Microsoft Exchange and Active Directory Blog
On February 13, 2020, Microsoft released updates for all Exchange Server versions for the vulnerability CVE-2020-0688. If you have not already done so, you should install the update as soon as possible, as it is now known how the vulnerability can be exploited. Although an attacker must first authenticate themselves on the Exchange Server, it is then possible to take control of the ... Read more
Microsoft has released a new security update for Exchange Server 2010 - 2019. The update fixes the following vulnerabilities: CVE-2020-0692 | Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2020-0688 | Microsoft Exchange Memory Corruption Vulnerability The update is given the severity level "Important", click here to go directly to the downloads: Download Security Update For Exchange Server 2019 ... Read more
Yesterday, Microsoft released a new update (CU) for Exchange Server 2019 and Exchange 2016. Here is an overview of the changes and fixes in the new CU: Cumulative Update 4 for Exchange Server 2019 Cumulative Update 15 for Exchange Server 2016 The CU 4 for Exchange 2019 can still only be downloaded via VLSC, MSDN ... Read more
I have just uploaded a new version of the Exchange Certificate Assistant. The old version still uses the Let's Encrypt protocol ACMEv1, which is no longer supported by Let's Encrypt. The new version 3 of the Certificate Assistant now uses the PowerShell module Posh-ACME to automatically request certificates for Exchange Server via Let's Encrypt. Posh-ACME is ACMEv2 ... Read more
Microsoft has released a new security update for Exchange Server 2013 to 2019 (CVE-2019-1373). The update closes a vulnerability that, in the worst-case scenario, could allow code to be executed remotely. Microsoft classifies the severity of the vulnerability as critical. The update should therefore be installed as soon as possible. Microsoft provides the following details on ... Read more
Here's another little problem I stumbled across today. During the migration from Exchange 2010 to Exchange 2016, a user was no longer able to receive emails from external senders (SenderNotAuthenticatedForMailbox) after the spam filters were switched to the Exchange 2016 servers. This problem only occurred when the mail routing was switched to the Exchange 2016 ... Read more
I have just uploaded version 3.6 of the Exchange Reporter. Exchange Reporter 3.6 includes the new module "NoSpamProxy". This means that Exchange Reporter can now also retrieve statistics from NoSpamProxy and display them in the report. Here is an example of the NSP module: The NoSpamProxy module displays the following statistics: Overview of mail statistics Overview of large files ... Read more
Small warning regarding Apple devices and iOS 13. Apparently an old bug from iOS 6 times has returned and is causing trouble again in iOS 13. I warned about the problem "back then" here: Exchange 2007/2010: ActiveSync and iOS 6 bug With Apple iOS 13, too, there are more and more reports that there are ... Read more
Some time ago I had already pointed out the following error, here in connection with Exchange 2013: Exchange 2013: 451 4.7.0 Temporary server error. Please try again later. PRX2 If emails cannot be delivered and Exchange displays the error "451 4.7.0 Temporary server error. Please try again later. PRX2" in the queues, it is possible that ... Read more
After I released a new version of the Exchange Reporter on June 27, 2019, a few bugs have been fixed in the current version 3.6. Here is an overview of the changes: New functions FTP upload function (thanks to Daniel) Bugfixes Rblreport: Blacklist bl.spamcannibal.org removed, as it no longer exists VmwareReport: PowerCli is now loaded as a module (thanks to ... Read more
