Office 365 Migration – When Do I Need to Use Third Party Tools?

This post may be late in coming, given that most smaller companies have already moved away from on-prem solutions to cloud based services for things like email and file sharing, but I feel like it’s important to stress some of the realities involved in migrating from on-prem to cloud systems. Particularly when migrating to Office 365.…

Continue Reading →

Exchange Server EMail Routing – Accepted Domains and Send Connectors

Exchange Server (And Exchange Online) can be a little confusing at times, particularly when we're dealing with mail routing. Internal mail routes are handled almost automatically (especially if you keep all your Exchange servers in the same AD Site, which I recommend), but how do you get it to route email to mail servers *outside* your organization? This post answers all the questions you might have about how to handle Special Mail Routing cases for Exchange.

Continue Reading →

Clearing Logs from All Exchange Servers

Log file management in Exchange is an extremely important part of your work as an Exchange Admin. Now, I don’t mean transaction logs, here, I mean IIS logs, performance logs, protocol logs, and other log files that abound in modern versions of Exchange. Clearing these files weekly will keep your servers from getting clogged and the transport queues from getting halted due to a lack of space. …

Continue Reading →

Hardening Microsoft Solutions from Attacks

Take a minute to go over this post from Dirk-jan Mollema. Go ahead and read it. I’ll wait…

Did you realize how scary that kind of attack is? As an IT guy who specializes in Exchange server and loves studying security, that article scared the snot out of me. Based on my experience with organizations of all sizes I can say with a good bit of authority that almost every Exchange organization out there is probably vulnerable to this attack.…

Continue Reading →

Office 365 Message Encryption Setup

Office 365 Encryption with Azure Information Protection

As I mentioned in an earlier post, email encryption is a sticky thing. In a perfect world, everyone would have Opportunistic TLS enabled and all mail traffic would be automatically encrypted with STARTTLS encryption, which is a fantastic method of ensuring security of messages “in transit”. But some messages need to be encrypted “at rest” due to security policies or regulations.…

Continue Reading →

What do Exchange Virtual Directories Do?

This is just a quick little reference post to answer a question that isn’t well covered. Most Exchange admins are familiar with how to set the Virtual Directories in Exchange after a new server is added or a after initial deployment. What’s less clear to most is what those VDirs actually do as far as Exchange’s capabilities are concerned.…

Continue Reading →

If You Have a Cisco Firewall, Disable this Feature NOW!!!

I don’t often have an opportunity to post a rant in an IT blog (And even less opportunity to create a click-bait headline), but here goes nothing! Cisco’s method of doing ESMTP packet inspection is INCREDIBLY STUPID and you should disable it immediately. Why do I say that? Because when Cisco ASAs/whatever they call them these days are configured to perform packet inspection on ESMTP traffic, the preferred option of doing so is to block the STARTTLS verb entirely.*

In other words, Cisco firewalls are designed to completely disable email encryption in order to inspect email traffic.…

Continue Reading →

Do I need Anonymous Relay?

Problems

If you have managed an Exchange server in the past, you’ve probably been required to set things up to allow printers, applications, and other devices the ability to send email through the Exchange server. Most often, the solution to this request is to configure an Anonymous Open Relay connector. The first article I ever wrote on this blog was on that very subject: http://wp.me/pUCB5-b . …

Continue Reading →