The need to remove basic authentication from Exchange Online is underlined by a June 14 report from the Microsoft Threat Intelligence Center pointing to how attackers compromise mailboxes using antiquated protocols like POP3 and IMAP4 to connect to accounts which don’t use MFA. After accounts are penetrated, the attackers plant inbox rules to forward copies of interesting messages and use the information received to plan and execute business email compromise attacks. Tenant administrators still have some work to do to secure Exchange Online and Azure AD…
Now rolling out to Office 365 tenants, Teams meeting organizers can review the attendance data for meetings and webinars in a new dashboard. The same data can be downloaded to a CSV file for analysis. Teams stores the attendance report data in the Exchange Online mailbox of the meeting organizer. It’s a good example of the Microsoft 365 substrate in use.
Microsoft’s Collaborative Work Model (CWM) tries to paint a picture of how Microsoft 365 apps help people to organize tasks and get things done more efficiently. CWM isn’t a bad thing, as far as it goes, but it’s just not practical because it ignores the critical role played by email as the glue connecting Microsoft 365 apps together. Or more correctly, email and the substrate. Oh well, it’s only a marketing message…
Without warning (for security reasons), Microsoft stopped the Exchange Online Set-User cmdlet being able to update the work and mobile numbers for Azure AD accounts. We don’t know what kind of security concerns caused Microsoft to take this action, but it might be associated with administrative roles. In any case, this disappointing example of how to communicate with customers might end up with people having to update some PowerShell scripts – and no one likes unexpected work.
Microsoft is rolling out a new calendar board view for OWA. The new board looks very similar to a Project Moca board, which isn’t surprising because it’s a customized Moca board tailored to focus on the calendar. There’s no news yet when Project Moca might exit its current preview status, but maybe the new view will help by convincing people about the worth of configurable boards.
For whatever reason, Microsoft decided to cancel plans to remove the Top Senders and Recipients report from the SCC, citing customer feedback as the reason. The thing is that the SCC report and its underlying cmdlet use an old data source. The Microsoft Graph Reports API is the modern approach and an adequate replacement usage reports is available in the Microsoft 365 admin center. I really can’t understand why anyone would want to keep the old report as it’s not very good at all.
Exchange Online supports the ability to send email using any SMTP proxy address assigned to a mailbox. Following the announcement of the feature, users had many questions including what clients can be used. Here are some common questions and answers about the feature, including some PowerShell to report the set of proxy addresses assigned to user mailboxes.
Exchange Online’s calendar assistant is good at responding to meeting requests for rooms. It can be even better with just a little customized text to remind those who book the rooms about meeting etiquette. Even though we might never get back to physical meetings in conference rooms, some face to face gathering will happen in the future, so now’s the time to prepare for bookings to be handled in a nicer fashion.
Teams supports several methods to import email. Outlook for Windows can drag and drop messages into Teams conversations. It’s a quick and easy way to move the focus of a conversation, but there are some downsides to be aware of.
Organizations can choose to control updates of user photos by policy in their Office 365 tenants or allow users to go ahead and use any image they like. In this article, we explore the value of having a user photo for every Office 365 account (and Teams and Groups too) and the choices organizations must make when they decide whether to control user-driven updates.
A new phishing attack is circulating from an Office 365 tenant. The attack attempts to lure recipients into clicking a link to download a document. The phishing email is not quite as crude as other attempts and might lure users into doing the wrong thing, especially as the message is delivered to inboxes.
You can configure Exchange Online distribution lists so that they reject messages sent to them as BCC recipients. I’m not sure how much use this feature will get, but it’s nice to have it anyway. PowerShell is the only management tool to configure distribution lists for the new block until Microsoft gets around to updating the Exchange Admin Center.
Microsoft has released the public preview of the ability to set the Exchange out of office (OOF) auto-reply from the Teams desktop and browser clients. OOFs set in Teams are synchronized back to Exchange using EWS so that the new auto-reply configuration is picked up by clients like Outlook and OWA. It’s a small but useful update.
Exchange Online tenants can activate external email tagging, which causes Outlook clients (not desktop yet) to highlight messages received from external domains. The feature can replace custom implementations to mark external email, usually done with transport rules. It’s easy to implement and control, but the mail tip offering to block an external sender seems a little over the top.
From April 2021, Exchange Online will apply hard limits for the number of messages a mailbox can receive per hour. The limit remains the same (3,600), but now Exchange will block the mailbox receiving any more email for an hour. The new version of the Exchange Admin Center (EAC) promises to highlight problem mailboxes so that admins can ask owners why their mailboxes receive so much email.
Microsoft wants to remove basic authentication from Exchange Online connection protocols. But pressures have forced Microsoft into a new strategy and away from the mid-2021 date for deprecation of basic authentication for five protocols. Instead, Microsoft will disable basic authentication for protocols where it’s not used, include four addition protocols in its target set, and pause action for tenants where basic authentication is in active use. When they restart, Microsoft will give tenants 12 months’ notice that basic authentication will be blocked for a protocol. You can argue that Microsoft should have pressed ahead with their original plan, but would widespread disruption of service be worth the benefit gained from blocking vulnerable protocols? Balancing risk versus reward is often not easy.
Sometimes delegate access for an Exchange Online calendar goes awry due to corrupted items in the mailbox. To help sort out problems, Microsoft has upgraded the Remove-MailboxFolderPermission cmdlet to do the work that used to be done by a multi-phase fix performed using the MFCMAPI or EWS editor utilities. The nice thing is that this method is quick, simple, and works well.
Exchange dynamic distribution lists allow messages to be sent to sets of recipients determined by a query against the directory. A custom filter is a powerful way to find the right set of recipients. In this case, we want to find mailboxes with certain job titles whose Azure AD accounts are not blocked for sign-in. Here’s how to create the filter, make sure it works, and create the DDL.
A curious problem happened when a mailbox reported hitting a folder item limit (one million items). The mailbox was an aggregate group mailbox, a system mailbox used to make it easier to search Microsoft 365 Groups. Microsoft now uses a different method to search group mailboxes and will remove these arbitration mailboxes by the end of 2021. If you meet the problem, use a mail flow rule to stop messages being delivered to the mailbox.
The format of the Teams compliance records generated for personal and group chats and stored in Exchange Online mailboxes is changing. Microsoft is removing a bunch of unnecessary attributes from the records to reduce the processing load on the service to retrieve the attributes from Azure AD. The change is unlikely to affect most tenants. Compliance records for older chats are not affected.
Exchange Online has the Enable-OrganizationCustomization cmdlet to “hydrate” the settings in an organization. Most Exchange Online organizations use common configurations, which saves the Office 365 infrastructure some directory space and CPU cycles to deal with custom settings. A hydrated organization has customized settings. The one-time cmdlet switches organizations from a dehydrated state to a hydrated state. Forcing administrators to run the cmdlet is just a little odd.
Microsoft wants to retire the Search-Mailbox cmdlet from Exchange Online. But while the cmdlet available, it does a great job of removing mailbox items. If you get the search query right! In this example, we explain how to write a script to clear out calendar items from the mailboxes of multiple users.
Exchange Online indexes the items stored in mailboxes. Some of the items are partially indexed, meaning that not all of their content is indexable. Microsoft has a PowerShell script to analyze the number of partially indexed items found in mailboxes. The output is kind of esoteric, so we worked it over to create something more understandable.
Exchange Online Protection (EOP) and Microsoft Defender for Office 365 support anti-phishing policies which generate safety tips for users. The first contact safety tip warns users when they receive email from someone they don’t usually get messages from. It’s a way to put the recipient on their guard, just in case it’s someone trying to impersonate someone else whom the recipient actually knows.
Exchange Online Dynamic Distribution Lists are a powerful way to address changeable groups of recipients. The query against the directory is the big thing to get right, but you’ve also got to make sure that the directory data is accurate and reliable. Once you’ve got a good directory, it’s easy to create dynamic distribution lists which are easy to use and never go out of date.
A change due in December will improve how Exchange Online Protection suppresses high confidence phish messages and stop them being delivered to user mailboxes. The old-fashioned allowed sender and allowed domain lists are being taken out of the equation and ignored when EOP is sure that it’s dealing with some high-confidence phish. It’s time to check your anti-spam policies.
When you use an Office 365 content search to find items, the results from Exchange Online might include some encrypted attachments. A change means that the attachments can now be decrypted to make it easier for investigators to review the information. It’s a small but important change, just like the update to Edge which stops ClickOnce programs running unless an Edge setting is enabled. All good, clean, honest fun.
Microsoft has updated the Exchange Online outbound spam filter policy to stop automatic forwarding of email from user mailboxes. The change is now effective with the default set to block automatic forwarding. You can create a custom policy and apply it to selected mailboxes and distribution lists if they need to forward email.
Outlook Mobile synchronizes contacts from Exchange Online to iOS. Sometimes errors happen and duplicate contacts result. It’s easy to resolve the problem by forcing a complete resynchronization of contacts to rebuild what’s on the iOS device.
A crude phishing attempt based on voicemail notifications from a VoIP service arrived in mailboxes. It’s easy for experienced users to pick up signs to stay away, but the unwary can be trapped. Report samples of phishing attempts to Microsoft to make Exchange Online Protection better and keep on educating users.
Site Mailboxes were the face of Microsoft collaboration at one time. But that’s long in the past and it’s time for these archaic mailboxes to be dispatched. Microsoft will retire them from Office 365 in April 2021, probably two years after they passed their best-by date. I tried to clean up my tenant and failed utterly, so I’m leaving the mess for Microsoft to sort out.
Microsoft says that the new EAC is ready to use. While we don’t deny the fact, we think some of the magic that existed in previous portals has gone. PowerShell is replaced by the Graph as the foundation for the EAC. Progress happens, but it’s sad when a feature like command logging is left in the mists of the past.
OWA calendar settings include the option to make online meetings the default. You can control whether online meetings are the default at an organization and mailbox level. Outlook desktop relies on system registry settings to know if online meetings should be created. An add-in loaded is loaded automatically to insert the neceessary data to make a meeting online if necessary.
Exchange Online supports dynamic distribution lists, a great way to address sets of recipients found by resolving a filter against the directory. In this example, we explore how to create a dynamic distribution list to address mailboxes marked as preferring a specific beverage. It might even be useful some day!
At the Ignite 2020 virtual conference, Microsoft ISV Code Two Software demonstrated a new Outlook API to make email signature management easier across all Outlook clients. The Signature API supports web add-ins that work on all Outlook platforms to allow users to select which corporate email signature to apply before sending messages. The new API should be available at the end of 2020 and we can expect updates from multiple ISVs in the email signature management space to exploit the new capability.
Version 2.0.4 of the Exchange Online Management PowerShell module is now available for download from the PowerShell Gallery. The new release contains many useful enhancements including support for Ubuntu Linux and several versions of MacOs.
Some recent small changes in Teams will make users happy because the product’s fit and finish is improving. Speaker attribution for live captions makes conversations easier to follow and faster updates from Exchange mean that out of office notifications and change in presence states are picked up faster. These aren’t earthshattering changes, but they do make Teams more pleasant to use.