13

Should I Overwrite The Default Exchange SMTP Certificate?

Exchange Prompt To Overwrite Default SMTP Certificate

When adding a TLS certificate on an Exchange server, the inevitable prompt will appear to enquire if you wish to overwrite the default SMTP certificate binding.  While the UI in the current versions of Exchange is slightly different, it was basically the same prompt in Exchange 2010 & Exchange 2007.

Exchange Prompt To Overwrite Default SMTP Certificate

While the prompt language was the same in Exchange 2007 and newer versions, the way that transpo… Read the rest “Should I Overwrite The Default Exchange SMTP Certificate?”

0

Exchange & TCP/IP Port Range

The below is an interesting result after installing Exchange.  The act of installing Exchange will change how TCP/IP operates on the server with respect to ephemeral connections.

This may manifest itself in a few ways.

For example:

  • Security or Network are "surprised" with different network behaviour on an Exchange server when reviewing captures
  • Network team sets a very restrictive firewall ACL which is
Read the rest “Exchange & TCP/IP Port Range”
0

QuickTip – Query Block Mode

Exchange 2010 SP1 introduced the concept of block mode or granular replication.  This minimised the time taken for transactions on the active node to be replicated to passive nodes.  Since the feature is enabled by default and is self-managing, there is a good chance that you are benefiting from it without being fully aware of it.

See also understanding High Availability and Site Resilience

If you d… Read the rest “QuickTip – Query Block Mode”

11

Collected Links For Hafnium – March 2021 Exchange Security Issue

The below are a series of links, tips and some very brief thoughts on Hafnium.  I will purposefully not include the content of the other locations as it is changing so rapidly, and there is no way to ensure that it would be updated here in a timely fashion.

 

 

If you read nothing else, please ensure that you install the update from an elevated CMD prompt if you are manually installing. 

FaiRead the rest “Collected Links For Hafnium – March 2021 Exchange Security Issue”

0

Exchange 2010 SP3 RU32 Released

Today is an out of band security release for Exchange.  Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security  Response Center to read the details about this and the other released security updates.

Download Exchange 2010 SP3 RU32

Note – The image does not show RU 32, and I'll update it once the download site is corrected. 

This is build 14.03.Read the rest “Exchange 2010 SP3 RU32 Released”

2

Out of Band Critical Exchange Security Updates–March 2021

Security updates were released today for Exchange 2010, 2013, 2016 and 2019.  Attacks were detected which leveraged these vulnerabilities, so an out of band set of updates was released

This a remote code execution on TCP 443 and is already being exploited as a 0-Day attacks against on-premises Exchange servers.

Microsoft strongly recommends installing this update immediately.  Internet facing serverRead the rest “Out of Band Critical Exchange Security Updates–March 2021”

1

Exchange 2010 SP3 RU31 Released

Today is patch Tuesday for December 2020  and contains a security advisory bulletin for Exchange 2010.  Due to the way that Exchange 2010 is serviced, security updates are released as a new update rollup (RU).

You can visit the Microsoft Security  Response Center to read the details about this and the other released security updates.

Download Exchange 2010 SP3 RU31

This is build 14.03.0509.000 of Exchange 2010, and KB 4593467 has the… Read the rest “Exchange 2010 SP3 RU31 Released”

0

Exchange HCW Detects “Wrong” Version

When running Exchange setup or the Exchange Hybrid Configuration Wizard (HCW), I always recommend looking at the version information that is shown on screen. This is part of the gross error check to make sure that the correct version is being used.

This habit is one of the recommendations made in the Mistakes to Avoid Installing Exchange CU post.

Sometime you still may see something that surprises yo… Read the rest “Exchange HCW Detects “Wrong” Version”

1

End of Exchange 2010 Support

Exchange 2010 has proven to be a solid and innovative product over the last decade.  From consolidating three different flavours of continuous replication, adding RPC Client Access and the Exchange Hybrid Configuration Wizard in Service Pack 2 we have a lot to be thankful for.  However it is time so say goodbye to this old friend.

I can only imagine the number of time people have been running setupRead the rest “End of Exchange 2010 Support”

1

Exchange 2016 CAS Namespace Cutover Authentication Failure

You have prepped for months, and tonight is the night!  It is the night of CAS namespace cutover to move the HTTPS namespaces from Exchange 2010 so that the point to Exchange 2013 or 2016.  DNS TTL was decremented.  Servers are all fully updated as are the Outlook clients and we are good to go.

The DNS change kicks in, and Outlook HTTPS traffic hits Exchange 2016 and we enter a spiral of never endi… Read the rest “Exchange 2016 CAS Namespace Cutover Authentication Failure”