Email Server Gets Boost to Go Past 2025
Today. Microsoft splashed out with a set of Exchange Server announcements to lay out the future for Exchange Server, address concerns about the longevity of the on-premises email server, and to emphasize their continued investment in the technology. The big announcement is a revision of their original plan announced at Ignite 2020 to ship a new version of Exchange Server in 2021 based on a subscription model. Instead, the next version of Exchange Server will appear in 2025, just in time to take over from aging and out-of-support versions.
Microsoft also announced that they’re bringing back the Microsoft Exchange Conference (MEC), albeit in a denuded virtual format. The event takes place on September 13-14, 2022. Finally, Microsoft is looking for customers and partners to join the Technology Adoption Program (TAP) for Exchange Server. Essentially, TAP gives access to pre-release builds of Exchange Server.
Exchange V.Next (Exchange Server 2025?)
Justifying their abandoned plans for a subscription-based version of Exchange Server, Microsoft pointed to the Hafnium attack in March 2021. It’s fair to say that Microsoft diverted many engineering resources to improve the security and resilience of on-premises Exchange since the explosion of attacks against poorly maintained and insecure on-premises servers, leading to new functionality like the Emergency Mitigation Service. It’s also reasonable that Microsoft went back to the drawing board to build a new plan for on-premises Exchange.
But it is surprising to read an assertion that “state sponsored threat actors were targeting on-premises Exchange servers.” IT professionals understood the dangers of allowing Exchange servers to connect to the internet without belt-and-braces security before the Hafnium attack happened.
In any case, it’s good news to have solid news about a new version, even if Microsoft didn’t give any details about Exchange V.next. Instead, they said that they’ll reveal pricing and licensing information and give insight into the functionality included in the new release in the first half of 2024.
Exchange 2007 was the first 64-bit version. Since then, Exchange upgrades have involved the purchase of new hardware and moving mailboxes from old servers to new servers. There’s a lot to like about the approach because it means that the new version of Exchange runs on new hardware. However, it’s an expensive method. Microsoft says that they will introduce an in-place upgrade from Exchange 2019 to Exchange V.next. This facility won’t be available for earlier versions, which is another good reason to move to Exchange 2019.
Exchange 2019 has hefty hardware requirements, especially in terms of server RAM, so it’s nice to see that customers will be able to upgrade these servers to run V.next. Cynics might say that Microsoft is able to do this because Exchange V.next will be just like a big cumulative update for Exchange 2019. There’s probably some truth in that assertion. I don’t anticipate (but could be surprised) that Microsoft will include any game-changing functionality in Exchange V.next like the introduction of the Database Availability Group in Exchange 2010.
Instead, it’s likely that Microsoft will continue along the path established by Exchange 2019 to improve the architecture and include new features over time, like security updates, compliance features to align with some of the functionality available in Office 365, and the work they are doing to introduce support for modern authentication to enable on-premises Exchange to move away from basic authentication.
Microsoft’s decision to go ahead with modern authentication for pure on-premises deployments of Exchange Server reverses their previous stance that they would not pursue this option, and it’s very welcome. As a reminder, the big basic authentication turn-off starts in Exchange Online on October 1, 2022.
In their post, Microsoft calls out the change made in Exchange 2019 CU12 to allow customers to turn off (but not remove from the organization) the last Exchange server in a hybrid organization. Perhaps they’ll include a GUI to support recipient management for hybrid organizations in V.next (if not, there’s always Steve Goodman’s tool).
The Experts Conference 2023 European Roadshow
Join Tony Redmond and other Microsoft MVPs April 17-21 for practical security insights into hybrid AD and Microsoft 365.
The Support Question
Exchange 2019 is the only version of Exchange Server in mainstream support. Exchange 2016 is in extended support and will exit support on October 14, 2025. Exchange 2019 exits extended support on the same day, so this is clearly an important date for Exchange Server customers.
Microsoft isn’t changing the support dates for Exchange 2016 or Exchange 2019. Their advice is to migrate to Exchange 2019, but that doesn’t gain any extra support timeline. To go further, customers must move to Exchange Server V.next, which uses Microsoft’s Modern Lifecycle Policy instead of the more traditional support cycle. The most important points about the modern lifecycle policy are:
- Microsoft provides support on a continuous basis. In other words, regular updates with no end of support dates.
- Customers must apply the updates and stay current. AS Microsoft notes “Changes for these products and services may be more frequent and require customers to be alert for forthcoming modifications to their product or service.”
To help prompt customers about server updates, Microsoft plans to introduce a new server dashboard for hybrid environments later in 2022 (Figure 1). The data displayed in the new dashboard comes from logs and public records. Exchange 2019 is lined up to get a similar dashboard in early 2023.
Software Assurance Needed
Another important point is that Exchange V.next will be available only to customers with Software Assurance. Microsoft says that the new version will require Server and CAL licenses, just like current versions of Exchange Server.
Given that recent attacks managed to discover many unsupported and insecure servers, I’m not sure that the folks responsible for those servers will be motivated to purchase Software Assurance and migrate first to Exchange 2019 and then to V.next. And that’s OK because Microsoft wants to move the organizations with those servers to Exchange Online.
MEC is Back (Virtually)
The last in-person Microsoft Exchange Conference took place in Austin, Texas in March 2014. The advent of the Ignite conference, first run in May 2015, nixed plans for future MEC events. Microsoft plans to bring MEC back as a virtual event on September 13-14.
I hate the idea of a virtual MEC. Virtual events were an important part of keeping the technical community going during the pandemic, but I don’t care if I never attend another virtual event. They bore the pants off me. Virtual events lack personal interaction, passion, and excitement. They are a purely functional experience devoid of any community-building capability.
But virtual events have their place and it’s good that Microsoft recognizes that they need to foster and encourage the Exchange community. It would just be better in person, which is why I’m looking forward to TEC 2023 in Atlanta the week after MEC.
Any technical changes that will make it worthwhile to use Exchange Server?
Today I work migrating customers in bulk to Exchange Online. for your business all worth it.
Apart from being able to run on-premises, I don’t know of any technical advantage that Exchange Server has over Exchange Online. The on-premises product is largely in maintenance mode at this point, IMHO.
Honestly, they should just retire both the on-prem and cloud versions of the product. It is as awful as it always has been, and it needs to be put out of its misery. Or perhaps out of our misery. Just about any groupware system other than Exchange is an improvement.
Exchange Online does a better job than any other email service at massive scale. You’re not going to tell me that Gmail is better?
Exchange onprem is a dead duck. Exchange Online is where its at.
If on-prem Exchange is dead..we need alternative…quickly. Online is not an option.
Another great article Tony, I’ll be looking forward to the next release of Exchange. 🙂
The Hafnium attack wasn’t necessarily caused by poorly maintained or insecure Exchange servers, this was a 0-day attack caused by a vulnerability from Microsoft.
That’s certainly one perspective. Another would point to the lack of care involved in placing unpatched servers running old software on the internet. It’s not everyday that the FBI has to step in to patch servers, which is what happened in this case.
Great write up, love your work Tony.
Oh my bad. we have several customers running with SPLA Exchange.
Most of them don’t want to migrate to Exchange Online.
These customers will have to make a decision when they see the new licensing rules in 2024. Move to Exchange V.next or move to the cloud. That’s what the choice will be.
Adding on to my previous comment, an “SMTP Only” role, ala Edge Role, would serve a large variety of corporate roles needed for application servers that “insist” on unauthenticated SMTP relay that still need to go through O365/M365. Even in a cloud only environment you may need AWS or Azure compute resources that can do an unauthenticated SMTP relay instead of a Graph API mailbox send. Trying this through a dedicated EOL Inbound Connector is just a recipe for heartache.
Microsoft needs to reverse it’s memory requirements for “on-premise” exchange servers, 2019 “requires” 128 MB of RAM, a completely insane requirement for non-prod installations let alone minimalist prod installations needed for hybrid connectivity. Maybe they should resurrect the old server based roles to allow for a minimalist server VM to run a bare bones Exchange server installation.
The 128 GB RAM is not a requirement but a recommendation.
“Mailbox: 128 GB minimum recommended
Edge Transport: 64 GB minimum recommended.”
Recommendations have a habit of becoming firm requirements. In the case of Exchange 2019, the metacache needs memory to assure performance, so I would be loathe to run a mailbox server with less than 128 GB. Unless it’s for 3-4 people, of course.
We have one Exchange Server 2016 running in hybrid mode with one mailbox used for archiving emails from O365. If that is upgraded to Exchange Server 2019, does it still need 128GB of RAM? For one mailbox??
According to Microsoft recommendations, yes. But maybe not in the real world when you manage the server and know exactly what the workload on that server is.