Review an upcoming authentication change for Outlook add-ins
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
3d ago
We wanted to make everyone aware of the blog post that went live on the Microsoft Dev blog, talking about new Nested App Authentication for Office Add-ins requirement that is going to be mandatory for Outlook add-ins by October 2024. While this post is quite dev-focused, we wanted to make sure people in the Outlook community working or creating Outlook add-ins see it. Please go here to read more: New Nested App Authentication for Office Add-ins: Legacy Exchange tokens off by default in October 2024. The Exchange Team ..read more
Visit website
Public Preview: High Volume Email for Microsoft 365
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1w ago
Today we’re thrilled to announce the public preview of High Volume Email (HVE) for Microsoft 365. HVE is a new service designed primarily for line of business applications and other high-volume SMTP Auth submissions that enables you to send internal messages beyond the current limits of Exchange Online. Customers using on-premises servers in an Exchange hybrid configuration to send a large volume of internal messages can use this service instead and decommission their on-premises servers. We’re rolling out HVE to all WW customers starting April 1 and we expect rollout to be complete by the end ..read more
Visit website
Securing resources by tailoring Exchange Online RBAC (Part 2)
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2w ago
Thank you for joining me on this journey – hope you have enjoyed reading part 1 of this blog series. You are half-way done if you have reached Part 2 of this series. I’ll continue by calling out the categorization we had done in our last post when defining the problem statement when it comes to RBAC and permissions: Minimize the chance of granting more permissions than necessary (part 1 post). Ensure the team only accesses the resources to which they are authorized (this post). Let’s continue! Ensure that the team only accesses the resources to which they are authorized My bank customer (con ..read more
Visit website
Securing resources by tailoring Exchange Online RBAC (Part 1)
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2w ago
EHLO, folks! Here’s a story from my work with customers, that’s coming out as a blog post series. One of my banking customers raised a request regarding RBAC (Role Based Access Control) permissions for their Service Desk Team. Upon analysis, it came to our attention they had lots of unwanted RBAC permissions granted to their Service Desk team. The problem: giving too many RBAC permissions to users can result in accidental modifications of accounts. The way to deal with this is to customize the Role Groups and Management Roles. I’ll begin with an overview of how RBAC works. It is a method of re ..read more
Visit website
‘Last Exchange Server’ Scenario Feedback
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
3w ago
In April 2022, we released an update to Exchange Server 2019 Management Tools that enables organizations that use Azure AD Connect and sync their Active Directory to manage Exchange recipients without the need for a running Exchange Server on-premises.  If you have one or more Exchange servers that are used only for recipient management (often referred to as Last Exchange Server - LES), you can install the updated tools on a domain-joined machine and shut down your last Exchange Server. For more information, see Manage recipients in Exchange Server 2019 Hybrid environments.  We want ..read more
Visit website
Released: March 2024 Exchange Server Security Updates
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU13 and CU14 Exchange Server 2016 CU23 The March 2024 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to protect your environment. These vulnerabilities aff ..read more
Visit website
How to troubleshoot mail flow rules used to inspect attachments
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
When troubleshooting mail flow rules related to attachments, it’s crucial to ensure the rules are set up correctly. At times, rules may not work as expected either due to misconfiguration or because behavior related to certain attachments isn't immediately obvious. This blog will delve into some common issues encountered with attachment-related mail flow rules, provide a systematic approach to diagnosing issues, and offer practical solutions to rectify them.  To address an issue with a message that wasn’t evaluated correctly, first begin by saving the message as a file.  We’ll use th ..read more
Visit website
Introducing PS.MTA-STS: a PowerShell module to enhance mail flow security with MTA-STS
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
TL;DR  MTA-STS is a standard that allows domain owners to specify how mail servers should handle the encryption and authentication of their SMTP connections.  MTA-STS can help prevent email spoofing, interception, and tampering by enforcing TLS encryption and certificate validation for your domains.  PS.MTA-STS is a new, open-source PowerShell module that simplifies the deployment and testing of MTA-STS for your Exchange Online domains.  PS.MTA-STS can export a list of your domains that support MTA-STS, configure an Azure function app to host the required MTA-STS policy fo ..read more
Visit website
Retirement of RBAC Application Impersonation in Exchange Online
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
Today we are announcing that we will begin blocking the assignment of the ApplicationImpersonation role in Exchange Online to accounts starting in May 2024, and that in February 2025, we will completely remove this role and its feature set from Exchange Online. Modernizing Application Access Historically, when you needed to grant an application access to more than its own mailbox in your Exchange organization using Exchange Web Services (EWS), you had limited options. Simple delegation worked for one-to-one and even some one-to-few scenarios, but when you needed to grant access to many mailbox ..read more
Visit website
Final Reminder: Outlook REST API v2.0 and beta endpoints decommissioning
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2M ago
As we work to ensure better security, reliability, and performance for our customers, and as we announced in our previous blog post in September 2023, we are decommissioning the Outlook REST v2.0 and beta endpoints starting March 31, 2024. After this date, we will start progressively shutting off the endpoints until they become completely unavailable.  This means that any application that is still using these endpoints will stop working at some point after March 31, 2024 (except for Outlook Add-Ins as also communicated before). We strongly recommend that you migrate your applications ..read more
Visit website

Follow Microsoft Exchange | Exchange Team Blog on FeedSpot

Continue with Google
Continue with Apple
OR