Cleaning up a full recoverable items folder

I recently worked with an organization where one of their users had a full Recoverable Items folder. This user had a hold on their mailbox, but also had the Exchange Online Unlimited Archive, so why had the Recoverable Items folder filled up and why were these items not being moved to the online archive? Let’s…

0

Combating Display Name Spoofing

My lack of updates around these parts can be attributed to the craziness of work over the last few months. This afternoon I have some time and am typing this out as quickly as I can before someone notices and gives me something else to work on. Let’s begin. I’ve recently seen a very big…

0

Expert Office 365 – Notes from the Field… The Book

Microsoft Canada recently published a book on Office 365 titled Expert Office 365 – Notes from the Field. Each chapter in the book is about a technology in Office 365, and is written by an expert that works with that technology every day. The authors, myself included, all work for Microsoft Canada, and are Premier…

0

Troubleshooting Transport Rules that are set to “Do not audit”

When creating a transport rule, please…. PLEASE, do not disable auditing. Your rule auditing setting should not look like this. Unless of course, you have a security mandate about not auditing transport rules, then please continue on and disable auditing on transport rules. But for those that do not have a security mandate, please do…

4

Don’t forget about the security and compliance center

For those of you that are Exchange Online Protection veterans, it may be second nature to always head to the Exchange Online portal whenever you need to make any changes to that service. You may not even think of making those changes in the Security and Compliance Center. I’d like to throw out this quick…

1

EOP resources for malware prevention

In light of the recent malware news, a couple of my colleagues put together a list of Exchange Online resources. This list is by no means definitive or complete, it is just a place to start when thinking about configuration options in Exchange Online Protection. EOP Best practices: includes how to create rules for extension blocking…

2

Find AD Objects with an Incorrect TargetAddress

When you have a hybrid environment setup with Exchange Online, you’ll notice a new Accepted Domain in the Exchange Online portal. <domain>.mail.onmicrosoft.com This domain is used by Exchange on-premises to route mail to a mailbox that has been migrated from Exchange on-premises to Exchange Online. After a mailbox is migrated from Exchange on-premises to Exchange…

2

Keep headers intact when forwarding a message

In my line of work, I am constantly requesting message samples from organizations so that I can analyze the headers. Whether an end user has received a message that they believe should have been marked as spam, or they receive a message that was marked as spam that should not have been, step one of…

3

Custom RBAC role to allow access to only the Action Center

If a user account has been compromised and used to send massive amounts of spam, Exchange Online will block the account from sending (if enabled, a notification email can be sent to administrators to alert them when this happens). Once the account password has been reset, the block can be lifted by an administrator from…

2

When a certificated based connector is not working

I recently worked with an organization that had an Exchange Online inbound connector which accepted mail from their on-premises Exchange environment. This connector was scoped by IP, and the organization wanted to change it to be scoped by certificate instead due to an upcoming change in Exchange Online. For more details on this change see…

1