0

SPF Record Fun

SPF Record Structure

Sender Policy Framework (SPF) is a fundamental component of modern e-mail authentication, designed to reduce the risk of spoofing and phishing attacks. By publishing a DNS record that specifies which mail servers are authorised to send messages on behalf of a domain, SPF allows receiving systems to validate whether an incoming message genuinely originates from the claimed sender. SPF alone does no… Read the rest “SPF Record Fun”

0

TLS Web Services Support On Exchange Server 2019 CU14 vs CU15

Exchange Server 2019 CU15 TLS Scan Results

Transport Layer Security (TLS) has always been a critical component of securing communications in Microsoft Exchange Server, ensuring confidentiality and integrity of email traffic both internally and externally. With Exchange Server 2019, Microsoft has steadily evolved TLS support to align with modern security standards and deprecate older, weaker protocols. A notable shift came between CumulativRead the rest “TLS Web Services Support On Exchange Server 2019 CU14 vs CU15”

0

Azure Communication Service – Enable DKIM Signing

When sending email through Azure Communication Services (ACS), proper sender authentication is essential to ensure that your messages are trusted and successfully delivered. DomainKeys Identified Mail (DKIM) is one of the key technologies that provides this assurance by digitally signing each outgoing message.  This allows recipient mail systems to verify that the email was not altered and genuine… Read the rest “Azure Communication Service – Enable DKIM Signing”

0

Exchange 2019 CU15 Released (2025 H1)

Exchange 2019 CU15 Released

Exchange 2019 CU15 has been released to the Microsoft Volume Licensing Center and the public Microsoft Download site!  Exchange 2019 has a different servicing strategy than Exchange 2007/2010 and utilises Cumulative Updates (CUs) rather than the Rollup Updates (RU/UR) which were used previously.    CUs are a complete installation of Exchange 2019 and can be used to install a fresh server or to upd… Read the rest “Exchange 2019 CU15 Released (2025 H1)”

0

Save The Date 14th October 2025

Exchange Server 2019 End of Support Dates

The 14th of October 2025 marks another pivotal moment in Microsoft’s product lifecycle, as a large spectrum of very popular and widely deployed software reaches end-of-support. This includes Windows 10 and Windows 11 22H2.  On the productivity front, the extended support for Office 2016 and 2019, along with Visio 2016/2019, Project 2016/2019, and server-side tools like Exchange Server 2016/2019, S… Read the rest “Save The Date 14th October 2025”

0

How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record

DMARC RecordfCheck

Previously we looked at how to use nslookup to retrieve the main Domain Based Message Reporting And Conformance (DMARC) DNS record. One of the often overlooked and behind the scenes aspect of DMARC is that a 3rd party DMARC provider has to actually grant permission for DMARC reports to be sent to them for a given domain.  Without that permission, email service providers will not be able to send DM… Read the rest “How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record”

0

Tenant Hydration – Still A Thing

Exchange HCW - Tenant Hydration Issue

Almost 10 years ago I ran into a customer deployment where they were unable to run some of the Exchange PowerShell commands.  Funnily enough, this bubbled up the other week.

As a recap, tenants are created in a dehydrated state to minimise resouce consumption.  That means they can not be customised things like Role Based Access Control (RBAC) assignments are read-only and can not be customised.  Th… Read the rest “Tenant Hydration – Still A Thing”

0

MTA-STS–Comments On Deploying Azure Static Web App

Hosting MTA-STS File on Azure Static Web App

Many customers have completed or are completing the rollout of SPF, DKIM and DMARC to improve email security.  Once DMARC has been moved to 100% quarantine that means that all of the issues have been identified and resolved.  So what’s next?

Typically this is where MTA-STS comes in. Mail Transfer Agent - Strict Transport Security (MTA-STS) is intended to provide additional security to email transpo… Read the rest “MTA-STS–Comments On Deploying Azure Static Web App”

2

Exchange 2019 CU14 – Extended Protection New Setup Command Line Options

Exchange 2019 CU14 New Setup Options

Exchange 2019 CU14 will enforce the use of Extended Protection (EP) by default.  This is the desired security configuration as we need to harden the traffic to help prevent Attacker In the Middle (AiTM) style attacks.  This is not a new thing, and the Exchange team added support for EP in the previous releases as an optional (but strongly recommended) feature.  The intent was that customers would … Read the rest “Exchange 2019 CU14 – Extended Protection New Setup Command Line Options”

0

April 2024 Exchange Server Hotfix Updates – HU

Exchange April 2024 Hotfix Update

Want some updates to go with your updates?  That’s pretty much what you are getting with the April 2024 Exchange updates.  We can split the features which are part of the April 2024 release into two main areas:

  1. Fixing the multiple things that broke with the March 2023 Security Update (SU)
  2. Adding net new features

The April 2024 HU is available for the following builds of Exchange Server:

  • Exchange Serve
Read the rest “April 2024 Exchange Server Hotfix Updates – HU”