Download Files:

Weblogs and Consumer Teamspaces Are PR, Advertising Targets

There’s a new spam control feature planned for Outlook 2007 that hasn’t received much attention: the math puzzle. When Outlook 2007 tries to submit email to Exchange, Exchange will challenge Outlook with a puzzle, waiting for a correct answer before sending the message. The puzzle is designed to require a significant amount of time to solve — of the order of half a second.

The functionality will require Exchange 2007, or 2003 with a future service pack, according to Microsoft people we spoke to. (Apparently the functionality is already present in Exchange 2003, but disabled.)

The idea is twofold:

1. It will severely throttle the speed of spam-sending malware that tries to use Outlook to send its spam, thus thwarting its ability to flood the Internet with advertisements for fake watches, pirated software, and herbal enlargement products.
2. Messages that send using this puzzle can be passed through receiving spam filters, preventing them from becoming false positives.

The first point is interesting, but unlikely on its own to make a significant dent in the spam problem. The "botnet" or "zombie army" problem is most prevalent on consumer PCs, sending direct-to-MX via SMTP, not in corporate networks sending via Exchange RPCs.

The second point is intriguing, but it’s unclear how this can be made foolproof. The risk is that spammers will find a way to subvert the system, causing their spam to be delivered to users’ inboxes. For example, a spammer can solve a great many math puzzles using botnets.

This is essentially a hybrid hashcash, such as implemented by the Camram spam control project. Microsoft disclosed that it has a patent on the technology (despite its similarity to hashcash methods), and says it’s considering ways to make it more widespread.

… Richi Jennings

Police states fear gatherings of large numbers of people, because they can unpredictably turn into a mob demanding the overthrow of an unpopular government. Internet-based collaboration will quickly make it very difficult to stop large, spontaneous gatherings.

Eritrea illustrates. The government is very unpopular with its people. The government refuses to hold elections, because it knows it will be voted out, and because it fears that once it’s out, the established government will likewise refuse to relinquish power at the hustings. This is a common situation throughout the world, especially in Africa.

In Eritrea, people are very religious, and the majority are Christian. Religious groups are the main nongovernmental organizations that can pull together a big crowd. So churches are closely monitored and controlled. Only three Christian groups are allowed: Eritrean Orthodox, Roman Catholic, and the Lutheran Church. These groups must follow the government’s rules and avoid meddling in politics. All other churches are illegal. Errant pastors who start gathering large crowds are quickly put in (appalling) prisons, or are thrown out of the country.

The Internet will grow in police states; competitive international pressures make governments unable to stop it. And as its use grows, collaborative technologies such as email, instant messaging, and teamspaces will let groups of people quickly organize meetings at very short notice. The London WTO riot in 1999 and flash mobs are examples. SMS text messaging also plays a big part.

Such gatherings will make life extremely difficult for dictatorships. What will they do when half of the population spontaneously gets together to demand the downfall of the government? There will be too many people involved, and doing nasty things to a few leaders won’t stop the gatherings from occurring. Collaborative technology is bad news for police states.

… David Ferris

Exchange 2007 Enterprise Server Edition introduces new replication technology called Clustered Continuous Replication (CCR). This combines automatic management of redundancy and application-level data replication for Exchange.

CCR is important because it eliminates the requirement for a shared storage subsystem for your Exchange cluster. Using CCR you can build a geographically distributed cluster, provided you have enough bandwidth between the nodes.

CCR operates using an Exchange cluster with a minimum of three nodes. Two nodes in an active/passive configuration contain the matching mailbox servers. The third node — the votersplit brain syndrome. — is used to avoid an occurrence of network partition within the cluster, also known as

When enabled, the CCR volume is seeded automatically with an ESE Full backup and is updated continuously with new transaction log files. Once copied to the CCR volume, the log files are applied immediately to the replicated database. To help make this practical, transaction log files are now 1MB in size vs. 5MB for Exchange 2003.

CCR will be important for organizations that desire more disaster recovery flexibility for Exchange.

… Bob Spurzem

Download Files:

Interesting Sales Approach for Content Security

Download Files:

The Components of a Consumer Teamspace

Increasingly, organizations monitor the flow of internal email communications among functional groups, divisions, and international sites to detect noncompliant content and proprietary information breaches.

A side benefit of monitoring is finding out what the employees know about a particular subject, product, or technology. This knowledge can then be rolled into a skills database, creating a much more current and granular view of the human resources within the organization. The information gleaned can also feed contact and calendar information to help in locating the closest person with the needed skills.

One of the first content control vendors to recognize this benefit is Vericept. Vericept’s 360 Risk Management Platform combines three applications – Content 360, Email Control, and Stored Data Discovery – to monitor, detect, and analyze internal and external communications.

… Nancy Cox

Download Files:

Social Aspects of Security Move Center Stage

It’s tough to implement email archiving. The main challenges are:

• Getting the product or service to work properly
• Working out what policies to implement, given the applicable laws and regulations
• Implementing and enforcing those policies

The trading floors of financial services organizations represent the only type of organization to have done all of the above. Most everyone else is still stuck on the first stage, getting the product or service to work properly.

Health-care businesses are perhaps the most glaring examples of limited compliance. Most health-care businesses are small or medium-size organizations, and only have limited implementation resources and skills.

… David Ferris and Scott Bolser

Download Files:

Recommended: Computerworld’s Mobile & Wireless World Conference

Email has been used in business since about 1980. It has had a major effect on organizational complexity. In a short time, email has:

• Flattened organizations. Multilevel hierarchies had been well-entrenched for decades.
• Greatly compressed business cycle times. Things get done much more quickly.
• Greatly improved the quality of decision-making, since it’s easy to exchange information.

Other factors have no doubt also contributed to these changes. But email has been the prime mover.

… David Ferris and Nick Shelness