Use headers to determine which Exchange Online tenant a message was attributed to

Consider the following mail flow. On-premises environment –> Your Exchange Online tenant –> External Recipient With the above mail flow, you may find yourself in a situation where you need to validate that the outbound message was properly attributed to your Exchange Online tenant. I recently worked with an organization that controlled two Exchange Online…

0

Did I get zapped by ZAP?

ZAP, also known as Zero-hour Auto Purge, is a protection feature in Exchange Online that can move spam, phish, or malware messages from users’ inbox to their junk folder. This feature works in the background and can often be forgotten about. If a message is delivered to a mailbox, and then at a later time…

0

Figure out which spam filter marked a message as spam

It has been quiet around these parts as of late. Much too quiet. To put that to an end, I have a handy tip today that could help in your spam troubleshooting adventures. For various reasons, organizations sometimes need to create multiple spam filters in Exchange Online. When troubleshooting a false positive (an inbound message…

1

Cleaning up a full recoverable items folder

I recently worked with an organization where one of their users had a full Recoverable Items folder. This user had a hold on their mailbox, but also had the Exchange Online Unlimited Archive, so why had the Recoverable Items folder filled up and why were these items not being moved to the online archive? Let’s…

4

Combating Display Name Spoofing

My lack of updates around these parts can be attributed to the craziness of work over the last few months. This afternoon I have some time and am typing this out as quickly as I can before someone notices and gives me something else to work on. Let’s begin. I’ve recently seen a very big…

6

Expert Office 365 – Notes from the Field… The Book

Microsoft Canada recently published a book on Office 365 titled Expert Office 365 – Notes from the Field. Each chapter in the book is about a technology in Office 365, and is written by an expert that works with that technology every day. The authors, myself included, all work for Microsoft Canada, and are Premier…

0

Troubleshooting Transport Rules that are set to “Do not audit”

When creating a transport rule, please…. PLEASE, do not disable auditing. Your rule auditing setting should not look like this. Unless of course, you have a security mandate about not auditing transport rules, then please continue on and disable auditing on transport rules. But for those that do not have a security mandate, please do…

4

Don’t forget about the security and compliance center

For those of you that are Exchange Online Protection veterans, it may be second nature to always head to the Exchange Online portal whenever you need to make any changes to that service. You may not even think of making those changes in the Security and Compliance Center. I’d like to throw out this quick…

1

EOP resources for malware prevention

In light of the recent malware news, a couple of my colleagues put together a list of Exchange Online resources. This list is by no means definitive or complete, it is just a place to start when thinking about configuration options in Exchange Online Protection. EOP Best practices: includes how to create rules for extension blocking…

2

Find AD Objects with an Incorrect TargetAddress

When you have a hybrid environment setup with Exchange Online, you’ll notice a new Accepted Domain in the Exchange Online portal. <domain>.mail.onmicrosoft.com This domain is used by Exchange on-premises to route mail to a mailbox that has been migrated from Exchange on-premises to Exchange Online. After a mailbox is migrated from Exchange on-premises to Exchange…

2