i8042prt
Event Category: None
Event ID: 34
Date: 6/13/2007
Time: 11:43:14 AM
User: N/A
Computer: {snip}

DESCRIPTION:
“An error occurred while trying to determine the number of mouse buttons.”

Umm… yeah.

The MS Help and Support Center link wasn’t much help in this instance. And I’ve never seen a mouse take out a computer like this, but we decided to troubleshoot the only clue we’d been given.

RESOLUTION:
We powered the computer down, unplugged the old school roller PS2 mouse and installed a USB optical mouse, and hit the juice.

RESULT:
This computer has been working fine ever since swapping the mouse. No runs, no drips, no errors.

ADDITIONAL INFO: I wanted to see if anyone else has seen this one before, and EventID.net has a post that says the mouse port might be damaged – and that’s probably what happened here. If you ever run across this, here’s the link to the EventID.net post.

Rating: 0.0/10 (0 votes cast)

June 12, 2007June 12, 2007

Invitation – Live TS2 and KYSBSUG Events Next Week

You know him and love him from the 2005 & 2006 SBS Tours, the 70-282 Exam Prep Series 1 & 2, and numerous webcasts and live events. And once again, I’m happy to announce that our favorite Microsoft TS2 Presenter, Ronald Grattopp, is coming back to Kentucky!

TS2 Live Seminar – Lexington, KY
Tuesday June 19, 2007
Start time: 1:00 PM Eastern
Venue: Regal Hamburg Pavilion 16
1949 Starshoot Parkway
Lexington Kentucky 40509
Registration URL: Click here
June 2007 KYSBSUG Meeting – Louisville, KY
Wednesday June 20, 2007
Start time: 6:30 PM Eastern
Venue: Money Concepts
323 Townepark Circle
Louisville, KY 40243
Start time: 6:30 PM Eastern
Registration URL: Click here
TS2 Live Seminar – Louisville, KY
Thursday June 21, 2007
Start time: 1:00 PM Eastern
Venue: Cinemark Tinseltown USA
4400 Towne Center Drive
Louisville Kentucky 40241
Registration URL: Click here

More Details on the June 2007 KYSBSUG Meeting Next Wednesday!

This month Ron Grattopp will be joined by Tim Barrett, and they will be co-presenting a deep dive on Windows SharePoint Services version 3 (WSS3). Come learn the best practices for installing WSS3 on SBS, shortcuts to deploy the “Fabulous 40” templates, and other tips and tricks on WSS3.

“How deep is this deep dive” you may ask? We have over 8 hours of content on WSS3, so we’re prepared to talk about all aspects; from deployment, to extending, to business value. (The event is only 90-120 minutes long, so we’ll cover the content that the audience wants to hear.)

As always, there will be excellent networking opportunities and Ron is bringing some cool swag.

This Live event is FREE to attend, but registration is required:
http://www.clicktoattend.com/?id=119143

The venue is a little tricky to find, since it’s so new it doesn’t show up on most maps, but fortunately there is a map available on Map Quest:

Map to KYSBSUG Meeting at Money Concepts – 323 Townepark Cir Louisville, KY 40243, USA

And if you get lost, just call my cell (502) 817-3456 and I’ll give you directions.

Rating: 0.0/10 (0 votes cast)

June 11, 2007June 11, 2007

You Can Blog with Microsoft Word 2007

Did you know that you can blog with Microsoft Word 2007? I’m sure I heard this at a launch event or something, but it must have slipped my mind.

I ‘discovered’ this feature today when I right-clicked a tab in Microsoft OneNote and saw the phrase “Blog this”.

I clicked it, and here I am – voila!

Rating: 0.0/10 (0 votes cast)

June 6, 2007June 6, 2007

Major Website Upgrade Complete

Last year, after much prodding from Chris and Vlad, I made the switch from Blogger to WordPress for the website engine. And there was much rejoicing!

Now, over a year later, I’m happy to announce that today marks another major upgrade to the www.nogeekleftbehind.com website.

BEFORE

AFTER

Here is a short list of the changes and some of the new features added:

WordPress upgraded to v 2.2
Integrated Search (finally)
Instant Messenger Status
Snap Shot images (now you can see a website thumbnail before clicking on it)
Blog Calendar Navigation
Recent Comments Section
Flickr Pictures
RSS Feeds for iTunes and Podcast (NGLB Videos coming soon!)
Site is now PDA-friendly
Links for del.icio.us
New Theme (courtesy of Adam Walker)
Wider layout (helpful for wide screen LCDs)
And more features like Digg, YouTube integration and TS2 Events coming soon!

I hope you enjoy the update. Please feel free to leave any comments or feedback about the new site and features! 🙂

Rating: 0.0/10 (0 votes cast)

June 5, 2007June 5, 2007

Hack – Removing the Annoying Dell Wallpaper in RDP

This annoyance has been around for a very long time, and it’s been covered in numerous places throughout the web. But since it still exists and since I came across it twice today, I thought I’d post the fix here.

The annoyance in question is the factory wallpaper from Dell (or any other manufacturer) that fills the screen when you try to logon to RDP. It is slow, annoying, and it looks like this…

I pick on Dell not because we’re primarily an HP shop, but because that stupid Dell wallpaper weighs in at 1,877 KB. That’s more than entire floppy disk of data – just for a splash screen!

Here’s how to get rid of the factory wallpaper or splash screen background. But first, the obligatory REGEDIT disclaimer:

Disclaimer: Use Registry Editor at your own risk. If you use Registry Editor incorrectly, you can cause serious problems that may require you to reinstall your operating system. This information is provided on an “as is” basis and all risk is with you. Improper use of Regedit can also make you sterile. NoGeekLeftBehind makes no warranties, express, implied or statutory, as to any matter whatsoever, and does not guarantee that problems that you cause by using Registry Editor incorrectly can be resolved.

With that out of the way, there are two options available:

a) Kill that splash screen wallpaper completely.

b) You can replace the factory image with another wallpaper.

If you’re leaning towards ‘option b’, I’ve included two images you can right-click and Save-As that are tiny (only 102 bytes each):

– white_10x10.bmp
– black_10x10.bmp

On with the instructions…

RDP Splash Screen Wallpaper Removal Instructions:

1) Click Start / Run / type REGEDIT and click OK

2) Navigate EXACTLY to the Key Value
– HKEY_USERS
– .DEFAULT
– Control Panel
– Desktop

3) Locate the String Value: “Wallpaper”.

Note: If you’re using a Dell, that string value data is probably “\windows\system32\DELLWALL.BMP”

Screenshot of the String Value above (click to enlarge)

4) Now, either:
a) right-click and delete the Wallpaper string value completely, or
b) change the value to a different wallpaper

WARNING – Be sure you DO NOT delete the “Desktop” Registry Key on the left, only nuke the “Wallpaper” String Value on the right

5) Close REGEDIT

If you performed everything correctly, the next time you RDP into the server that wallpaper should be gone (or changed if you followed Step 4b). Your Remote Desktop Protocol experience should be much improved now.

Rating: 8.7/10 (6 votes cast)

June 1, 2007