EXCHANGE

Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.0 released

Andres Bohren
Hi All, A few days ago a new Version of the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) Module has been released. ORCA 2.0 https://www.powershellgallery.com/packages/ORCA/2.0 Use the following commands to Install the Module Find-Module Orca Install-Module Orca Get-InstalledModule Orca You can already connect to Exchange Online (Or the Script will do it also for you) Connect-ExchangeOnline There is just one simple Command to run the Report Get-OrcaReport It's recommended to run the report from Time to Time.

Exchange Online - Every Meeting Online (EMO) by Default

Andres Bohren
Hi All, Recently Microsoft announced an update to "Every Meeting Online" (EMO) Feature. Not only can you configure to have Meeting Links for every Meeting, you can also configure the Default Online Meeting Provider TeamsForBusiness BlueJeans GoToMeeting Webex Zoom GoogleMeet JioMeet RingCentral AmazonChimePublic AmazonChimePrivate AlibabaDingTalk FacebookWorkplace AppleFacetime ClaroVideoconferencia Make every meeting online https://support.microsoft.com/en-us/office/make-every-meeting-online-70f9bda0-fd29-498b-9757-6709cc1c73f0 To Activate you have to Configure the Exchange Online OrganizationConfig Get-OrganizationConfig | fl OnlineMeetingsByDefaultEnabled Set-OrganizationConfig -OnlineMeetingsByDefaultEnabled $true

Exchange Online Plus addressing update

Andres Bohren
Hi All, There has been an update to Plus addressing in Exchange online. Plus adressing will be enabled by default starting from 17. April 2022 If you wish to Opt-Out of Plus Adressing you will need to use this command Set-OrganizationConfig -DisablePlusAddressInRecipients $true Plus Addressing in Exchange Online https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/plus-addressing-in-exchange-online If you want to check your current Recipients for Plus addresses you can use my Script from GitHub https://github.com/BohrenAn/GitHub_PowerShellScripts/blob/main/ExchangeOnline/CheckPlusEmailAddresses.ps1 You can review your Exchange Online Settings in your tenant with the following Command

ExchangeOnlineManagement v206-Preview5 (Connect-IPPSSession with CBA)

Andres Bohren
Hi All, Today the ExchangeOnlineManagement Preview 5 PowerShell Module has been released to the PowerShell Gallery. As you can see it's the first time you can use Certificate Based Authentication (CBA) to Authenticate with Connect-IPPSSession. ExchangeOnlineManagement Preview5 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/2.0.6-Preview5 Installing the Module (PowerShell must be startet "As Administrator") Find-Module ExchangeOnlineManagement -AllowPrerelease Install-Module ExchangeOnlineManagement -AllowPrerelease -Force How to set up the Azure AD App i have documented here https://blog.icewolf.ch/archive/2021/04/04/exchange-online-powershell-v2-authentication-with-app-in-azuread-update.aspx Connect to Exchange Online with a Certificate stored in your CurrentUser Certificate Store

Modern Dynamic Distribution Groups in Exchange Online

Andres Bohren
Hi All, Did you hear about the "Modern Dynamic Distribution Groups in Exchange Online"? Little less dynamic but with more caching 😊 Modern Dynamic Distribution Groups in Exchange Online https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-dynamic-distribution-groups/modern-dynamic-distribution-groups Create a new Dynamic Distribution Group in Exchange Online New-DynamicDistributionGroup -Name DDG-Icewolf-UserMailbox -IncludedRecipients MailboxUsers -ConditionalCompany "Icewolf" Show the Details - note the Recipient Filter Get-DynamicDistributionGroup -Identity DDG-Icewolf-UserMailbox | fl If you check for the Members - it's still empty Get-DynamicDistributionGroupMember -Identity DDG-Icewolf-UserMailbox

Exchange Security Updates March 2022

Andres Bohren
Hi All, It's that time of the Month again and Microsoft has released Patches for Exchange 2013 up to Exchange 2019 Released: March 2022 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2022-exchange-server-security-updates/ba-p/3247586 Description of the security update for Microsoft Exchange Server 2019 and 2016: March 8, 2022 (KB5012698) https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-and-2016-march-8-2022-kb5012698-440c5421-dc0e-448f-93ef-4e686c18f7c3 Security Update For Exchange Server 2016 CU22 (KB5012698) https://www.microsoft.com/en-us/download/details.aspx?id=103999 Don't forget to start the msp from an elevated cmd Prompt Regards Andres Bohren

Get/Set-PhishFilterPolicy will be soon replaced with Tenant Allow Block list

Andres Bohren
Hi All, Recently there was an Annoucement in the M365 Message Center that announced the depreciation of the Get/Set-PhishFilterPolicy. Move to the new Commands Get-TenantAllowBlockListSpoofItems New-TenantAllowBlockListSpoofItems Set-TenantAllowBlockListSpoofItems Remove-TenantAllowBlockListSpoofItems The Get-PhishFilterPolicy will soon be depreciated Get-PhishFilterPolicy | ft Sender, SpoofedUser, NumberOfMessages, DecisionSetBy, AllowedToSpoof, SpoofType To see only the entrys, that are allowed to Spoof Get-PhishFilterPolicy | where {$_.AllowedToSpoof -eq "Yes"} | ft Sender, SpoofedUser, NumberOfMessages, DecisionSetBy, AllowedToSpoof, SpoofType Instead use this Command now

Sending "Reset Password" Links may be considered as phishing in Exchange Online

Andres Bohren
Hi All, A few Weeks ago i received the Mail below that was filtered out as Junk-E-Mail. So i took a closer look as it is legitimate. It contained a "Forgot Password" Link to theyr Portal. These are classic Phishing Techniques- I took a look at the Mailheaders with the Message Header Analyzer https://mha.azurewebsites.net/ As you can see the Spam Confidence Level (SCL) is high at 5 and it's classified also as spam (SPM).

Exchange Online Litigation Hold an Licensing

Andres Bohren
Hi All, I've recently had to deal with Litigation Hold. So i did a bit of research. Place a mailbox on Litigation Hold https://docs.microsoft.com/en-us/exchange/policy-and-compliance/holds/litigation-holds?view=exchserver-2019 When a mailbox is placed on Litigation Hold, items in the Purges subfolder are preserved for the hold duration specified by the Litigation Hold. The hold duration is calculated from the original date an item was received or created, and defines how long items in the Purges subfolder are held.

Your datacenter move for Exchange is complete

Andres Bohren
Hi Everybody, In June 2020 i applied for the Data residency move to the newly created M365 Datacenter Location in Switzerland Today i had the following Message in the M365 Message Center Moving core data to new Microsoft 365 datacenter geos https://docs.microsoft.com/en-us/microsoft-365/enterprise/moving-data-to-new-datacenter-geos?view=o365-worldwide I've checked the Data location. As you can see the Exchange Data has been moved to Switzerland 😍 Regards Andres Bohren