RE: Badmail (Exchange 2000)

  • From: Greg Hermida <ghermida@xxxxxxxxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 14 Apr 2005 13:39:00 -0500

I'm going to start calling you two, Jared1 and Jared2.  Just kidding.  I
learn an awful lot from you two.  Thanks for the passion, it keeps this list
fresh and informative.
 
greg

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx]
Sent: Thursday, April 14, 2005 1:33 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)


http://www.MSExchange.org/

Oh yeah - and Andy quoted out of the documentation showing where it is "the
right way to do it".

   _____  

From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Thursday, April 14, 2005 2:28 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)


http://www.MSExchange.org/

John, I didn't say the ACL change was the ONLY way.
 
I use the script because I use the information in the badmail logs for
debugging. In fact, the first change I made to my Exchange 2003 sp1 servers
was to turn badmail back on. But I turn NDR's off, so my badmail is small to
start with.
 
The ACL change has several distinct advantages, first and foremost: the
files never get created in the first place. Which is more efficient on older
versions of Exchange.
 
   _____  

From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, April 14, 2005 1:17 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)


http://www.MSExchange.org/


I stand partially corrected.

 

That script does have an option to "disable" by changing the permissions. I
had not noticed that before.

 

However, please show in quoted text where that is the right way to do that.

 

I maintain 2 Exchange servers and consult on 3 others and not one of those
has any problem with the badmail folder by using a simple script, including
2 that use the script you have posted on your blog and on here before. (Have
not got around to changing the scripts on the other 3.)

 

In fact, rereading your blog, it appears you are saying the simple delete
script is the way to go.

 

John T

eServices For You

 

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Thursday, April 14, 2005 9:41 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)

 

http://www.MSExchange.org/

No, I am not wrong. You are. 

 

Like I said John, look at the script. Here is your quoted text, straight
from the script:


        '*************************************************
        ' Procedure DisableBadmail
        '
        '   Disables badmail from being written to disk by
        '   restricting the permissions on a given folder.
        '   (this is done by adding a DENY FULL CONTROL ACE
        '   for the local system account).
        '
        '*************************************************

 


   _____  


From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, April 14, 2005 12:33 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)

http://www.MSExchange.org/

Well dude, hate to say you are wrong, but you are wrong. The script
does/says nothing about changing permissions on that folder.

 

No where does any thing say to change the permissions of the badmail folder
to deny to the system account.

 

Please post quoted text stating that it is the right way to change the
permissions on that folder to deny for system!

 

John T

eServices For You

 

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Thursday, April 14, 2005 8:32 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)

 

http://www.MSExchange.org/

Really, dude?

 

Why don't you check out the Badmail Deletion and Archiving script, available
from Microsoft's download site.

 

Look at how it turns off Badmail creation for versions of Exchange 200x
prior to Exchange 2003 sp1.

 

It does EXACTLY what I said.

 

It's the RIGHT way to do it.

 


   _____  


From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, April 14, 2005 11:23 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)

http://www.MSExchange.org/

That would be the wrong way to go about it.

 

John T

eServices For You

 

-----Original Message-----
From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Thursday, April 14, 2005 7:48 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Badmail (Exchange 2000)

 

http://www.MSExchange.org/

Why not just put an explicit deny full control for localsystem on the
folder? :-)

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
ghermida@xxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx 

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is
for the sole use of the intended recipient(s)  
and may contain confidential information and privileged information.  Any
unauthorized retention, review, printing, copying, 
disclosure or distribution is prohibited.  If you are not one of the
intended recipients, please contact the sender by reply 
email or phone, destroy all copies of the original message and keep the
information contained here confidential.

Other related posts: