XOORG, Edge and Exchange 2010 Hybrid

So you have found yourself in the position of moving to Exchange Online from a legacy version of Exchange Server, namely Exchange 2010. You are planning to move everyone, or mostly everyone to Exchange Online and directory synchronization plays a major part (can it play a minor part?) in your plans. So you have made… Continue reading XOORG, Edge and Exchange 2010 Hybrid

Malware Filter Policy Updates in Office 365

In March I wrote a blog post that showed how to take the attachment filter list from Edge Server and add those attachment block types to EOP, as EOP had a very small list of attachments. Today on one of my client tenants I noticed this precanned list of attachment extension types is now at… Continue reading Malware Filter Policy Updates in Office 365

OWA and Conditional Access: Inconsistent Error Reports

Here is a good error message. Its good, because I could not find any references to it on Google and the fault was nothing to do with the error message: The error says “something went wrong” and “Ref A: a long string of Hex Ref B: AMSEDGE0319 Ref C: Date Time”. The server name in… Continue reading OWA and Conditional Access: Inconsistent Error Reports

Exchange Edge Server and Common Attachment Blocking In Exchange Online Protection

Both Exchange Server Edge role and Exchange Online Protection have an attachment filtering policy. The default in Edge Server is quite long, and the default in EOP is quite short. There is also a few values that are common to both. So, how do you merge the lists so that your Edge Server attachment filtering… Continue reading Exchange Edge Server and Common Attachment Blocking In Exchange Online Protection

Get-SpoofMailReport in EOP

Using Office 365 or EOP to protect your email and worried about spoofed emails? Then try this cmdlet in Remote PowerShell for EOP: PS C:\Users\brian.reid> Get-SpoofMailReport Date                Event Type Direction Domain Action       Spoofed Sender              True Sender     Sender IP—-                ———- ——— —— ——       ————–              ———–     ———14/04/2016 00:00:00 SpoofMail  Inbound          GoodMail     no-reply@domain.com         mandrillapp.com 198.2.186.0/2418/04/2016 00:00:00 SpoofMail  Inbound         … Continue reading Get-SpoofMailReport in EOP

Advanced Threat Protection via PowerShell

I discussed the newly released Advanced Threat Protection product in Office 365 on my blog, and in this article I want to outline the cmdlets that can be used to set this product up from Remote PowerShell to Office 365. To connect to Office 365 via PowerShell take a search on your favourite search engine… Continue reading Advanced Threat Protection via PowerShell

Getting Started with Office 365 Advanced Threat Protection

Announced a few months ago, Advanced Threat Protection became generally available on 1st June. I have been involved with trialling this product during the beta and so I thought I would note down a few thoughts on setting this up and what to expect now that it is publicly available. Advanced Threat Protection is an… Continue reading Getting Started with Office 365 Advanced Threat Protection

Speaking at TechEd Europe 2014

I’m please to announce that Microsoft have asked me to speak on “Everything You Need To Know About SMTP Transport for Office 365” at TechEd Europe 2014 in Barcelona. Its going to be a busy few weeks as I go from there to the MVP Summit in Redmond, WA straight from that event. My session… Continue reading Speaking at TechEd Europe 2014

Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server

In Forefront Protection for Exchange (now discontinued) for Exchange 2010 it was possible to run the script at http://support.microsoft.com/kb/2292741 to download the signatures and scan engines when the server did not have a direct connection to the download site at forefrontdl.microsoft.com. To achieve the same with Exchange 2013 and the built-in anti-malware transport agent you… Continue reading Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server

Exchange DLP Rules in Exchange Management Shell

This one took a while to work out, so noting it down here! If you want to create a transport rule for a DLP policy that has one data classification (i.e. data type to look for such as ‘Credit Card Number’) then that is easy in PowerShell and an example would be as below. New-TransportRule… Continue reading Exchange DLP Rules in Exchange Management Shell

Highly Available Office 365 to On-Premises Mail Routing

This article looks at how to configure mail flow from Office 365 (via Exchange Online Protection – EOP) to your On Premises organization to ensure that it is highly available and work in disaster recovery scenarios with no impact. It is based on exactly the same principle to that which I blogged about in 2012:… Continue reading Highly Available Office 365 to On-Premises Mail Routing

Cannot Send Emails To Office 365 or Exchange Online Protection Using TLS

I have found this is a common issue. You set up an Exchange Online Hybrid or Exchange Online Protection (EOP) stand alone service and follow all the instructions for the creating of the connectors needed, only to find that your emails queue in your Exchange Server. If you turn on protocol logging you get this… Continue reading Cannot Send Emails To Office 365 or Exchange Online Protection Using TLS

Whitelisting Salesforce Emails in Exchange Online Protection

In this article, Salesforce list three IP address ranges (by way of CIDR notation) where their emails can come from when you are a Salesforce.com user. To ensure these emails come to all users of your organization if you are using Exchange Online Protection (EOP) then you have to create a transport rule to attempt… Continue reading Whitelisting Salesforce Emails in Exchange Online Protection

What is X-Forefront-Antispam-Report-Untrusted?

When a message arrives in Exchange Online Protection (EOP) with an existing X-Forefront-Antispam-Report header, it is renamed to X-Forefront-Antispam-Report-Untrusted. If the message is then detected as spam and stored in the optional quarantine, upon release it will go back into EOP. Upon entering EOP the previously set X-Forefront-Antispam-Report header is renamed to X-Forefront-Antispam-Report-Untrusted.