Home > Frequently Asked Questions
Frequently Asked Questions
Answers to common questions about hardware, databases, backups, networks, ports, security, FTP, http, firewalls and similar items.
Hardware Requirements and Virtualization
|
Do we really need the disk capacity noted in your requirements documents?
|
Certainly you can start smaller, but most shops prefer to size their needs, install once and tend to hardware when maintenance is required. If you are using virtualized systems that allow for dynamic disk space expansion (albeit, with a little downtime), you can start smaller.
A default DatMail install, along with database servers (MSSQL and PSQL), our default components (such as EDocs Manager) and Windows 7 Professional takes up about 13 GB. Obviously you will need to consider paging file space for Windows, space for backups, Mail.Dat files and general data growth.
Sales has a spreadsheet available to help you come up with a rough estimate of disk space needs based on mail volume.
|
We would like to switch to a new server of Dat-Mail which would be
virtual instead of a physical box. Is that ok?
Can we run your products on a VMWare or Microsoft Hyper-V VM?
|
Sure. A VMWare VM (like a Microsoft Hyper-V VM) looks the same to our software as a regular computer.
Please note that our support team are experts in our mailing software. They are not network/virtualization system administrators, so they cannot provide system administration support for VMWare, Hyper-V or Citrix as each of these virtualization systems require highly-specialized expertise and training.
|
|
Shop / Warehouse Hardware (coming soon)
|
|
| Ports, Proxies and Firewalls |
Do you have step-by-step instructions to show us how to setup Windows Firewall for your products that use Microsoft SQL Server?
|
Yes. This firewall setup instructions document mentions PPP specifically, but the instructions are the same for all Window Book products.
|
What port must be opened on our clients and servers for Microsoft SQL Server?
|
The default ports are 1433 and 1434. 1433 can be changed via the MS SQL Configuration Manager. 1434 cannot.
|
What ports does Pervasive SQL use?
|
The default Pervasive ports are 3351 and 1583, but these can be changed via configuration parameters in Pervasive.
|
What programs should be added to the server firewall for Pervasive SQL?
|
For Pervasive PSQL Workgroup, w3dbsmgr.exe.
For Pervasive PSQL 32-bit Server, ntdbsmgr.exe.
For Pervasive PSQL 64-bit server, ntdbsmgr.exe and ntdbsmgr64.exe.
|
What port(s) must be opened on our clients and servers for the successful transfer of USPS MDR Client-related data?
|
The information provided below was taken directly from the Postal Service Mail.dat® Technical Specification, which can be downloaded from the USPS web site at: https://www.usps.com/postalone/guides.htm:
The File Transfer software (Manual mode) uses
http/https protocol to communicate through ports 80 and 443.The
destination address is mdx.usps.com which corresponds to a virtual IP
which is accessible to the internet and redirects to servers to a USPS
secure enclave in a data center in Eagan MN. If firewall settings
prevent http/https communication through ports 80 and 443, reconfigure
the firewall to allow this traffic. Port 443 is the standard port for
https communication.
The PostalOne! Mail.dat client software can be
configured to work through a proxy server when needed.
|
Can you provide a list of all IP addresses used by your products? We secure our firewall by IP address, rather than URL.
|
WindowBook.com's IP address is 174.129.25.170.
We use Amazon AWS for secure storage of installers as well as labeling
list and other USPS data.
We cannot provide a complete IP address list for
Amazon AWS, however the following information may help: According to https://forums.aws.amazon.com/thread.jspa?messageID=87807, the following IP ranges and CIDRs are used by Amazon S3, however this may not be a complete list.
http://whois.arin.net/rest/net/NET-207-171-160-0-1/pft
NetRange: 207.171.160.0 - 207.171.191.255
CIDR: 207.171.160.0/19
http://whois.arin.net/rest/net/NET-72-21-192-0-1/pft
NetRange: 72.21.192.0 - 72.21.223.255
CIDR: 72.21.192.0/19
Please keep in mind that Amazon AWS is a massive multi-hosted, multi-location server farm with more IP addresses than anyone will want to maintain in a firewall. You'd spend a sizable amount of time managing the firewall and would likely experience downtime because of new IPs added (or IPs that are used that we haven't captured yet) prior to getting them into the firewall. We could only build that list by constantly monitoring the URL for IP changes.
For this reason, Window Book discourages using an IP address list for Amazon hosted data. A CIDR (or list of CIDRs) might prove more useful.
If these installer and USPS data storage locations must meet Federal security standards, one option is Amazon Govcloud (see http://aws.amazon.com/govcloud-us/faqs/#What_is_AWS_GovCloud). We have not added this functionality to our products at this time. Doing so will add additional development, testing, QA and investment, which is likely to add additional cost to your project. Even so, we are not sure that Amazon GovCloud offers an IP list, so this might not fulfill this need.
For more details on Amazon Web Services (AWS) security, see https://aws.amazon.com/security/ |
Does Window Book software work through a proxy?
|
Window Book products implicitly use Internet Explorer's proxy configurations. This is the default behavior in Windows Communication Foundation which is used for the Automatic Postal Data Updates, for example.
Window Book products don’t do any explicit proxy handling, however.
|
What domains does Window Book software need access to?
|
Nearly all of our software uses these:
wbicommon.queue.core.windows.net
wbicommon.blob.core.windows.net
Automatic Postal Data Updates uses these:
s3.amazonaws.com
dls.windowbook.com
sqs.us.east-1.amazonaws.com:443
PostalWeb.NET uses these:
sdb.amazonaws.com
s3.amazonaws.com
api.postalweb.net
wbip1docs.s3.amazonaws.com
wbshasta.s3.amazonaws.com
windowbook.addtoit.com
windowbook.s3.amazonaws.com
queue.amazonaws.com
sqs.us.east-1.amazonaws.com
http://www.PostalWeb.net
https://www.postalweb.net
If ports 80 (HTTP) and 443 (HTTPS) are not open, our products are going to have difficulty running successfully. Port 443 (HTTPS) is particularly important across all of our systems.
Notification emails may come from Window Book products from these addresses:
schedulerservice@windowbook.com
scheduler@windowbook.com
wbiadmin@windowbook.com
ALL technical support and professional services email comes from this Microsoft-owned domain.
supportcenteronline.com (click here for additional email server technical details)
If you cannot receive emails from this domain, all support must be delivered by phone.
|
|
| Databases and Backups |
Can the same server host Microsoft SQL Server, Pervasive SQL and the TPS files?
|
Yes. You can also place the databases used by Window Book products on an existing SQL Server instance that you already manage.
|
Can we use our own Microsoft SQL Server instances for Window Book products?
Can we configure DatMail (or Postal Package Partner) to use our MSSQL cluster servers?
|
| Yes, as long as they are using SQL Server 2008 R2 or later. |
| Does Window Book manage our Microsoft SQL Server instances? |
No.
We do provide a program that will start standard Microsoft SQL Server backups using standard MSSQL facilities, but there is more to managing a SQL instance than just backups. Your IT shop should be aware that backups should be managed and archived as necessary, MSSQL log files should be managed, etc.
We are working on a framework of procedures for our customers who don't have MS SQL specialists on staff so that the existing IT team can start with those procedures and adapt them to their needs.
|
We have SQL Server 2008 on a server in our network. Can we use that?
|
No. Our products require Microsoft SQL Server 2008 R2 or later.
If you already have a server running SQL Server 2008 R2, SQL Server 2012, or SQL Server 2014, you can use it with our products.
|
We would like to switch to a new server of Dat-Mail which would be virtual instead of a physical box. Should I switch to SQL first and then upgrade to a new server?
|
Some virtualization platforms allow you to virtualize a physical machine into a VM.
That aside, I would suggest converting to MSSQL first unless the existing machine is resource-constrained for RAM and/or CPU. If the current computer is resource constrained, then we suggest migrating to a newer computer with more resources, then upgrading to MSSQL.
|
How is migration of our Pervasive-based data to Microsoft SQL Server handled?
|
We have an automated Pervasive-to-MSSQL conversion process that has been heavily tested. So far, it has been used to convert over 100 Pervasive-based Postal Package Partner (PPP) installations to the Microsoft SQL Server-based version of PPP.
|
Can we export the DatMail database into a *.bak file or some other file type that can be imported by MSSQL?
|
No. The data migration will be handled by our installation process and to some extent, by DatMail itself. No manual steps are required.
|
Our Datmail install failed saying that the instance name SQLExpress already exists. What do we do?
|
Each computer can only have one SQL instance with a given name, whether that name is "SQLExpress" or "NewEnglandPatriots".
If this failure occurs, you'll need to use the MSSQL 2008 R2 Express installer to install an instance of SQL Server 2008 R2 with a different instance name (the instance name is your choice). Our installers cannot change that name.
Once you have the new instance of SQL Server installed, when our installer asks you if you want to install SQL Server or use an existing SQL Server, tell it you want to use an existing SQL Server instance and select that instance's name from the drop down list the installer displays.
See the topic below with the title: "The SQL Server install that was attempted while running the WindowBook installer failed. Now what?"
|
Our existing server has MS SQL 2005 (or 2008) on it. Can we install MS SQL Server 2008 R2 on this machine as well? We Google'd around a little and found some technical info that made us worry about having multiple SQL Server versions on the same computer.
|
It is *not* required that you have a special server just for the SQL Server 2008 R2 instance that our products use, but you should be aware that some situations may require that you put SQL Server 2008 R2 on a different computer.
These situations tend to be specific to a particular combination of versions and features, which makes it difficult to automate solutions to every possible situation.
|
Microsoft SQL Server 2008 R2 Express has a limit of 10GB per database. What happens if our data takes up more than 10GB?
|
If your data requires more than 10GB, you will need to purchase a license for Microsoft SQL Server 2008 R2 (or later). The Standard edition is what most customers would use. Please note that you can use existing instances of SQL Server 2008 R2 that are available on your network, but care should be taken to be sure these instances are located and tuned for the additional user and data load.
|
| What happens if our data on a Microsoft SQL Server 2008 R2 Express Edition instance starts off well below 10GB and grows to or beyond 10GB? |
Window Book uses separate databases for each Mail.Dat. We currently use two databases, wbdb for .Net functionality and wbdbCla for other functionality. This provides for 10GB in each database, plus up to 10GB in each Mail.Dat database.
Despite this and efforts to purge of old data to reclaim space, it is not likely that high-volume mailers will be able to permanently avoid licensing Microsoft SQL Server 2008 R2 Standard Edition. This investment is the responsibility of the mailer. |
| Do we need a list of each MSSQL table in our SQL Server instances so that we can back them up? |
In general, this is not necessary. You can backup your MSSQL databases by database name and avoid having to focus on these details at the table level. Be sure to backup wbdb, wbdbcla, and if it exists, wbdbmaildat.
|
Our backups of the Pervasive and TPS data files are currently managed by our IT department. What should we consider when our data is migrated to Microsoft SQL Server?
|
Your IT staff should be notified about the migration, asked if they provide managed SQL Server instances for our products to use (this would be ideal) and kept up to date with the progress of the migration. If local instances of Microsoft SQL Server are used, your IT staff should be informed of their location so they can be included in their MSSQL backup and log management processes.
|
What SQL Server permissions do we need to run a Window Book install?
What permissions are needed to run Window Book products after the install?
|
During the initial install, the Windows login must have SQL Server db_creator access on the server. Once the databases are created, the user must be a member of the sysadmin fixed server role or the db_ddladmin, db_backupoperator (server/standalone installs) and db_owner fixed database roles. Administrative logins should ALWAYS be used when performing installs. Failure to heed this advice is likely to result in unexpected downtime.
After the initial install, the following permissions are frequently necessary during subsequent update installs as the installer updates SQL tables when we add functionality to our products:
Requires ALTER permission on the table or view. User must be a member of the sysadmin fixed server role or the db_ddladmin and db_owner fixed database roles.
Our products do not differentiate between "regular" and "power" users as far as SQL security is concerned.
The Windows login used to run the WindowBook Automation Scheduler must also have Db_creator rights in SQL Server.
The Windows login used to run Dat-Mail Prep must have db_creator rights in SQL Server.
|
Can we use your products with a SQL cluster?
|
We expect that your data will remain available as long as the instance name in \Public Documents\Windowbook\wbdb.xml can be accessed. If the instance name changes as part of a cluster failover and no redirection is done to a recovery instance, our products will not know what instance to use for your mailing data. This can easily be corrected by editing wbdb.xml to refer to the recovery instance.
|
The SQL Server install that was attempted while running the WindowBook installer failed. Now what?
|
If you are running a server OS, you usually are required by that server OS to install SQL Server separately. This is a limitation of the server OS, likely due to security considerations.
You can download SQL Server 2008 R2 Express from Microsoft's site and install it.
Once the SQL install is complete, run the WindowBook installer again. When the WindowBook installer asks whether you want to use an existing SQL instance or to install a new one, tell it to use the SQL instance you just finished installing.
|
|
| Database Migration |
When the data in our Window Book program is migrated to Microsoft SQL Server, will the old Pervasive data be kept or deleted?
|
| The Pervasive .dat files are left alone after the conversion. It is up to our customers to decide when they can be deleted, archived, etc. |
| When our Window Book software is migrated to Microsoft SQL Server, does Window Book uninstall the Pervasive database server engine, drivers and/or services? |
| No. We have no way to know if these facilities are being used by other applications. Your IT staff will need to determine if they are still needed and act accordingly. |
| Our backups of the Pervasive and TPS data files are currently managed by our IT department. What should we consider when our data is migrated to Microsoft SQL Server? |
| Your IT staff should be notified about the migration, asked if they provide managed SQL Server instances for our products to use (this would be ideal) and kept up to date with the progress of the migration. If local instances of Microsoft SQL Server are used, your IT staff should be informed of their location so they can be included in SQL backup and log management processes. |
| We understand that our Datmail and Postmaster data in Pervasive and TPS databases is being migrated to Microsoft SQL Server in stages. Will you be providing information about the stages of migration as it occurs? |
| Yes. This will be included in release notes for each version as appropriate, which are available via our downloads page. |
| Will our Microsoft SQL Server 2008 R2 require more disk space than our Pervasive and TPS data? |
| Our experience to date has shown MSSQL to use less disk space though this will vary depending on the data involved. |
Once DatMail migrates Pervasive SQL and TPS data to MSSQL, will it use the existing WBDB database in MSSQL or will there be a brand new database created?
|
WBDB will continue to be used and its use will expand somewhat. In addition, the migration will create and populate a new DatMail-specific MSSQL database for most of the data.
A new database will also be created for each Mail.Dat if and when they are migrated. Mail.Dat files will be migrated to MSSQL when they are next opened, similar to how they are converted the next time they are opened in today's DatMail.
|
What ongoing changes, upgrades or security are required after the database migration?
|
You should keep your Microsoft system maintenance up to date, manage your backups and logs and tend to your firewall and similar security infrastructure. Our products will still require administrator access during subsequent upgrades.
|
Is there a specific schedule for table migration from Pervasive SQL to Microsoft SQL?
|
We are migrating tables based on impact and common sense given other updates and postal changes going on at the same time.
|
|
| Security, Services and other requirements |
| Are there any load balancing requirements for Window Book products? |
Not at this time.
|
| Do Window Book products send errors to the Windows event logs? |
| Our Automation Scheduler does. Our other products do not. |
Do Window Book products authenticate using LDAP / Active Directory?
|
Our in-house security application can verify that the login it uses is logged in to Windows, but we do not offer additional LDAP/AD support at this time.
|
| Which programs run as a service? |
Automation Scheduler, the PPP Presort and PPP Remote Mail Request server, Dat-Mail's Advanced Workflow Automation Manager (AWAM) and the Dat-Mail Database Server
The accounts used by these services cannot be LocalSystem or NetworkService. We strongly suggest creating a service login specific to these services. If you are on a domain, it must be a named domain user account with the appropriate permissions to Create/Delete/Read/Write and communicate with MS SQL with Read/Write privileges in the databases in the instance Window Book products currently use (wbdb, wbdbcla and the MD**** mail.dat databases). Ultimately the account should be granted RunAsService rights. If this cannot be done due to group policies, then that right will need to be granted to the group the service login's user belongs to.
We strongly discourage the use of regular desktop logins for services. Service logins have special needs (like non-expiring passwords, or password expiration periods that are longer than desktop logins), admin access and other things that most desktop users dont need.
The Windows login used to run the WindowBook Automation Scheduler and DatMail Database Service must also have Db_creator rights in SQL Server. See the database permissions section for more details. |
What file/folder permissions do Datmail users require?
|
Datmail users need full control over the \WB folder. Please note: Datmail cannot be installed in the \program files folder.
|
What file/folder permissions do Postmaster users require?
|
Postmaster users need full control over the \WB folder. Please note: Postmaster cannot be installed in the \program files folder.
|
What file/folder permissions do Postal Package Partner (PPP) users require?
|
PPP users need full control over the \WB folder. Please note: PPP cannot be installed in the \program files folder.
|
What Active Directory logins are needed to install and run Window Book products?
|
Our products do not use Active Directory to control access to each product's functional areas. Our in-app security feature (called “Secure”), which does offer granular access control. It also offers an option to make sure that the user is logged into Windows. The maintenance of groups, users and access is part of Secure, which is accessed via our product menus.
Installation requires an administrator class login, as our installers will elevate in UAC-enabled environments. Regular use of our products after installation does not require elevation or administrator-class logins.
The Windows login used to run the WindowBook Automation Scheduler must also have Db_creator rights in SQL Server.
|
What SQL Server roles do SQL Server logins require to use Datmail, Postmaster and Postal Package Partner?
|
Window Book products require the use of SQL Server's Windows Authentication. We do not use SQL Server Authentication. It is ok if your SQL Server instance is in mixed authentication mode, but our products will still use Windows Authentication.
DatMail users must have db_creator access for the MS SQL instance where wbdb is located if those users will be importing mail.dat files. Using "grant create any database" is one way to accomplish this. This permission is needed because of permanent databases created temporarily during the Mail.Dat import process (we cannot use temporary databases).
The Windows login used as the service login for the DatMail Database Server requires db_creator for the MS SQL instance used by Dat-Mail. This login should also have the backup operator and db_ddladmin roles, as it can perform automated backups of the mail.dat databases and execute scripts to manage them.
The Windows login used as the service login for the PPP Presort and PPP RMR server requires db_datawriter and db_datareader to the wbdbcla database.
All other Datmail and PPP users require db_datawriter and db_datareader to the wbdb and wbdbcla databases. The mail.dat database permissions are managed automatically by the DatMail Database Server.
The Windows login used to run the WindowBook Automation Scheduler must also have Db_creator rights in SQL Server.
|
Does your Secure application security option use Active Directory logins and groups?
|
No. Secure (in-house security application) can optionally verify that the login it uses is
logged in to Windows. We do not offer additional LDAP/AD support at this
time.
|
Are there any security requirements for the installation of Pervasive SQL server or client?
|
Aside from the firewall notes (in the Firewall section), the requirements are that it is installed by an administrator-class user on the server. Both the server and client installs will require a reboot and these are handled by the Window Book product server, standalone and workstation installers.
|
How does Window Book ensure code security?
|
Window Book has multiple processes to ensure code security.
In our .net code:
- We use Visual Studio 2015 Code Analysis to review for code vulnerabilities during builds.
- We protect sensitive assemblies with Code Wall. Window Book will use Code Wall or comparable products moving forward.
- We run ESET virus and malware software to protect against viruses and malware.
- We sign our binaries to prove that they have not been altered since we created them.
In our Clarion code:
- We run ESET Enterprise and Malwarebytes to protect against viruses and malware.
- We sign our binaries to prove that they have not been altered since we created them.
|
|
| Disaster Recovery |
| Do Window Book products provide for real-time data backups? |
Datmail and Postmaster: These products use MS SQL, Pervasive SQL and TPS (ISAM) files. The TPS files do not support real-time backup. MSSQL and Pervasive SQL both do via commercial backup products. The MS SQL databases can be used with real-time database backup products.
Postal Package Partner: The MS SQL database can be used with real-time database backup products. |
|
| Quality assurance, development, testing and releases |
| Do you release your software on a specific schedule, such as every Tuesday at 9am? |
Due to the fast changing nature of our industry, we don't release on a specific consistent schedule.
We tend to release our larger products at least once a month, but this depends on USPS updates, internal development schedules and progress through our quality assurance process.
We do usually build software products and run automated regression and unit testing internally multiple times a week. We have a sophisticated system of test driven development that enables Window Book to deliver high quality software on very quick time frames due to last minute industry changes.
|
| Can you describe your quality assurance process? |
Quality starts in development. It includes things done to assure consistency from the start of development to the creation of the installer and beyond.
Our products and their components are managed via source control. Source control is a management system that allows you to keep a history of your program source as it is created, updated, repaired and enhanced. It allows for a detailed audit trail and allows development teams to be sure they are not corrupting each other's changes by mixing old code with new code.
When updated programming is "checked in" to our source control repository (much like checking in a book at the library), any components affected by those changes are automatically rebuilt by our continuous integration system. This automated build system makes sure that our products and their components are up to date and use the same build process each and every time, no matter who is traveling or on vacation.
When a product manager is ready to create a new build - and thus, a new installer, they use a request system that tells our continuous integration system to build a new installer for that product. They enter release notes and set the version numbering to be used and tell the system to start creating the installer.
At that point, the continuous integration system builds the entire product, pulls in the current version of any required components, code signs the binary (dll/exe) files, creates the installation program, uploads the installer to our download site and emails the product manager to inform them that the installer is ready (or that something went wrong).
Once the installer is built successfully, it is automatically detected by our automated testing system. Our automated testing system performs two types of tests: Quick tests and Comprehensive tests.
Quick tests run in just a few minutes in a known environment, such as a fresh installation of Windows 7, and assure that the install and the most basic functions work on the OS where they are tested.
Comprehensive tests operatel in a known environment, either as an upgrade or a new install. They perform numerous end-user tasks in the product once the install completes. This might include importing a Mail.Dat, generating statements, exporting a Mail.Dat and printing reports. Our comprehensive tests total over 30,000 test points - ie: Clicking a button is 1 test point. Typing data in a field is another. Each step of a comprehensive test has an expected outcome so if anything changes or an unexpected result occurs, our testing team is aware of it and can discuss the situation with development.
Comprehensive testing finds problems before our product managers and other testers do. Most importantly, this kind of automated testing consistently verifies thousands of functions much faster and with more consistency than our product managers can. Despite this, our product managers also verify each new development case and bugfix fix submission.
This complex, automated process is designed to produce a consistent product with the highest possible quality. Every step of the process is designed to find things before they reach a customer. We've invested substantially in our quality assurance processes because we know the quality of our products directly affects your business. |
|
|
Frequently Asked Questions