Inactive mailboxes have been available in Exchange Online since 2015. A new inactive mailboxes listing is available in the Microsoft 365 compliance center. The GUI isn’t very functional, but perhaps it’s a starting point for some enhanced management capabilities for inactive mailboxes. We’ve only been waiting six years…
Microsoft wants to eliminate the Search-Mailbox cmdlet, but it’s still very valuable when the time comes to remove mailbox items because of a spam attack or similar reasons. The suggested replacement is Core eDiscovery searches and associated content search purge actions, but these are slower and less effective than Search-Mailbox. To prove the point, we’ve put together a demonstration script to show how to compose a search query and run it against a set of mailboxes.
A reader asked how to move membership of multiple distribution lists from one mailbox to another. We use PowerShell to do the job. Only a few lines are needed to switch the memberships, but we add a few more lines to make the script work better. We don’t handle dynamic distribution lists. This is possible for precanned (simple) filters, but given the number of dynamic distribution lists usually involved, it’s probably best to update directory settings manually.
For whatever reason, Microsoft decided to cancel plans to remove the Top Senders and Recipients report from the SCC, citing customer feedback as the reason. The thing is that the SCC report and its underlying cmdlet use an old data source. The Microsoft Graph Reports API is the modern approach and an adequate replacement usage reports is available in the Microsoft 365 admin center. I really can’t understand why anyone would want to keep the old report as it’s not very good at all.
Exchange Online supports the ability to send email using any SMTP proxy address assigned to a mailbox. Following the announcement of the feature, users had many questions including what clients can be used. Here are some common questions and answers about the feature, including some PowerShell to report the set of proxy addresses assigned to user mailboxes.
Microsoft wants to retire the Search-Mailbox cmdlet from Exchange Online. But while the cmdlet available, it does a great job of removing mailbox items. If you get the search query right! In this example, we explain how to write a script to clear out calendar items from the mailboxes of multiple users.
Exchange Online indexes the items stored in mailboxes. Some of the items are partially indexed, meaning that not all of their content is indexable. Microsoft has a PowerShell script to analyze the number of partially indexed items found in mailboxes. The output is kind of esoteric, so we worked it over to create something more understandable.
Microsoft has updated the Exchange Online outbound spam filter policy to stop automatic forwarding of email from user mailboxes. The change is now effective with the default set to block automatic forwarding. You can create a custom policy and apply it to selected mailboxes and distribution lists if they need to forward email.
Exchange Online supports dynamic distribution lists, a great way to address sets of recipients found by resolving a filter against the directory. In this example, we explore how to create a dynamic distribution list to address mailboxes marked as preferring a specific beverage. It might even be useful some day!
Exchange Online Protection (EOP) quarantines suspicious messages to stop spam, malware, and phishing email arriving into Exchange Online inboxes. Administrators can review quarantined messages. Reviewing messages can find some problems, like messages that shouldn’t have been stopped. But reviews take time, and sometimes other stuff gets in the way, which means that quarantined messages expire without anyone ever asking the question “why.”
Characterizing backup of Exchange Online mailboxes to PSTs as brain-dead might have been harsh, but it’s an accurate assessment of the worth of this idea. Plenty of cloud-based backup offerings exist that can process Exchange Online data more securely and at scale. If you want to backup Office 365, stay away from PSTs and use a different product, after asking some questions to ensure that the backups deliver the value you expect.
Exchange Online Protection monitors email traffic in and out of Office 365 tenants. When a mailbox exceeds limits, it might end up being restricted, such as in the case when the mailbox might be compromised. We tried to find out when Exchange Online Protection restricted mailboxes and what to do afterwards. Here’s what we discovered.
Many migration projects use Exchange Web Services (EWS) to move data to Exchange Online. EWS is using throttled to preserve resources. Here’s how to lift the restrictions for up to 90 days, all without going near a support call.
I’ve written many articles to explain how to use the Office 365 audit log to report different aspects of the platform. But taking action is much better than just reporting. In this post, we explain how to take a report generated from the Office 365 audit log and use it to drive some actions. In this case, removing the SendAs permission from people who aren’t using it.
Exchange Online mailboxes support SendAs, Send on Behalf Of, and FullAccess permissions. A previous script focused on the FullAccess permission. This version covers all three. It’s also a good example of how you need to pay attention to property sets when writing PowerShell code to use the new Exchange Online REST-based cmdlets.
In addition to mailbox permissions, Exchange Online supports folder-level delegated permissions. Users can create folder delegations through Outlook desktop. Like mailbox permissions, it’s a good idea for tenants to check folder-level delegations to ensure that people don’t keep permissions for longer than they should. We explain how to create a PowerShell script to generate such a report.
Exchange Online makes it easy to assign delegated permissions for user and shared mailboxes. But permissions assigned to people might not be still necessary, so it’s good to do a periodic check. In this post, we describe a script to scan for permissions on Exchange Online user and shared mailboxes and highlight non-standard permissions in a report generated as a CSV file.
Exchange Online enables mailbox auditing by default, which should mean that audit events get to the Office 365 audit log for all E3 and E5 mailboxes. Well, that’s what you might thing but that’s not what happens. Mailbox events for E5 mailboxes arrive just fine, but you must reenable E3 mailboxes for auditing before their events flow. It’s a bizarre situation.
Microsoft has released information about high-value Office 365 audit events and audit event retention policies. Both are part of a Microsoft 365 Advanced Audit offering. The MailItemsAccessed event is the first high-value audit event (we can expect more) and the retention policies are used to purge unneeded events from the Office 365 audit log.
Outlook Mobile now supports delegate access to Exchange Online mailboxes. By granting fuil access to a delegate, they can open and work with a mailbox, and send messages using the SendAS or SendOnBehalfOf permissions. The new feature underscores the advantage Outlook mobile enjoys over other mobile Office 365 email clients.
OWA now includes Files in its “module switcher”). The new module allows fast access to attachments stored in any folder in an Exchange Online mailbox. It’s a neat feature that will please many people simply because it makes finding often-elusive attachments just that bit easier.
Some Exchange Online mailboxes are quite small (2 GB for frontline users). Tenant administrators might want to monitor mailbox usage to make sure that quotas aren’t unexpectedly exhausted. This post explains how to use a PowerShell script to calculate the percentage of mailbox quota used and highlight the problem if a threshold is passed.
Microsoft has announced that basic authentication for multiple email connection protocols won’t be supported after October 13, 2020. You won’t be able to connect with EWS, EAS, IMAP4, POP3, or Remote PowerShell unless you use modern authentication. There’s just over a year to prepare, but there’s some work to be done.
Microsoft is now rolling out MyAnalytics access to Office 365 accounts with an Exchange Online license.The first sign that anyone gets is when they receive one of MyAnalytics’s well-intended messages to help them organize their work life smarter. Funnily enough, some people don’t like the idea of Office 365 analyzing and reporting their work habits, which is why you might need to disable MyAnalytics for some mailboxes.
Microsoft has confirmed that disconnected Exchange Online mailboxes are not included in the sources scanned by Office 365 content searches, thus clearing up some misunderstandings that might have existed in the field. The bottom line is that if you want to search mailboxes that don’t belong to accounts, you should use inactive mailboxes.
Exchange Online allows users to add personal retention tags to their maiboxes through OWA settings. Some organizations don’t like this, so they can deploy user role assignment policies to block the feature. It;s something that you could consider doing if you’re preparing to switchover to Office 365 retention policies to impose the same retention regime across multiple workloads.
Outlook mobile users now have shared mailbox support in both iOS and Android platforms. The work to upgrade the backend service is also progressing and is past 50% rollout. And dark mode is coming too. It’s available in beta today to Testflight users (only for iOS), and it’s also been enabled for some users who run the latest version of the clients.
The Outlook Places service is used by Outlook clients to present metadata about meeting locations to users. Currently, OWA is the only client that consumes the service. You can update location metadata with details to make it easier for users to select the right location for their meeting, including geocoordinates that can be used to display map directions to the location.
A question about how best to set auto-replies for Exchange Online shared mailboxes to respond to messages arriving during a public holiday gives another chance for PowerShell to show how useful it is. You could do the work with Flow, but PowerShell is more flexible and capable when dealing with multiple shared mailboxes.
Teams does a good job of storing compliance records in Exchange Online mailboxes so that the data is available for Office 365 eDiscovery. But the number of records can impact the mailbox quotas of frontline workers, especially if they send graphics in personal and group chats. Here’s some PowerShell to help discover how much mailbox quota is being absorbed by compliance records.
Removing Office 365 accounts is easily done through the Admin Center. You can also restore deleted accounts within 30 days, but what if you want to remove accounts in such a way that they can’t be restored? The answer is that it can be done using a two-stage process. And if the mailboxes belonging to those accounts are on hold, they are kept as inactive mailboxes.
Microsoft has announced that it will deploy the ability to add shared mailboxes to Outlook Mobile by the end of July. But if you want to see the feature early, you can join the Testflight program and install the beta version of Outlook mobile. Using Outlook for iOS with Testflight also forces the upgrade of your Office 365 tenant to the Microsoft Sync Technology.
Microsoft has announced that Outlook Mobile (iOS and Android) will include support for Exchange Online shared mailboxes “in the next several weeks,” which probably means early July 2019. The update comes as good news for many people who have been forced to use an IMAP4-based workaround to access shared mailboxes. Microsoft is also making some other changes to improve the Files view and calendar sync in Outlook mobile.
Microsoft has implemented a new synchronization mechanism in Outlook ProPlus to deal more efficiently with shared folders. The new approach increases the limit from 500 to 5,000 folders and is a more elegant and precise solution. Users who manage other peoples’ mailboxes will appreciate the change after they install build 11629.20196 or later.
Despite the age of the protocols, you can cheerfully connect a wide range of IMAP4 and POP3 clients to Exchange Online. If you do, you might need to consider how to handle calendar appointments, and if you want to use iCAL, you’ll need to make some adjustments with PowerShell.
Exchange Online supports inactive mailboxes as a way to keep mailbox data online after Office 365 accounts are removed. Inactive mailboxes are available as long as a hold exists on them. You can update mailbox properties to exclude all or some org-wide holds. If you exclude holds from a mailbox, you run the risk that Exchange will permanently remove the mailbox. If that’s what you want, all is well, but if it’s not, then you might not be so happy.
Microsoft announced a new migration experience from Google G Suite yesterday, which is nice. Under the covers, the venerable Mailbox Migration Service (MRS) does the work to extract mailbox data from Gmail using IMAP4 and moves it to Exchange Online. But after the move is done, there’s still lots of work to do to help users make the cultural change to their new mailbox in the cloud.
The Office 365 Admin Center offers the option to bulk-create user accounts. Loading up a CSV file with details and having it processed is simple enough, but the resulting accounts need some work before they are fit for purpose and ready for people to use. Here’s how the bulk creation process works and why we think it has some flaws.