How it works: The USPTO (US Patent & Trademark Office) gets the initial patent application from the inventor or patent agent. But it can take a while to grant or deny a patent application. They have a heavy workload, examining and publishing thousands of patents each week! However, during the period of waiting for a USPTO grant decision, the USPTO publishes the patent application at some point (usually after 18 months) and the general public may view the full contents and it is in the public domain. (note: FreshPatents.com does not have access to and does not publish confidential and/or non-USPTO-published Patent Applications!)

Next, FreshPatents.com (no affiliation with the USPTO) empowers users with FREE tools to better find and track published patent applications. FreshPatents.com features the latest published US patent applications...which is certainly useful for your business and technology intelligence needs.

In case you're having a hard time keeping track, here's a brief history of events as they've unfurled in the ongoing Microsoft-Yahoo drama:

May 2006: Some of the earliest rumors that Microsoft is considering an offer to buy Yahoo appear in the New York Post and The Wall Street Journal; at the time such a deal is considered far-fetched, so the rumors are dismissed fairly quickly.

October 2006: Rumors begin to swirl that Yahoo has approached Time Warner about purchasing AOL, a notion that is somewhat more believable than a Microsoft-Yahoo deal.

2007: Microsoft-Yahoo rumors surface from time to time but disappear soon after as there is nothing to substantiate them.

Feb. 1, 2008: In the shot heard 'round the Internet, Microsoft makes a formal purchase offer of $44.6 billion based on Yahoo's stock price of $19.18; Yahoo's stock price starts rising.

Feb. 11: Yahoo rejects Microsoft's offer as too low; Yahoo stock price closes at $29.87. According to the rumor mill, Yahoo is now looking for closer to $40 a share because the value of the company has risen since the offer.

Feb. 12: Microsoft for the first time publicly hints in a letter to Yahoo that it is willing to get hostile in its takeover, saying it "reserves the right to pursue all necessary steps to ensure that Yahoo's shareholders are provided with the opportunity to realize the value inherent in our proposal."

March 5: Reports emerge that Yahoo is stepping up negotiations with Time Warner for some kind of tie-up with AOL. Meanwhile, reports make the rounds that Microsoft will mount a proxy fight if Yahoo won't play ball.

March 11: News Corp.'s Murdoch says publicly that he won't "get into a fight" with Microsoft over Yahoo, because the software giant has "a lot more money" than his company.

April 5: Microsoft sends Yahoo a join-us-or-die letter, claiming that if the two companies can't make a deal in three weeks, Microsoft will take its offer directly to shareholders in a proxy battle. In the letter, signed by Microsoft CEO Steve Ballmer, Microsoft basically tells Yahoo board members they've run out of better options, and it would be foolish not to accept an offer immediately. Microsoft also hints that it would consider Yahoo less valuable if it is forced to mount a proxy fight, thus threatening to lower its offer.

April 7: Yahoo again rejects Microsoft's offer on the basis that it is too low. In a letter signed by Chairman Roy Bostock and CEO Jerry Yang, the company calls Microsoft's threat of a proxy battle "unproductive," and says it would consider a deal if Microsoft was willing to pony up more dough.

April 9: Yahoo says it is testing the display of Google search ads in a small number of its search-engine queries, a move seen as a way to stave off Microsoft's advances. Microsoft immediately attacks that notion as anticompetitive and says it would never pass regulatory approval.

April 10: News Corp. is said to be in talks with Microsoft to join forces to buy Yahoo, seen by many as a way that Microsoft can raise its offer without spending any more money. At the same time, the old Yahoo-AOL union talk again makes the rounds.

Dear Rob,

Why does PC Pitstop keep bashing Vista? Isn't it like biting the hand that feeds you?

Your Pal,

While I found many of the issues simply quarks I can say that there are some valid points. Though there is one which no one mentioned which personally I find quite annoying. I know how to shut it off but that is not the point. If I have to approve an execute then don't throw the machine in a tail spin to display a dialog asking my approval.

Honestly the truth is that none of this is necessary in a MAC as there is no need to protect system32 or the OS to this degree from the operator. While a .dll and cab files gain speed the trade off is questionable more every year. It does take a bit longer to execute a process in NIX, but with machines running faster all the time the trade off becomes less important.

I do not care for an operating system wants me to change my behavior, rather than being flexible to mine. Honestly I cannot believe the people inside are ignoring the same things everyone else sees they see. It is simply a case of denial on many fronts, while XP is near its end of life, people are faced with a couple of good choices. This should have MS being aggressive and this is clearly not the case. This too should indicate to those on top there is a problem.

Warner Music Group is reportedly considering a plan to have Internet service providers add $5 a month to subscribers' bills for unlimited access to music on the Web. Full Article here.

Now here is a cure to the problem. Have everyone pay, and a totally strapped ISP industry collect and pay for something the media industry cannot control on their own. Lets see with the names like TimeWarner Cable, Comcast, Roadrunner, Cox and Charter holding the lions share of cable networks.

In america the adsl based ISP find it nearly impossible to compete with cable. This due to the amount of bandwidth cable companies provide, this is primarily due to the fact that ADSL simply will not support this type of bandwidth. Now it seems they really want to collect a tax from each of their clients to pay for those who listen to music on the web.

The handful of small ISP's left would simply be driven again by telling the small number of users left they will have to tax them $5.00 so the Music Industry gets their part of the pie. Of course this means nothing to the Cable Companies who already dominate the industry. Seems to me they already make enough money off their user base, without taxing their client base to some 20 billion dollars more.

I currently pay $180 per month for cable TV and internet. If this is typical and 5.00 relates to 20 billion. It does not take a math major to see how big this pie really is.

Does anyone even remember cable TV that was not loaded with commericals? When it is the only game in town, I am sorry but this is nothing more than a monopoly. One which is now seeking to add another $5.00 to the bill.

A blossoming Web attack, first reported by security researcher Dancho Danchev earlier this month, has expanded to hit more than a million Web pages, including many well-known sites.

The number and importance of the sites has increased," wrote Danchev in a where he reported that trusted Web sites such as USAToday.com, Target.com, and Walmart.com have been hit with the attack.

The criminals behind this have not actually hacked into servers, but they are taking advantage of Web programming errors to inject malicious code into search results pages created by the Web sites' internal search engines.

Malicious parties are actively poisoning these sites' search query caching feature to position the keywords among the top ten search results, thereby infecting anyone coming across them," said Danchev, in an instant-message interview.

He believes that more than 1 million Web pages have been infected using this technique.

"The more keywords they submit with [malicious] script, the more pages with popular keywords the high page ranked sites would cache," he said. This increases the chance that someone will see the search results hosted on the reputable site and click on the malicious page.

The Web sites that have been hit with this attack could fix the problem by doing a better job of checking the search queries on their internal search engines to make sure that there is no malicious code in them, Danchev said.

Hackers are increasingly looking for ways to install their code on trusted Web sites. In recent weeks, security vendors have found hundreds of thousands of Web pages affected by this and other similar attacks.

Things to know before you download Windows Vista SP1

• Windows Vista SP1 is available in English, French, German, Spanish, and Japanese. Other languages will be made available soon.
• Microsoft strongly recommends using Windows Update to download and install Windows Vista SP1 on single PCs:
  • The download size from Windows Update of Windows Vista SP1 for x86 is 65 MB (compared to 450 MB from the Microsoft Download Center).
  • The download size from Windows Update of Windows Vista SP1 for x64 is 125 MB (compared to 745 MB from the Microsoft Download Center).
  • Windows Update will recognize PCs with known problematic drivers and postpone downloading Windows Vista SP1 until the PC has updated drivers or other applicable updates. Using Windows Update will help ensure you have the most trouble-free update experience possible.
  • Some Windows Vista users may encounter an issue with a small set of hardware devices that may not function properly after updating a Windows Vista PC to Windows Vista SP1.   This is an issue with the way the device drivers were re-installed during the Windows Vista SP1 update process, not with the drivers themselves—these drivers worked on Windows Vista RTM and they work on Windows Vista SP1.  This problem is typically corrected by simply uninstalling and reinstalling the driver. We are working with the manufacturers of these devices to get the known problematic drivers and their install programs updated, and also on other solutions we can use to ensure a smooth customer experience when updating to Windows Vista SP1 using Windows Update. For new PCs provisioned with Windows Vista SP1, this is not an issue.
• If you choose to install Windows Vista SP1 via the standalone installer available on the Microsoft Download Center, Microsoft advises that you first visit Windows Update and install all optional drivers. Read Knowledge Base Articles 948187 and 948343 for more information.
• If you have a prior version of the Windows Vista SP1 beta installed, you must uninstall it prior to installing the final version. Use the Control Panel applet "Programs and Features" and select "View installed updates" from the top left of the task pane. Under Windows, look for "Service Pack for Windows (KB936330).

I liked this article so much I felt compelled to acknowledge once again just how ignorant people actually are about spam. Let's first divide the posts into groups. For the referenced article "Click Here"

1. The Questioned:  The person who thinks they should have a free email address and filtering should be Enterprise level and they should behave any way they want. Love the post from the person who said I get 1000’s of emails a day.  Personally if this is true your activity on the web is certainly questionable.

2. The Silly: “Is it legal, if I write an anti spam eraser that goes back to the source and simply removes the spam from their hard drive(s)?”

3. The Lost: “I have gone so far as to chase down the owners of blocks of addresses and emailed them about spammers and the email was returned.” Ever hear of spoofing? One can spoof a email address, IP address and even a MAC address. Ever hear of a zombie?

4. The Confused:  “I use a bounce program. Every spam email gets sent back ten times. It’s reduced my spam by at least 50% which is a real relief. The big problem now is bogus addresses. About 20% of my spam now comes from non-existent addresses.” You are as much the problem as the solution. You have assumed you have the target in the first place. You only aggravate the situation by thinking you are fighting back. If it were a real source on the bounce then they are now certain they have a good email address. After all you have made sure they know. Also a good read of the RFC’s concerning backscatter specifically will point out the error in your ways.

5. The Knowledgeable: “I’m an IT Director at a small hospital with a mature domain name (12 years old). SPAM accounts for over 99% of all e-mail handled by my system - and that’s a calculation, NOT an estimate. I spend about $12,000 per year managing SPAM.”  What can you say the person who wrote this has a firm grip of the magnitude of the problem, and the costs associated to good spam filtering.

6. The Diluted: People who believe something on their desktop is the solution. Please it is over! The best this can do is decide whether to keep it or trash it. The transaction is over when it reached the server. The point where you want to stop it is deciding whether to accept or delete it on the server. 

Any install of MailScanner on a server configured correctly can get the top 90% of spam. It is that number between 90% and 99.9% which is hard to reach. What is so amazing is some novice on a desktop seems to think they have the solution to a problem which is so complex there is simply no single answer to. There are millions of professionals fighting this problem every single day, yet they have the solution. Also they do not seem to understand that the person they are defending against are as good at their job.

Has anyone complained once to your postman that it should be their job to filter your mail? Have you stopped those stupid phone sales calls when you are at home trying to relax? With everything on the web even things that are free, people think it is a right to be protected in a world that is honestly quite dangerous. Your protection ended when you connected that cable directly to the web really. If you want to be really secure just unplug it.

Websense Security Labs has discovered that Google’s popular web mail service Gmail is being targeted in recent spammer tactics. Spammers in these attacks managed to created bots that are capable of signing up and creating random Gmail accounts for spamming purposes.

Websense believes that from the spammers’ perspective, there are four main advantages to this approach. First, signing up for an account with Google allows access to its wide portfolio of services. Second, Google’s domains are unlikely to be blacklisted. Third, they are free to sign up. And fourth, it may be hard to keep track of them as millions of users worldwide are using various Google services on a regular basis. Learn More

"If your site is appearing as two different listings in our search results, we suggest consolidating these listings so we can more accurately determine your site's PageRank." ¹

Why leave it to chance? With a few lines of code you can make sure all your URLs use consistent domain names. When we have multiple domain names on one site, we set up a permanent 301 redirect for any extra domains, as well as the www subdomain or the non-www domain. If you have an Apache web server, add the following code to a .htaccess file in the top level directory, replacing the test domain name with yours:

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.test\.com
RewriteRule ^(.*) http://www.test.com/$1 [L,R=301]

If you are using a Microsoft IIS web server, we recommend using ISAPI_rewrite to simulate Apache's .htaccess feature. To begin, you or your hosting provider needs to install ISAPI_rewrite on the server. Then you would create a httpd.ini file in the top level directory as follows, replacing the test domain name with yours.

RewriteCond Host: (?!^www\.test\.com$).*
RewriteRule (.+) http\://www.test.com$1 [RP,I]

These solutions assume you prefer to use the www subdomain for your website. If you would rather have a non-www URL, simply remove each instance of "www\." and "www." from the rewrite conditions and rules. As with all code, please test thoroughly before deploying to your live server.

If your host does not offer ISAPI rewrite you could create a second IIS entry and redirect all the similar names to the primary (i.e.) www.domain.com. This method does take two IIS entries but will certainly achieve the same thing without the need for ISAPI rewrite if your host does not offer it.

The Cost-effective Alternative to Microsoft Exchange™

SmarterMail 5.x is a feature-rich Windows mail server that brings the power of enterprise-level functionality to small businesses and hosting environments. SmarterMail 5.x builds upon a solid reputation of stability, performance, and value to bring industry-leading features and security to customers at a competitive price. SmarterMail is designed to be effective in small businesses with a handful of email accounts and within large ISP/hosting environments managing thousands of domains and tens of thousands of users per server.

Learn more.

How do I move my dns server from one machine to another?

If you transfer all the files from the default path C:\windows\system32\dns specifally all the zone files.

Then export the key values below to .reg files then move them and add them to the new machine you should be up and running in a flash.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Zones

Smartertools Changing prices for New Major versions !

SmarterTools announced Major version changes. SmarterMail will be changed to version 5. SmarterStats 3 has a pricing change. These are due to take effect on March 13 2008 for SmarterStats and SmarterMail. SmarterTicket will have not only a version change but a name change to SmarterTrack 3.This product is set launch on April 23 2008. We will be releasing our pricing for these products on March 10 2008.

On deck for release Feb. 12 is a dozen security bulletins, seven of them rated critical.

After a relatively light Patch Tuesday load in January, Windows administrators are bracing for a barrage of security updates from Microsoft.

According to the software maker's advance notice mechanism, there are 12 bulletins slated for release Feb. 12. Seven of the 12 will be rated "critical," Microsoft's highest severity rating.

Four of the seven critical bulletins will contain fixes for code execution holes in Microsoft Office, the company's flagship desktop productivity suite.

These fixes will most likely cover known -- and already exploited  -- zero-day flaws affecting Microsoft Excel. Microsoft has already issued a pre-patch advisory regarding the Excel attacks, so it is a safe bet that the February Patch Batch will cover holes in Excel 2000, Excel 2002, Excel 2003 and Excel 2004 for Mac.

The widely deployed Internet Explorer browser is also getting a cumulative update to fix holes that could cause drive-by malware installation attacks.

High-risk bulletins are also slated for users of the Windows operating system, VBScript and JScript.

In addition to the critical bulletins, Microsoft also gave notice on five "important" updates covering holes in Windows, Active Directory, ADAM, ISS and the Office Works suite.

Some of the "important" bulletins provide fixes for code execution, privilege escalation and denial-of-service vulnerabilities.

Four of the seven bulletins will contain patches for Windows Vista, Microsoft's newest operating system.

As is customary, Microsoft will release an updated version of the MSRT (Malicious Software Removal Tool) to add detections for new strains for bots, Trojans and viruses.

Are Apple sales in trouble? Two research analysts have reported in recent days that Apple is aggressively cutting back production on iPods and iPhones, while increasing production on Mac computers.

It seems that the iPod Touch may have seen the weakest sales. Berger reported production orders for the Touch have fallen the most. The device may suffer from being less than an iPhone, since it has no phone capabilities but is substantially more expensive than Apple's music-playing iPhones. The touch relies on Wi-Fi for connectivity, so users who aren't in range of a Wi-Fi connection simply can't get online.

Meanwhile, Asian production facilities indicate that production is going up for Macs, down for iPods, and the iPhone situation is volatile.

For MacBooks and iMacs, production has moved up more than 20 percent so far this quarter, Banc of America said, which indicates Apple is replenishing inventory and seeing solid demand. Banc of America predicts continued growth through March.

After severe production cuts in December and early January, production is now up for iPhones. Banc of America expressed concern that production and demand for the innovative phone remain lackluster.

Meanwhile, Net Applications released new numbers on its operating-system statistics, which revealed that Macs accounted for the largest percentage of Internet traffic ever -- 7.57 percent. iPhone-based traffic nudged up from 0.12 percent in December to 0.13 percent in January. More importantly, Net Applications' numbers show that iPhone traffic is coming from many more countries than have official wireless carriers for the phones, indicating substantial gray-market sales.

"We've heard the rumours that many iPhones are being used outside the officially sanctioned countries. So we decided to check it out and surprise, surprise, it's true. The iPhone has a presence in almost every country on Earth," Net Applications wrote in its report.

Google on Tuesday began marketing new online tools for protecting email from spam and other problems as it continued to encroach on the terrain of software king Microsoft.

Google unveiled email security services built with technology from Postini, a start-up the California Internet titan bought last year for 625 million dollars. The software protects, filters, encrypts and archives email, and is compatible with Microsoft Exchange, Lotus Notes, and Novell Groupwise.

Google said subscription pricing for email security starts at three dollars a year per user to "accommodate the budget of any business." Premium online services that include virus protection and saving messages is priced at 25 dollars annually per user.

"As threats rise in volume and complexity, and compliance requirements pile up, IT is struggling to find the resources to keep up," said Google director of product management Scott Petry. "Now, Google can take care of this for you."

A third underwater fiber-optic cable was cut today in the Persian Gulf, off the coast of Dubai, United Arab Emirates, according to its owner Flag Telecom, compounding Internet problems in the Middle East and India, the BBC reported today.

The third cable, known as the Falcon cable, comes after breaks in two cables off the Mediterranean seacoast on Wednesday.

Those breaks required carriers to reroute Internet traffic from the U.S. to India and other nations in the Middle East the other way around the world, across the Pacific Ocean, leading to some Internet delays.

The cause of the first two breaks is believed to be a result of a ship's anchor that dragged and snapped the cables, and a similar cause might be involved in the third incident. Flag Telecom will start repairs next week on one of the first two cables linking Egypt and Italy, the company said today. A repair ship is expected to reach the site of the damage, 8.3 kilometers (about five miles) from Alexandria, Egypt, on Tuesday. The repair will take a week to complete.

The breaks on Wednesday were to the Flag Telecom Europe-Asia cable, owned by India's Reliance Communications Ltd., and on the South East Asia-Middle East-West Europe 4 (SEA-ME-WE 4) cable, owned by a consortium that includes Verizon Communications Inc. in New York. The cable damage disrupted the Internet and other communications to the Middle East and India.

Flag said the Europe-Asia cable was cut at 8 a.m. GMT on Wednesday. The company also said it was able to restore circuits to some customers and was switching to alternative routes for others.

The US Congress Judiciary Committee will hold a hearing next week to scrutinize Microsoft's multi-billion-dollar bid to acquire Yahoo in order to take on Internet goliath Google. Leading members of the committee scheduled a February 8 hearing after Microsoft's announced it is courting California-based Yahoo with a 44.6-billion-dollar offer.

"Microsoft's bid to acquire Yahoo is certainly one of the largest technology mergers we've seen and presents important issues regarding the competitive landscape of the Internet," Congressmen John Conyers and Lamar Smith said in a written statement.

"The Committee will hear from experts who will weigh in on whether this proposed consolidation works to further or undermine the fundamental principles of a competitive Internet." Yahoo has yet to say whether it will accept the offer, but analysts believe it is too good a deal for the struggling Internet veteran to refuse and that US regulators are unlikely to find grounds to stop it.

Sun Microsystems purchase of MySQL for $1 billion is not only the largest open-source deal yet, it's almost bigger than all previous open-source deals combined, including RedHat's $326 million buy of JBoss, Citrix's $500 million purchase of XenSource and Yahoo's $350 million acquisition of Zimbra.

But the deal raises a number of questions for Sun. Was that $1 billion well spent? What will Sun do with its new database? And will the purchase improve its standing in the enterprise? More important than the $1 billion price tag, however, is whether Sun can execute its strategy of taking a database that's popular in certain circles and successfully move it into the enterprise accounts, where they are a well-respected vendor.

Whatever technical issues Sun may face in integrating MySQL into its current stack pale in comparison with the marketing challenge.In the scheme of things, the most important IT issue for large businesses is reliability. For databases, companies need to know product is solid, can scale and won't go down if they make severe demands on it.

Barracuda Networks, a maker of e-mail and Web security hardware, has sent out a distress call to the open source community to save it from patent litigation at the hands of Trend Micro, a competing security company. On Tuesday it asked for help from anyone who can provide information that can invalidate Trend Micro's patent on gateway antivirus scanning.

Barracuda Networks has framed the dispute as an attack not only on itself but on the open source community and the free Clam AntiVirus software by "commercial patent holders attempting to unjustly hinder the free and open source community," as Dean Drako, president and CEO of Barracuda Networks, put it in a statement issued on Tuesday.

Trend Micro spokesperson Mike Sweeny said the litigation isn't an attack on the open source community. "This case is really about two companies, Barracuda Networks and Panda Security, that are selling products in the U.S. that we feel infringe on our time-tested patent," he said. Drako disagrees with this assessment. "If you read the legal documents from Trend Micro, all of the infringement claims they make are about Clam AV," he said in a phone interview. "They may be legally suing us but ... it's pretty clearly an attack on Clam AV."

It may also be an attack on the disruptive price points of products based on open source software. Drako pointed to a recent article that he said found Barracuda's hardware to be a tenth the cost of competing boxes. Trend Micro in early 2006. Sweeny from Trend Micro confirmed that both Symantec and McAfee have licensed the patent as well.

Following demands from Trend Micro in 2006 to pay a royalty that Drako characterized as onerous, Barracuda Networks sued Trend Micro in March 2007 seeking a declaratory judgment that it was not infringing upon the '600 patent. Toward the end of 2007, Trend Micro countered by filing a claim with the International Trade Commission (ITC) seeking to block the importation and inclusion of Clam AntiVirus software in Barracuda's security appliances.

"Trend Micro is seeking an interpretation of its '600 patent such that would give it exclusive control of gateway antivirus scanning," Barracuda states on a Web page it has posted about the case. "Scanning for viruses at the gateway is an obvious and common technique that is utilized by most businesses worldwide. Such an interpretation would mean that anyone, including the owners of the more than one million active ClamAV installations, could potentially be sued by Trend Micro."

"They're accusing us of importing open source software," said Drako. "How can you accuse someone of importing open source software? It's written everywhere." Nonetheless, Trend Micro appears to be doing just that it. If it prevails, Drako predicts trouble for companies that rely on open source software. "If Trend Micro is successful in claiming that we import Clam AV, and therefore that the ITC is the appropriate court, I could go claim that Linux is imported by IBM ... I could start suing them in the ITC. It could reinvent how patent litigation is done for open source software. It's a pretty bold move."

On Friday, I had a brief phone interview with Kevin Johnson, president of the Microsoft division that includes Windows and Windows Live, shortly after the software giant announced its $44.6 billion bid for Yahoo. I tried to get more details on the how Microsoft plans to bridge the cultural gap between the two companies, which brands it is tied to and what it will do if Yahoo says no. Sorry, I don't have more concrete answers, but I've posted a pretty complete transcript so you can read for yourself. More

Internet access in India improved Friday as international service providers shifted their Internet traffic to cables under the Pacific Ocean to bypass two undersea cables damaged earlier this week.

The two cables deep under the Mediterranean Sea snapped on Wednesday 1.30.2008, disrupting service since then across a swath of Asia and the Middle East.

India took one of the biggest hits, and the damage from its slowdowns and outages rippled to some U.S. and European companies that rely on its lucrative outsourcing industry to handle customer service calls and other operations.

Bandwidth providers in India said they were working to restore service to about 80 percent of its usual speed Friday.

In Egypt, Internet access remained sporadic or nonexistent Friday, the first day of the official Muslim weekend in the Middle East when all government offices and most businesses are closed. Egyptian Minister of Communications and Information Technology Tarek Kamil said service would be up to about 80 percent of its usual capacity within 48 hours.

The pair of cables — which lie on the sea floor near each other and at some points are no thicker than the average human thumb — caused problems across an area thousands of miles wide. India, Bangladesh, Pakistan, Egypt, Qatar, Saudi Arabia, the United Arab Emirates, Kuwait and Bahrain all reported trouble.

We were somewhat confused with smartermail forum on the topic of ClamAV updating in SmarterMail. Here are my observations. This solution is only based on my personal observation, which cured 4 different smartmail servers with the problem of not showing the ClamAv updates correctly. One could see they were being downloaded to the server.

They are located in the default install path: C:\Program Files\SmarterTools\SmarterMail\Service\Clam\share\clamav the date in the admin interface was the same date as the file 'daily.cvd'. I renamed the file to daily.cvd.bak and restarted smartermail service and a new file was created and the interface reflected the new date.

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. CIA analyst said. Speaking at a conference of security professionals on Wednesday Jan 16 2008, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands," he said in a statement posted to the Web on Friday by the conference's organizers, the SANS Institute. "In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

One conference attendee said the disclosure came as news to many of the government and industry security professionals in attendance. "It appeared that there were a lot of people who didn't know this already," said the attendee, who asked not to be identified because he is not authorized to speak with the press.

He confirmed SANS' report of the talk. "There were apparently a couple of incidents where extortionists cut off power to several cities using some sort of attack on the power grid, and it does not appear to be a physical attack," he said.

Hacking the power grid made front-page headlines in September when CNN aired a video showing an Idaho National Laboratory demonstration of a software attack on the computer system used to control a power generator. In the demonstration, the smoking generator was rendered inoperable. The U.S. is taking steps to lock down the computers that manage its power systems, however.

On Thursday, the Federal Energy Regulatory Commission (FERC) approved new mandatory standards designed to improve cybersecurity.

Part 2 Spam E-Mail Fitering:

At this point to show the magnitude of spam we are eliminating. The screen shot is at the last step in the MTA, it is a fair sampling of how much is being eliminated even at this last step in the process after going through three levels above this. So while the numbers indicate a fair amount of spam before delivery to the mail domain. The screen shot is only one of our end point mail servers and is only a 46 hour sampling.

What is becoming hard to comprehend is the vast number of viruses. We have three different companies anti-virus scanners ahead of the end point mail server and you can see that the number still being eliminated at this the fourth level.  We have found that no single bit of anti-virus software on its own is acceptable. We use Avast, Symantec, Nod32, and Clam-D and find similar numbers at each level of the process. For the experts these scanners are not on the same machines in the MTA hub they are all passing through separate layers of the mail processing. 

At the bottom of the graph you can see how well grey-listing works with 956,710 senders being blocked in a 46 hour period. While 40,710 valid senders were approved.

At this layer we are very confident that spam high is garbage and is directed to the bit bucket. Spam Medium is simply stamped in the subject so the end user is assured not to lose anything even remotely questionable. The domain admin can change our default settings and chose to leave this in a junk folder on the server if they want another layer of filtering.

However our MTA MX hub already allow quarantine for 14 days for questionable emails so this layer is really the last or shake out layer before mail delivery. We are using the best technologies on available to protect our enterprise clients email and offer the best possible service level available at any cost. Yet we include this with every account hosted with us. If you are looking for $3.95 month hosting you will not find it. However, if you want serious enterprise level mail filtering you will certainly find we are committed to preventing spam from reaching your in-box. 

The war on spam wears on and a question from one of our users sparked this blog post. "What makes your spam filtering so dam great"?

Many hosts install spam assassin perhaps a bit of clam-av virus filtering and call it done. Maybe they enable grey-listing and then brag about the service level.

Now comes, the end user who understands almost nothing about any of this. They accept the market hype and take it as the gospel. They want to know nothing, they just do not want the spam filling up their in boxes. They feel this is something which should just happen. Which is why many hosts & ISP's just install spam assassin and say you have e-mail filtering. 

Yet other hosts & ISP's have this idea that just buying a Barracuda Firewall is the answer. After all someone told them Barracuda makes the best mail filtering device available. So booyah they are an instant expert. The success of the Barracuda firewall product, and the continual increase in spam are probably the reasons for an increase in email backscatter. Sadly, too many Barracuda Spam Firewall customers still enable auto-replies for spams that get blocked. This is not necessarily the fault of Barracuda firewall, but more of the administrators do not understand the impact of their actions. 

Most people send a limited number of messages to people who they have a relationship with. Spammers however send millions of messages to people who they have no relationship with. A real email message will keep retrying if the server isn't ready and will generally play by they rules. Spammers will try to circumvent the rules to try to deliver as many messages to as many people as possible. They try the back door before they try the front door and if the back door rejects them they move on. This is why grey-listing is important and blocks much of this behavior since most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

While grey-listing is important, it like spam assassin can only answer part of the mail filtering scheme. Understand that the war on spam is waged against people who make their living off making it to your in-box. This typically makes no standard canned code or device on its own merit enough to prevent the well armed spammer from be successful.

To make matters worse many desktops around the world are nothing more than the instruments of spammers with mal-ware being inserted turning their machines into zombies, Sophos estimates half a million zombie PCs are operating worldwide. Given this conservative estimate of the volume of these zombie machines, it only seems logical that a desktop user cannot continue to assume that these things are all on the administrators who handle their mail.

The point of the article is why our mail filtering is better than other providers. Our intent is to offer a truly flexible efficient package, which supports features like MailScanner Spam Assassin, Razor, DCC, Pyzor, Grey-listing and Dynamic Bayesian indexing from our pool. We believe that putting as many features as possible directly in the hands of the domain email administrator is the right approach to take and we stand by that.

While we are focused on the windows platform for our mail servers due to the fact that SmarterMail is one of the best email server packages available. We also understand that Linux servers are currently better suited to the tools available for mail filtering. We work day and night to provide the best mix, while capitalizing on the strengths of each and ignoring any weakness each platform might have. Our email filtering is performed by collection of clustered servers with a single purpose, filtering the unwanted email while still allowing the valid email to quickly transit the MTA.

Email and Alias Forwarding!

Why is it being blocked to AOL and ComCast Accounts?

The Problem defined below is the same for Comcast and AOL!

1. You setup an auto forwarder from your domain to your AOL email account (you@yourdomain.com -> you@aol.com).
2. Your customers send emails to you@yourdomain.com and the emails gets forwarded to you@aol.com
3. One day you receive some spam at you@yourdomain.com, which was auto forwarded directly to you@aol.com.
4. You open your you@aol.com mail box and see the spam, so click to Mark it as SPAM and add it to your AOL spam filter .
5. AOL's spam filter does not register the originator of the email as the spammer - instead, it registers the last place the email came from as the spammer. And in this case and the last place the email came from is our email server which hosts you@yourdomain.com.
6. AOL will then blacklist the entire mail server, so that no one can send email to any AOL email accounts.

You need to login to your email admin and go through your email accounts and take off any forwarding that forwards email to AOL or Comcast account. Also check to make sure your email Alias is not forwarding to AOL or ComCast email account.

It is stated to be an inconvenience by many users. The fact that this means you only need to add another account in your mail client (i.e.) Outlook, Outlook Express, or whatever client you use. If your mail client does not support checking multiple accounts you should have quit using it long ago.

Our blocking is necessary in order to protect all of our valuable customers from being blacklisted by AOL by the action of one or two users who think that blocking spam using Comcast or AOL filtering is the right approach. Though the concept is unproductive by using that mark as spam button, they are only shooting off their own foot, and any legitimate mail that server may be sending.

AOL & ComCast certainly does nothing to investigate the source of the spam and would rather shut down a server than take a minute to check it out. It's unfortunate but is in everyone's best interests.

Greylisting is a new weapon to use against spam in this great war being waged upon it. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email clients!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a "try again later"-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again - but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. {More}

Evan Harris
Greylisting FAQ (Texas A&M University)
Greycasting: a distributed heavy duty greylisting implementation
The Next Step in the Spam Control War: Greylisting

The term "backscatter" is also used to describe a side-effect of email spam, viruses and worms. In this context, an alternate, more distinguishing term ("outscatter") is also used, since the traffic isn't directed to the original destination, but to a third party instead. Since a 2002 Klez variant, a large proportion of malignant email is sent with a forged sender address, but some mail servers do not take this into account. They generate bounce messages for spam or viruses - which of course go to an innocent party.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they themselves can qualify as unsolicited bulk email or spam. As such, systems that generate e-mail backscatter can end up being listed on various DNSBLs and be in violation of ISPs Terms-of-Service for being abusive.

Due to controversial aspects of its design, the stock (unpatched) qmail mailserver is more likely than most to produce such bounces. For instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages during SMTP transactions. When email addressed to nonexistent recipients can't be rejected at the SMTP connection, the only alternative is to auto-reply to the sender address, which causes email backscatter if the sender address is valid and forged.

• Postfix - backscatter page
• SpamLinks - Backscatter
• RFC 3834: Recommendations for Automatic Responses to Electronic Mail.
• Moronic Mail Autoresponders (A FAQ From Hell)
• Why are auto responders bad?
• A DNSBL of Backscatter sources.
• Dontbouncespam.org Why you shouldn't bounce spam