Keep headers intact when forwarding a message

In my line of work, I am constantly requesting message samples from organizations so that I can analyze the headers. Whether an end user has received a message that they believe should have been marked as spam, or they receive a message that was marked as spam that should not have been, step one of…

1

Custom RBAC role to allow access to only the Action Center

If a user account has been compromised and used to send massive amounts of spam, Exchange Online will block the account from sending (if enabled, a notification email can be sent to administrators to alert them when this happens). Once the account password has been reset, the block can be lifted by an administrator from…

1

When a certificated based connector is not working

I recently worked with an organization that had an Exchange Online inbound connector which accepted mail from their on-premises Exchange environment. This connector was scoped by IP, and the organization wanted to change it to be scoped by certificate instead due to an upcoming change in Exchange Online. For more details on this change see…

1

Upcoming Exchange Online connector changes pushed back

Today we announced that the connector changes that were planned for Exchange Online have now been pushed back from February 1st 2017 to July 5th 2017. These changes impact Exchange Online inbound connectors and require organizations with certain configurations to make changes and updates. The original blog post and KB article have both been updated…

1

Convincing phishing message and how ATP helped the remediation

Phishing messages are continuing to evolve and look ever more convincing. It’s scary to see just how legitimate some of these messages can look. Last week I was working with an organization that received a phishing message that looked incredibly legitimate. What stood out for me the most, was that this message included fake Safety…

1

Microsoft Canada is celebrating Azure today

Update: The Julia White tweetchat has been postponed to January 19. This article has been updated to reflect this change.   Today Microsoft Canada is celebrating Azure with various activities throughout the day. Fear not, you do not need to be Canadian to take part in today’s festivities. You do not need to wear flannel and…

0

Top ten posts of 2016

It’s a new year, and that means it’s time to look back at the top posts on this blog for last year. 2016 was a slower year for EOP Field Notes as I was on a leave from work for the first 5 months of the year. I returned in May when I continued my…

0

Happy Holidays!

With my move to special projects this year, I wasn’t able to post as many articles as I would have liked to. With that being said, I’m starting to do more case work again and will be trying to publish more articles in 2017. If you have any ideas for content or have specific questions,…

0

Release from quarantine and safe list the sender in one click

I recently found a new option you can select when releasing a message from the quarantine. While this option isn’t brand new, I’m not sure when it was added, and so wanted to share for visibility. The TechNet article that references this option is dated from June of this year, so I’m guessing it was…

5

Disclaimers and calendar invites

Rather than tease you with a witty, or even humorous opening paragraph, I’m going to instead jump right to the dessert. Because really, who doesn’t love dessert? As I recently discovered with an organization, adding disclaimers to calendar invite emails can cause problems and confusion for end users. When an individual shares their calendar, we…

2