Depending on your situation, you may want to take control of how Exchange’s Autodiscover lookup process works. Specifically, there are a lot of scenarios where Autodiscover will break because the lookup process isn’t properly controlled. In this article, I’ll go over registry settings that will let you control which steps are used and which ones are skipped.…
Problem
Here’s a problem that comes up regularly when running searches in the Microsoft 365 Security and Compliance portal (As of this date, these portals are scheduled to be separated with the upcoming changes to the admin portal). When you run a search, you can’t preview or download search results. In the search preview, you get this message: “to preview search results, please ask your compliance admin to grant you preview permission.”…
Exchange server maintenance requires some specific steps in 2013+. There is no specific maintenance mode, as in previous versions, but you can complete a few actions to take a server out of production. You will need to drain the SMTP queues on the server, tag the services as unavailable, then disable transport entirely. Each step needs to have some rest time, so that is built into the script.…
This post may be late in coming, given that most smaller companies have already moved away from on-prem solutions to cloud based services for things like email and file sharing, but I feel like it’s important to stress some of the realities involved in migrating from on-prem to cloud systems. Particularly when migrating to Office 365.…
Take a minute to go over this post from Dirk-jan Mollema. Go ahead and read it. I’ll wait…
Did you realize how scary that kind of attack is? As an IT guy who specializes in Exchange server and loves studying security, that article scared the snot out of me. Based on my experience with organizations of all sizes I can say with a good bit of authority that almost every Exchange organization out there is probably vulnerable to this attack.…
Office 365 Encryption with Azure Information Protection
As I mentioned in an earlier post, email encryption is a sticky thing. In a perfect world, everyone would have Opportunistic TLS enabled and all mail traffic would be automatically encrypted with STARTTLS encryption, which is a fantastic method of ensuring security of messages “in transit”. But some messages need to be encrypted “at rest” due to security policies or regulations.…
IT people, for some reason, seem to have an affinity towards designing solutions that use “cool” features, even when those features aren’t really necessary. This tendency sometimes leads to good solutions, but a lot of times it ends up creating solutions that fall short of requirements or leave IT infrastructure with significant short-comings in any number of areas.…
Problems
If you have managed an Exchange server in the past, you’ve probably been required to set things up to allow printers, applications, and other devices the ability to send email through the Exchange server. Most often, the solution to this request is to configure an Anonymous Open Relay connector. The first article I ever wrote on this blog was on that very subject: http://wp.me/pUCB5-b…