250 Hello - Messaging

0

How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record

Posted on 15th July 2024 by Rhoderick Milne [MSFT]

Previously we looked at how to use nslookup to retrieve the main Domain Based Message Reporting And Conformance (DMARC) DNS record. One of the often overlooked and behind the scenes aspect of DMARC is that a 3rd party DMARC provider has to actually grant permission for DMARC reports to be sent to them for a given domain. Without that permission, email service providers will not be able to send DM… Read the rest “How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record”

0

Tenant Hydration – Still A Thing

Posted on 5th July 2024 by Rhoderick Milne [MSFT]

Almost 10 years ago I ran into a customer deployment where they were unable to run some of the Exchange PowerShell commands. Funnily enough, this bubbled up the other week.

As a recap, tenants are created in a dehydrated state to minimise resouce consumption. That means they can not be customised things like Role Based Access Control (RBAC) assignments are read-only and can not be customised. Th… Read the rest “Tenant Hydration – Still A Thing”

0

MTA-STS–Comments On Deploying Azure Static Web App

Posted on 2nd July 2024 by Rhoderick Milne [MSFT]

Hosting MTA-STS File on Azure Static Web App

Many customers have completed or are completing the rollout of SPF, DKIM and DMARC to improve email security. Once DMARC has been moved to 100% quarantine that means that all of the issues have been identified and resolved. So what’s next?

Typically this is where MTA-STS comes in. Mail Transfer Agent - Strict Transport Security (MTA-STS) is intended to provide additional security to email transpo… Read the rest “MTA-STS–Comments On Deploying Azure Static Web App”

0

Exchange 2019 CU14 – Extended Protection New Setup Command Line Options

Posted on 1st May 2024 by Rhoderick Milne [MSFT]

Exchange 2019 CU14 will enforce the use of Extended Protection (EP) by default. This is the desired security configuration as we need to harden the traffic to help prevent Attacker In the Middle (AiTM) style attacks. This is not a new thing, and the Exchange team added support for EP in the previous releases as an optional (but strongly recommended) feature. The intent was that customers would … Read the rest “Exchange 2019 CU14 – Extended Protection New Setup Command Line Options”

0

April 2024 Exchange Server Hotfix Updates – HU

Posted on 30th April 2024 by Rhoderick Milne [MSFT]

Want some updates to go with your updates? That’s pretty much what you are getting with the April 2024 Exchange updates. We can split the features which are part of the April 2024 release into two main areas:

Fixing the multiple things that broke with the March 2023 Security Update (SU)
Adding net new features

The April 2024 HU is available for the following builds of Exchange Server:

Exchange Serve

… Read the rest

0

Block Incoming OnMicrosoft.com Domains Due To Spam

Posted on 29th February 2024 by Rhoderick Milne [MSFT]

Block Incoming Email From OnMicrosoft.com Domains

Unfortunately waves of spam from various onmicrosoft.com domains are a thing. The volume waxes and wanes over time, but this was an annoyance many years ago and remains so even today. Given that any meaningful organisation on the Internet will have their own brand and identity, it is highly unlikey that legitimate email from customers and partners will originate from an onmicrosoft.com address. … Read the rest “Block Incoming OnMicrosoft.com Domains Due To Spam”

1

Unable To Install or Launch Exchange HCW

Posted on 29th February 2024 by Rhoderick Milne [MSFT]

Unable To Launch Exchange Hybrid Configuration Wizard

You want to run the Exchange Hybrid Configuration Wizard (HCW) and after clicking the link to the HCW in the admin portal or manually browsing to the shortcut URL you are unable to either launch or install the HCW. Despite using Edge, the HCW application just does not install and/or launch. All you get is the initial prompt to open the file and nothing else.

For example, if we go to the shortcut … Read the rest “Unable To Install or Launch Exchange HCW”

0

Exchange 2016 – CU23 Now Required

Posted on 13th February 2024 by Rhoderick Milne [MSFT]

With the release of Exchange 2019 CU14 today, a separate announcement was added to the release post to highlight that only CU23 is supported for Exchange 2016. Exchange Server 2016 is supported until the end of its support in 2025, however in order to receive support and to obtain Security Updates (SUs) you must be running CU23. CU22 and all older releases of Exchange 2016 are no longer supporte… Read the rest “Exchange 2016 – CU23 Now Required”

2

Exchange 2019 CU14 Released (2024 H1)

Posted on 13th February 2024 by Rhoderick Milne [MSFT]

Exchange 2019 CU14 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site! Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously. CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU14 Released (2024 H1)”

0

Exchange Healthcheck Script– Unable to Connect to Server

Posted on 9th February 2024 by Rhoderick Milne [MSFT]

Below is a repro of a customer situation where the Exchange Healthcheck script was unable to connect to a remote Exchange server. The Healthcheck script would run locally with no issues, and reported a clean bill of health.

Note that the expected output log was not present after running the script.

In the command below, we are trying to remotely assess sever Exch-2019-1

Troubleshooting Thoughts

It wa… Read the rest “Exchange Healthcheck Script– Unable to Connect to Server”