HP ePrint Address Alias Using Exchange 2010 Transport Rules
The other day my company put on a day of presentations for our customers to celebrate our 10th anniversary. As one of the technology demos we showed off one of the new web-connected printers from HP. One thing we didn't care for was the crazy HP ePrint email address. If we wanted to make it easy for our customers to try printing from their mobile devices we couldn't very well make them type in <string of random chars>@hpeprint.com all the time.
So we decided that we'd just create a mailbox rule on our Exchange 2010 server that would forward the message to the ePrint email address generated by HP. This didn't work at all.
Due to what are probably sensible anti-spam precautions the messages were rejected. I suspect that when the message headers were analyzed the didn't pass muster bouncing through another mailbox like that.
I thought about it and decided this may be a place to try using Exchange Transport Rules.
We kept the Exchange mailbox, eprint@<domain>.com. This may or may not not be strictly necessary but given the fact that our spam filtering service gets the list of accepted email addresses from Active Directory we did need it in our case.
In the Exchange Management Console I went to Hub Transport under Organization Configuration. From there I went to the Transport Rules tab and I created a new rule.
In Step 1 I checked the "sent to people" box and entered the value eprint@<domain>.com address. I wanted to make sure that rule was only applied to messages I intended to print.
In Step 2 I checked the "remove header" box and set it to remove the "To" header. I also checked the "add a recipient to the To field addresses" and the "redirect the messages to addresses" box and entered the ePrint email address as the value in both of those fields.
It ended up looking like this:
Transport Rule for ePrinting
I didn't enter any exceptions in the last window of the wizard.
At this point I sent a test message to the new address and the message printed perfectly. It simplified things for the customers at our tech fair and they were able to very easily test what seems to be a very desirable printing feature for many of them.
Enjoy!
AT&T Uverse vs. Aastra 55i
First I went to the Global SIP screen and set things up in the usual way so that the phone had the information needed to register to the PBX, etc.
This would work great if the phone could route directly to the PBX and back again but with Network Address Translation occurring on my end throws a monkey wrench into the works when it comes to SIP and RTP.
So in the end it seemed necessary to take a look at the available settings on the 2Wire device and see what my options were. There weren't many.
I ended up explicitly allowing the UDP ports that the phone uses. On the Uverse gateway. Here are the steps:
First I went to the Firewall tab and then Firewall Settings. I selected the phone from the Computer drop down and selected "Allow individual application(s)" like so.
Next, I clicked Add a new user-defined application and created a user-defined app as below.
The phone sends and receives RTP traffic on ports beginning with UDP 3000. I opened up ten ports allowing for five simultaneous calls. This seemed like more than enough for my purposes.
When I was done I clicked "Add Definition" and then the new user-defined app was ready to go. I Selected it on the following page, clicked Add, and then Done. After that the phone worked great.
What I did find odd is that I didn't need to define a stun server on this phone to get it to work in this situation. The 2Wire residential gateway must do some sort of manipulation of SIP packets because from what I could tell all of the fields looked correct with the appropriate public IPs in the right places.
Enjoy!
Matt
Automatic Proxy Detection/wpad.dat
I recently had the opportunity to setup Automatic Proxy Detection for a customer. I'd never taken the time to figure it out before. It worked in both IE and Firefox and was kinda neat.
It turns out that when you start your web browser and you have automatic proxy detection enabled it attempts to find a file at the URL http://wpad.yourdomain.tld/wpad.dat. In my case it would try for http://wpad.mattscott.org/wpad.dat. If that file is found it runs the javascript in it and sets the proxy settings to however they are defined in the wpad.dat file. Here's what we did. I'm using example.com as my domain to protect the guilty.
Create a DNS Record
We created a CNAME for wpad.example.com that pointed to a web server. In this case a Microsoft Small Business Server 2003 running IIS. An A record would work okay too but given the fact that this will probably never be a server's primary name record a CNAME made sense to me.
Create wpad.dat
Now you need to create your wpad.dat file. We found several examples on the web. Here's an example. Google can help you find more:
function FindProxyForURL(url, host)
{
if (shExpMatch( host, "192.168.1.*" )
|| shExpMatch( host, "127.*" )
|| shExpMatch( host, "localhost" )
|| shExpMatch( host, "*.example.com" )
|| isPlainHostName( host )
|| dnsDomainIs( host, ".example.com" )) {
return "DIRECT";
}
return "PROXY proxy.example.org:8080;";
}
The first section inside the if block tells the browser to connect to the destination server directly if one of those conditions are met. You'd normally do this to bypass your proxy for a host on the local LAN. The second section is where you define the proxy for use with everything else. It's just a javascript function so you could probably go pretty crazy with the thing if you wanted to.
Once you've created your file copy it to the root of your web server. One thing that we noticed was that IIS wouldn't server the file initially because it didn't have a mime type for a .dat file. So we added a mime type of application/x-ns-proxy-autoconf for .dat files and we were good to go.
Create a DHCP Scope Option
The last thing we did was create an option in our DHCP scope to define where your wpad.dat file is. I don't believe his isn't strictly necessary since a machine should generally attempt to connect to a host called wpad in its own domain. I see it as a good idea though because you might run into issues if you ever have guest machines on your network or if you are using some sort of split DNS tunneling over a VPN client or something like that. It was a recommended step so we did it in DHCP on a Windows Small Business Server 2003.
Create an Option 252 Entry in DHCP
To create an Option 252 entry in DHCP, do the following.
|
1. |
Click Start, point to Programs, point to Administrative Tools, and then click DHCP. |
||||||
|
2. |
In the console tree, right-click the applicable DHCP server, click Set Predefined Options, and then click Add. |
||||||
|
3. |
In Name, type WPAD. |
||||||
|
4. |
In Code, type 252. |
||||||
|
5. |
In Data type, select String, and then click OK. |
||||||
|
6. |
In String, type http://Computer_Name:Port/wpad.dat where:
|
||||||
|
7. |
To add the option to the scope right-click Scope options,under the scope you want to add it to and then click Configure options. |
||||||
|
8. |
Confirm that the Option 252 check box is selected. |
Unless I left something out, that about does it. All you should have to do is to check the Automatic Proxy Detection box in your browser and you should be good to go. In Internet Explorer you can sort of push this setting down via GPO. Of course it's one of those whacked out policies that users can mess with if they know how. In Firefox I am not aware of a way to automate this but I'm sure somebody's written something.
Enjoy!