Browse by Tags

  • Blog Post: Spam email and Office 365 environment - Overview

    I wanted to write a series of blog posts talking about email spam in Office 365. While majority of spam mail is blocked by the Office 365 mail security gateways, there are no perfect systems that will block 100% of spam all the time, some can still get through. In case that we do experience spam mail...
  • Blog Post: Data loss prevention in Exchange just got better

    With Exchange 2013, we released a new data loss prevention (DLP) capability based on deep content analysis that helps you identify, monitor, and protect sensitive information. We’re continually looking to expand our DLP capabilities, and today we’re bringing two new ones to you—Document Fingerprinting...
  • Blog Post: Geek Out with Perry is Back!

    Perry Clarke is back to geek out with you through his blog and the Geek out with Perry video series. In this edition , Perry is joined by a new co-host, Julia White to discuss what it looks like to run a secure service in Exchange Online. The discussion covers the investments in the data center as...
  • Blog Post: In Deployment: Directory Based Edge Blocking for Exchange Online Protection

    What is Directory Based Edge Blocking? The Directory Based Edge Blocking (DBEB) feature in Exchange Online Protection (EOP) lets you reject messages for invalid recipients at the service network perimeter. DBEB lets admins add mail-enabled recipients to Azure Active Directory and block all messages...
  • Blog Post: ESE Access to Exchange: Spamcops!

    It’s not easy being a spam cop. But the folks on the Forefront Online Protection for Exchange (FOPE) team love it! Their passion for being investigators and transport experts has translated into measurable impacts to help safeguard customers’ inbound, outbound and internal business mail from spam, viruses...
  • Blog Post: Removing a Feature From The Exchange Control Panel

    For various reasons, there are times when an administrator does not want a part of the ECP to be accessible by some users and they desire a features' tab or entry point to not be visible at all. The web.config file for the Exchange Control Panel (ECP) contains the requirements a logged in user must meet...
  • Blog Post: Anti-Spam Connection Filtering when installed on Hub servers and other AS configuration misunderstandings

    Recently I came across a situation where it was reported that Connection Filtering stopped working (IPs on the Blocklist and RBLs were no longer being blocked). The solution led me to write this blog to clarify some confusion about "when" connection filtering is applied and how configuration settings...
  • Blog Post: Exchange Online Protection: A Premium Protection and Policy Service for Email

    This summer, Microsoft introduced the new Office , including the new version of Exchange Server 2013 and Exchange Online, which provides businesses with robust communication and collaboration capabilities available on-premises or in the cloud. When you talk about messaging and collaboration, especially...
  • Blog Post: Microsoft Security Advisory 2416728, the ASP.NET Vulnerability, and Exchange Server

    On September 17, Microsoft released Microsoft Security Advisory (2416728) , “Vulnerability in ASP.NET Could Allow Information Disclosure.” As stated in the advisory, Microsoft is investigating a new public report of a vulnerability in ASP.NET. Additional information about the issue can also be found...
  • Blog Post: Using S/MIME Signed/Encrypted Email with a Windows Mobile Device

    S/MIME support for Exchange Active Sync (EAS) version 2.5 was introduced in Exchange 2003 Service Pack 2 (SP2) and Windows Mobile 5 (WM5) device. In Exchange 2007 SP1, we are adding S/MIME support for EAS version 2.5, 12.0 and 12.1. While working on EAS S/MIME implementation, I was asked how users could...
  • Blog Post: Update Rollup 6 for Exchange Server 2007 Service Pack 1 Released

    Update Rollup 6 for Exchange Server 2007 Service Pack 1 ( announced a few days ago ) has been released. We would like to call out the following fixes included in this rollup: 1) Fix for a security issue which has been assigned a severity rating of critical. More information about the issue can...
  • Blog Post: Microsoft IT Showcase: Microsoft Exchange Server 2007 Edge Transport and Messaging Protection

    If you want to learn how Microsoft IT used the features of Exchange 2007 Edge Transport role, check this out. Here is an official summary: In deploying the Exchange 2007 based messaging protection solution, Microsoft IT used all messaging protection features of the Edge Transport server role and Forefront...
  • Blog Post: Configuring Exchange Servers Without Internet Access

    We've noticed that customers may experience Exchange services timeout or long wait times for services or application to start up. This problem occurs when a server has no internet access or occasionally when a server has limited internet access. The cause of this problem is likely related to a routine...
  • Blog Post: RBAC and the Triangle of Power

    Introduction Role Based Access Control (RBAC) is the new permissions model in Microsoft Exchange Server 2010. With RBAC, you don't need to modify and manage access control lists (ACLs), which was done in Exchange Server 2007 and earlier. On the flip side - as with anything new, RBAC can seem a bit intimidating...
  • Blog Post: Exchange 2010: Support for UPN credentials in OWA change password feature

    Last year when we released Exchange 2010 SP1, we posted about the change expired password feature in Outlook Web App and how you can enable it by creating the ChangeExpiredPasswordEnabled registry entry. See So you want to change your expired passwords in OWA... for details. Since then you've sent us...
  • Blog Post: MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

    An Exchange Server related security bulletin was released yesterday. Here are some details; please go and get the patches that apply to your Exchange version! Issued: May 08, 2007 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Recommendation: Customers should apply the...
  • Blog Post: Security Vulnerability Research & Defense blog now up

    The Microsoft Security Response Center (MSRC) team has announced today that a lot of vulnerability-related information will be posted on the new Microsoft Security Vulnerability Research and Defense Blog located at: http://blogs.technet.com/swi/ On the new blog, the team says this: We expect...
  • Blog Post: Exchange Server TechCenter Updates - February 2007

    The Exchange Server documentation team is pleased to announce the following new Exchange Server 2007 content. Changes in the Administration and Permissions Model The Fundamentals of Mobile Access to Exchange 2007 Transitioning to Active Directory Site-Based Routing Domain Security in Exchange 2007 White...
  • Blog Post: Test Office 365 Single Sign-On Using Microsoft Remote Connectivity Analyzer

    We are excited to announce that the Remote Connectivity Analyzer tool has been updated! In addition to the standard set of connectivity tests, we’ve added an Office 365 tab and a Single Sign-On test . The new Single Sign-On test will validate users' ability to log on to Office 365 with their on-premises...
  • Blog Post: Exchange Server Documentation Updates - December 2007

    The Exchange Server documentation team is pleased to announce the following Exchange Server 2007 content. Service Pack 1 Highlights Common Criteria You can see these articles and other Exchange Server documentation content in the Microsoft Exchange Server TechCenter . To see what content...
  • Blog Post: Effects of Throttling on Your Deployment in Exchange 2010 SP1

    Exchange 2010 features a new resource protection mechanism - user throttling. This feature is designed to limit the amount of resources a single user or application can take up on a CAS to prevent poorly written applications from causing denial of service (DoS) to the rest of the users. You can read...
  • Blog Post: How to Manage Groups that I already own in Exchange 2010?

    This one can be a bit counter intuitive for folks coming from any legacy version of Exchange... Issue You got your shiny new Exchange 2010 download and excitedly installed it on your 2010 hardware. You have setup all your CAS server settings, your DAG is up and running. Your pilot users have been...
  • Blog Post: Life in a Post TMG World – Is It As Scary As You Think?

    Let’s start this post about Exchange with a common question: Now that Microsoft has stopped selling TMG, should I rip it out and find something else to publish Exchange with? I have occasionally tried to answer this question with an analogy. Let’s try it. My car (let’s call it Threat Management Gateway...
  • Blog Post: Your tasks and the FOPE TechNet Library

    In order to make it easier for you to find information and move about the Forefront Online Protection for Exchange (FOPE) TechNet Library documentation , we would like to make you aware of some re-structuring within the TechNet Library. Of course we will continue to update and enhance the technical product...
  • Blog Post: A tool to migrate anti-spam settings from Exchange 2003 to Exchange 2007

    All those Exchange administrators who wondered how they will migrate their huge list of allow/deny addresses, block list providers and blocked senders and domains – now you have a reason to smile. Exchange team has just released a tool that allows you to migrate anti-spam settings from Exchange...