Exchange Center

Back in September 2019, Microsoft announced it would start to turn off Basic Authentication for non-SMTP protocols in Exchange Online on tenants where the authentication protocol was detected as inactive. This is part of an overall movement to deprecate the less secure Basic Authentication, which is unfit to face the security challenges of the modern world, being subject to things like password spray attacks. It's modern successor, modern authentication or OAuth2, uses a token and claim based mechanism contrary to sending accounts and passwords, and is the preferred authentication method. When combined with Azure AD for authentication, Modern Authentication also supports features such as Multi-Factor Authentication or Conditional Access.

Formerly known as “Cloud App Security”, Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that is part of the Microsoft 365 Defender suite of products. Defender for Cloud Apps (DCA) is built to help IT departments control the data that their organizations have hosted in multiple cloud services including but not limited to Office 365.

Microsoft Defender for Office 365 (MDO) is Microsoft’s response and feature set when it comes to e-mail security. Maybe some of you remember the previous name Advanced Threat Protection (ATP).

Happy New Year! With the recent change to the new year, a nasty bug similar to the Y2K bug (Y2K22?) appeared in Exchange 2016 and Exchange 2019. On 01/01/2022 at 0:00 hour UTC a date conversion failed inside the product, causing the anti-malware agent to fail. As a result, the Exchange transport service was no longer able to process email and mail started to queue on the Exchange server. This also happens on Exchange 2013, but email is not queued and therefore the issue is not directly visible.

Anyone who has participated in migrations or transitions to Exchange is probably familiar or had to work around potential issues caused by the nickname cache. A “cache,” also known by its file extension, NK2 in older Outlook clients, is a convenience feature in Outlook and Outlook on the web (OWA). It lets users pick recipients from a list of frequently-used recipients. This list is displayed when the end user types in the first few letters:

On September 28, Microsoft released their quarterly updates for Exchange Server:

• Exchange Server 2019 Cumulative Update 11
• Exchange Server 2016 Cumulative Update 22

Social media exploded when an ISV who specializes in security released a blogpost about a vulnerability they found in Autodiscover, the protocol that is used by mailclients to discover Exchange configuration and configure themselves. Outlook is the client that uses Autodiscover the most, but mobile clients and third party applications can use Autodiscover as well.

The best way to learn about any technology, and specifically Exchange Server, is to be as hands-on as can be. And the most effective way to be hands-on without risking your production environment is to build a separate test lab.

When it comes to cybersecurity, the threat landscape over the last 12 months has never been more complex and challenging. During Microsoft’s annual partner event, Microsoft Inspire, a strong emphasis was put on trust and security. According to Microsoft, they have been busy thwarting and tracking the following:

On-premises Exchange servers are still a thing, and with future versions of Exchange coming on-premises we can assume they still will be for some time to come and on-premises Exchange monitoring is recommended. If your organization still runs on-premises Exchange servers, then Datacenter Activation Coordination (DAC) is a feature you need to understand.