Clik here to view.
Outbound Connector Smart Host Behavior
If you have an on-premises mail environment that you are protecting with Exchange Online Protection (EOP) then you’ll need to create some connectors in the cloud. This article is going to focus on EOP...
View ArticleClik here to view.
On-Premises Delivery Failover
Organizations with on-premises mail environments often will have a primary site and at least one backup site. When Exchange Online Protection is being used to protect those on-premises mail...
View ArticleClik here to view.
Ensure your SPF Record is Correct
I've recently seen an increase in cases that involve incorrectly published SPF records that have resulted in sent mail failing the SPF check. Ensuring your SPF record is up to date is great proactive...
View ArticleExchange Server 2016 is now available
Exchange Server 2016 was released this morning and is now available for download. The Exchange Team posted an excellent article about the release which I highly recommend checking out. The following...
View ArticleClik here to view.
EOP Mysteries Solved – Inbound messages from a particular sender arrive with...
This is an interesting case that I recently worked on and would like to share as part of this series. An organization that uses Exchange Online Protection was receiving automated emails from a partner....
View ArticleClik here to view.
Outbound DKIM signing in Office 365
Every week I work with multiple customers that have experienced phishing attacks where their own domain has been spoofed by the attacker. The conversation always revolves around implementing SPF...
View ArticleClik here to view.
Auditing transport rules
Transport rules contain an Audit setting that is often misunderstood and unchecked without realizing the implications. Unchecking this box has quite adverse effects on future reporting and...
View ArticleClik here to view.
Parsing an extended message trace
Regular message traces are sufficient for most mail flow troubleshooting, but occasionally we need more data which requires obtaining an extended message trace. These traces (provided as a CSV file)...
View ArticleClik here to view.
Attack against my Exchange 2013 lab server
I recently came across an attack on my Exchange 2013 lab server and want to share I saw. While this post isn’t directly related to EOP, it is certainly security related and a good reminder of what’s...
View ArticleClik here to view.
Troubleshooting and Identifying Spoofing Attacks
Even with technologies like SPF, DMARC, and DKIM, spoofing and phishing attacks are still extremely prevalent. Some of these attacks can be stopped with properly configured SPF, DMARC, and DKIM, where...
View ArticleTop blog posts from 2015
It’s the last day of 2015 and I thought it would be interesting to look back on the top blog posts of this year. When thinking about this past year, the first topic that comes to mind is...
View ArticleBulk editing of Safe Sender lists
The following article was written by Richard Deprez who is a Support Escalation Engineer for Exchange Online at Microsoft. Recently I have seen an increase in phishing attacks coming through EOP due to...
View ArticleWhere’s Andrew?
It’s been just over two months since my last story and about time I post an update here. Since early January I’ve been on a medical leave from work which is the reason this blog has become so quiet....
View ArticleI’m back!
Hi all, thank you for the kind comments on my last post where I talked about being away from work. I’m back at work now and will be posting to this blog again on a regular basis. I’ve missed writing...
View ArticleClik here to view.
Introducing Spoof Mail Reports
The following article was written by Rob McCarthy who is a Business Program Manager for Readiness in Microsoft. Spoofing continues to be a top concern for any security conscious email administrator...
View ArticleInteresting Exchange Online articles from the year so far
After being out of the office for four months, there is a lot I need to catch up on! Over the past couple of weeks, I’ve been reading through articles going over what all has changed in Exchange Online...
View ArticleClik here to view.
Interesting case where Exchange is not installed on-premises
I’ve recently been working on projects as opposed to cases, and so I haven’t had anything too exciting to write about lately. However, I recently worked a case that I found quite interesting and wanted...
View ArticleClik here to view.
Take Action Yourself on Blocked IPs and Banned Senders in Office 365
I have recently found that many organizations are unaware that they can take action on their own when it comes to blocked IPs and banned senders in Office 365. For both of these cases, a web based...
View ArticleClik here to view.
Create a Custom Management Roll for Granular Permissions in Exchange Online
Creating custom management rolls can be very powerful, and they not nearly as complicated as one might think. Most clicks in Office 365 actually cause a PowerShell cmdlet to run in the background. With...
View ArticleClik here to view.
The Common Attachment Types Filter
The Common Attachment Types Filter is a feature that was rolled out to Exchange Online earlier this year. If you haven’t opened your malware filter for a while, you may not even know this new filter is...
View Article