- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 24, 2003 (Vol. 8, #47 - Issue #453)
Analysis: MS Spam Filter In E2K3
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • No Internet Tax!
  2. TECH BRIEFING
    • Analysis: MS Spam Filter In E2K3
    • Outlook 2003 Spam Filter: Under The Hood
  3. NT/2000 RELATED NEWS
    • MS and Computer Associates Offer Free AV-Software
    • Windows Small Business Server 2003 wins COMDEX Best of Show
  4. NT/2000 THIRD PARTY NEWS
    • DOUBLE-TAKE 4.3 Service Pack 1 Released
    • Patch Me If You Can
    • Disk Storage: Capacity, Cost and Performance Tradeoffs
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Solve Network Performance Problems With LanHound
  SPONSOR: Panda's GateDefender Stands Guard!
Are your traditional antivirus solutions really protecting your
network?
Panda Antivirus GateDefender is a dedicated hardware
device installed at the Internet gateway to block viruses before
they contaminate your network. It scans 7 different communication
protocols, achieving optimum protection against external attacks.
Panda Antivirus GateDefender 7100 (25-500 seats) & Panda
Antivirus GateDefender 7200
(500 seats+) provide the highest
scalability with native load balancing that transparently adapts
to traffic volume.
Visit Panda's GateDefender Stands Guard! for more information.
  EDITORS CORNER

No Internet Tax!

For subscribers in the USA, here is an important reminder. You may not know, but the moratorium on State Sales tax in the USA is coming to an end very soon. The tax collectors in many States are salivating and would just love to get their piece of the tax pie. It's up to us to notify our representatives that we want this moratorium extended indefinitely. Here is a good site to send a message to your State Rep.
http://www.w2knews.com/rd/rd.cfm?id=031124ED-No_Email_Tax

Also, read the story in Tech Briefing about Redmond adding a spam filter to Exchange 2003 next year.

Quotes Of The Day:
"Don't give me no evolution monkey biz...got too many ugly relatives as it is."
--Otis Lee Crenshaw

"Isn't it interesting that the same people who laugh at science fiction listen to weather forecasts and economists?"
-- Kelvin Throop III

PS: Did you know we also publish an e-zine like this but for WinXP? It's more consumer oriented but it's got tons of tech tips in there. Already 100 issues have been written, and these back issues are all here (searchable). You also can subscribe at this link at no cost of course:
http://www.w2knews.com/rd/rd.cfm?id=031124ED-WinXPnews

Warm regards,
Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: iHateSpam Server E5.5
Have a Look at the NEW iHateSpam Server E5.5.
Spam sucks. Your life shouldn't. iHateSpam Server E5.5 was
uniquely developed for system admins that are running Exchange
V5.5. Control spam according to the needs of your company and
users. You can run this 'E5.5' edition on the same server, or on
a separate gateway machine. If you plan to upgrade to Exchange
2000 or 2003, you only pay once for iHateSpam Server, there is
no additional cost when you upgrade from E5.5 to E2K or E2K3. Get
in on the ground floor, this product will be enhanced with a host
of valuable features. 30-day Eval Copy download here:
Visit iHateSpam Server E5.5 for more information.
  TECH BRIEFING

Analysis: MS Spam Filter In E2K3

By now all the tech magazines have reported on this in some form or another, usually short news blurbs. BillG used his Comdex Keynote to announce that Redmond is going to add a spam filter to Exchange 2003 in the first half of 2004. So, what does this actually mean, and what is it really? First in Chairman Bill's own words:

"Now, there are several approaches being used to make sure spam doesn't become something that holds back people in using e-mail. One of those is the ability to detect spam mail versus legitimate mail, and we have an approach to that we call SmartScreen technology. It came out of our Research group when they noticed that the frequency of words and the types of links and things on the spam was generally quite different than normal mail. So the SmartScreen is going to be in every mail thing we do. It's recently up in MSN and Hotmail. It's in Outlook. It's in a release of Exchange that we're making in the months ahead. So that's a very big step forward there."

No one has seen it yet, but MS will probably have a beta up a month from now, and it's likely to be available in a service pack for E2K3 first half of 2004. The SmartScreen filter itself is described as a machine-learning approach developed by MS-Research. Note that Redmond carefully steers away from the word "Bayesian". The approach is fully mechanical though, there is no human being involved in determining what is spam or not.

Microsoft officials, in an interview with eWEEK.com on Monday, said that the upcoming Exchange Intelligent Message Filter (IMF) add-on to Exchange Server 2003 that Bill Gates talked about during his Comdex keynote isn't designed to be the "end-all, be-all" solution for stopping spam within an enterprise's messaging network. "We feel most companies will run it as a complementary sort of solution," said T.A. McCann, an Exchange group product manager. That sounds very much like the approach of many system admins to run two or more anti-virus engines at the same time. A very important point I'd like to make is the issue of control and reporting of spam, which do not seem to be addressed. e-Week link here:
http://www.w2knews.com/rd/rd.cfm?id=031124TB-eWEEK

The Exchange IMF will also not run on the gateway, and MS said it will not make third party software irrelevant. Also, keep in mind that it is a MS Version 1.0 for a while. You know what that means. And remember there is a whole cottage industry now that lives off fooling spam filters. Guess which ones will be torn apart first, and I'll take a bet with you on the first date a site appears with the title: "100 ways to get around the MS spam filters."

Regarding current Exchange add-ons, most anti-spam products will adapt, and will live in peaceful coexistence with the built-in filter. Others will simply add more features that are not yet in Exchange 2003, and/or aren't planned in the near future.

Regarding Sunbelt's iHateSpam Server, we of course expected that MS would add some sort of filter when they announced their spam- filter API-hooks earlier this year. There are many precedents for this, defragmentation is a good example.

So I'm happy to announce the fact we are well on our way to come out with an upgrade to iHateSpam Server that will include anti-virus, content filtering, powerful disclaimers, archiving and more goodies you asked for... done the right way. It will integrate with and enhance Exchange 2003, and likely even improve the spam detection rates as well. Here is an interview with yours truly in ComputerWorld where we announce this new product that currently has the code name: "Messaging Ninja". (Second page)
http://www.w2knews.com/rd/rd.cfm?id=031124TB-Messaging_Ninja

Also, keep on reading if you want to have a look at an early version of their SmartScreen, and how it works.

Outlook 2003 Spam Filter: Under The Hood

If you want to read a technical article about the 2003 spam filter, which likely will be similar to the IMF in 2003, here is some very interesting nitty gritty, and how they think this filter will work in real environments. It was written by the guys from Mapilab, and they are real pro's in this field. They turned this product inside out, and the article unmasks it, warts and all.

The technology behind Outlook 2003's spam filter consists of a large dictionary that assigns weighting factors and scores to tens of thousands of words. Next, it does around ten checks, looking at other message characteristics, for example the time a message was sent. This filtering process determines whether Outlook 2003 considers the message to be spam.

MAPILab is critical of Microsoft's approach, saying it "can hardly be called 'state-of-the-art technology.'" Maybe, maybe not. The weighting factors of the dictionary are of course based on the probability that a message that contains some or more of these words will be spam. iHateSpam has similar rules. Developing such heuristics is not necessarily simple.

MAPILab is right in giving the thumbs down on the fact Microsoft's engine has no "training" feature. No individual user adaptation, except for white- and blacklist. I also do not see how updates to the Outlook engine will be done. Definitely a missing puzzle piece. Last remark: I'm fairly sure that some hacker is going to disassemble and unencrypt that dictionary, and then they would know how to outwit it. Click here for the MAPILab (warning, very technical) article:
http://www.w2knews.com/rd/rd.cfm?id=031124TB-MAPILab

Network World has an anti-spam section where they allow you to automatically compare a tremendous amount of products against each other. Great to make a short list!
http://www.w2knews.com/rd/rd.cfm?id=031124TB-Compare

  NT/2000 RELATED NEWS

MS and Computer Associates Offer Free AV-Software

MS and CA announced that they will jointly offer antivirus software free to (home) users for one year. They just announced it at Comdex. It's going to be a blow to two other major antivirus software makers: Symantec and Network Associates. Their stocks dropped a bit on this news. Looks like Panda's idea is being followed by the big guys! MS is not paying CA for this it seems.

The small print is interesting too. Clearly meant for the home only: "Exclusive offer for Microsoft customers. Free 12-month software subscription to CA's eTrust EZ Armor Antivirus and Firewall security suite valid for new users only. Limit 1 per household. Not to be combined with any other offer. Customers may renew subscription after first year at current renewal rate. Free software offer expires 6/30/04." It's a good way for CA to penetrate the home market which is dominated by Symantec and McAfee. This free offer also could be seen as a bit of "amends" for a company like CA that has a pretty bad reputation.

It could very well be the old: "give them a razor for free, and make money on the blades" (after a year in this case). And here is where to get it:
http://www.w2knews.com/rd/rd.cfm?id=031124RN-AV_Software

Windows Small Business Server 2003 wins COMDEX Best of Show

It was just announced that Windows Small Business Server 2003 (SBS) won the best of show award in the enterprise category at COMDEX. (See link below.). "It's well about time SBS enjoys its moment in the sun." comments SBS author Harry Brelsford. "It's finally hit its stride in terms of performance, stability and price and that combination likely made it attractive to the judges."

"Interestingly, this award designation should help most in the US where SBS has underperformed relative to its international markets." added Brelsford who is currently touring India to promote and train Microsoft partners on SBS. Brelsford concluded: "The humor isn't lost on me that SBS won the enterprise category. Perhaps COMDEX will segment its award categories next year to include an SMB category, eh?" (SMB is an abbreviation for Small & Medium Business).

Harry Brelsford's first book on SBS 2003, titled SMB Consulting Best Practices, is available now and is a "pocket MBA" on how to thrive as an SBS 2003 consultant. Brelsford is the founder of the SBS conference series titled SMB Nation (www.smbnation.com). Here are all the Best Of Show awards of the current COMDEX Show:
http://www.w2knews.com/rd/rd.cfm?id=031124RN-COMDEX

  THIRD PARTY NEWS

DOUBLE-TAKE 4.3 Service Pack 1 Released

NSI engineering has released a new service pack for Double-Take 4.3. Service Pack 1 was released as a means to incorporate new product features and close-out known issues with the product. To download the new service pack please refer to the following link.
http://www.w2knews.com/rd/rd.cfm?id=031124TP-Double-Take_SP1

Patch Me If You Can

The Federal Government is moving at a rapid clip adopting security, and patch management.

Federal agencies continue to spend money strategically to reinforce security for their networks, including solutions that offer simple, reliable and comprehensive approaches to patch management. System Admins are looking for the software to provide flexibility in policy management and implementation of the safe deployment of patches based on user-defined lists.

Recent examples include the U. S. Department of Justice, sections of the Army and the Federal Aviation Administration. They selected the UpdateEXPERT patch management solution to enforce security policies and manage hotfixes, patches and service packs for their Windows-based networks. The selling features in both cases included the product?s exclusive third-party metadatabase and optional client agent.

In the short term, government IT staffs will also look for other features in patch management solutions, such as config-management, platforms integration, disconnected network support and custom reporting options. Try UpdateEXPERT here:
http://www.w2knews.com/rd/rd.cfm?id=031124TP-UpdateEXPERT

Disk Storage: Capacity, Cost and Performance Tradeoffs

This article was contributed by Tom West, Architect of the Sunbelt hIOmon I/O Performance Monitor product.

What are YOUR Top 10 most used files?

Within the context of information lifecycle management, managing your disk storage and associated files to achieve a balance between your performance and budget requirements, along with your data's value, can be a difficult undertaking. Especially when you are faced with a bewildering array of storage options together with the difficulty of quickly and easily assessing the inherent tradeoffs between capacity, cost and performance.

For example, which particular user files (and how many) can you move to a larger disk storage device/subsystem before you reach the point of diminishing returns (where users start complaining about degraded application performance due to contention at the storage device/subsystem/path)? Similarly, which particular files can safely be migrated with negligible overall performance impact to "lower cost, but lower performing" storage solutions such as iSCSI and Serial ATA (SATA) disk storage? And which particular files are 'hot files' whose performance requirements dictate placement upon high-performance storage solutions such as Fibre- Channel SAN, SSD, and RAM disk?

Having actual performance metrics - especially on a specific, individual file basis - can make your job of dealing with such decisions and issues a lot easier and simpler. With its unique "focus on files", the Sunbelt hIOmon File I/O Performance Monitor enables you to both measure and monitor disk I/O operations at the individual file level so that you can easily, quickly and precisely identify (as one example) your specific "hot" files and their respective performance. Armed with an extensive set of file I/O performance metrics that only Sunbelt hIOmon provides, you can determine and then continually verify that those steps taken to maximize disk storage utilization (based upon capacity/ cost/performance tradeoffs) are actually of benefit. And you can substantiate these benefits with actual performance numbers specific to your key files and their associated applications.

New in the latest version of Sunbelt hIOmon is support for Windows Server 2003. Sunbelt hIOmon version 3.1 also features enhanced hIOmon Windows® Management Instrumentation (WMI) Support that now includes the new 'hIOmon WMI Browser'. The hIOmon WMI Browser is an HTML application that exploits the hIOmon WMI support and enables you to use Microsoft® Internet Explorer to easily control the overall operation of hIOmon and to quickly display - on a specific, individual file basis - the real-time summarized file I/O operation performance metrics uniquely collected by hIOmon. Finding your 'Top Ten Files' - with more than 30 sort options to choose from - has never been easier, quicker, or simpler.

Get your eval here:
http://www.w2knews.com/rd/rd.cfm?id=031124TP-Sunbelt_hIOmon

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • Even Microsoft wants and buys Apple G5's. Here's the proof:

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Even_Microsoft
  • To make a Deep Impact on Comet Tempel 1, enter your name. It will be included with other names on a disc attached to the impactor spacecraft, which will collide with Tempel 1.

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Deep_Impact
  • Have a good look at this error message. Security going too far?

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Error_Message
  • Compare Office 2003 to the previous versions. Humor.

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-2003_Humor
  • From 100 to 180 MPH in about 3 seconds on a Suzuki Turbo Hayabusa. Don't do this at home! Video (Streaming 22.1MB):

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Hayabusa
  • Epson has come out with a miniature flying robot. Neat.

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Epson_Robot
  • Want to know which computers are the fastest in the world? Here is the Top 500 Supercomputer Site:

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Top_500
  • Ever heard of the "[email protected]@rd Operator From H3ll?" This is a fairly complete archive of the BOFH. Riot.

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-BOFH
  • The first person who points me to the full movie of this spoof on the Matrix (shown at Comdex) gets a free LanHound. See Product Of The Week.

  • http://www.w2knews.com/rd/rd.cfm?id=031124FA-Matrix_Spoof
      PRODUCT OF THE WEEK

    Solve Network Performance Problems With LanHound

    Sniff Fast. Sniff Easy. Sniff Cheap. What separates LanHound from the pack is that it is a super affordable tool that helps you troubleshoot NT/2000/2003 LAN, WAN or Internet segments. LanHound supports switched networks and even includes three free remote agents in the price! Use LanHound to hunt down broadcast storms, analyze protocols, and monitor your network. Get the Hound. LAN's best friend.

    http://www.w2knews.com/rd/rd.cfm?id=031124PW-LanHound