Bulk update Outlook Contacts’ phone numbers to be E.164 compliant

Here’s a quick & dirty tool I put together for Outlook to be able to update all the phone numbers of contacts to make them E.164 compliant. It relates back to a post a while back around the challenges of formatting numbers ‘correctly’, particularly important once you get into using click-to-dial technologies such as Office Communication Server.

The tool itself is basic since it’s only really expected that people will run it once, to sort out the numbers of old contacts you might have. It will check all the contacts in a given folder and automatically fix the numbers up, but there are a few caveats…

  • It’s hard coded for UK numbers beginning +44 … though the code is pretty easy to get to if you know anything about Outlook forms, and you can modify it at will.
  • It doesn’t back up the contacts before modifying, so you might just want to copy your Contacts folder somewhere else before running, if you’re of a nervous disposition. I can verify that it hasn’t mangled any of my contacts and nobody in Microsoft who’s tried it has reported a problem.
  • It’s not exactly straightforward to install – but if you follow the instructions carefully, you’ll be OK.
  • The document in the ZIP file explaining how to install & run it, is in Word 2007 format (docx). If you still haven’t either upgraded or installed the compatibility pack to add OpenXML support to your older version of Office, there’s a link in the ZIP file to go straight to the download page.

A final word: this is completely unsupported, supplied “as is” etc. If it does mangle all your contacts up, just revert to your backup copy – and if you didn’t take a backup then you’ve only got yourself to blame.

Harsh but fair I think πŸ™‚


The logic converts “from” the format on the left to the format on the right… (_ denotes a space)

Old format number begins New format number begins
0 +44
(0 +44 (
+44_0 +44_
+44(0 +44(
+44 (0) +44
+440 +44
(0) +44_


old number New number
0118 909 1234 +44118 909 1234
(0118) 909 1234 +44 (118) 909 1234
+44 0118 909 1234 +44 118 909 1234
+44(0118) 909 1234 +44(118) 909 1234
+44 (0)118 909 1234 +44 118 909 1234
+440118 909 1234 +44118 909 1234
(0)118 909 1234 +44 118 909 1234

Drowning in a deluge of spam

I’m sure everyone knows that email spam is a growing problem and that there’s not a great deal we can do to stop it entirely – initiatives like SenderID can help reduce the volume an organisation receives, and by using smart sender and recipient filtering* and connection filtering to drop inbound connections from known spammers or IP addresses that have been dynamically assigned, you can reduce things still further.

* The basic problem here is that by definition, mail arriving from the internet is anonymous. If you’ve ever looked at an SMTP conversation between two servers, you’ll see they’re just a bunch of clear-text commands, with the sending server saying “Hello“, then “I’ve got mail from <…>” and “it’s going to <…>” and followed by the body of the message. There’s nothing to stop anyone sending mail “From:” any address they choose… and anti-spoofing/anti-spam technology has to try to play catch up by filtering out the cases which don’t look legitimate, as well as by filtering content which appears dodgy.

At Microsoft, for example, our IT group filters any email which is coming from the outside and claiming to be “From:” any @microsoft.com address. The thinking is, there is no valid case where anything will ever traverse the internet legitimately coming from a Microsoft address, and enter the Microsoft network from outside via SMTP. So – if you’re a spammer trying to mail into Microsoft and pretending to be Bill, don’t bother. Your email will be “dropped on the floor”.

My own problem is that I have a personal email address which has been the same for about 13 years, and I was generally very careful about giving it out (registering on websites etc), but in recent years have relaxed my policy since the junk mail filters in Hotmail/MSN/Windows Live are generally pretty good and I got very little spam.

Now, some *&”%#!^ spammer has started spoofing mail from my address, and as a result I get a vast number of Non-Delivery Reports, Out of Office messages or notifications that my message has been junked since it looks too spammy. We’re talking anything up to 1,000 messages a day, which Hotmail manages to categorise as unwanted and sticks in my Junk folder, and maybe 50 or 60 that make it through to the inbox.

I’m sorry if you’ve ever had spam from my address – believe me, I don’t want to sell you Meds, offer you cheap replica watches, or present a solution for lengthening any anatomical components. Really, I’m quite happy working in IT.

I can’t think of what to do. I really don’t want to close the account since it’s a very short & sharp email address, and I use it for lots of legitimate non-work related things. I can’t stop someone pretending to be me, so I’m destined to be spending ages cleaning up my mailbox every week until the spammer gets bored and picks on some other address to spoof instead.

Unless anyone else knows different? Let me know if you have any suggestions which might stop the spammer and yet not cripple my own email address…

Fun and games with identity (and keeping it safe)

I was going to title this post, “the Wizard of Id” but decided against it.

It hasn’t been a great week for the UK government’s HMRC (Revenue & Customs) department, who admitted losing a couple of CDs which had an unencrypted export of the name, address, national insurance number and in some case, bank account details, of some 25m UK citizens, including every child registered for Child Benefit.

The media has gone to town on the department, decrying “how could this possibly happen?” and demanding the head of whoever is responsible. The chairman of HMRC has already resigned, and it wouldn’t surprise anyone if other follow.

More info on the story from the BBC.

The public consciousness

There are many questions about the whole sorry affair – such as, why on earth the National Audit Office needed the information in the first place, why HMRC decided to send it on CD rather than using the Government Secure Intranet (GSI) to transfer it, and why it would have been such a big job to filter out bank account information as had been suggested at one point. The Telegraph seems to think it would be at a cost of Β£5,000 to clean the data up, and take a software engineer a week. I’d be surprised if the content isn’t just a giant CSV file or similar; it should be a matter of loading into Excel 2007, deleting the columns to do with bank accounts, then saving again. If HMRC (or anyone else) wants to pay me 5 grand for doing that, I’m at your service.

What is interesting is the raising of the threat of identity theft in the public’s mind, from the sudden over-reaction of many to the casual indifference of most, at least until the story broke. Some newspapers have reported of large numbers of customers resetting their bank account PINs, and even wondering if they should move banks…

I personally shred every piece of correspondence which has my name and address in it, unless I need to keep it, and am generally pretty careful about identity. If someone did get hold of my name, address, date of birth, mother’s maiden name, bank account details etc, then it’s always possible they could mount a serious attempt to compromise my online banking – so the passwords and PINs are always unlinked to anything surrounding them… I wonder how many parents have bank cards with the PIN formed from their child’s date of birth?

I remember reading Kim Cameron’s Laws of Identity a couple of years ago and being impressed with the clarity, succinctness and yet completeness of what he said. If you’ve never read Kim’s work, go and check out the paper now or just check out the laws as bullet points.

It turns out the UK government breaks every single one of those laws at some level. And the press were saying that the HMRC crisis is a nail in the coffin for national ID cards… at least implementing an ID card system might give the government the opportunity to sort out how it deals with users’ data…

NASA’s new server – with 4Tb of RAM and 2048 CPU cores

Wow. George Ou from ZDNet wrote yesterday about NASA’s new supercomputer, the most powerful single node computer in the world. It comprises 1024 dual-core Itanium2 CPUs with 4Tb of memory.

The article doesn’t say what OS the beast is running, but one of the comments says that they have used a custom kernel based on RedHat (since the standard kernel won’t scale to that number of CPUs).

Since Windows is (still) available for the Itanium architecture, I bet it would be possible to run Win2003 or maybe 2008 on this box. It makes more economic sense, though, to have more servers running fewer CPUs and scaling “out” rather than “up”… but if you you could run Windows on this box, Solitaire really would fly πŸ™‚

When bean counters start counting things they don’t understand the value of.

I’ve been having a discussion with an old friend, who’s telling me of a large financial institution that have suddenly started getting very picky about spending on IT. Maybe it’s the financial environment right now – the tabloids are desperate to paint a doomsday scenario where all the banks are on the verge of collapse, whereas in reality it’s just a blip out of the norm…

Anyway, this scenario is driving the IT people crazy – instead of investing in IT, the accounts department is back to thinking about how they can reduce the spend.

The other day, I was talking about the Gartner-inspired Infrastructure Optimization models and how they can be used as a way of trying to show what value investment in IT can have – maybe this particular company needs to step up a gear to show their bean counters how short term it might be to slash budgets and expect people to just muddle along.

Reminds me of another story about a company whose penny pinchers decided to stop ordering stationery supplies for the stock cupboards on each floor in the building – the idea was that if you had to go to a designated Keeper Of The Stationery Supplies in order to get something, you’d bother rather less and stop being so wasteful.

What happened in that instance was that people spent so long wandering the halls looking for staplers/pens/paperclips etc, that the move to save a few $$ simply caused huge frustration in the end user and probably cost them a fortune in lost productivity too.

I first came across this particular scenario when I saw a spoof video lampooning the draconian stationery rationing measures.

The company was Microsoft.

Stationery supplies were reinstated in the ensuing months.

Sometimes it takes ground-floor people power to make the spreadsheet jockeys take note πŸ™‚

Zune software and firmware upgrade now live

Just noticed that www.zune.net has the latest Zune software for the PC and corresponding device firmware, available for download. Today marks the on-sale date of the new Zune devices too. I’ll be in NYC early next month… and I’m confident (at the moment at least) that I’ll resist the urge to upgrade the hardware…

Given that other makes of music players (like Creative’s Zen range) and even other consumer devices (Philips’ Pronto remote controls are a great example), have had software updates provided long after the devices were sold, this is hardly anything new.


Zune Software

It does keep users happy though – I’m pleased now that my 9-month old Zune has a fresh lease of life. Happier, I’m sure, than the early adopters of a certain touch screen phone (or a certain Blu-ray games console) were when the price dropped not long after they’d shelled out for it…

Gartner’s wisdom and the IO models

Over the years, Microsoft and Gartner Inc (neΓ© Gartner Group)  have had an interesting relationship: sometimes very close partners and colleagues in research projects, sometimes taking opposite stances to a position and being criticised by the other.

I’ve met a lot of IT people who have a similar bias – some pay Gartner for their advice, and basically don’t do anything that Gartner doesn’t advocate (a favourite was always the “Wait for SP1” behaviour when looking at deploying anything new from Microsoft). Other IT directors look dimly on any analyst report, figuring that that they’re all recycling the same old opinions, dusted with acronyms and supposedly cutting edge insight.

Gartner’s had some cracking ideas in the past, however – my two favourite models of theirs behind the Hype Cycle (particularly the “Trough of Disillusionment”) and the Magic Quadrant.

The latest Magic Quadrant for Unified Communications looked pretty favourable to Microsoft and Nortel (compared with last year, both have moved up and right) and a bit less so to a couple of other vendors who’ve dropped out of the “Magic Quadrant” altogether (the aforesaid being the top right quarter of the plot area, signifying the leaders who have the most complete vision and the best ability to execute on it).

I know they’re rather particular about licensing of reprints etc, and although Microsoft has licensed the Magic Quadrant report to be able to distribute, I’m not sure about taking an image from the report and posting it here. As a result, I’d encourage you to go directly to Gartner to view the latest Magic Quadrant diagram…

Infrastructure Maturity Model

A couple of years ago now, Microsoft was working with Gartner to simplify its existing Infrastructure Maturity Model, a means of describing an IT infrastructure’s level of advancement towards a well-managed, low-cost infrastructure. Gartner’s model has 7 stages, ranging from the chaotic “Basic” to the nirvana of “Policy-based”, but have estimated that 90% of customers never make it past the 3rd stage, “Standardised”.

IO, IO, it’s off to work we go

If you head over to http://www.microsoft.com/io you’ll see the output of some of this work – Microsoft boiled the 7 stages down to just 4, describing the Infrastructure Optimization (IO) model. Infrastructure Optimization Model

Since then, they’ve worked with analysts to show that as an organisation moves its operations from left to right, there are many cost benefits – eg the average cost of managing a PC for a customer in the “Rationalized” segment could be as little as 1/6th the cost of one in the “Basic” stage.

The key part in this model is that it’s self-measured, so you can use tools and techniques to figure out where you are in the model for any given metric – eg you could be Standardized when it comes to identity management, but Basic in what you do with it or even Rationalized in some more.

The same 4-stage model has since been applied to other areas besides core Infrastructure, such as “Business Productivity” (essentially, user-oriented communication & collaboration software & services) and “Application Platform” (ie the back-end applications which sit behind line of business systems, such as SQL Server).

There are some fantastic additional resources about these additional models, on BPIO and APIO. I tend to present this whole model to IT people, as a vocabulary with which to have the discussion around IT investment, with the finance department. It seems to work well (even though I thought it was a load of hot air when I first saw it… gaining an understanding of when it can be useful has since helped me appreciate it!)

Careful what names you give to Outlook Contacts when using UM!

This is a follow up to Friday’s post about what happens if you have Exchange Unified Messaging set up to send you notifications on missed call alerts (and on voicemail), using caller-ID to reverse lookup against the personal contacts folder.

Stephen Spence commented:

Fingers crossed nobody is using silly names for any of their contacts and finds out about this the hard way!

And he’s absolutely right – I tried renaming the contact I have for my wife (to “Mrs D!”), then called my desk number (whilst OOF was on), from her mobile.

Here’s what she got (viewed in her mailbox via Exchange 2003 OWA):


Just as well I wasn’t calling her “Trouble & Strife” or something like that πŸ™‚

So, be careful… if you have UM and external  OOF turned on, don’t add people into your contacts with disparaging names in case they happen to phone you one day and find out, as Stephen says, the hard way….

I learned a cool thing about Exchange UM today

I’ve seen this behaviour in practice before, but I don’t think it really clicked with me until Neil May from PostCTI (who was hosting our penultimate Exchange Unplugged event today) told me how pleased he was with it.

This functionality concerns the “missed call notification” feature of Exchange Unified Messaging – as well as the server telling you that you have a new voicemail, it will also tell you when someone has connected to UM but hung up before leaving a message.

In both cases (ie when someone leaves a message, or if they hang up beforehand), if the server can identify their caller ID as belonging to someone in your contacts, you’ll see the voicemail or the missed call notification as if it came from the person themselves (it’s actually Microsoft Exchange on behalf of <the caller>, but it primarily shows as if it came from the person directly).


So in this case, if I hit “reply” to the notification, it will send an email to the person that was identified as the source of the message. Cool, yes.

What’s nice, though, is that if I have my Out of Office message set, and someone calls me then either leaves a message or hangs up, when the notification lands in my Inbox and appears “From” them, their email address will be sent the Out of Office message I’ve set.

As it happens, I have a contact entry for my own mobile number, in my Outlook contacts folder, but set with my Hotmail email address. When I call my office extension from the mobile, it identifies the contact as the source of the call, and the return address is the Hotmail one, so the Out of Office message I set on my mailbox will be sent to the Hotmail account, since I had associated the mobile number that called me, with that address.


Neil (who spends a lot of time on the road) said this was one of the most unexpectedly cool parts of Exchange UM – customers who call him up and don’t leave a message (but who he’s already added to his Outlook contacts), will get the Out of Office message as if they’d sent him email. So the next question they ask him is, “How can I get that for myself??”

Seeing this in reality brings the technology alive in a lot of users’ eyes.