Find articles about configuring and administering Exchange Online for Microsoft 365.
Latest Articles
Utility accounts exist in every Microsoft 365 tenant. These accounts are not intended for normal user activity and include accounts used for Exchange room and shared mailboxes and the break-glass or emergency accounts intended to allow administrators to sign-in if their usual accounts are blocked. This article shows how to use PowerShell and the Microsoft Graph to check sign-in events to ensure that the accounts aren't being accessed.
A request came in about how to find unused proxy addresses for Exchange Online mail-enabled objects. There's no out-of-the-box report available for proxy address usage, but we can solve the problem by using a PowerShell script to download historical message trace data to check every proxy address for all mailboxes against. The question then is what to do with the unused proxy addresses?
Despite the best efforts of anti-spam solutions, some unwanted messages usually get through to user inboxes. This article explains how to analyze messages that end up in Junk Email and use the results to create a transport rule to block future traffic from the spammy domains.
Everyone probably knows how to use the Send As and Send on Behalf of permissions to send email from user mailboxes. Here we venture into the same task, but for Microsoft 365 Groups, shared mailboxes, distribution lists, and mail-enabled security groups. Once your permissions are aligned, everything is pretty simple.
A reader wants to remove all calendar items over a certain age. Compliance purge actions seem like a good way to do this, but there's a problem that needs to be fixed. eDiscovery purges can do the job, but only if you have eDiscovery Premium. And then there's Graph APIs to consider. All in all, many ways exist to purge calendar items.
Calendar events make up user and group calendars. It's possible to create, update, cancel, and remove calendar appointments and meetings, including recurring events, through the Graph API. This article explains how to pass all the properties needed to create and manage events using PowerShell and the Graph APIs.
A surprise announcement brings the news that the Exchange Online High Volume Email (HVE) solution will only deliver messages to internal recipients from June 2025. Azure ECS is now the sole offering for sending large volumes of email to external recipients. On the upside, HVE will support basic authentication until September 2028 to give tenants the chance to upgrade devices and apps.
In this article, Mezba Uddin reviews using Audit Logs and the Graph API to perform six specific investigation actions in Exchange Online to help keep your email environment safe.
Previously, the Graph APIs limited Outlook attachments to a maximum of 3 MB. That limit doesn't exist anymore, but the old method of uploading very large attachments in chunks to make sure that the operation is possible across flaky networks is still useful, so we explain how to do it here using the Microsoft Graph PowerShell SDK.
In an announcement that will surprise many, Microsoft announced the introduction of a tenant-wide external recipient rate limit for Exchange Online tenants to roll out starting on March 3, 2025. The new limit is designed to stop bad actors using Exchange Online as a spam platform. Microsoft says that its telemetry indicates that the new TERRL will not impact many tenants, but that fact is worth checking for any organization.
In this episode of Practical Protection, Paul Robichaux dives into CISA's Microsoft Expanded Cloud Logs Implementation Playbook, its prerequisites, and applying this advice into your organization.
Microsoft announced the Retirement of EWS in Exchange Online a while ago. That means any scripts or applications you have written should be reviewed and rewritten to use Microsoft Graph. In this blog, we review an example of moving from EWS to the Graph while handling date values.
