#msexchange — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #msexchange, aggregated by home.social.
-
📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.
Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.
Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.
Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.
Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
📢⚠️ China-linked #FamousSparrow hacking group targeted an oil and gas firm in #Azerbaijan using the ProxyNotShell exploit chain alongside Deed RAT and Terndoor malware across three persistent attack waves.
Read: https://hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
The Exchange Deployment and Compliance Tool has been updated to 1.0.0.0; consult the Changelog for changes https://github.com/michelderooij/EDCA
For example, EDCA is now available from the PowerShell Gallery https://www.powershellgallery.com/packages/EDCA #MSExchange #Security #NIS2 #CIS #ANSSI #BSI #CISA #ISM #DISA -
The Exchange Deployment and Compliance Tool has been updated to 1.0.0.0; consult the Changelog for changes https://github.com/michelderooij/EDCA
For example, EDCA is now available from the PowerShell Gallery https://www.powershellgallery.com/packages/EDCA #MSExchange #Security #NIS2 #CIS #ANSSI #BSI #CISA #ISM #DISA -
The Exchange Deployment and Compliance Tool has been updated to 1.0.0.0; consult the Changelog for changes https://github.com/michelderooij/EDCA
For example, EDCA is now available from the PowerShell Gallery https://www.powershellgallery.com/packages/EDCA #MSExchange #Security #NIS2 #CIS #ANSSI #BSI #CISA #ISM #DISA -
Almost time! Session ‘IAM and Exchange: Frenemies in Hybrid Organizations’ #MSExchange #Exchange #EntraID #Hybrid #ActiveDirectory #SMTP #MSExchangeSummit
-
Würzburg! I am in you!
Feel free to follow me on socials, and if you are here in person and have questions or want to talk: feel free to do so! (Unless I'm working on my deck 🤔😉) -
This week I'm taking time off from my projects at #Rubicon. Today I'm traveling and on Tuesday and Wednesday I will be joining my friends and peers at the Exchange Summit 2026 in Würzburg, Germany! I'll be talking about "IAM and Exchange: Untangling frenemies in Hybrid organizations". Follow me for updates!
#IAM #Identity #MSExchange #Hybrid #Entra #Microsoft365 #MVPBuzz #MSExchangeSummit
-
This Friday I will online speaking at Workplace Ninjas Denmark 2026 with the session "Mastering Mailflow: Strategies to Protect your Organization" in which I will cover key techniques and strategies that protect your organization's incoming and outgoing mail flow. A topic dear to my heart and is unfortunately something does not have the attention it should.
For more information and free registration: https://www.meetup.com/wpninjasdk/events/312783505/
-
Several hours ago the #MSExchange Team posted an update on the #SMTP AUTH Basic #Authentication timeline. To summarize: the original date of disabling the option of March 2026 is now delayed to H2 2027 for existing tenants. Newly created tenants will have to deal with this from December 2026.
-
The only "irritation" I have is that this is the third time something got changed by the Exchange Team HOURS before an important meeting on breaking changes deadlines. COME ON! 😁
-
Day 24 of #ITAdvent. And this concludes yet another run. I hope you found some usefull tips, I had a nasty cold so that might have had an impact. In any case, happy holidays and see you in the next year! And yes, I haven't forgotten that #MSExchange and Start-of-authority blog post ;-)
-
Day 12 of #ITAdvent. Short low effort self-plug as I'm a bit under the weather: I'll be speaking (in English) at the excellent in-person event Exchange Summit 2026 in Würzburg, Germany on 24/25 February 2026.
-
My topic? "IAM and Exchange: Untangling frenemies in Hybrid organizations". The relationship between Identities in Active Directory and Exchange has always tightly integrated, being hybrid made it more complex. I will discuss important IAM considerations designing, managing and moving away from AD.
More info: https://www.exchange-summit.de/ or https://www.linkedin.com/posts/msexchange-summit_exchangesummit-microsoftexchange-iam-activity-7403741450338725888-Zt_8
-
Day 4 of #ITAdvent. I always appreciated the idea of Zero-Hour Auto-Purge (ZAP): removing malicious retroactively increasing #security. It works for #MSExchange and #MicrosoftTeams messages, but you needed Defender for O365 Plan 2, but that changes with #MC1187837 https://mc.merill.net/message/MC1187837
-
Anyway, on that Start-of-Authority for groups and #MSExchange attributes: Learned a lot of the little things, gotcha's and all. It's really something anyone with a #hybrid org transitioning to cloud-only needs to look into.
-
Finished a little project removing the last #MSExchange server together with flipping the Start-of-Authority of Group objects and Exchange Attributes. Had to use ADSIEdit to remove some Exchange stuff, made it a bit more interesting 🤓
-
MS Exchange gibt es seit 1996. SMTP gibt es seit 1982. Microsoft adaptierte die Technologie und zwang Firmen ihre Server auf. Im Internet spielt #MSExchange kaum eine Rolle. Fast 90% sind Open Source. Exchange kennt man primär daher, wenn mal Probleme mit Mailservern auftreten. Und dann bekommt man kryptische Fehlermeldungen, die nicht-standard SMTP sind. Das Krisenmanagement der Landesregierung ist aber schlecht. Der Weg aber richtig. Weg vom Monopol hin zu Standards .
-
BTW: from October 1st new Accepted Domains will automatically use the new MX infrastructure, which will maken enabling DANE a little less of a hassle as there should be no change in your MX record. See MC1048624 or https://mc.merill.net/message/MC1048624
-
You must enable DANE on your domain as this change is currently only present on the new https://mx.microsoft infrastructure. Currently for existing accepted domains this is the way to transition to the new infrastructure, although eventually new accepted domains will use this automatically (you do still need to enable DNSSEC & DANE). See more on DANE here https://learn.microsoft.com/en-us/purview/how-smtp-dane-works?wt.mc_id=M365-MVP-5000976
-
Although for hosted services you do not have control over their certificate management, however I would find it reassuring if such a service would implement CAA. And: Since a few days #MSExchange Online now has CAA records!
-
With upcoming changes in the maximum validity period of certificates (max 200 days in 2026, 100 in 2027, 47 in 2029) the use of ACME (Automated Certificate Management Environment) will certainly increase. The addition of CAA and combination with ACME is another layer in your security stack. It's recommended for Dutch governments.
-
You all know I like to use the https://internet.nl internet standards test. Recently they added the Certificate Authority Authorization or CAA DNS record check. This record signals which Certificate Authority is allowed during the certificate request process and CA's should honor this record and only issue a certificate when it's listed.
-
The biggest gain is achieved by changing your default domain and checking existing objects. In addition, the default DKIM signing domain is often the MOERA domain. Take a moment to properly configure each custom domain as well, enhancing #security.
Read more here for a more detailed explanation and how to monitor the use of MOERA domains: https://techcommunity.microsoft.com/blog/exchange/limiting-onmicrosoft-domain-usage-for-sending-emails/4446167?WT.mc_id=M365-MVP-5000976
-
Last week #Microsoft announced an important change throttling #MSExchange Online outbound mail using *.onmicrosoft.com, or MOERA (Microsoft Online Exchange Routing Address). This is done to limit malicious\unsolicited mails from trail tenants, which is indeed a problem.
The impact for organizations using custom domains is limited. However, orgs might not be aware that some non-user objects use MOERA domains per default (i.e. Booking app, notifications etc.).
-
There are more similar changes already in preview and on the roadmap, but this is indeed a very big step in ending the era of maintaining an Exchange server “just because we sync our AD" and providing more flexibility in identity provisioning and governance.
-
This is big #MSExchange news! Today #Microsoft posted an article introducing the preview of the IsExchangeCloudManaged parameter in which you can shift the start-of-authority of Exchange attributes on hybrid identities from on-prem to cloud.
When enabled on a mailbox, you can manage synced identities mail properties directly in Exchange Online. Previously this was not possible and the reason you required an on-prem Exchange Server for management (or serverless with Management Tools).
-
New August 2025 #security update for #MSExchange! There are some vulnerabilities fixed, as of now not active in the wild but no reason to procrastinate. Small note: now AMSI HTTP Message body scanning will be enabled per default. Read more and find #Microsoft download links here: https://techcommunity.microsoft.com/blog/exchange/released-august-2025-exchange-server-security-updates/4441596?wt.mc_id=M365-MVP-5000976
-
Direct Send is defined as your organization sending mail to #MSExchange Online using a sender domain that is an accepted domain AND which is not send via any authentication (user or via Connectors). In some cases you might require this functionality, however this obviously can open your organization up to receive spoofed mails. Those should be filtered, but depending on the complexity the ability to disable Direct Send is a welcome option.
-
Recently the #MSExchange product group posted an article on disabling #SMTP Direct Send and after feedback reposted it with some additional clarifications because there were some misconceptions on the definition. I have had similar discussions with organizations. It depends on your configuration what the impact might be, but IMHO it is a welcome option to reduce your attack surface but you obviously need to understand it correctly.
-
New malware called #GhostContainer has been spotted targeting high-profile organizations across Asia. Companies and individuals using #MSExchange worldwide should stay alert.
Read: https://hackread.com/new-ghostcontainer-malware-ms-exchange-servers-asia/
-
Office 365 for IT Pros 2026 edition is almost there! Want to know more about the book, release process, or simply how to subscribe to this most updated reference material https://office365itpros.com/2025/06/24/office-365-for-it-pros-2026-ed/ #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph
-
Office 365 for IT Pros 2026 edition is almost there! Want to know more about the book, release process, or simply how to subscribe to this most updated reference material https://office365itpros.com/2025/06/24/office-365-for-it-pros-2026-ed/ #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph
-
Office 365 for IT Pros 2026 edition is almost there! Want to know more about the book, release process, or simply how to subscribe to this most updated reference material https://office365itpros.com/2025/06/24/office-365-for-it-pros-2026-ed/ #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph
-
Exchange PG provided some early tools and reports to assist in EWS to Graph API changes https://devblogs.microsoft.com/microsoft365dev/exchange-web-services-code-analyzer-and-usage-report/?WT.mc_id=M365-MVP-5000284 #MSExchange #EWS #MSGraph
-
Exchange PG provided some early tools and reports to assist in EWS to Graph API changes https://devblogs.microsoft.com/microsoft365dev/exchange-web-services-code-analyzer-and-usage-report/?WT.mc_id=M365-MVP-5000284 #MSExchange #EWS #MSGraph
-
Exchange PG provided some early tools and reports to assist in EWS to Graph API changes https://devblogs.microsoft.com/microsoft365dev/exchange-web-services-code-analyzer-and-usage-report/?WT.mc_id=M365-MVP-5000284 #MSExchange #EWS #MSGraph
-
Office 365 for IT Pros and Automating Microsoft 365 with PowerShell: For less than $5 per month, get the most updated reference material maintained by team of experienced authors with real-world insights and management practices https://o365itpros.gumroad.com/l/O365IT #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph #PowerShell
-
Office 365 for IT Pros and Automating Microsoft 365 with PowerShell: For less than $5 per month, get the most updated reference material maintained by team of experienced authors with real-world insights and management practices https://o365itpros.gumroad.com/l/O365IT #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph #PowerShell
-
Office 365 for IT Pros and Automating Microsoft 365 with PowerShell: For less than $5 per month, get the most updated reference material maintained by team of experienced authors with real-world insights and management practices https://o365itpros.gumroad.com/l/O365IT #MSExchange #EntraID #Office365 #SPO #ODfB #Planner #Purview #MSGraph #PowerShell
-
Great to hear @schnoll.bsky.social, it’s always a win!! Now talking (remotely) about #MSExchange Subscription Edition at the #MSExchangeSummit in Würzburg Germany.
-
Ready for #MSExchangeSummit in Würzburg, Germany! Speaking today after lunch: “We need to talk about (on-prem) Exchange Server”
#MSExchange #Microsoft365 #SimplifyNow #SMTP -
As a recipient org that receives forwarded mails, you might want to read up on Authenticated Received Chain or #ARC. While #SRS fixes any #SPF issues, that will still cause #DKIM and #DMARC validation issues. If the forwarding org has ARC, you can trust their authentication results by adding them as a trusted ARC sealer. More info: https://learn.microsoft.com/en-us/defender-office-365/email-authentication-arc-configure
-
As a forwarder you might want to read up on Sender Rewriting Scheme or #SRS, and how #Microsoft365 manages this. This is a solution for #SPF fails due to forwarding. Do note, if you route via an on-prem infrastructure, there might be a need to adjust a setting to force SRS. More info: https://learn.microsoft.com/en-us/exchange/reference/sender-rewriting-scheme
-
Reading #WeekITtip for the weekend. I am currently involved in a case in which mail (auto)forwarding is used but that is causing the forwarded mail to be rejected. When #SPF, #DKIM and #DMARC are implemented properly, this can break legitimate mail forwarding.
-
Also check several breaking changes in #MSExchange Online such as legacy tokens, EWS deprecation, but also external recipient rate limits. Some take effect in January, others (much) later but some mitigations might take time.
Now you have some of your #SMTP New year resolutions! 😉 See you next year!
-
Last day of #ITAdvent! I made it! The last tip is more of a summarized strategy for 2025 when you are responsible for #Microsoft #MSExchange & #Outlook. There are a lot of (breaking) changes on the way you need to prepare & plan ahead.
Obviously #MSExchange Server 2016 & 2019 End of support in October 2025. Prepare by getting all servers to 2019 CU15 (eventually) & then in-place upgrade to Subscription Edition. Do note that the OS can be #Windows2022 with 2019CU15, but not #Windows2025