Exchange Server (And Exchange Online) can be a little confusing at times, particularly when we're dealing with mail routing. Internal mail routes are handled almost automatically (especially if you keep all your Exchange servers in the same AD Site, which I recommend), but how do you get it to route email to mail servers *outside* your organization? This post answers all the questions you might have about how to handle Special Mail Routing cases for Exchange.
Log file management in Exchange is an extremely important part of your work as an Exchange Admin. Now, I don’t mean transaction logs, here, I mean IIS logs, performance logs, protocol logs, and other log files that abound in modern versions of Exchange. Clearing these files weekly will keep your servers from getting clogged and the transport queues from getting halted due to a lack of space. …
A few quick tips to help admins working with Office 365 make things easier on themselves or save time and money.
Take a minute to go over this post from Dirk-jan Mollema. Go ahead and read it. I’ll wait…
Did you realize how scary that kind of attack is? As an IT guy who specializes in Exchange server and loves studying security, that article scared the snot out of me. Based on my experience with organizations of all sizes I can say with a good bit of authority that almost every Exchange organization out there is probably vulnerable to this attack.…
This is a script for configuring virtual directories in Exchange. I will update this script as i come up with feature ideas.
Office 365 Encryption with Azure Information Protection
As I mentioned in an earlier post, email encryption is a sticky thing. In a perfect world, everyone would have Opportunistic TLS enabled and all mail traffic would be automatically encrypted with STARTTLS encryption, which is a fantastic method of ensuring security of messages “in transit”. But some messages need to be encrypted “at rest” due to security policies or regulations.…
I don’t often have an opportunity to post a rant in an IT blog (And even less opportunity to create a click-bait headline), but here goes nothing! Cisco’s method of doing ESMTP packet inspection is INCREDIBLY STUPID and you should disable it immediately. Why do I say that? Because when Cisco ASAs/whatever they call them these days are configured to perform packet inspection on ESMTP traffic, the preferred option of doing so is to block the STARTTLS verb entirely.*…
Problems
If you have managed an Exchange server in the past, you’ve probably been required to set things up to allow printers, applications, and other devices the ability to send email through the Exchange server. Most often, the solution to this request is to configure an Anonymous Open Relay connector. The first article I ever wrote on this blog was on that very subject: http://wp.me/pUCB5-b…
Autodiscover is one of the more annoying features of Exchange since Microsoft reworked the way their Email solution worked in Exchange 2007. All versions since have implemented it and Microsoft may eventually require its use in versions following Exchange 2016. So how does Autodiscover work?
Some Background
Prior to Exchange 2007, Outlook clients had to be configured manually.…
One of my co-workers had some questions about email encryption and how it worked, so I ended up writing him a long response that I think deserves a wider audience. Here’s most of it (leaving out the NDA covered portions).
Email Encryption and HIPAA Compliance for the Uninitiated
In IT security, when we talk about encryption, there are a couple of different “types” of encryption that we worry about, one is encryption “in transit”, and the other is encryption “at rest.”…