Exchange 2016: Share EAC only in the internal network

by

Like Exchange 2013, Exchange 2016 comes with a web interface for administration (EAC), which can be used to carry out basic administration tasks. However, simple administration via the web interface also entails risks. For example, anyone who makes Exchange 2016 and Exchange 2013 servers accessible on the Internet in order to access OWA, ActiveSync and Outlook Anywhere ... Read more

Sophos UTM 9.4 WAF and Exchange 2016

by

For Exchange 2010 and Exchange 2013, I had already published articles for Sophos UTM Webserver Protection (WAF) here. However, since Exchange 2016 has now been released and the Sophos UTM is also available in a more up-to-date version, there is another update here. Environment (UTM and Exchange) Exchange Server 2016 CU1 ... Read more

New Exchange Server updates available

by

New updates for Exchange Server 2007, 2010, 2013 and also for Exchange Server 2016 have been released today: Exchange 2016 CU 1 Exchange 2013 CU 12 Exchange 2010 SP3 UR 13 Exchange 2007 SP3 UR 19 New UM language packs are available here: UM language packs for Exchange 2016 CU 1 UM language packs for Exchange 2013 CU 12 A list of ... Read more

RIP R@y!

by

Ray Tomlinson died of a heart attack on Saturday. Without him, we probably wouldn't have an @ sign on our keyboards. Ray Tomlinson was the first person to use the @ sign to send an e-mail in 1971. The Wikipedia article is unfortunately very thin: https://de.wikipedia.org/wiki/Ray_Tomlinson Heise writes a nicer obituary: http://www.heise.de/newsticker/meldung/Ray-Heaven-zum-Tode-von-Ray-Tomlinson-3129308.html Rest in peace R@y! (Source: http://openmap.bbn.com/~tomlinso/ray/ka10.html)

Exchange Server: Prevent mail spoofing

by

Mail spoofing is often used to persuade users to open dangerous attachments in emails. The aim is to make it look as if the email is coming from a colleague or a device such as a scanner or Fax2Mail. Mail spoofing is used to falsify the sender's address so that it looks to the user as if the email is coming from an internal ... Read more

Protect Windows file servers from ransomware (Update 2)

by

I have already published some approaches to getting the ransomware plague under control here: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ https://www.frankysweb.de/locky-verseuchte-clients-identifizieren/ https://www.frankysweb.de/clients-vor-infektion-mit-ransomware-schuetzen-locky-cryptolocker/ However, I also receive many emails every day asking what else is possible. I have to say: It depends... The scripts in the articles don't work in every environment, but probably have to be ... Read more

Exchange 2016: VMware Best Practices

by

VMware has published a document on best practices for Exchange 2016 on VMware vSphere: http://www.vmware.com/files/pdf/vmware-microsoft-exchange-server-2016-on-vsphere-best-practices-guide.pdf Most Exchange servers will probably be installed as VMs, so I think the document is well worth reading. I find the part about Exchange 2016 on all-flash storage quite interesting, but you can read that for yourself... HP has also ... Read more

Protect clients from infection with ransomware (Locky, Cryptolocker)

by

We should slowly give ransomware the finger, we can already protect file servers and identify infected clients: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ https://www.frankysweb.de/locky-verseuchte-clients-identifizieren/ Something can also be done on the clients to prevent infection. However, there is no one-size-fits-all solution here, but with GPOs you have a powerful tool at hand to at least react to current situations ... Read more