Microsoft Exchange and Active Directory Blog
Microsoft has released security updates for a number of vulnerabilities in Exchange Server today, and there is also an update for Exchange 2010. The following vulnerabilities are closed for Exchange 2016 and Exchange 2019: CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability CVE-2020-17141 | Microsoft Exchange Remote Code ... Read more
After renewing the Exchange backend certificate, frequent channel error messages may appear in the event log if the POP3 service of the Exchange server is used. The following two error messages may appear after the certificate has been changed: Source: Schannel Event ID: 36871 Level: Error Fatal error while creating the client credentials for TLS. The internal error status ... Read more
Microsoft today released new security updates for all Exchange Server versions that are still supported. The updates address a total of 3 vulnerabilities: CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability As two of the vulnerabilities allow remote code execution, it is recommended to ... Read more
I have just uploaded version 3.8 (code name Leslie). This is the first version that has a "code name" because Leslie (the Leslie) was kind enough to dig through the many lines of PowerShell code and found and reported some bugs. The following bug fixes are included in version 3.8: updatereport.ps1: The module showed the ... Read more
Yesterday, Microsoft released a new security update for Exchange Server 2013, 2016 and 2019. The update closes the vulnerability CVE-2020-16969. The vulnerability can be exploited with a specially crafted email, so the update should be installed promptly. The update is classified as "Important". Microsoft describes the vulnerability as follows: An information disclosure vulnerability exists in ... Read more
During an Exchange migration, the "old" Exchange server may not be able to deliver mails to the new Exchange server. This happened during an Exchange 2013 to Exchange 2019 migration. Mails on the Exchange 2013 server to mailboxes that had already been migrated to Exchange 2019 could not be delivered. The ... Read more
I have received a request from a customer that he would like to have his meeting rooms sorted or displayed by location. How can I implement this requirement? I implemented it with address lists and a custom attribute. The first step is to create the address lists by location, as shown here in the example Bielefeld, Düsseldorf, Frankfurt, Hamburg, Munich and ... Read more
I have just uploaded a new version of the Exchange Reporter. Version 3.7 fixes some problems with the modules. Here is a list of the changes: vmwarereport.ps1 Adapted to newer PowerCLI version (Thanks Steffen) careport.ps1 Small bugfix when checking the PSPKI module (Thanks Steffen) dmarcreport.ps1 New features (Thanks Timbo) rblreport.ps1 Removed dead blacklist bl.emailbasura.org (Thanks ... Read more
I have already written about DKIM in conjunction with Sophos UTM here. Here is an article about Exchange and DKIM. Mails can receive a DKIM signature directly on the Exchange server, so an additional AntiSPAM solution that adds the DKIM signature is not necessary. To add DKIM signatures directly on the Exchange ... Read more
Who isn't familiar with the evil "Reply all" function in Outlook? An important piece of information is quickly sent to the whole company, and then there's a flood of replies because the recipients use the "reply all" function: Depending on the size of the organization, such a flood of emails can generate a few million emails and thus ... Read more
