Anecdotal evidence is that some spam originates from onmicrosoft.com domains. These are the domains used by Microsoft 365 tenants and the spam indicates that attackers sign up for 'disposable' tenants to send their malware. This article describes what onmicrosoft.com domains are and how to use a mail flow rule to control their traffic.
In a February 12, 2024 tweet, Microsoft revealed that the percentage of Entra ID multifactor authentication by user accounts has reached 38%. In this article, we show how to use sign-in records to figure out if people use MFA and calculate the percentage of user accounts protected by MFA in a tenant.
This article describes how to include user license costs in a Microsoft 365 tenant licensing report created with the Microsoft Graph PowerShell SDK. The report includes annual costs for all licenses assigned to each user plus an overall licensing summary for the tenant. It even reports how effective the tenant is at assigning licenses!
Microsoft doesn't provide a PowerShell cmdlet to return an accurate MFA status for Entra ID user accounts, but by combining data from multiple sources we can write a script to generate a report showing details of user password settings and MFA status.
The tenant block list controls traffic that Exchange Online blocks from different domains. The block list is an important tool but maintaining it can take a lot of time. This article discusses how to automate the process using a combination of SharePoint Online, Exchange Online, and the Microsoft Graph PowerShell SDK.
In a January 15 announcement, Microsoft says that they have removed the previous restrictions that applied to purchases of Copilot for Microsoft 365 licenses. Office 365 E3 and E5 tenants can now buy and deploy Copilot and the requirement to buy a minimum of 300 licenses is gone. Suddenly, 2024 has become much more interesting from an AI perspective for many Office 365 tenants.
People have used Outlook's Junk Email Options for years to maintain sets of safe and blocked recipients. The possibility exists that Outlook's safe list might interfere with the processing of email by Exchange Online Protection. This article explores the feasibility of disabling Junk Email Options to use tenant-level blocks instead.
Exchange Online recipient filters calculate the membership of dynamic distribution groups. The filters support email addresses, but they don't work. Another method is needed to create dynamic distribution lists based on user mailbox email addresses, as we describe in this article and script.
Cmdlets from the Microsoft Graph PowerShell SDK are available to manage conditional access policies. The challenge in using PowerShell rather than the Entra ID admin center GUI is how policy settings are structured. But practice (and some experimentation) makes perfect, as we discuss in this article.