Microsoft to Throttle Email Connections From Outdated Exchange Servers

Cloud Computing

Microsoft has detailed its plans to protect organizations against persistently vulnerable Exchange Servers. Starting on May 10, the company is introducing a new transport-based enforcement system that will block email traffic from unpatched or out-of-support Exchange Server instances.

Microsoft explained that it will implement the new transport-based enforcement system in eight stages. The service will first detect email flow from an unpatched server, and then send a report to the Exchange Admin Center portal. There will be a delay in email traffic for vulnerable Exchange Servers that haven’t been patched for 30 days. Microsoft will eventually block emails in case there has been no remediation within 60 days.

“The system is designed to alert an admin about unsupported or unpatched Exchange servers in their on-premises environment that need remediation (upgrading or patching). The system also has throttling and blocking capabilities, so if a server is not remediated, mail flow from that server will be throttled (delayed) and eventually blocked,” the Exchange team explained.

Microsoft to Block Throttle Email Connections from Outdated Exchange Servers

Microsoft first plans to roll out the new transport-based enforcement system to customers still using Exchange Server 2007. The company will send a 30 days notice before the change is implemented in enterprise environments. Going forwards, Microsoft will likely introduce the blocking mechanism in other Exchange Server versions, including Exchange 2016 and Exchange 2019.

Exchange Server email throttling to safeguard customers against malicious messages

Microsoft has clarified that its new transport-based enforcement system is intended to safeguard organizations against malicious messages originating from outdated Exchange Servers. The feature doesn’t aim to push on-premises customers to switch to Exchange Online.

“We don’t want to delay or block legitimate email, but we do want to reduce the risk of malicious email entering Exchange Online by putting in place safeguards and standards for email entering our cloud service,” Microsoft explained.

In related news, Microsoft is reminding Exchange Online customers about the discontinuation of Remote PowerShell (RPS) support in the Security and Compliance PowerShell module. This change will go into effect on July 15, and Microsoft suggests organizations to move to the REST API-based cmdlets.