Ready for #MSExchangeSummit in Würzburg, Germany! Speaking today after lunch: “We need to talk about (on-prem) Exchange Server”
#MSExchange #Microsoft365 #SimplifyNow #SMTP
Ready for #MSExchangeSummit in Würzburg, Germany! Speaking today after lunch: “We need to talk about (on-prem) Exchange Server”
#MSExchange #Microsoft365 #SimplifyNow #SMTP
As a recipient org that receives forwarded mails, you might want to read up on Authenticated Received Chain or #ARC. While #SRS fixes any #SPF issues, that will still cause #DKIM and #DMARC validation issues. If the forwarding org has ARC, you can trust their authentication results by adding them as a trusted ARC sealer. More info: https://learn.microsoft.com/en-us/defender-office-365/email-authentication-arc-configure
As a forwarder you might want to read up on Sender Rewriting Scheme or #SRS, and how #Microsoft365 manages this. This is a solution for #SPF fails due to forwarding. Do note, if you route via an on-prem infrastructure, there might be a need to adjust a setting to force SRS. More info: https://learn.microsoft.com/en-us/exchange/reference/sender-rewriting-scheme
Reading #WeekITtip for the weekend. I am currently involved in a case in which mail (auto)forwarding is used but that is causing the forwarded mail to be rejected. When #SPF, #DKIM and #DMARC are implemented properly, this can break legitimate mail forwarding.
Also check several breaking changes in #MSExchange Online such as legacy tokens, EWS deprecation, but also external recipient rate limits. Some take effect in January, others (much) later but some mitigations might take time.
Now you have some of your #SMTP New year resolutions! 😉 See you next year!
Now #Microsoft has announced the rollout for #Mobile Outlook iOS/Android in Message Center MC960818. You do not have to do anything, but evaluate if the older add-in is still required. See also: https://www.microsoft.com/en-US/microsoft-365/roadmap?filters=&searchterms=371383
This might also be a time to do a (periodic!) review of your overall #Defender settings, processes, and awareness training (with an ethical attack simulation). Like previously indicated, there are still a lot of incoming threats via email.
Unfortunately, these options are all provide you can self-learn or might miss important real-life nuance and trainer interaction. Of course you could use fora, social media to ask your specific questions. As a last resort you could ask known trainers (MCTs or often MVPs) to develop a custom course or workshop.
There are still #MSExchange books being sold but be sure to check the most recent release. At least I know "Pro Exchange Administration" is relatively up to date: https://link.springer.com/book/10.1007/978-1-4842-9591-5 . For more #PowerShell focus the https://practicalpowershell.com books are an option (note: cocreator of those). For more general #Microsoft365 focus, I can recommend "Office 365 for IT pros": https://o365itpros.gumroad.com/l/O365IT which has monthly updates.
Third party sites might still have #MSExchange courses online, at least #Pluralsight has a few courses. CBTNuggets seems to still have a Certification preparation. But be aware that these courses may not be up to date anymore. You might find some YouTube channels, but I haven't checked myself.
Day 22 of #ITAdvent. There is no #Microsoft #MSExchange specific #certification available. Which unfortunately also means that there is less training offered, as they are based on Microsoft Official Courseware or #MOC. So, I sometimes see the question what options there are.
Obviously, #MicrosoftLearn sites were already a replacement for any books used during those MOCs. However, there is no Learning Path/Modules available that covers everything. https://learn.microsoft.com/en-us/training/browse/?expanded=m365&products=office-exchange-server%2Coffice-exchange-online
There are still #MSExchange books being sold but be sure to check the most recent release. At least I know "Pro Exchange Administration" is relatively up to date: https://link.springer.com/book/10.1007/978-1-4842-9591-5 . For more #PowerShell focus the https://practicalpowershell.com books are an option (note: cocreator of those). For more general #Microsoft365 focus, I can recommend "Office 365 for IT pros": https://o365itpros.gumroad.com/l/O365IT which has monthly updates.
Third party sites might still have #MSExchange courses online, at least #Pluralsight has a few courses. CBTNuggets seems to still have a Certification preparation. But be aware that these courses may not be up to date anymore. You might find some YouTube channels, but I haven't checked myself.
Day 22 of #ITAdvent. There is no #Microsoft #MSExchange specific #certification available. Which unfortunately also means that there is less training offered, as they are based on Microsoft Official Courseware or #MOC. So, I sometimes see the question what options there are.
Obviously, #MicrosoftLearn sites were already a replacement for any books used during those MOCs. However, there is no Learning Path/Modules available that covers everything. https://learn.microsoft.com/en-us/training/browse/?expanded=m365&products=office-exchange-server%2Coffice-exchange-online
Read this blog on how to do so: https://techcommunity.microsoft.com/blog/exchange/critical-update-applicationimpersonation-rbac-role-deprecation-in-exchange-onlin/4295762
Don't forget other upcoming potentially breaking changes, such as removal of legacy tokens, EWS and Client Access rules, enforcing external recipient rate limits to name some.
...The maximum results is increased from 1000 to 5000 though. You might have to change your scripts as this might be a breaking change, I know that I wil have to.
The findings are interesting, and I wonder why the adoption is not higher. Most protocols are not that hard to adopt for most situations, but perhaps I am missing things. I for one am open to give workshops, trains and consult your org if needed. And I am sure a lot of other experts are willing as well.
You can read the post here: https://www.forumstandaardisatie.nl/nieuws/internetveiligheid-bij-de-overheid-forum-standaardisatie-roept-op-tot-snelle-actie
Today they published the rate of adoptions of these protocols and concludes that there is a lot of work to be done and urges orgs to pick up the rate of adoption, make plans, set target dates and implement them. There are explicit mentions of #DANE and #IPv6 now that #MSExchange Online supports them.
Day 19 of #ITAdvent. The Dutch Forum Standarisatie is a Dutch Advisory commity on IT open standards in order to easily and safeliy exchange data between government bodies, companies, non-profits and citizens. They maintain lists of mandatory and recommended protocols for at least governmental bodies. But IMHO every organization should adopt these.
Do note that I've just scratched the surface and there are a lot of nuances IRL. This is my attempt to create greater awareness of these protocols, the need for them and the need to configure and use them properly for your organization. Let's make mail a little bit safer!