Reporting the Connection Protocol Used by Outlook Mobile Clients

Microsoft has refreshed the Outlook Mobile architecture (now called “Microsoft Sync Technology”). They suggest that you run some PowerShell to report clients connecting via the old and new architectures. Their code works, but we think ours is better.

Azure Information Protection Client Supports S/MIME

The latest version of the Azure Information Protection (AIP) client supports the ability to associate S/MIME protection with an AIP label. Although interesting, it’s a feature unlikely to be of much practical use to the majority of Office 365 tenants.

Phishing: Sample Messages Delivered to Exchange Online Mailboxes

Another day, another phishing attempt, this time trying to make unwary Office 365 administrators click on a link to “Retrieve Pending Messages” for their domain. I’m surprised this one got through! Some other examples from November 2019 are included for your review. Make sure that you report these bad boys when they arrive into user mailboxes

Phishing: EFile Document Notification

A very exciting message arrived in my mailbox. So exciting that it was too good to be true. Some basic checks made me more suspicious and then Outlook’s Message Header Analyzer gave more evidence to think the message was bad.

Office 365 Sensitivity Labels Bring Rights Management to the Masses

Azure Information Protection and Office 365

Rights management and encryption are likely to be a much more common Office 365 feature in the future. Sensitivity labels makes protection easy for users to apply through Office apps. The downside is that protection makes content harder to access for some Office 365 and ISV functionality.

Populating Team or Group Membership from Distribution Lists

Exchange Online distribution lists can be used to populate the membership of Office 365 Groups or Teams by applying a little PowerShell magic. Here’s how.

How to Remove Thousands of Items from an Exchange Online Mailbox

A question asks how to remove a bunch of emails from a shared mailbox. You can use OWA to do the job, especially with its Cleanup Mailbox option, but perhaps some administrative action is needed.

Office 365 Privileged Access Management: Too Flawed and Too Exchange?

Microsoft has launched Privileged Access Management (PAM) for Office 365. The name’s incorrect because PAM only works for Exchange Online right now. PAM is based on RBAC, which is good, but is the implementation too Exchange-centric?

Using the Office 365 Audit Log to Find SendAs Events

Exchange administrators are accustomed to looking through mailbox audit logs to find details of events. Those same events are in the Office 365 audit log, so that’s the place to go look for information, like when you want to find out who sent a message from a shared mailbox using the SendAs permission.

Protecting Email Holding Sensitive Data

Office 365 offers different ways to apply encryption to important messages. When those messages hold sensitive data known to Office 365, like credit cards or passport numbers, we can define a transport rule or DLP policy to protect outbound email automatically. And while you can define rules and policies through the GUI, PowerShell is available too.

Migrating On-Premises Distribution Lists to Exchange Online

If you run a hybrid Exchange deployment, you probably have some on-premises distribution lists that you’d like to move to the cloud. Office 365 offers no way to do this, so it’s up to PowerShell. Instead of starting from scratch, you can use a script created by Tim McMichael of Microsoft and amend it to meet your needs. PowerShell is just great.

Disabling Basic Authentication for Exchange Online (Preview)

Microsoft has released a preview of the cmdlet set to allow tenants to create and manage protocol authentication policies for Exchange Online. It’s a great chance to disable basic authentication and reduce the attack surface for password spraying.

Enhancing Public Folder Scalability

A recent update for Exchange Online gives extra control over who can access public folders. The change is intended to help with scalability, but it can be used to turn public folders off for any mailbox for which you care to disable access.

AutoUpdate versus AutoAccept

Microsoft issued Message Center update MC151582 to tell Exchange Online administrators about a new default value for automatic processing of events sent to room mailboxes. Unfortunately, the PowerShell code in the update contains an error, so here’s some fixed code to check existing values and to set them to the new default, if you want to do that.

Licensing Exchange 2019 Hybrid

Microsoft has confirmed that they will not release a free hybrid license for Exchange 2019. That’s OK, because if you want to use Exchange 2019 as the HCW host, you simply assign the server one of your licenses. After all, the server won’t simply be running hybrid connectivity, will it?

LinkedIn Connects to Office 365

You can now connect Office 365 accounts to LinkedIn accounts (or block the connection at a tenant level). It’s a nice way to keep tabs on your LinkedIn contacts and find out what they’re doing with a simple click in an Office 365 people card.

Use the Office 365 Audit Log to Find Out Who Deleted Messages

Exchange Online sends its mailbox audit records to the Office 365 audit log. You can search the log to discover who deleted messages from mailboxes, normally only an issue when delegates are involved.

Using Special Characters in Office 365 Labels

A little known fact is that you can use graphic symbols and characters in Office 365 labels. It might bring a splash of color to your compliance and retention efforts, especially in a world where emojis are everywhere. After all, the symbols are just character codes that computers can process and Office 365 is designed to be multilingual and cope with different character sets (like the way Teams deals with Hebrew and Arabic).

Microsoft Rolls Out Block for Calendar Forwarding

A new Exchange feature rolling out inside Office 365 allows meeting organizers to block people forwarding their meetings to all and sundry. The latest versions of OWA and Outlook 2016 click to run support the UI for the feature and blocks are built into Exchange Online and Exchange on-premises servers to stop blocked meetings sneaking through.

Accelerating Exchange 2019 at Ignite 2018

Have you ever tried to use SSDs with Exchange Server only to be told that it’s a really bad idea and that you should concentrate on JBOD. Well, Microsoft has made some changes in Exchange 2019 and will talk about them at Ignite, and you can learn about it on Wednesday, Sept 26 in-person, online, or afterwards.

Eradicating Some Bad Email Habits Improves Your Office 365 Security

Hanging on to old email habits is a bad idea, especially if you use a cloud service like Office 365 where Microsoft introduces a steady stream of new features. The worst bad habit is password sharing. It’s time to stop this now.

Making sure that Office 365 Retention Policies process Teams

Microsoft Teams support Office 365 retention policies, but how do you know if policies you create are effective in removing items from Teams? Well, as it turns out, you must go poking under the covers to validate that removals happen as planned.

New IRM Option to Control Decryption of Attachments of Encrypted Messages

Microsoft has released a new setting in the tenant Information Rights Management (IRM) configuration to control if attachments of messages encrypted with the Encrypt Only feature (in OWA and Outlook) are decrypted when downloaded. In fact, two settings are available. One for people with Azure AD accounts, and one for those without.

Losing the Last Name, First Name Legacy

Office 365 Gravtar

A recent post by MVP Mark Vale describes how to use synchronization transformation rules in AADConnect¬†to change the last name, first name format (for example, Smith, James) for display names to a more user-friendly first name last name format (our example becomes James Smith) for accounts as they synchronize to Azure Active Directory from an …