Why TestConnectivity.Microsoft.com shows EOP as an open relay

The following article was written by Irol Melisa Pinto who is a Technical Advisor for Exchange Online Protection in Microsoft. Hello EOP Admin’s out there! I am writing this article in the simplest form for a basic level of understanding. We recently worked with a couple of Tenant Admins concerned about the results seen in…


Common Attachment Blocking (CAB) is coming to EOP

UPDATE: Common Attachment Blocking has been released in EOP as the Common Attachment Types Filter. See my new article, Common Attachment Types Filter, for more information on this feature.   The following article was written by Rob McCarthy who is a Business Program Manager for Readiness in Microsoft. We are happy to announce that Common…


Find the sending client IP for messages sent from an Exchange Online mailbox

I recently worked with an organization that had a single Exchange Online mailbox become compromised. The mailbox credentials were stolen, and the attacker used them to send mail directly from the mailbox. This organization was going through a security analysis of the compromise and wanted to obtain the IP(s) that connected to this mailbox to…


New Data Loss Prevention documentation

I don't typically write about TechNet updates, but in this article I'm making an exception. Data Loss Prevention (DLP) is a technology that can detect and prevent sensitive information types from being sent outside of an organization. For example, an organization that stores customer credit card numbers would not want those numbers sent through email…


Learn Exchange Online PowerShell with Command Logging

When you are navigating or making changes in the Exchange Online portal, PowerShell is being executed in the background. Using the Command Logger, you can see exactly what that these background PowerShell command looks like! This tool is a great way to learn PowerShell and can give you a head start in your own scripting….


EOP Mysteries Solved – Mail queuing in EOP which is destined on-premises

This is a new series of articles for this blog that were inspired by Mark Russinovich’s Case of the Unexplained series. Each article will tell the story of an Exchange Online scenario that initially made no sense. I’ll then progress through the troubleshooting steps and eventually end up with the root cause. I have a…


Support Hot Topics – Reducing the threat of zero-day malware

Welcome to the second episode in our Support Hot Topics for Exchange Online Protection series. I’m joined in this episode by my co-worker, Jason, and we discuss Exchange Online Protection strategies that can help reduce the threat of zero-day malware. I have seen an increase in zero-day malware attacks that use social engineering to get…


An Introduction to the new Spam Filter Allow and Block Lists

Rather than start this article with an appetizer, I’m going to switch things up and dive right into the meat and potatoes. Very soon, if not already, you will see two new entries in your Spam Filter in Exchange Online Protection, Allow Lists & Block Lists. As suggested by the name, this is a new…


Scheduling Mail Reports in Office 365

Obtaining reports in the past was a manual task which had to be performed every time you wanted to pull data. Many of you (most of you?) have asked us to allow for automated reporting in Office 365. Did you catch how I used the words, “in the past,” in the first sentence? Well, I’m…


Tips to prevent Zero-Day Malware with EOP

I have recently seen a lot of zero-day malware attacks and interestingly, these attacks aren’t even trying to be covert. In these cases, the malware is attached to an email in the form of an executable file and the recipient is asked to run the attachment. Being in the technology works, people like you and…