GoDaddy $1.99 Domains HiddenNetwork.com Banner
The ramblings and ravings of a part of everyone's imagination
  • Login to PSW
Icons stolen from FAMFAMFAM
My OpenNTF Projects
ASND Export Facility
ASND Mass Mailer
ASND Recruiting

Other Affiliated Sites
Idea Jam

follow Phigment at http://twitter.com
my del.icio.us
  • RSS Content Subscribe with Bloglines
  • [Valid RSS] Blogs that link here, Powered by Technorati
  • [Valid CSS] coComment Intgrated
  • Lotus Geek

View Sean Burgess's profile on LinkedIn

Add to Technorati Favorites!
addtomyyahoo.gif
Add to Google

This blog is hosted by

Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(0)
Another good email retention article

The latest edition of DominoPower Magazine has an informative interview with Marie Patterson concerning her company's email archiving and retention solution.

At the C-level, the real issue is again the lack of policies, as we're seeing in much-publicized cases like Morgan Stanley. Executives are concerned about anything that will affect shareholder value. As it relates to email, the issues are all risk related, so growing and unbudgeted e-discovery costs definitely affect the bottom line. Litigation that has to go to settlement because organizations are incapable of finding specific records affect the bottom line. High-profile litigation that ends up on the front page of the Wall Street Journal makes the organization look either incompetent or fraudulent. That affects the corporate image which, again, affects shareholder value.

I will bang the drum on this as long as it takes for people to wake up to reality.  If you do not have an email archiving and retention policy and solution already in place, you had better get your butt in gear before you and your CIO loses your job when the fines start rolling in for failure to produce emails that were subpoenaed.  The one line in the interview that really scared me was that Morgan Stanley was found to have actively conspired to defraud its former client.  Not exactly the kind of PR that any company wants.

This document was posted by Sean Burgess on Sunday, April 23rd, 2006 at 11:45:00 PM. It was written at Home (Laurel, MD). This document has been assigned to the following categories:  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(0)
When not archiving email really becomes a pain

If there is anyone out there who isn't looking at email archiving, this should definitely get their attention

Morgan Stanley has agreed to pay a record $15 million fine to settle a Securities and Exchange Commission (SEC) probe into its failure to preserve e-mails, according to a 10-K filing with the SEC this week. Reports indicate this is the highest fine ever imposed by the SEC for such behavior

At my previous employer, we were evaluating archiving solutions for this very reason.  They were/are invloved with a large number of law suits due to the industry they work in and really didn't have a viable solution for retrieving past emails.  I am not sure where they stand as of today, but hopefully, for their sake, they have made a decision and are implementing it shortly.

It is issues like this that are the Achilles heel of the hosted email solutions that SMBs are looking into.  Hotmail/GMail/Yahoo Mail do not have the capacity to handle archiving and email life cycle management that is required to be in compliance with the laws that are being enacted.  If you can find the emails, I can only imagine the cost to get them exported to an electronic format for Discovery purposes.  If you can't find it, what are the alternatives?  Hope that it exists on some backup at the host site?  Good Luck!!!  Try arguing that in front of a judge and see how soon your bottom line drops into the red.  And how about getting your users to kill email after it has reached the end of its lifecycle.  Is it worse to not be able to deliver an email that is requested or to deliver one that might be damaging that should have been deleted a year ago?  I am sure that Chris will have something to say on this.

This document was posted by Sean Burgess on Monday, February 27th, 2006 at 10:50:00 AM. It was written at Work (Washington, DC). This document has been assigned to the following categories:  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(2)
Exchange 12 has some Open Source competitors
I found some interesting comments in an eWeek article on Exchange 12.
Simon Phipps, Sun Microsystems Inc.'s chief officer of open source, said Sun's Internet Mail Server is more advanced than Exchange and is the mail server of choice for many large enterprises. "Numerically, we service more e-mail accounts than they do," he said.
I have been in a fair number of large organizations and I have never seen one installation of Sun's mail solution. Maybe it's being run by ISPs and I just don't know it.
Tim Bray, a Sun Web technologist and the co-inventor of XML, told eWEEK that while some of Microsoft's software was excellent, "I cannot say that Exchange falls into that category," whether from a technical engineering or feature-set perspective.
Harsh but true and it didn't come from a Lotus person!! I have been using Outlook in my new gig for about 45 days and I have to say I really don't understand what the attraction is. It might just be my lowly machine, but Outlook seems to be a real resource hog, just as much or even more so than Notes. And watching my co-workers try to find emails is so extremely painful. I catch myself telling them to just search for it when I know damn well there is no full text search in Outlook. And the little interaction I have had with the C&S is enough to want to make me go back to a daytimer. The one bright spot in this experience has been Outlook Web Access. It works very nicely and even allows me to do some things that I couldn't do in Outlook 2003, like change my password.
"We haven't seen it bubble up as a priority for most organizations to date. I believe that the time for unified messaging will come when VOIP [voice over IP] is more broadly deployed behind the firewall," she said.
We looked at this in my last company and didn't find the organization really asking for the features it gave yo, not to mention the fact that the product we were using wasn't exactly bulletproof.
But Scalix's Farris disagreed with that, saying that the underlying architecture of Exchange suffers from more than its fair share of reliability and security problems, the fundamental causes of which have not been addressed in Exchange 12.
Here's the new boss, same as the old boss. At least I find that Lotus fixes some of the short comings in Domino every time they come out with a new version.

via Ed Brill

This document was posted by Sean Burgess on Saturday, December 17th, 2005 at 11:30:00 PM. It was written at Home (Laurel, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(0)
Dare to say no to SCOS
A number of the sickos, like Ed, Bill, and Paul, have joined in the discussion on Peter de Haas' entry concerning shared mail. I left the brunt of my point in the comments and just wanted to say a few things here. I just can't understand why any company, aside from an SMB trying to cut corners on IT or one with completely inexperienced IT management, would choose to run shared mail or single copy object store (SCOS). Although there may be some up-front cost savings as far as disk space and backup tapes are concerned, that money is easily lost the first time you have an entire office sitting around the hallway, chatting and joking about the stiffs in IT, while they wait for their mail server to be restored. Forgetting clustering, replication, and security, the fact that Domino CAN use separate files for each user's mail files is by far it's greatest advantage as far as mail is concerned.

I know that indexing is the biggest drain on any Domino server's performance and reducing a mail file's size by stubbing off attachments won't make those indexes any smaller or faster. In fact, I can't believe that there isn't some performance hit that users feel with they are in a SCOS scenario. Maybe MS' insistence on using SCOS is one of the reasons that they have not implemented their own Full-Text Search Engine for Exchange. I can't remember if cc:Mail had full text indexing, but I am pretty sure it didn't. I am sure that if Richard reads this he will set me straight. In any event, to put it bluntly, it's not the size of the file that matters, it's the number of emails that are in it.

This document was posted by Sean Burgess on Tuesday, December 6th, 2005 at 11:15:00 PM. It was written at Home (Laurel, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(0)
Clean Up that Inbox or you’ll get no dessert
IBM has released a study entitled Best practices for large Lotus Notes mail files. The article, written by 2 software engineers, looks at different mailbox scenarios and how they impact the performance of the server.
In our next test, we started up 2000 users over a period of 80 minutes, followed by a steady-state period of 90 minutes. In one test, documents were left in the Inbox, while in the second test, we limited the number of documents in the Inbox to 25 percent of the total document count in the mail file. We then compared the CPU usage of both groups over time (see figure 2).

We found that when Inboxes were limited to only 25 percent of total document count, peak CPU usage was 50 percent lower, and steady-state CPU was 12 percent lower, compared to allowing all new documents to remain in the Inbox.
This article should provide plenty of fodder for getting users to clean up their inboxes at the very least.

via Ed Brill

This document was posted by Sean Burgess on Thursday, October 27th, 2005 at 08:00:00 AM. It was written at Home (Laurel, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(4)
Putting Reminders on user’s calendars
One of the most used databases at my company is our Company Communications Database. I built this database within the first 3 or 4 month of being hired and it has been a daily staple of the people in IT and HR. The core function of the database is to send out the mass mailings letting employees know about corporate events, system outages, and significant promotions. Emails are able to be sent out to users based on information in their person document, like department, region, and location. The great thing about this is that we don't have to worry about managing groups or worrying about people sending emails to everyone in the company about kittens they have for adoption. The information in the person document is updated on a weekly basis from our HR system.

A request that recently came to me was to put a reminder for an upcoming IT outage on the calendar for a specific list of users. To me, this seemed like a natural extension of the Company Communications Database. The form I used for setting up the reminder was just a modified mass email form that was already built. All the user has to do is select who gets the reminder, select when the reminder should go off, and enter the subject and body of the reminder. Below is the subroutine that actually puts the reminders on the user's calendar:

Sub SendReminder(person As NotesDocument, doc As NotesDocument)
  Dim mailfile As NotesDatabase
  Dim collection As NotesDocumentCollection
  Dim reminder As NotesDocument
  Dim item As NotesItem
  Dim body As NotesRichTextItem
  Dim oldbody As NotesRichTextItem
  Dim datetime As NotesDateTime
  
  Set mailfile = New NotesDatabase(person.MailServer(0),person.MailFile(0))
  If Not(mailfile.IsOpen) Then Exit Sub
  
  Set datetime = New NotesDateTime(doc.GetItemValue("calendardatetime")(0))
  Set collection = mailfile.Search(|Form = "Appointment" & ApptUNID = "| & doc.UniversalID & |"|,Nothing,0)
  
  If collection.Count = 0 Then
    Set reminder = mailfile.CreateDocument()
    reminder.Form = "Appointment"
    Set item = reminder.ReplaceItemValue("$Alarm",1)
    Set item = reminder.ReplaceItemValue("$AlarmOffset",0)
  '  Set item = reminder.ReplaceItemValue("$NoPurge",doc.GetItemValue("calendardatetime"))
    Set item = reminder.ReplaceItemValue("$PublicAccess","1")
    Set item = reminder.ReplaceItemValue("$CSVersion","2")
    Set item = reminder.ReplaceItemValue("_ViewIcon",10)
    Set item = reminder.ReplaceItemValue("Alarms","1")
    Set item = reminder.ReplaceItemValue("AppointmentType","4")
    Set item = reminder.ReplaceItemValue("ApptUNID",doc.UniversalID)
    Set item = reminder.ReplaceItemValue("Categories","Company Reminders")
    Set item = reminder.ReplaceItemValue("Chair","CN=Generic ID/O=Company")
    Set item = reminder.ReplaceItemValue("ExcludeFromView","D")
    Call item.AppendToTextList("S")
    Set item = reminder.ReplaceItemValue("OrgTable","C0")
    Set item = reminder.ReplaceItemValue("Principal","CN=Clark Construction/O=Clark")
    Set item = reminder.ReplaceItemValue("SequenceNum",1)
    Set item = reminder.ReplaceItemValue("UpdateSeq",1)
    Set item = reminder.ReplaceItemValue("WebDateTimeInit","1")
  Else
    Set reminder = collection.GetFirstDocument
    Set item = reminder.ReplaceItemValue("SequenceNum",reminder.SequenceNum(0) + 1)
    Set item = reminder.ReplaceItemValue("UpdateSeq",reminder.UpdateSeq(0) + 1)
    Call reminder.RemoveItem("Body")
  End If
  Set item = reminder.ReplaceItemValue("CalendarDateTime",doc.GetItemValue("calendardatetime")(0))
  Set item = reminder.ReplaceItemValue("EndDate",Datevalue(datetime.DateOnly))
  Set item = reminder.ReplaceItemValue("EndDateTime",doc.GetItemValue("calendardatetime")(0))
  Set item = reminder.ReplaceItemValue("EndTime",Timevalue(datetime.TimeOnly))
  Set item = reminder.ReplaceItemValue("StartDate",Datevalue(datetime.DateOnly))
  Set item = reminder.ReplaceItemValue("StartDateTime",doc.GetItemValue("calendardatetime")(0))
  Set item = reminder.ReplaceItemValue("StartTime",Timevalue(datetime.TimeOnly))
  Set item = reminder.ReplaceItemValue("Subject",doc.subject(0))
  Set oldbody = doc.GetFirstItem("Body")
  Set body = reminder.CreateRichTextItem("Body")
  Call body.AppendRTItem(oldbody)
  
  Call reminder.ComputeWithForm(True,False)
  Call reminder.Save(True,False,True)
End Sub

A couple of things that you should notice about the subroutine. First, a couple of NotesDocument objects are passed in, one pointing to the user's person document in the address book and the other pointing to the reminder document. Second, the agent is built to be able to update reminders that have already been created. The ApptUNID field will contain the UniversalID of the reminder document so that if the reminder document gets updated, the reminder on the user's calendar will also be updated, not duplicated. Finally, I only set the static calendar fields when the document is created. I think that I got all the required fields, but I might have missed one. Please drop me a line if you think I did.

This document was posted by Sean Burgess on Tuesday, September 20th, 2005 at 12:00:00 PM. It was written at Work (Bethesda, MD). This document has been assigned to the following categories:  Development  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(1)
Load balancing SMTP connections
We are constantly trying to build as much redundancy into our mail systems as possible. Currently, we have our mail servers in a Domino Cluster for failover purposes. We have 2 MX records for all of our internet domains that point to our 2 Proofpoint SMTP Appliances for load balancing and failover. However, prior to the upgrade last week, each incoming mail domain could only be forwarded on to one server on the appliances. The new version of the Proofpoint Protection Server allows you to enter multiple servers for each incoming domain and allows you to choose whether to send to the servers in order or to have the appliances load balance the connections. Now, we can lose either Proofpoint appliance and either mail server and mail will continue to flow and the users will never know.
This document was posted by Sean Burgess on Tuesday, September 13th, 2005 at 08:15:00 AM. It was written at Work (Bethesda, MD). This document has been assigned to the following categories:  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(2)
To encrypt or not to encrypt, that is the question
As I previously posted in earlier entries on encryption and archiving, handling encrypted emails has become a hot issue for me as of late. The more I talk with Chris and hear from vendors, the more I am convinced that this is an issue that is not currently being taken seriously. I think that this ignorance of the problem comes from a true lack of understanding about some of the more "esoteric" features of Notes. Aside from all the true collaborative features of Notes that Outlook/Exchange lacks, two features that are differentiators for me are Security/Encryption and Searching. Both of these integral features have been a part of Notes since I started with the product in the V3 days. The built-in search engine is so intrinsic to everything I do in Notes that I can't imagine how Outlook users get along without it. I guess that's why Google Desktop Search is such a big deal for them.

As a developer, I think about Notes/Domino security every day, but rarely worry about it. I know it's there and I know how to implement it, but encryption is a different story. I have only developed a handful of applications that have every used private key encrypted fields and always have to refer back to the documentation when doing it. There are very few types of applications that truly need this level of security and, therefore, it is not something that I am that familiar with. From the administrative standpoint, I am very familiar with forcing encryption on local database replicas via profile settings. The part of encryption that has come to the fore front recently is the ability to encrypt emails on send and how we would get around that encryption as a part of litigation discovery.

So, my question to every one out there is do you allow users to send encrypted emails and how do you plan on retrieving those emails without the user's consent or if the user leaves?

This document was posted by Sean Burgess on Wednesday, September 7th, 2005 at 04:00:00 PM. It was written at Work (Bethesda, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(4)
Archiving Vendors
Tony asked in a comment to an early entry which vendors we are evaluating for Email Archiving. Here is the list, in no particular order:

If there is a viable solution out there that we are not looking at, please let me know.

Update: per suggestions in the comments, I have added Waterford Technologies and IBM to my list of vendors.

This document was posted by Sean Burgess on Wednesday, August 31st, 2005 at 09:00:00 AM. It was written at Work (Bethesda, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(0)
More on Encryption
I had a lengthy discussion on AIM with Chris before I left from work today. He had read my blog entry and wanted to get some more information on the encryption problem, as I saw it. We talked about the additional things that administrators will have to manage along with the emails that have been archived. At a minimum, you need to keep accessible copies of Notes IDs of all terminated accounts for at least as long as you keep email in the archives. But do you also need to keep their person document and an empty copy of their mail file? And since the body is encrypted, it can't be indexed by the search engines. How does that hamper your company when trying to comply with a subpoena? How do you include encrypted emails in the export from the Archive?

In case you are unaware of how native Notes mail encryption works, here is an excerpt from the Domino 6 Administration Help Database:

How outgoing Notes mail encryption works
  1. The sender sends an outgoing message and selects the Encrypt option.
  2. Notes generates a random encryption key and encrypts the message with it.
  3. Notes encrypts the random encryption key with the recipient's public key and appends the new key to the message. The recipient's public key must be stored in either a Domino Directory or LDAP directory that a user can access or in the sender's Personal Address Book.
  4. If the encrypted message is addressed to multiple recipients, the message is encrypted only once with one random key, and the random key is encrypted using the public key of each recipient.
  5. When the recipient attempts to open the encrypted message, the user's mail application attempts to decrypt the random key, using the recipient's private key. If this is successful, the random key decrypts the message.
  6. If decryption is successful, the recipient can read the message. If decryption is unsuccessful, the user receives a message indicating that the decryption failed and the mail application does not allow the user to access the message.
All except 1 of the archiving solutions that have been demonstrated have used Native Mail Journaling to get a copy of the email for them to archive. Here is how journaling handles encrypted emails:
A message that Notes has previously encrypted for its recipients is not re-encrypted with the certified public key of the specified Journal user. As a result, when depositing encrypted messages in the Mail Journaling database, Domino preserves the original encryption, so that the message content cannot be decrypted with the ID of the designated Mail Journaling user, unless, of course, that user was included in the original recipient list. A Mail Journaling user who was not on the recipient list can view header information only.
So, basically, if encryption of email is allowed, or even required, a significant number of additional things need to be managed along with just email. This is compounded greatly if you use Exchange and have a third party encryption package. Imagine having to get users to send you tokens that they create when they start using encryption. And what do you do if a token gets lost or the one copy of the file token file you have gets corrupted? I am not sure that IT departments or the Archiving Solution vendors are even thinking about this.
This document was posted by Sean Burgess on Monday, August 29th, 2005 at 08:45:00 PM. It was written at Home (Laurel, MD). This document has been assigned to the following categories:  Domino and Notes  Mail  Work Related . Technorati:
Search for similar pages on Google Bookmark and Share SearchTechnorati for links to this entry Permenant Link Backtalk(5)
Email Archiving and Encryption
We are in the process of determining a solution for email archiving and retention on an enterprise level. We have met with about 5 vendors so far and have another 2 or 3 to see before I feel we have done due diligence. In any event, in the last couple of days, the question of how these vendors handle Notes Mail that has been encrypted has come up. Since encrypting an email is incredibly easy to do and is an integral part of Notes, any solution we have should be able to decrypt the messages or it provides a huge hole to bypass having every email archived. I am still waiting to hear back from some of the vendors, but was wondering if anyone else had found a solution to this problem. As a number of the vendors use native Mail Journaling to get all the messages, does the router decrypt the messages before journaling them? If not, how are these messages supposed to be accessed by a person who is not a recipient? Does Lotus see this as an issue?
This document was posted by Sean Burgess on Monday, August 29th, 2005 at 01:30:00 PM. It was written at Work (Bethesda, MD). This document has been assigned to the following categories:  Domino and Notes  Mail . Technorati:
Powered by DominoBlog, ver. 3.0.2