Category Exchange

So you’ve gone through all the effort to get yourself a mobile device, you’ve updated it to the MSFP version from the vendor and now you want to actually USE that functionality!

If you are using Exchange with no FrontEnd and the FE has SP2 on it. – You’re set!
If you are Front-Ended with ISA then the following article can help you configure the DirectPush technology.

Enterprise firewall configuration for Exchange ActiveSync Direct Push Technology
http://support.microsoft.com/kb/905013

Then simply change the timeout from 120 to 1800 and DirectPush should begin working.

DirectPush
DirectPush will be working the instant you setup a mobile device with MSFP loaded on it, so your devices can now sync without requiring an SMS message to be send from the server.

GAL Lookup
GAL Lookup will be available after you update your device with the MSFP.

It can be used by doing the following:
When you go to send a new message or reply to a message
Click Menu – Add Recipient
Click Menu – Find Online
Then type in the name and it will search the GAL for the user.

Remote Wipe
Remote wipe requires the download and installation of the MobileAdmin onto your Exchange server.

You can download it here, and it provides useful documentation to use it.

Microsoft Exchange Server ActiveSync Web Administration Tool
http://www.microsoft.com/downloads/details.aspx?FamilyID=E6851D23-D145-4DBF-A2CC-E0B4C6301453&displaylang=en
A few pages referencing details of DirectPush and other ActiveSync policies.
http://www.msexchange.org/tutorials/Exchange-2003-Mobile-Messaging-Part1-Microsoft-DirectPush-technology.html
http://www.msexchange.org/tutorials/Exchange-2003-Mobile-Messaging-Part2-Uncovering-Device-Security-Policies.html

~Christopher Kusek

Well, sort of. They released it and then pulled it.

Palm/Treo has pulled the latest update for the Treo 700W’s from their website
http://www.palm.com/us/support/downloads/treo700wupdater/verizon.html

With the message –
Temporarily unavailable.
We anticipate that the Treo 700w updater will be available at a later date. If you have already installed the updater, please disregard this message

If however, you are one of the daring and wish to perform the update, go to the following site (which bypasses their warning unavailable message)
http://ws.palm.com/SupportDownload/app?service=external/Home&sp=1

Installation instructions are available here:
http://www.palm.com/us/support/downloads/treo700wupdater/verizon.html

The breakdown of what changes are available here:
http://mytreo.net/archives/2006/04/palm_treo_700w_updater_110_available.php
* Includes Microsoft’s Messaging and Security Feature Pack (MSFP) with Direct Push Technology for automatic wireless synchronization of email, calendar, contacts and, now, tasks (learn more)
* Enhances email capabilities for more support of push email solutions, such as WirelessSync and GoodLink, and of synchronization capabilities, such as the ability to maintain an “always on” data connection after POP or IMAP email synchronization and the ability to auto-synchronize all email accounts based on user setting.
* Updated memory management
* Pictures and Videos enhancements
* New Wireless Manager provides an updated interface for turning wireless radios on and off on your 700w smartphone
The update to the phone seems to go smoothly, and the deletion of Temp files doesn’t take nearly as long as ~30 minutes like they suggest.

In either event, it’s a definitely useful upgrade and I’ll mention shortly just how you can go about specifically utilizing it with Exchange SP2+MSFP Functionality.

~Christopher Kusek

I talk to a lot of people at times during Exchange migrations, previous versions to more current versions. And one of the greatest misconceptions there has been, people thinking that the Outlook Client is dependant on their Office CAL’s.

Well, it does not.

So, here I am to set things straight once and for all (Or until licensing changes)
The Exchange Server 2003 user CAL is required for each user gaining access to the server and entitles access rights to both editions of Exchange Server. Each Exchange Server 2003 CAL also includes Microsoft Office Outlook 2003 or Microsoft Entourage 2004 for Mac and permits access from Microsoft Office Outlook Web Access, Outlook Mobile Access, Exchange ActiveSync, or any standard Internet-messaging client.

Pricing and Licensing for Enterprise Organizations (For Exchange)
http://www.microsoft.com/exchange/howtobuy/enterprise.mspx

~ Christopher Kusek

This inability is due to some email domains adoption of the RDNS (Reverse DNS) checking. The belief is, if you have a valid reverse DNs (Read: Valid = Any reverse DNS entry usually), then you are a “Valid Domain” to handle email from. Until the actual adoption of validated authentication which may come in the future, for the time being you can work around this inability to mail by having a valid PTR!

How this works is, the machine which will actually connect to the Internet and send email needs to have a valid PTR assigned to its IP address.
Below are steps detailed how to check that.

First, let’s discover the MX record for your domain, and the PTR record for your sending email server.

(Using Nslookup, we’ll check the details for hotmail.com)

We’re launching nslookup and looking at the details of the domain hotmail.com
C:\> nslookup
Default Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

>set type=mxSetting the type to MX will show us the Mail Exchanger records for the domain
>hotmail.comEnter a domain here, and it will display our Mail Exchangers
Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2
Non-authoritative answer:
hotmail.com MX preference = 5, mail exchanger = mx4.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx1.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx2.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx3.hotmail.com
>

Now that we know the MX entries for inbound, we’ll check if they have a valid PTR

> set type=aThis will allow us to see the IP address assigned to the MX entries
> mx1.hotmail.com

Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Non-authoritative answer:
Name: mx1.hotmail.com
Addresses: 64.4.50.50, 65.54.244.8, 65.54.244.136, 65.54.245.8

> set type=ptrNow we’ll check if they have a valid PTR
> 64.4.50.50The IP Address of the Mail Exchanger is specified here

Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Non-authoritative answer:
50.50.4.64.in-addr.arpa name = mail.hotmail.com
50.50.4.64.in-addr.arpa name = mc1-reserved.bay6.hotmail.com

So, according to this, they have a valid record
If you received something similar to
*** vnsc-bak.sys.gtei.net can’t find 1.1.1.1.in-addr.arpa.: Non-existent domain
Then you do not have a valid PTR setup
If you’ve followed these steps and checked the PTR for the inbound mail receiver, now you should check the outbound.
Sometimes Inbound does not match the Outbound, so visit the following site from your mail server and you can check your IP address.

From your outbound mail server (The Mail server itself or an SMTP scanning/relayer) visit the following website:
www.pkguild.com/ip (There is also a link off the main site here – “Click here for your IP Address”)

And your results should look like this:

C:\>nslookup
Default Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

> set type=mx
> pkguild.com
Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Non-authoritative answer:
pkguild.com MX preference = 0, mail exchanger = pkguild.com

pkguild.com internet address = 70.103.189.81
> set type=ptr
> 70.103.189.81
Server: vnsc-bak.sys.gtei.net
Address: 4.2.2.2

Non-authoritative answer:
81.189.103.70.in-addr.arpa name = box81.bluehost.com
>

At this point, with a valid PTR – You can check to see if you can send mail by hand to these domains.

C:\> telnet mx1.hotmail.com

220 bay0-mc5-f9.bay0.hotmail.com. Mon, 6 Feb 2006 09:35:02 -0800
helo peters.com
Enter helo domain.com where domain.com is the site you claim to be from
250 bay0-mc5-f9.bay0.hotmail.com (3.1.0.18) Hello [216.130.119.48]
mail from: <Christopher.Kusek@Pkguild.com>
Enter mail from: <user@domain.com> this will dictate who it comes from.
250 Christopher.Kusek@Pkguild.com.Sender OK
rcpt to: <christopher.kusek@hotmail.com>
Enter rcpt to: <user@hotmail.com> this will be the recipient of the message.
250 christopher.kusek@hotmail.com
data
Enter data – this allows you to start putting input of content in the message.
Test test mc test
Enter some kind of data.
.
Put a . and it commits the email and sends it.
354 Start mail input; end with .
250 <BAY0-MC5-F9gDznmG3d00498dc8@bay0-mc5-f9.bay0.hotmail.com> Queued mail for delivery
A simplified test of it which can be pasted into a telnet window are like this.
(After you have initiated your telnet)
helo domain.com
mail from: user@domain.com
rcpt to: user@domainIamConnectedto.com
data
test
.

Often times, you may also encounter an issue where Exchange is unable to deliver mail to some domains or reports errors on your server. This can happen when you have EDNS enabled on Windows 2003 DNS servers (Enabled by default)
To disable EDNS, you must first install the dnscmd.exe command-line tool from the Windows 2003 CD-ROM’s Support Tools. (\Support\i386\Suptools.msi)
From a command prompt type

dnscmd /config /enableednsprobes 0

This will then disable EDNS (You may need to restart the DNS Services on the 2003 DNS Server for it to take effect)

An external DNS query may cause an error message in Windows Server 2003
http://support.microsoft.com/kb/828731/en-us