One half point. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isapros-bounce@xxxxxxxxxxxxx > [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thor > (Hammer of God) > Sent: Tuesday, August 15, 2006 9:15 PM > To: isapros@xxxxxxxxxxxxx > Subject: [isapros] Re: Exchange NSPI Proxy RPC Communications and ISA > > I don't think there is enough evidence to support "bork" and > "hork" being in > a homonymistic relationship. I think they're just > misunderstood friends. > > t > > > On 8/15/06 7:18 PM, "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > spoketh to > all: > > > There are acutally two separate and distinct etymoloiges here. > > > > The "borked" in reference to Robert Bork's nomination is > related to how you > > can get fsked by calumny and twisting of the facts > > > > The computer "borked" is connected to "borked" being a > homonym to horked. The > > homonymistic relationship to "horked" makes it a natural > term of contrast. > > > > Horkage is a more or less natural phenomenum related to all > electronic devices > > (computer related or not) while Borkage is a non-natural > phenomum related to > > willing acts of borkage by the likes of TSu and certain SBS MVPs ;)) > > > > HTH, > > Tom > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://blogs.isaserver.org/shinder/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > >> -----Original Message----- > >> From: isapros-bounce@xxxxxxxxxxxxx > >> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Amy Babinchak > >> Sent: Tuesday, August 15, 2006 8:53 PM > >> To: isapros@xxxxxxxxxxxxx > >> Subject: [isapros] Re: Exchange NSPI Proxy RPC > Communications and ISA > >> > >> I like how all of the borked references are either to > >> computers or a would be supreme court justice. Don't really > >> see how the two can be related. > >> > >> Amy > >> > >> > >> > >> > >> -----Original Message----- > >> From: isapros-bounce@xxxxxxxxxxxxx > >> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > >> Sent: Tuesday, August 15, 2006 9:53 PM > >> To: isapros@xxxxxxxxxxxxx > >> Subject: [isapros] Re: Exchange NSPI Proxy RPC > Communications and ISA > >> > >> Aha, OK, borking is quite different from horking: > >> > >> http://www.urbandictionary.com/define.php?term=borked > >> > >> Thomas W Shinder, M.D. > >> Site: www.isaserver.org > >> Blog: http://blogs.isaserver.org/shinder/ > >> Book: http://tinyurl.com/3xqb7 > >> MVP -- ISA Firewalls > >> > >> > >> > >>> -----Original Message----- > >>> From: isapros-bounce@xxxxxxxxxxxxx > >>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > >>> Sent: Tuesday, August 15, 2006 8:41 PM > >>> To: isapros@xxxxxxxxxxxxx > >>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >> Communications and ISA > >>> > >>> There is - this was a clear case of borking. > >>> That's a much more complex (and effective) form of f#$%$ing > >>> up your system. > >>> > >>> ------------------------------------------------------- > >>> Jim Harrison > >>> MCP(NT4, W2K), A+, Network+, PCG > >>> http://isaserver.org/Jim_Harrison/ > >>> http://isatools.org > >>> Read the help / books / articles! > >>> ------------------------------------------------------- > >>> > >>> > >>> -----Original Message----- > >>> From: isapros-bounce@xxxxxxxxxxxxx > >>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > W Shinder > >>> Sent: Tuesday, August 15, 2006 18:45 > >>> To: isapros@xxxxxxxxxxxxx > >>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >> Communications and ISA > >>> > >>> I figured there was an "anti-hork" feature in the ISA CSS > >>> replication engine ;) > >>> > >>> Thomas W Shinder, M.D. > >>> Site: www.isaserver.org > >>> Blog: http://blogs.isaserver.org/shinder/ > >>> Book: http://tinyurl.com/3xqb7 > >>> MVP -- ISA Firewalls > >>> > >>> > >>> > >>>> -----Original Message----- > >>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > >>>> Sent: Tuesday, August 15, 2006 8:34 PM > >>>> To: isapros@xxxxxxxxxxxxx > >>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>> Communications and ISA > >>>> > >>>> Replication is a wonderful thing... > >>>> > >>>> > >>>> ------------------------------------------------------- > >>>> Jim Harrison > >>>> MCP(NT4, W2K), A+, Network+, PCG > >>>> http://isaserver.org/Jim_Harrison/ > >>>> http://isatools.org > >>>> Read the help / books / articles! > >>>> ------------------------------------------------------- > >>>> > >>>> > >>>> -----Original Message----- > >>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > >> W Shinder > >>>> Sent: Tuesday, August 15, 2006 18:10 > >>>> To: isapros@xxxxxxxxxxxxx > >>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>> Communications and ISA > >>>> > >>>> Hey, wait a minute. There should be multiple CSSs, so did > >>> the storage > >>>> get horked on all of them? > >>>> > >>>> Thomas W Shinder, M.D. > >>>> Site: www.isaserver.org > >>>> Blog: http://blogs.isaserver.org/shinder/ > >>>> Book: http://tinyurl.com/3xqb7 > >>>> MVP -- ISA Firewalls > >>>> > >>>> > >>>> > >>>>> -----Original Message----- > >>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > >>>>> Sent: Tuesday, August 15, 2006 7:25 PM > >>>>> To: isapros@xxxxxxxxxxxxx > >>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>> Communications and ISA > >>>>> > >>>>> Yep - somehow he managed to completely bork his storage. > >>>>> We're almost to the point of a complete rebuild <sigh>. > >>>>> I'm actually doing a registry compare to see if I can sort > >>>> out what he > >>>>> broke. > >>>>> > >>>>> ------------------------------------------------------- > >>>>> Jim Harrison > >>>>> MCP(NT4, W2K), A+, Network+, PCG > >>>>> http://isaserver.org/Jim_Harrison/ > >>>>> http://isatools.org > >>>>> Read the help / books / articles! > >>>>> ------------------------------------------------------- > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas > >>> W Shinder > >>>>> Sent: Tuesday, August 15, 2006 17:20 > >>>>> To: isapros@xxxxxxxxxxxxx > >>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>> Communications and ISA > >>>>> > >>>>> Is it a real problem, and dealing with jughead the > >>> enterprise admin? > >>>>> > >>>>> Thomas W Shinder, M.D. > >>>>> Site: www.isaserver.org > >>>>> Blog: http://blogs.isaserver.org/shinder/ > >>>>> Book: http://tinyurl.com/3xqb7 > >>>>> MVP -- ISA Firewalls > >>>>> > >>>>> > >>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: Tuesday, August 15, 2006 6:58 PM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Not yet - been critsitting between postings. > >>>>>> ..or the other way 'round... > >>>>>> > >>>>>> ------------------------------------------------------- > >>>>>> Jim Harrison > >>>>>> MCP(NT4, W2K), A+, Network+, PCG > >>>>>> http://isaserver.org/Jim_Harrison/ > >>>>>> http://isatools.org > >>>>>> Read the help / books / articles! > >>>>>> ------------------------------------------------------- > >>>>>> > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Tuesday, August 15, 2006 14:44 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Jim, > >>>>>> > >>>>>> Any luck with this? > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 14 August 2006 00:52 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Absotively. > >>>>>> Send it on. > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Sunday, August 13, 2006 3:08 PM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Yeah I know, have the same issues when looking at closed > >>>> betas with > >>>>>> cool features which could really help out some of my > >>>>> customers. Shame > >>>>>> the NDA doesn't extend to MS partners though... > >>>>>> > >>>>>> PSS dude said that all KB articles related to a RPC > >>>> problems where > >>>>>> based upon using a large number of clients. He also said > >>>>> that as this > >>>>>> issue was happening before the DR problems I couldn't > >>> include it > >>>>>> within the DR call and I would have to log another > >>>> call...great! :-( > >>>>>> > >>>>>> If I give you the SRQ number, is there any chance you could > >>>>> point him > >>>>>> in the right direction? Pretty please :-) > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 13 August 2006 22:47 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> I wish I could say more, but I'm bound by NDA... > >>>>>> The KB is on its way out the door and your PSS dewd need > >>>>> only do a bit > >>>>>> of research. > >>>>>> > >>>>>> ------------------------------------------------------- > >>>>>> Jim Harrison > >>>>>> MCP(NT4, W2K), A+, Network+, PCG > >>>>>> http://isaserver.org/Jim_Harrison/ > >>>>>> http://isatools.org > >>>>>> Read the help / books / articles! > >>>>>> ------------------------------------------------------- > >>>>>> > >>>>>> > >>>>>> -----Original Message----- > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Sunday, August 13, 2006 14:41 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Whilst PSS logging a call to get some feedback on the DR > >>>>> issues I've > >>>>>> had with ISA, I mentioned this "new KB artilce" > >>>>>> and the chap i was dealing with was pretty clueless about > >>>>> it (amongst > >>>>>> other things!). > >>>>>> > >>>>>> You are really starting to become a tease with this > >>>> artitcle, as it > >>>>>> may solve two problems now! :-P > >>>>>> > >>>>>> ________________________________ > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 13 August 2006 19:15 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> > >>>>>> > >>>>>> Not insinuating anything of the sort... > >>>>>> > >>>>>> Keep your eyes open for that KB that deals in Outlook MAPI > >>>>>> connections; I bet it'll help you out here, too. > >>>>>> > >>>>>> > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Sunday, August 13, 2006 2:22 AM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> > >>>>>> > >>>>>> All relationships are route = I know intradomain is only > >>>> supported > >>>>>> this way - I'm not a complete newb at this ;-) > >>>>>> > >>>>>> > >>>>>> > >>>>>> Complicated setup I know, but pretty much 99% working apart > >>>>> from this > >>>>>> issue and teh RPC filter failings (other post) > >>>>>> > >>>>>> > >>>>>> > >>>>>> Tried with and without strict RPC - no dice, same issues... > >>>>>> > >>>>>> > >>>>>> > >>>>>> Internet FW is hardware appliance (dumb packet filter) > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> ________________________________ > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 13 August 2006 01:43 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Ah, yes. > >>>>>> > >>>>>> While this is a desirable design, it's also a very > >>> difficult one. > >>>>>> > >>>>>> What are the network relationships between the networks? > >>>>>> > >>>>>> For instance: > >>>>>> > >>>>>> ExchFE ßà Exch BE == Route > >>>>>> > >>>>>> ...? > >>>>>> > >>>>>> Have you disabled Strict RPC on the relevant rules? > >>>>>> > >>>>>> > >>>>>> > >>>>>> NAT ain't happenin' FWIW... > >>>>>> > >>>>>> What's the "Internet FW"? > >>>>>> > >>>>>> > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Saturday, August 12, 2006 3:18 PM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> ________________________________ > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 12 August 2006 22:41 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> Maybe a napkin drawing, then? > >>>>>> > >>>>>> I don't understand how your BE needs specific rules > >> unless its > >>>>>> separated from the DC by ISA? > >>>>>> > >>>>>> > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Saturday, August 12, 2006 2:19 PM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> > >>>>>> > >>>>>> No, not confused, and realise the difference between > >>> RPC/HTTP and > >>>>>> MAPI. I guess I am obviously not explaining myself very > >>>> well with a > >>>>>> complex environment and the problem very specific. > >>>>>> > >>>>>> > >>>>>> > >>>>>>>> AS such, any NSPI connections are strictly the problem of > >>>>>> the BE server. > >>>>>> > >>>>>> > >>>>>> > >>>>>> Not in this scenario, as the BE is in an ISA > >> protected network > >>>>>> seperated from the DCs and FEs. The rule that allows > >>> access from > >>>>>> BE=>DCs is using RPC (All interfaces) and yet ISA is > >>>>> blocking traffic > >>>>>> from the NSPI proxy when using RPC/HTTP. > >>>>>> All other RPC traffic from BE=>DCs is working as expected > >>>>> and ISA is > >>>>>> detecting the RPC dynamic ports correctly. > >>>>>> > >>>>>> > >>>>>> > >>>>>> If I allow All outbound protocols from BE=>DCs the NSPI > >>>> proxy works > >>>>>> and I see ports 1025. 1026 etc being used. It seems as > >>> if ISA is > >>>>>> missing the intitial RPC negations between the NSPI proxy > >>>>> and DCs and > >>>>>> hence blocks all dynamic ports after 135 is contacted. > >>>>>> > >>>>>> > >>>>>> > >>>>>> Maybe I need to provide some diagrams and/or better > >>>> desacirptions... > >>>>>> > >>>>>> > >>>>>> > >>>>>> JJ > >>>>>> > >>>>>> > >>>>>> > >>>>>> ________________________________ > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of > >> Jim Harrison > >>>>>> Sent: 12 August 2006 16:55 > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Re: Exchange NSPI Proxy RPC > >>>>> Communications and ISA > >>>>>> > >>>>>> I think you're confused; RPC/HTTP doesn't use MAPI; it's > >>>>> "just" HTTP > >>>>>> traffic. > >>>>>> > >>>>>> AS such, any NSPI connections are strictly the problem > >>> of the BE > >>>>>> server. > >>>>>> > >>>>>> > >>>>>> > >>>>>> The only way ISA handles RPC traffic is via Exchange RPC or > >>>>> RPC (All > >>>>>> interfaces) rules. > >>>>>> > >>>>>> > >>>>>> > >>>>>> From: isapros-bounce@xxxxxxxxxxxxx > >>>>>> [mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Jones > >>>>>> Sent: Friday, August 11, 2006 5:13 PM > >>>>>> To: isapros@xxxxxxxxxxxxx > >>>>>> Subject: [isapros] Exchange NSPI Proxy RPC > >>> Communications and ISA > >>>>>> > >>>>>> > >>>>>> > >>>>>> Hi, > >>>>>> > >>>>>> Bit of a shot in the dark, as this is a strange issue, > >>> but hoping > >>>>>> someone can confirm what I am seeing. > >>>>>> > >>>>>> Basically, I have a pretty secure Exchange environment > >>>> whereby both > >>>>>> Exchange FE's and BE's are on ISA protected perimeter > >>>> networks with > >>>>>> the external network connected to the 'traditional LAN' > >>>>> e.g., ISA is > >>>>>> acting as a multinetwork internal firewall to > >>>> specifically protect > >>>>>> Exchange from the internal network (all routed > >>>>> relationships). In this > >>>>>> scenario, ISA is controlling all communications to and from > >>>>> Exchange > >>>>>> and all email client access is published using web > >>> publishing or > >>>>>> secure RPC publishing. > >>>>>> > >>>>>> Up until now everything has been working pretty well (apart > >>>>> from the > >>>>>> other RPC filter issues in my other posts!) but we have > >>>>> come across a > >>>>>> specific issue when using RPC/HTTP as follows: > >>>>>> > >>>>>> The problem seems to lie with the fact that the > >>> back-end Exchange > >>>>>> server is talking to the GCs and ISA is seeing these > >>>> connections as > >>>>>> newly initiated connections (e.g. non RPC) as opposed to > >>>> detecting > >>>>>> them as dynamic ports which have been defined as part > >>> of the RPC > >>>>>> handshake process. Therefore, ISA is dropping these > >>>> connections and > >>>>>> prevents the back-end server from communicating with the GCs, > >>>>>> specifically for RPC/HTTP (e.g. when using the NSPI proxy). > >>>>> All other > >>>>>> communications which relate to RPC and ISA's ability to > >>>>> detect dynamic > >>>>>> RPC ports is being done successfully (e.g. > >>>>>> MAPI communications from Outlook to Exchange). It looks > >>>> to me as if > >>>>>> the back-end Exchange server is initiating it own > >>>> connections which > >>>>>> ISA sees as communications independent of RPC. The issue > >>>>> only appears > >>>>>> to arise when the back-end servers proxy the client AD > >>>>> communication > >>>>>> (e.g. when using the NSPI proxy), as is the case with > >> RPC/HTTP, > >>>>>> because Outlook clients have no access to the GCs from > >>>> the Internet. > >>>>>> For standard MAPI clients, they are simply given a > >>>> referral to the > >>>>>> actual GCs which they communicate with directly, > >> independent of > >>>>>> Exchange (e.g. not using NSPI proxy). > >>>>>> > >>>>>> Does this sounds familiar? Is Exchange doing something > >>>>> weird here or > >>>>>> is ISA missing the RPC dynamic port negotiations? > >>>>>> > >>>>>> Looking at the ISA logs, I see ports 1025, 1027, 1030 etc. > >>>>>> being used by the NSPI proxy which I am pretty sure are > >>>> going to be > >>>>>> the kind of ports dynamic RPC would use. If I add the > >>>>> ephemeral ports > >>>>>> (1024-65535) to the existing BE=>GC rule everything work > >>>>> just fine. If > >>>>>> I limit ports to standard intradomain protocols including > >>>> RPC then > >>>>>> everything works apart from RPC/HTTP and I start seeing > >>>> ports 1025, > >>>>>> 1027 etc. > >>>>>> being denied by ISA as unidentified traffic. > >>>>>> > >>>>>> Answers on a postcard! ;-) > >>>>>> > >>>>>> Cheers > >>>>>> > >>>>>> JJ > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> All mail to and from this domain is GFI-scanned. > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>>> > >>>>> All mail to and from this domain is GFI-scanned. > >>>>> > >>>>> > >>>>> > >>>>> > >>>> > >>>> > >>>> All mail to and from this domain is GFI-scanned. > >>>> > >>>> > >>>> > >>>> > >>> > >>> > >>> All mail to and from this domain is GFI-scanned. > >>> > >>> > >>> > >>> > >> > >> > >> > >> > > > > > > > > > > >