Google Gmail, along with Google’s other collaborative services, is out of beta after ~5 years and is now on to bigger and better things; such as their newly semi-opened product: Google Voice.

Its a remarkable service that brings to bear some of the conversational and historical features of Gmail.  Upon using, it all feels like a very natural progression and next-step to the unification of their communications platforms into a single interface in the near future.  Couple this with their voice recognition developments on the various mobile search platforms, and they are fitted to transcribe voicemails along with the emails that they are then able to data-mine for additional advertising revenue – similar to what they do with Gmail.

Google Voice is a service born from a company named GrandCentral that Google acquired in 2008. Its a service that centralizes phone number portability, call forwarding, text messaging and voicemail into a single solution that is completely free for in-country dialing, with reasonable rates for long distance use. It also brings to Google (and the masses) some of the typically corporate-only features of services referred to as Unified Messaging.

Unified Messaging capabilities are a likely baby-step into the future Google Wave platform and beyond.

Its brilliance on their part, and yet another extremely useful and free service for the rest of us. Forget Visual Voicemail.  If you have an iPhone, install the GV Mobile application, and see what Google is doing and how it will effect and eventually marry all of these technologies that are increasingly at our mobile fingertips.

What Google is doing here is the innovating benchmark that other companies will be forced to follow for years to come.

Share/Bookmark

Adobe has released an update to fix the security vulnerability that I told you about back on February 25th. Please apply this fix as soon as possible.

To fix the problem, Adobe Reader must be upgraded to version 9.1.  This applies to all Microsoft Windows and Apple Macintosh users of the Adobe Reader. You can download and install Adobe Reader 9.1 here:

• http://get.adobe.com/reader/

Note: This fix is currently only for the version 9 Reader.  Fixes for version 7 and 8 Readers are in the works and scheduled for release by March 18 2009. The version 9 Reader can exist with older versions of the full Adobe acrobat product if need be.

Feel free to reuse the following text in your own notifications, as I wrote it to notify users within my company. It would be nice of you to send me a hello/thanks comment if you do!

Share/Bookmark

Adobe has recently announced that there is a critical security vulnerability in their Acrobat and Reader products, and that they will be unable to release a patch for the issue until March 11, 2009.  This is a serious security issue that affects all current versions of Acrobat and Reader, going back to 2005 (which includes versions 7 through the current version 9.) Adobe Acrobat and Reader are the applications used to create and view .PDF files.

To help reduce the exposure you have to this security vulnerability, please make the following changes from within the Acrobat and Reader applications:

1. Launch Adobe Acrobat or Adobe Reader
2. Select Help → Update
   • After the update has completed (if necessary), complete the next steps within the application:
3. Select Edit → Preferences
4. Select the JavaScript Category
5. Un-check the “Enable Acrobat JavaScript” option
6. Click OK

Please note: These steps will not protect you completely from the security issue, but it will lessen the potential for being hacked. The actual fix for this issue is scheduled for release by Adobe on March 11, 2009.  Until then, as with other files you may download from the Internet, you must be careful and diligent regarding the source of any file you choose to transfer to and open on your computer.

Because of the lack of a patch or update for such an extended period of time, everyone needs to be particularly careful when opening PDF documents from potentially untrustworthy web sites on the Internet, via email, or from other sources.

Authors note: “Ménage à trios” literally translates to “household of three”.

It seems that something a number of IT operations fail to recognize is how tightly integrated e-mail is with DNS. To some that might sound incredibly obvious since DNS records are a requirement for connecting to anything on the Internet by its name, as well as contacting mail servers. But the daily onslaught of spam has brought DNS into the spotlight in terms of anti-spam filters. Because spam has become so prevalent and ingenious in the ways it is able to penetrate an anti-spam filter, increasing scrutiny is placed on the sending system itself as well as its accompanying DNS records.

The increased visibility and scrutiny of DNS is because of how spammer operations typically work – which is on the backs of exploited “zombie” computers world-wide. The overwhelming majority of spam comes from residential home computers, with a sprinkling of exploited corporate systems and servers. And what do these systems have in common? Well, for one they aren’t real mail servers. Second, since they aren’t mail servers, they typically don’t have the appropriate DNS records that any well-respected mail server should: A, MX, and PTR — or what I like to call “the DNS ménage à trios“.

Unfortunately, some IT operations have failed to take DNS fully into consideration, and have not created all of the appropriate DNS records for their MTAs either. Lets take a brief look at these at a high-level:

• The A record – otherwise known as the host name record or host address record is what translates the canonical (fully qualified domain name) into an IP address. If you want to communicate with a system on the Internet (or any IP based network) by its host name, it has to have an A record in DNS.
• The MX record – otherwise known as the mail exchange record is an indicator for which server (by its host name) receives mail for a particular domain. Without an MX record, no one would be able to tell which server is designated to receive e-mail for your domain.
• The PTR record – otherwise knows as the pointer record or reverse record is a means to translate an IP address to its intended host name — in essence, the reverse of what an A record does.

Since many incarnations of spam attempt to be anonymous, they use bogus domain names in the e-mail – so immediately the existence of an MX record is an excellent choice for an anti-spam filter to check for. But second – and this is what is typically overlooked by legitimate IT operations – is the PTR. The PTR is an ever increasingly important DNS record check because it allows the spam filter to deduce if the sending IP address has a host name within the same e-mail domain and/or matches a valid A record host name within that domain.

Initially confusing for people not experienced with administrating DNS, is that PTR records do not exist within the same DNS space as your A and MX records. Those fall under the DNS provider for your domain name. PTR records are based on the IP address, so they instead have to be hosted by the DNS provider of the network range the IP address falls within – which is typically your ISP.

• Yes, your ISP will need to create these records for you. Sometimes this requires some managerial pressure because the tech taking your call doesn’t realize the world has changed and that PTR records have become a requirement.

It’s simply an increasing fact of dealing with spam that more and more anti-spam filters are checking for each of these records, and more recently with applied scrutiny on the PTR. If you don’t have a PTR record for your sending mail server, you should get one in place as soon as possible. The chances that your mail will be blocked otherwise increases daily – and DNS records typically take time to get published!

If you employ different servers for sending and receiving email, you don’t currently need a PTR for your receive-only MTAs. Only your sending servers are going to be scrutinized for their PTR record. But I in any case – especially considering the future of spam and anti-spam filters – I recommend that you allow all your servers to do the DNS ménage à trois.

Share/Bookmark