Microsoft Exchange and Active Directory Blog
The vacation season is just beginning and many colleagues are starting their summer vacation. Unfortunately, they often forget to activate the out-of-office assistant. I have created the "Out of Office Assistant for Admins" so that the Out of Office Assistant does not have to be activated via Exchange Shell, but can be conveniently activated in a small GUI. The small PowerShell script provides a simple GUI for activating the ... Read more
Many readers of this blog have requested an article on the subject of "Exchange Server and Reverse Proxy". Although there are already HowTos with Kemp, Sophos and F5, there also seems to be a need for open source solutions. Therefore, here is a HowTo for the use of Apache as a reverse proxy for ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. Click here to go directly to the downloads: Exchange Server 2013 CU23 Exchange Server 2016 CU22 and CU23 Exchange Server 2019 CU11 and CU12 The update fixes a vulnerability (CVE-2022-21978) which is classified as "Important". The update should therefore be installed promptly. Details about the vulnerability can be found here: CVE-2022-21978 The ... Read more
Since CU12 for Exchange 2019 and CU23 for Exchange 2016, certificates can no longer simply be requested or imported via the Exchange Admin Center. This is due to a change to the CMDLets "New-ExchangeCertificate", "Import-ExchangeCertificate" and "Export-ExchangeCertificate", where UNC paths can no longer be used. In the Exchange Admin Center there were before CU12 and CU23 ... Read more
Microsoft released new updates for Exchange Server on 20.04.2022. The new updates bring some new features and contain all previously released security updates. Click here to download directly: Exchange Server 2019 Cumulative Update 12 Exchange Server 2016 Cumulative Update 23 With the release of the updates, Microsoft is also changing the way Exchange ... Read more
A reader asked for an article on how brute force attacks on Exchange servers can be prevented. Since Exchange servers in smaller environments are often directly accessible on the Internet (e.g. via port forward) and can also be identified very quickly thanks to autodiscover, Exchange servers are very suitable for brute force attacks. In a brute force attack ... Read more
A reader of this page asked whether it is possible for certain users to create and manage contacts for the organization. A separate RBAC (Role Based Access Control) role can be used for this with little effort. A corresponding role, which can only create and edit contacts in a specific organizational unit, can be created with little effort. ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The updates can be downloaded here: Exchange Server 2013 CU23 Exchange Server 2016 CU21 and CU22 Exchange Server 2019 CU10 and CU11 The updates close the vulnerability CVE-2022-23277, which is classified as Critical, and the vulnerability CVE-2022-24463, which is classified as Important. As Exchange Server currently likes to ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 2019. The security update is intended to fix the following three vulnerabilities CVE-2022-21969 (Important) CVE-2022-21855 (Important) CVE-2022-21846 (Critical) The three vulnerabilities mentioned are errors that allow remote code execution. The updates should therefore be installed as soon as possible, even if no exploitation is currently ... Read more
At the turn of the year, there is a problem with mail delivery on Exchange servers. Mails get stuck in the queue with the following message: "The message was put on hold by the categorization agent" Mails are neither sent nor received. This problem has been occurring on all Exchange 2016 / 2019 servers since 01.01.2022 and is caused by the transport agent "Malware Agent" ... Read more
