DKIM

DKIM. No, it’s not a new singer/rapper/influencer/whatever. It’s a DNS controlled Email Authentication mechanism. What does that mean? Well, if you want a technical explanation, go see my article on Authorization vs Authentication, since that is important to understand if you want to understand DKIM. DKIM stands for DomainKeys Identified Mail. It uses a feature of Public Key Authentication to allow receiving mail servers to verify that the message is not modified in transit and that the sender is authentic. 

Continue Reading →

SPF, DKIM, and DMARC

The Old Horse named SMTP

Email is old. The first message sent across a computer network was sent in 1971. The current email protocol, SMTP, was codified under RFC 788 in 1981 and while it has been updated over the past 42 years (Man, I’m old), the core functionality in SMTP hasn’t changed much at all.…

Continue Reading →

Controlling Autodiscover with the Registry or GPO

Depending on your situation, you may want to take control of how Exchange’s Autodiscover lookup process works. Specifically, there are a lot of scenarios where Autodiscover will break because the lookup process isn’t properly controlled. In this article, I’ll go over registry settings that will let you control which steps are used and which ones are skipped.…

Continue Reading →

Step By Step: Adding Email Phishing Report Button to Office 365

Email security is a war between security professionals and malicious actors. Security professionals are often following malicious actors and reacting to changes. Unfortunately, success in this war is dependant on information. To aid in that effort, every major security vendor that works in the email world has some way to report bad emails. Each report can be examined to figure out what techniques were used to bypass existing security.…

Continue Reading →

How Does SPF Work?

No, I’m not talking about sunscreen. The SPF I’ll be discussing here is Sender Policy Framework. It’s an email security measure that can prevent unauthorized use of your email domain name. I’ll be going over a few things in this post, but if you just want to know how to craft an SPF record, you can scroll to the “The SPF Puzzle” section below.…

Continue Reading →

Step by Step: Export Office 365 Email to PST

Microsoft has significantly changed the way admins export email in Office 365 are done by eliminating export tools in each application (Exchange, SharePoint, etc). There is now a single solution for exports, including Exchange PSTs, OneDrive, and SharePoint files. This central solution is the Security and Compliance center. Unfortunately, there isn’t much information on how to properly export data from Exchange Online now that the Compliance center in Exchange Admin is deprecated.…

Continue Reading →

Office 365 Hybrid Agent – An Overview

If you have set up a new Hybrid configuration with Office 365 lately, you will notice a new option in the Hybrid Config Wizard, the Hybrid Agent. Before I go into my personal views on this new option and whether you should use it, let me first explain what this agent does. Note: Before I start, I should state that I have not had an opportunity to test the Hybrid agent’s features yet, so there are still a few questions I have about it.…

Continue Reading →

Save Sent Items in a Shared Mailbox

Shared Mailboxes make it possible to centralize email for a specific group of employees. If you don’t know what a shared mailbox is, think about the “Contact Us” address most web pages have. Or your company’s “Support” mailbox. Exchange implements these very easily through mailbox delegation. Grant users full access to the mailbox in the Admin Portal and the mailbox will appear in Outlook.…

Continue Reading →

Exchange Server Maintenance Functions

Exchange server maintenance requires some specific steps in 2013+. There is no specific maintenance mode, as in previous versions, but you can complete a few actions to take a server out of production. You will need to drain the SMTP queues on the server, tag the services as unavailable, then disable transport entirely. Each step needs to have some rest time, so that is built into the script.…

Continue Reading →

Office 365 Migration – When Do I Need to Use Third Party Tools?

This post may be late in coming, given that most smaller companies have already moved away from on-prem solutions to cloud based services for things like email and file sharing, but I feel like it’s important to stress some of the realities involved in migrating from on-prem to cloud systems. Particularly when migrating to Office 365.…

Continue Reading →