In this article, we will discuss the Analysis phase of an Exchange Online domain move project. Please refer to our previous post for a brief overview of the five best practices for Microsoft 365 Exchange Online Domain Transfers.
One way to protect administrator mailboxes is not to use them. And if you want administrators to use separate mailboxes for their permissioned and non-permissioned activities, that's what you might do. However, we can be smarter and use transport rules to selectively block email sent to administrator mailboxes to dissuade internal people from sending email and blocking all but the most essential email coming in from external domains.
Exchange Online now supports SMTP Strict Transport Security (MTA-STS), a mechanism to help defend SMTP communications between mail servers. Microsoft 365 tenants can decide if they want to enable MTA-STS for their domain by publishing a DNS record and an MTA-STS policy. You don't have to use MTA-STS, but it's a good idea to consider the option.
Exchange Online has mailbox retention policies. Microsoft 365 has retention policies and retention labels. In this article, we explore how to move away from Exchange Online retention to use Microsoft 365 retention. The transition makes it possible to use the advanced retention capabilities Microsoft is developing that will never show up in Exchange Online, so it's a good long-term goal to have even if it's not on your immediate work list.
In a December 24 announcement, Microsoft says that the roll-out of DNSSEC and DANE support in Exchange Online will start in mid-January 2022. Because this is a big change for the Exchange Online infrastructure, Microsoft is using a phased deployment which won't complete until mid-May. Support for DNSSEC and DANE has been coming for a long time, but it's good that the extra security which these standards bring will be available to Exchange Online tenants.
Microsoft Sentinel is Microsoft's log aggregator. Along with other data, Sentinel can ingest events from the Office 365 audit log. Once ingested, we can visualize the data through workbooks. If you have an Azure subscription, it's surprisingly easy to take advantage of the 31-day trial to see if Sentinel can do a job for your organization. Follow our steps and you'll be visualizing quickly.
On November 1, Microsoft will limit auto-expanding archives to 1.5 TB and bring the era of "bottomless archiving" to an end. The new limit might not affect many Exchange Online tenants, but it's a wake-up call for administrators to check how archiving is used in their tenants. To help the process, we've written a PowerShell script to report the current set of user and shared mailboxes with archives.
From November 1, 2021, Microsoft requires Outlook 2013 Service Pack 1 (with fixes) as the minimum client version to connect to Exchange Online. Given all the publicity about attacks against the on-premises version of Exchange earlier this year, it's a wonder why organizations continue to allow people to use outdated client software to connect to Exchange Online. In any case, the drop-dead date is November 1. If you have any old Outlook 2007, Outlook 2010, or Outlook 2013 (before SP1) clients, it's time to start upgrading.
Azure B2B guest accounts are often created during a Merger & Acquisition, so teams from both organizations can easily collaborate during the business and technology integration. However, these external users with B2B Guest accounts in their directory will eventually need to be migrated, which is problematic since B2B Guest accounts aren’t recognized as being licensed. The guest account can be removed and a new one created, but previous permissions would be lost. So how do we preserve permissions, keep collaborating without managing two sets of credentials while preparing the user account for data migrations? This article walks you through a solution that can be used in certain situations to help you easily manage the account to meet your needs.
Microsoft Certified Master (MCM) and Microsoft Certified Solutions Master (MCSM) Ingo Gegenwarth provides a glimpse into his speaking session at TEC and how to manage ExO at scale with PowerShell.
Microsoft has announced their intention to enable plus addressing across Exchange Online in January 2022. Plus addressing is a good capability, but it might cause some problems for tenants with mail-enabled recipients that have plus addresses in their set of proxy email addresses. Fortunately, we've written some PowerShell code to report those pesky addresses and to remove them if you want to do a big clean up before Microsoft makes the big switch in five months' time.
In the show this week, Ingo Gegenwarth joins Steve and Paul to talk about how to manage Exchange Online at scale in advance of his TEC talk; and we look at the pricing for Windows 365, test drive Teams 2.0 and check in on Skype in retirement - has it really retired?
