How to Use Search-Mailbox to Remove Items from Multiple Mailboxes

The Search-Mailbox cmdlet is a very powerful weapon for Exchange administrators. It has some quirks, but the Invoke-Command cmdlet helps us get around one, which is how to use a different search query for each mailbox processed in a set of mailboxes.

Exchange Online Transport Rule to Encrypt Sensitive Email

Microsoft has released details of an Exchange Online transport rule to encrypt outbound email containing sensitive data types like credit card numbers. The rule works (after fixing the PowerShell), but needs to be reviewed and possibly adjusted to meet the needs of Office 365 tenants.

Teams Compliance Records Focused on by New Report

A new report commissioned by Microsoft explains how Exchange Online and the Security and Compliance Center meet the electronic records requirements of regulatory bodies like the SEC and FINRA. Within the report, there’s some news about changes to the way that Office 365 handles Teams compliance records stored in Exchange Online. And after all that, we consider how some backup vendors treat Teams compliance records as equivalent to the data stored in the Teams Azure services.

Good and Bad Marketing (Technical) Blog Posts

The internet makes it easy to find material to read about technical topics. Unfortunately, a lot of content is rubbish. In this post, we compare two recent technical articles and explain why we think one marketing post is good and the other isn’t up to scratch.

Service Domain Prefix Appears and Disappears in Exchange Online Cmdlets

A change made to fix a problem in Exchange Online introduced another problem in that service domains started to show up as prefixes in the data returned by PowerShell cmdlets. Microsoft has reversed the change, but the way things happened creates some questions.

Using Exchange Session Identifiers in Audit Log Records

Exchange Online now captures session identifiers in its mailbox and admin audit records that are ingested in the Office 365 audit log. That’s interesting and useful, but how do you access and interpret this information on a practical level?

Sending Email with PowerShell and Exchange Online

You can use the Send-MailMessage cmdlet in a PowerShell script to send mail messages via Exchange Online. And sometimes your IP address might be listed as a spammer, which is bad. All in all, authenticated client submission seems best.

Use Search-Mailbox to Remove Thousands of Items from an Exchange Online Mailbox

A question asks how to remove a bunch of emails from a shared mailbox. You can use OWA to do the job, especially with its Cleanup Mailbox option, but perhaps some administrative action is needed.

Office 365 Privileged Access Management: Too Flawed and Too Exchange?

Microsoft has launched Privileged Access Management (PAM) for Office 365. The name’s incorrect because PAM only works for Exchange Online right now. PAM is based on RBAC, which is good, but is the implementation too Exchange-centric?

How to Find Send As Records in the Office 365 Audit Log

Exchange administrators are accustomed to looking through mailbox audit logs to find details of events. Those same events are in the Office 365 audit log, so that’s the place to go look for information, like when you want to find out who sent a message from a shared mailbox using the SendAs permission.

How to Migrate On-Premises Distribution Lists to Exchange Online

If you run a hybrid Exchange deployment, you probably have some on-premises distribution lists that you’d like to move to the cloud. Office 365 offers no way to do this, so it’s up to PowerShell. Instead of starting from scratch, you can use a script created by Tim McMichael of Microsoft and amend it to meet your needs. PowerShell is just great.

Use an Exchange Authentication Policy to Block Email Protocols

Microsoft has released a preview of the cmdlet set to allow tenants to create and manage protocol authentication policies for Exchange Online. It’s a great chance to disable basic authentication and reduce the attack surface for password spraying.

How Exchange Online Room Mailboxes Use AutoUpdate and AutoAccept

Microsoft issued Message Center update MC151582 to tell Exchange Online administrators about a new default value for automatic processing of events sent to room mailboxes. Unfortunately, the PowerShell code in the update contains an error, so here’s some fixed code to check existing values and to set them to the new default, if you want to do that.

How to License Exchange 2019 Hybrid Deployment

Microsoft has confirmed that they will not release a free hybrid license for Exchange 2019. That’s OK, because if you want to use Exchange 2019 as the HCW host, you simply assign the server one of your licenses. After all, the server won’t simply be running hybrid connectivity, will it?

Using Special Characters in Retention Labels and Sensitivity Labels

A little known fact is that you can use graphic symbols and characters in Office 365 labels. It might bring a splash of color to your compliance and retention efforts, especially in a world where emojis are everywhere. After all, the symbols are just character codes that computers can process and Office 365 is designed to be multilingual and cope with different character sets (like the way Teams deals with Hebrew and Arabic).

New IRM Option to Control Decryption of Attachments of Encrypted Messages

Microsoft has released a new setting in the tenant Information Rights Management (IRM) configuration to control if attachments of messages encrypted with the Encrypt Only feature (in OWA and Outlook) are decrypted when downloaded. In fact, two settings are available. One for people with Azure AD accounts, and one for those without.