Current Stories
PermaLink Badkey deactivate robots.txt on Domino / Lotus Notes09/28/2015 11:36 PM

Today I have disabled the 'robots.txt' on,
just to get the information on the web.
also have a look at my personal Google+ Page

Google Status:

About /robots.txt

IBM Redbooks:
Best Practices for Domino Web Application Development. link

Image:Badkey Corner - Badkey deactivate robots.txt on Domino / Lotus Notes

The Badkey Team
my personal Google+ Page

PermaLink Sophos UTM Up2Date 9.350012 package09/28/2015 11:11 PM
Firmware version: 9.350012

We just did the upgrade in the OTAP.

Image:Badkey Corner - Sophos UTM Up2Date 9.350012 package

Up2Date 9.350012 package description:

Add support for new RED15 devices
Mesh support for AP15, AP55, AP100 in 2.4GHz
Update AppCtrl engine

Fix [34890]: REDs disconnected when connecting more than 270 concurrent RED tunnels
Fix [35338]: Bridge with RED: No warning that RED-interface will be removed from bridge when RED will be deactivated

RPM packages contained:

The Badkey Team

PermaLink CentOS Linux Kernel Update 2.6.32-504.30.3 Released07/30/2015 01:55 PM
CentOS Linux Kernel Update 2.6.32-504.30.3 Released
We just upgraded OTAP to Centos Kernel 2.6.32-504.30.3

Resolved CVEs:

Full details can be found

The Badkey Team

PermaLink Sophos UTM Up2Date 9.314013 package.07/30/2015 01:09 PM

Sophos UTM Home Edition
Home Free Use Firewall is a fully equipped software version of the Sophos UTM firewall, available at no cost for home users – no strings attached.
It features full Network, Web, Mail and Web Application Security with VPN functionality and protects up to 50 IP addresses.

Firmware version: 9.314013

Image:Badkey Corner - Sophos UTM Up2Date 9.314013 package.

We just did the upgrade in the OTAP

UTM Up2Date 9.314 Released

The Badkey Team

PermaLink Badkey migration to Google Apps02/20/2015

During Q1 2015 Badkey started Domino 9, now Badkey is running IBM Notes and Domino 9 64 bit.

Image:Badkey Corner - Badkey migration to Google Apps

We have to move to the next stage "Go to Google Apps".
Image:Badkey Corner - Badkey migration to Google Apps

I still have 2 mailboxes that I have to move to Google.

Yep 2 NSF files ,
Image:Badkey Corner - Badkey migration to Google AppsandImage:Badkey Corner - Badkey migration to Google Apps

What migration can I use ?  Please e-mail me for a solution at:

The Badkey Team

PermaLink Sophos UTM 9.3 firewall and Sophos AP30 access point11/29/2014 01:04 PM
Free firewall for home usage.
Sophos UTM Home Edition

We just did the upgrade to Version: 9.301002
Image:Badkey Corner - Sophos UTM 9.3 firewall and Sophos AP30 access pointImage:Badkey Corner - Sophos UTM 9.3 firewall and Sophos AP30 access point

We also installed an AP30 on the network:

Technical Specifications AP 30

Simplify your wireless networking by using Sophos UTM as a wireless controller to centralize your Wi-Fi management and security. Our access points are automatically set up and configured by the UTM. That means all your wireless clients get complete threat protection too.

  • Centrally controlled wireless from your UTM
  • No local configuration of access points required
  • Complete UTM protection for wireless clients
  • Quick voucher-based guest access
  • Choose from a range of access-point models
  • Uses high capacity 802.11n for reliable access
  • Installs fast with automatic setup and configuration
  • You can set up multiple wireless Access Points (APs) within minutes. They require no local configuration and will simply find the controller, retrieve their IP address via DHCP, and import the configuration. Devices automatically appear in the UTM interface where you can manually activate them.
  • Creates reliable mesh networks
  • Our range of access points support different deployment scenarios. They include the ceiling-mount design AP 30 and the dual-band/dual-radio AP 50 which acts as a repeater and/or bridge to extend coverage to hard to wire areas.
  • Provides guest Wi-Fi and BYOD access
  • We give you secure, easy-to-manage guest access out-of-the-box – without extra appliances, licenses or complex configuration. Customizable splash pages, bandwidth limits, on-the-fly guest logins and content filtering allow you to customize your guest experience.
  • Secure wireless and integrated UTM protection
  • To prevent unauthorized access we use the most advanced encryption and authentication standards available, including WPA2-Enterprise in combination with IEEE 802.1X (RADIUS authentication). And, our APs forward wireless traffic to the UTM, giving wireless clients the same level of security as if they were physically connected to the LAN.

Sophos UTM Advantage (9.3) is coming soon – find out what’s new!

Major New Things:

Live AV Lookups in E-Mail Protection
Introduced in UTM 9.2 for Web Protection, Live AV lookups now come to the E-Mail Protection to further increase the protection surface of UTM. This option will improve the malware detection rates by consulting the cloud infrastructure from SophosLabs for possible threat matches.

SPX Self-Registration
With the self-registration feature, recipients of an SPX encrypted email now are offered the option to register themselves through an online-portal where they will be able to create, reset and recover passwords to access their encrypted emails. This will eliminate the need to manually communicate passwords to recipients of encrypted email.

SPX – Support Attachments on Reply Portal
When replying to an SPX-encrypted email, now recipients can add attachments to their message so that the full communication now can be encrypted in both ways.

Policy Tagging
With UTM 9.2 we introduced the ‘Website List’ feature where customers can add URLs and override the category. URL tagging extends this feature by allowing customers to apply zero or more custom tags, or labels to URLs. They can then use these tags in Web Policy to fine tune actions for specific sites. For example, if a customer has a restrictive policy but needs to access customer websites that would otherwise be blocked, they can add their customer sites to the Website List, tag them as ‘Customer Sites’ and then modify the policy to enable access to the 'Customer Sites’ tag.

Time Quotas
For many web gateway use cases it makes sense to offer ways to allow users access to personal websites for a limited time period. With the new feature in Web Protection, administrators can now set up time quotas allocations that can be assigned to specific sites, categories or groups of categories for specific users or groups. Users will be warned that they're using their quota. When a quota expires, they'll be informed accordingly.

Selective HTTPS filtering
To allow more flexibility and provide better performance we have implemented an option to allow selective HTTPS filtering. This will help security-conscious organizations to perform the important scans in HTTPS like (a) the ability to detect malicious content, (b) the ability to identify search terms and enforce safe search for Google and other search engines, and (c) the scanning webmail traffic for DLP only for specific sites.

Support for new hardware SG1xx, SG5xx and SG6xx
This release will add support for new hardware we are going to introduce later this year and will further extend our hardware product line. The support added includes SG1xx, SG5xx, SG6xx appliances as well as the new access points AP15 and AP100.

Hotspot improvements
We built an interface to communicate with Micros Fidelio hotel management software via the FIAS protocol. In addition, we have implemented support for HTTPS and the possibility to set up hotspots in a more multi-tenant fashion.

Multiple bridge support
For many advanced firewall configurations – especially when the UTM is not the main gateway – can be solved more easily by simply allowing multiple bridges. With introduction of this feature we at the same time cleared up the configuration options in the UTM Webadmin by moving the bridge configuration directly into the interfaces pane.

Minor Things:

VLAN DHCP & Tagging
We removed some restrictions around VLANs to make live of an admin easier. First we now allow DHCP on VLAN interfaces. Secondly we now allow tagged and untagged interfaces on the same hardware.

True File Type Detection
In our web and mail proxy we now allow detection of file types inside a downloaded archive file (zip, rar, …). This allows blocking based on file types included in those archives – rather than blocking archive files in general.

Sophos Customer Support secure access to UTM
With increasing number of global support sites with different IP ranges, it is also increasingly complex for customers to allow Sophos Support teams access to their UTM via Webadmin and SSH. Therefore we implemented a function inside Webadmin that allows simple and secure access by Sophos Support on request and under control of the customer.

WAF allow /block lists
For the Web Application Firewall we now added lists to allow and block IP's, which now is possible in the sitepaths.

WAF wildcard extension
Exceptions for internal servers now allow wildcards also in the middle of the server path. This allows admins to easily add exceptions for multiple servers effectively eliminating the need to maintain long lists in Webadmin.

WAF prefix/suffix option
Some environments, most notably Microsoft servers like Exchange and Sharepoint, require UPN/domain-style user names for log in. By adding an option to append a prefix or suffix to usernames customers now are able to add e.g. a default domain to facilitate the use in such environments.

HyperV 3.5 Support
The UTM 9.3 now fully supports Microsoft Hyper-V Server 2012 R2. We are incorporating MS Integration Tools v3.5 for Hyper-V which include the latest drivers and additional capabilities like high availability and load balancing.

Other New Things:
[Web] We have enhanced the https performance by several proxy improvements.
[Mail] Added fonts for Greek, Japanese, Chinese, Cyrillic PDF documents generated by SPX-encrypted emails.
[Mail] Added header manipulation possibilities in emails, in order to give customers the option to add/delete multiple headers to the message envelope.
[WiFi] Added Automatic Channel Selection (ACS), utilizing background scanning.
[AppCtrl] Updated Application Control Engine added better support for ATP and broader application coverage as well as IPv6 support.
[WAF] Added a setting to change WAF performance parameters
[WAF] Ability to upload custom rules (backend enablement required)
[WAF] Added scan size limit configuration

The Badkey Team

PermaLink Top 10 Reasons I Left Lotus Notes for Google Apps11/04/2014 11:37 PM

Just a remark as is an IBM Domino place and the Disclaimer is clear.

By: David Hoff (July 22, 2009)  

For the last 10+ years, I’ve spent countless nights and weekends keeping Lotus Notes/Domino running at organizations of all sizes. In the process, I’ve gathered more certifications than can fit on a business card (CLS, CLP, PCLP…), but at the end of the day, ensuring that email is working 24/7 takes too much time and effort. For that reason, I’ve left Lotus for Google Apps with no regrets.

Here’s my Top 10 List of why I made the switch:
  • No more emails with the red “X” replacing the actual image.
  • No more weekends spent upgrading Lotus Notes servers.
  • No more waiting for the AdminP guy/gal to do his/her work.
  • Way too many fixes on Lotus Fix List databases.
  • Killnotes.exe should be more of an attitude than a program.
  • I never made the switch to Java, and neither did Lotus.
  • I never was and never will be a fan of Quincy.
  • A smart upgrade isn’t as smart as a no upgrade.
  • Google’s 25GB inbox opens in less than 5 seconds and
  • Google’s email search function actually works.

Read the comments

The Badkey Team

PermaLink Badkey ISP change to Ziggo.100/10 Mbit/s10/28/2014 09:18 PM
Today we changed ISP to Ziggo

New test:
Image:Badkey Corner - Badkey ISP change to Ziggo.100/10 Mbit/s

Old test:
Image:Badkey Corner - Badkey ISP change to Ziggo.100/10 Mbit/s

The Badkey Team

PermaLink Badkey runs with SPF (Sender Policy Framework) record10/22/2014 08:21 PM
I know old information but just a reminder we are running this already as of Saturday 1st, July 2006.

SPF (Sender Policy Framework) is an e-mail protocol that fights return-path address forgery and makes it easier for ISPs to identify spoofed addresses. For this reason, e-mail newsletter publishers who have published an SPF record stand a better chance of their e-mail being delivered. Is it a cure-all for spam? By no means, but it is an important step in the attack on spam. E-mail publishers can use SPF to get more of their e-mail delivered. Hotmail, for example, started checking SPF records on 01 Oct 2004 !.

SPF is an open e-mail standard developed in 2003-2004 by Meng Weng Wong, founder of, and brought to the stage of becoming a recognized standard through the help many in the technical e-mail community.

SPF Helps Legitimate E-Mail Get through Spam Filters

The SPF Wizard

Info Sender Policy Framework

Old Free DNS report

Badkey runs with SPF record as of Saturday 1st, July 2006

Test from|type=domain&&

Test from

Test on Open Relay MailServer

The Badkey Team

Locations of visitors to this page
My World Travel (21%)
47 countries World66 Member
Domino Social Edition
StatCounter Statistics

View My Stats
Visitor Activity
StatCounter Came From