Exchange Online

Stop OWA Users Autoforwarding Email

by Tony Redmond

Autoforwarding is Badness Allowing users to forward their email outside Exchange Online is bad, especially if they don’t keep a copy of the forwarded messages in their mailbox. Apart from removing email from the controls imposed by data governance policies, it creates a risk that confidential information travels outside the organization, including when an attacker… Read More

Purging Unwanted Messages from Exchange Online Mailboxes

by Tony Redmond

Microsoft will remove the Search-Mailbox cmdlet from Exchange Online on July 1, but that doesn't mean you can't purge bad messages from user mailboxes. Office 365 content searches and content search actions can hard- or soft-delete messages. Some limitations exist, but not enough to be worried. And we include a PowerShell script to show how to get the job done.

Microsoft Working on Outlook Cloud Signatures

with 2 Comments by Tony Redmond

The news that Microsoft is working on cloud signatures for Outlook for Windows is welcome. The venerable Outlook client has long stored its signature information in the system registry, which makes it hard to move signatures from PC to PC. On the other hand, OWA stores its signatures in mailboxes, so the same signature is used no matter where you log in. Of course, OWA is a simpler client (no profiles, for instance), but it should be eminently possible to store everything Outlook needs in the cloud. At least for Outlook clients connected to Exchange Online...

Microsoft Closes Outlook Copy-On-Write Flaw with Exchange Online Fix

by Tony Redmond

Microsoft fixed the copy-on-write bug in Outlook for Windows in Exchange Online. The fix stops users removing attachments from sent or received messages. A strong case can be made that the fix should have been present from the start to stop any possibility that clients could comprise Exchange Native Data Protection. Microsoft doesn't think many people were affected and they could be right, but that doesn't make the problem any easier to swallow.

Outlook Flaw Compromises Exchange Online Native Data Protection

by Tony Redmond

A bug in Outlook desktop's implementation of the MAPI over HTTP protocol allows users whose mailboxes are on hold to remove attachments from messages. The removal is not captured by the copy-on-write feature of Exchange Online Native Data Protection, which potentially compromises the ability of Data Governance managers or eDiscovery investigators to recover information needed for compliance purposes. All in all, it's a mess that Microsoft needs to clean up quickly.

Office 365 Successes and Failures Since 2011

by Tony Redmond

Office 365 has experienced great success since its launch in June 2011, but it's also had its share of failures as well. This article considers the most important technical advances in Office 365 and the most important parts of the ecosystem as well as some places where things didn't go quite so well as either Microsoft or tenants would have liked.

Microsoft Plans to Disable SMTP Authenticated Submissions in Exchange Online

by Tony Redmond

Microsoft is doing its level best to remove SMTP basic authentication from Exchange Online as quickly as possible. Basic auth for SMTP connections will disappear gradually as time goes by. Tenants can make accounts more secure by removing SMTP authentication from accounts, something that Microsoft will do in the future when these connections are not used. An exception exists (for now) for SMTP client submissions, but these might also be affected in the future.

Analyzing the 2019 Numbers for Different Office 365 Workloads

by Tony Redmond

Microsoft is notoriously careful at giving out usage numbers for different Office 365 workloads.We know what the overall count is and now we have numbers for SharePoint Online and Teams. Some glances into a handy crystal ball and some inspired guesswork allows us to calculate likely numbers for Exchange Online, Yammer, and Planner and paint a more comprehensive picture of what's happening inside Office 365.

Can Exchange Online Really Recall Messages?

by Tony Redmond

Outlook users are more than aware of the problems involved in message recall, a feature that's only available in Outlook desktop and has a nasty habit of not working. The reasons why the feature fails are well known, but soon might be addressed by a new Exchange Online implementation that promises to work for all clients and across Office 365. Time will tell if careers and love can be rescued by the new message recall.

No Surprise That Exchange Online Uses Windows Server Core

by Tony Redmond

A recent Microsoft post contained the news that Exchange Online uses Windows Server Core. That might be news to some, but not to anyone who's been following the advice of the Exchange product group. Exchange Online doesn't use virtual servers, follows a preferred architecture, wants to reduce the potential attack surface, and extract as much CPU as possible out of its servers. All good reasons why Windows Server Core helps.

Making the Exchange – Azure Active Directory Connection More Reliable

by Tony Redmond

Microsoft posted an odd blog on September 9 to announce improvements in the relationship between Exchange Online and Azure Active Directory. Many Office 365 tenants might have ignored the post, but it's actually about a piece of important work to help the service run better. Many updates happen to Exchange Online objects that need to be replicated to Azure Active Directory and onward to other Office 365 app directories. This work means that changes show up faster, which is good, but there's a small downside to note.

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: