Category: EOP
-
Outbound Email Via Exchange Online Protection When Using Hybrid Exchange Online
In a long term hybrid scenario, where you have Exchange Online and Exchange Server configured and mailboxes on both, internet bound email from your on-premises servers can route in two general ways. The first is outbound via whatever you had in place before you moved to Office 365. You might have configured Exchange Online to…
-
Duplicate Exchange Online and Exchange Server Mailboxes
With a hybrid Exchange Online deployment, where you have Exchange Server on-premises and Exchange Online configured in the cloud, and utilising AADConnect to synchronize the directories, you should never find that a synced user object is configured as both a mailbox in Exchange Online and a mailbox on-premises. When Active Directory is synced to Azure…
-
Enable Report Message Add-In For Office 365
There is a new add-in available for Outlook and OWA in Office 365 that can simplify spam and phishing reporting to Microsoft for content in your mailbox. I recommend rolling this add-in out to everyone in your Office 365 tenant and for Office 365 consultants to add this as part of the default steps in…
-
DMARC Quarantine Issues
I saw the following error with a client the other day when sending emails from the client to any of the Virgin Media owned consumer ISP email addresses (virginmedia.com, ntlworld.com, blueyonder.com etc.) mx3.mnd.ukmail.iss.as9143.net gave this error:vLkg1v00o2hp5bc01Lkg9w DMARC validation failed with result 3.00:quarantine In the above, the server name (…as9143.net) might change as will the value…
-
Forcing Transport Level Secure Email With Exchange Online
In Exchange Online there are a few different options for forcing email to require an encrypted connection. These depend upon the level of licence you have, and some of them are user based (Office 365 Message Encryption for example), but there are two ways to force TLS (transport layer security) for the email between when…
-
XOORG, Edge and Exchange 2010 Hybrid
So you have found yourself in the position of moving to Exchange Online from a legacy version of Exchange Server, namely Exchange 2010. You are planning to move everyone, or mostly everyone to Exchange Online and directory synchronization plays a major part (can it play a minor part?) in your plans. So you have made…
-
Malware Filter Policy Updates in Office 365
Updated October 2024 In March 2017 I wrote a blog post that showed how to take the attachment filter list from Edge Server and add those attachment block types to EOP, as EOP had a very small list of attachments. In June 2017 in one of my client tenants I noticed this precanned list of…
-
OWA and Conditional Access: Inconsistent Error Reports
Here is a good error message. Its good, because I could not find any references to it on Google and the fault was nothing to do with the error message: The error says “something went wrong” and “Ref A: a long string of Hex Ref B: AMSEDGE0319 Ref C: Date Time”. The server name in…
-
Exchange Edge Server and Common Attachment Blocking In Exchange Online Protection
Both Exchange Server Edge role and Exchange Online Protection have an attachment filtering policy. The default in Edge Server is quite long, and the default in EOP is quite short. There is also a few values that are common to both. So, how do you merge the lists so that your Edge Server attachment filtering…
-
Get-SpoofMailReport in EOP
Using Office 365 or EOP to protect your email and worried about spoofed emails? Then try this cmdlet in Remote PowerShell for EOP: PS C:\Users\brian.reid> Get-SpoofMailReport Date Event Type Direction Domain Action Spoofed Sender True Sender Sender IP—- ———- ——— —— —— ————– ———– ———14/04/2016 00:00:00 SpoofMail Inbound GoodMail no-reply@domain.com mandrillapp.com 198.2.186.0/2418/04/2016 00:00:00 SpoofMail Inbound …
-
Speaking at TechEd Europe 2014
I’m please to announce that Microsoft have asked me to speak on “Everything You Need To Know About SMTP Transport for Office 365” at TechEd Europe 2014 in Barcelona. Its going to be a busy few weeks as I go from there to the MVP Summit in Redmond, WA straight from that event. My session…
-
Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server
In Forefront Protection for Exchange (now discontinued) for Exchange 2010 it was possible to run the script at http://support.microsoft.com/kb/2292741 to download the signatures and scan engines when the server did not have a direct connection to the download site at forefrontdl.microsoft.com. To achieve the same with Exchange 2013 and the built-in anti-malware transport agent you…
-
Exchange DLP Rules in Exchange Management Shell
This one took a while to work out, so noting it down here! If you want to create a transport rule for a DLP policy that has one data classification (i.e. data type to look for such as ‘Credit Card Number’) then that is easy in PowerShell and an example would be as below. New-TransportRule…
-
Highly Available Office 365 to On-Premises Mail Routing
This article looks at how to configure mail flow from Office 365 (via Exchange Online Protection – EOP) to your On Premises organization to ensure that it is highly available and work in disaster recovery scenarios with no impact. It is based on exactly the same principle to that which I blogged about in 2012:…
-
Cannot Send Emails To Office 365 or Exchange Online Protection Using TLS
I have found this is a common issue. You set up an Exchange Online Hybrid or Exchange Online Protection (EOP) stand alone service and follow all the instructions for the creating of the connectors needed, only to find that your emails queue in your Exchange Server. If you turn on protocol logging you get this…
-
Whitelisting Salesforce Emails in Exchange Online Protection
In this article, Salesforce list three IP address ranges (by way of CIDR notation) where their emails can come from when you are a Salesforce.com user. To ensure these emails come to all users of your organization if you are using Exchange Online Protection (EOP) then you have to create a transport rule to attempt…
-
What is X-Forefront-Antispam-Report-Untrusted?
When a message arrives in Exchange Online Protection (EOP) with an existing X-Forefront-Antispam-Report header, it is renamed to X-Forefront-Antispam-Report-Untrusted. If the message is then detected as spam and stored in the optional quarantine, upon release it will go back into EOP. Upon entering EOP the previously set X-Forefront-Antispam-Report header is renamed to X-Forefront-Antispam-Report-Untrusted.
-
Moving Exchange Online Protection Junk Mail to the Junk Email Folder
If you use Exchange Online Protection (EOP) to filter your email in the cloud and to remove spam and malware before onward delivery to you, and if you use Exchange 2007 or later on-premises, then you need to configure Exchange to move detected spam to the Junk Email folder in Outlook. By default EOP detects…