Mail flow appears operational, according to your Exchange server. There are no failed services, NDRs, or help desk tickets. However, someone in sales has been waiting twenty minutes for a reply that was sent out long ago. Even more critically, in trading or finance settings where emails are crucial for time-sensitive operations, messages are accumulating in queues that no one is monitoring.
Exchange Hybrid environments have come of age. What was once considered a transitional, temporary solution on the path to Microsoft 365 just a few years ago has become a permanent configuration for many organizations. It offers flexibility, control, and a fair share of complexity. This very complexity often leads to a common issue: visibility gaps. In simple terms, it means you are unaware of what you don’t see.
What a year we have had! Who would have thought at the beginning of 2025 that Exchange administrators would be sweating so much? Even though much of it could have been avoided.
Centralized Mail Flow (also known as Centralized Mail Transport, CMT) is an option in Exchange hybrid environments whereby all outgoing Internet messages from mailboxes in Exchange Online are first routed through the local Exchange organization before being delivered to the Internet. Similarly, depending on the MX strategy, incoming Internet messages can first pass through the local environment before being delivered to cloud mailboxes. The goal is usually to continue applying central compliance, DLP, encryption, journaling, or gateway functions in the local infrastructure. As a rule, CMT is configured as part of the hybrid configuration using the Hybrid Configuration Wizard (HCW).
Microsoft is changing how hybrid authentication works between on-premises Exchange servers and Exchange Online. The long-standing Shared Service Principal (“Office 365 Exchange Online”, App ID 00000002-0000-0ff1-ce00-000000000000) will no longer be supported. Each tenant must deploy a dedicated Entra enterprise application by October 31, 2025.
Microsoft is ending support for Exchange Server 2016 and 2019 on October 14, 2025, making it essential for IT teams to upgrade to Exchange Server Subscription Edition (SE) to maintain security and compliance.
If you're still evaluating whether maintaining any on-premises Exchange footprint is the right long-term move, revisit the foundation in Do You Still Need an On-Prem Email Solution? It sets the strategic context for whether an upgrade is even the right investment.
Next year, Exchange Server will turn 30, a remarkable milestone for a platform that was often prematurely declared obsolete. The fact is: email remains an indispensable means of communication. According to CloudHQ's Email Statistics report, the number of global email accounts is expected to rise from approximately 4.8 billion today to over 5.6 billion in the next few years. Today, over 392 billion emails are sent daily, and by 2030, this number is expected to grow to over 500 billion. So, the question is not whether email will remain relevant.
Microsoft announced the next – or last? version– of Microsoft Exchange Server. Customers and partners greeted the announcement with little cheer, as reflected in the comments section of the announcement blog. After two years of silence, the shared news was received as anticlimactic, with a fair amount of fine print attached.
The March 2024 security update for Exchange 2019 was released to address several critical vulnerabilities that pose significant risks to system integrity and security. As Exchange 2019 remains a crucial component in many organizations' IT infrastructure, the timely application of security patches is essential. This update aims to mitigate potential threats that could be exploited by malicious adversaries, thereby safeguarding sensitive data, and ensuring the smooth operation of email services.
Securing Exchange as part of a larger security framework