Browse by Tags

  • Blog Post: Protecting against Rogue Administrators

    Occasionally I am asked the following question – how can I protect the messaging environment from a rogue administrator? There are essentially two concerns being asked in this question: How do I protect the data from being deleted by a rogue administrator? How do I protect the data from being accessed...
  • Blog Post: Handling email viruses with Exchange Online

    When customers receive an email with a suspected virus, they often ask “ What do I do now? ” This blog post helps answer that question and guides you through our recommended process. This is intended for customers using Office 365 or Exchange Online Protection with on-premises Exchange servers. First...
  • Blog Post: Spam email and Office 365 environment - connection and content filtering in EOP

    In the last related blog post we gave some introduction about Exchange Online Protection (EOP), what needs to be done when EOP is not working as desired and spam email troubleshooting process and classification. In this blog we will be moving further and discussing some more advanced option to stop spam...
  • Blog Post: Spam email and Office 365 environment - Overview

    I wanted to write a series of blog posts talking about email spam in Office 365. While majority of spam mail is blocked by the Office 365 mail security gateways, there are no perfect systems that will block 100% of spam all the time, some can still get through. In case that we do experience spam mail...
  • Blog Post: Data loss prevention in Exchange just got better

    With Exchange 2013, we released a new data loss prevention (DLP) capability based on deep content analysis that helps you identify, monitor, and protect sensitive information. We’re continually looking to expand our DLP capabilities, and today we’re bringing two new ones to you—Document Fingerprinting...
  • Blog Post: Geek Out with Perry is Back!

    Perry Clarke is back to geek out with you through his blog and the Geek out with Perry video series. In this edition , Perry is joined by a new co-host, Julia White to discuss what it looks like to run a secure service in Exchange Online. The discussion covers the investments in the data center as...
  • Blog Post: In Deployment: Directory Based Edge Blocking for Exchange Online Protection

    What is Directory Based Edge Blocking? The Directory Based Edge Blocking (DBEB) feature in Exchange Online Protection (EOP) lets you reject messages for invalid recipients at the service network perimeter. DBEB lets admins add mail-enabled recipients to Azure Active Directory and block all messages...
  • Blog Post: ESE Access to Exchange: Spamcops!

    It’s not easy being a spam cop. But the folks on the Forefront Online Protection for Exchange (FOPE) team love it! Their passion for being investigators and transport experts has translated into measurable impacts to help safeguard customers’ inbound, outbound and internal business mail from spam, viruses...
  • Blog Post: Removing a Feature From The Exchange Control Panel

    For various reasons, there are times when an administrator does not want a part of the ECP to be accessible by some users and they desire a features' tab or entry point to not be visible at all. The web.config file for the Exchange Control Panel (ECP) contains the requirements a logged in user must meet...
  • Blog Post: Anti-Spam Connection Filtering when installed on Hub servers and other AS configuration misunderstandings

    Recently I came across a situation where it was reported that Connection Filtering stopped working (IPs on the Blocklist and RBLs were no longer being blocked). The solution led me to write this blog to clarify some confusion about "when" connection filtering is applied and how configuration settings...
  • Blog Post: Exchange Online Protection: A Premium Protection and Policy Service for Email

    This summer, Microsoft introduced the new Office , including the new version of Exchange Server 2013 and Exchange Online, which provides businesses with robust communication and collaboration capabilities available on-premises or in the cloud. When you talk about messaging and collaboration, especially...
  • Blog Post: Microsoft Security Advisory 2416728, the ASP.NET Vulnerability, and Exchange Server

    On September 17, Microsoft released Microsoft Security Advisory (2416728) , “Vulnerability in ASP.NET Could Allow Information Disclosure.” As stated in the advisory, Microsoft is investigating a new public report of a vulnerability in ASP.NET. Additional information about the issue can also be found...
  • Blog Post: Using S/MIME Signed/Encrypted Email with a Windows Mobile Device

    S/MIME support for Exchange Active Sync (EAS) version 2.5 was introduced in Exchange 2003 Service Pack 2 (SP2) and Windows Mobile 5 (WM5) device. In Exchange 2007 SP1, we are adding S/MIME support for EAS version 2.5, 12.0 and 12.1. While working on EAS S/MIME implementation, I was asked how users could...
  • Blog Post: Update Rollup 6 for Exchange Server 2007 Service Pack 1 Released

    Update Rollup 6 for Exchange Server 2007 Service Pack 1 ( announced a few days ago ) has been released. We would like to call out the following fixes included in this rollup: 1) Fix for a security issue which has been assigned a severity rating of critical. More information about the issue can...
  • Blog Post: Microsoft IT Showcase: Microsoft Exchange Server 2007 Edge Transport and Messaging Protection

    If you want to learn how Microsoft IT used the features of Exchange 2007 Edge Transport role, check this out. Here is an official summary: In deploying the Exchange 2007 based messaging protection solution, Microsoft IT used all messaging protection features of the Edge Transport server role and Forefront...
  • Blog Post: Configuring Exchange Servers Without Internet Access

    We've noticed that customers may experience Exchange services timeout or long wait times for services or application to start up. This problem occurs when a server has no internet access or occasionally when a server has limited internet access. The cause of this problem is likely related to a routine...
  • Blog Post: RBAC and the Triangle of Power

    Introduction Role Based Access Control (RBAC) is the new permissions model in Microsoft Exchange Server 2010. With RBAC, you don't need to modify and manage access control lists (ACLs), which was done in Exchange Server 2007 and earlier. On the flip side - as with anything new, RBAC can seem a bit intimidating...
  • Blog Post: Exchange 2010: Support for UPN credentials in OWA change password feature

    Last year when we released Exchange 2010 SP1, we posted about the change expired password feature in Outlook Web App and how you can enable it by creating the ChangeExpiredPasswordEnabled registry entry. See So you want to change your expired passwords in OWA... for details. Since then you've sent us...
  • Blog Post: MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

    An Exchange Server related security bulletin was released yesterday. Here are some details; please go and get the patches that apply to your Exchange version! Issued: May 08, 2007 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Recommendation: Customers should apply the...
  • Blog Post: Security Vulnerability Research & Defense blog now up

    The Microsoft Security Response Center (MSRC) team has announced today that a lot of vulnerability-related information will be posted on the new Microsoft Security Vulnerability Research and Defense Blog located at: http://blogs.technet.com/swi/ On the new blog, the team says this: We expect...
  • Blog Post: Publishing Exchange Server 2010 with Forefront UAG and TMG

    Since joining the Exchange Customer Experience team a few months ago, a question I'm commonly asked (aside from “When are you taking over the storage calculator from Ross? He’s a busy chap and as the new guy on the team you should help him out so he can take a break now and then.” –...
  • Blog Post: Accepted Domains, Safe Senders List and You

    You may have noticed a change in the behavior of the Safe Senders list within Outlook starting in Exchange 2010. Users can no longer add accepted domains to Outlook’s Safe Senders list. Figure 1: Adding an accepted domain to Outlook's Safe Senders list This was done as an anti-spam deterrent as we have...
  • Blog Post: Geek Out with Perry on RBAC

    At Tech.Ed Europe in Berlin and many other events, folks have asked me questions that they wanted Perry to geek out on. One topic that came up is how Exchange management makes decisions and what sort of planning and decisions go into architecting Exchange. In his blog and video , Perry starts to explain...
  • Blog Post: How to Configure Certificate Based Authentication for OWA - Part II

    In my last post I showed how to set up OWA certificate based authentication on a Windows 2003 CAS with ISA 2006. In this post, I will cover how to set this up when your Client Access server is running on Windows 2008 server without being published with ISA server. Note: These steps are only for Exchange...
  • Blog Post: Released: Software Update 1 for ForeFront Threat Management Gateway (TMG) 2010 Service Pack 1

    The ForeFront product team has just released Software Update 1 for Microsoft Forefront TMG SP1 that fixes the issue with ForeFront TMG 2010, ForeFront Protection for Exchange and Exchange 2010 SP1 on the Edge Transport server role. More details in Software Update 1 for Microsoft Forefront Threat Management...