Security

Hi All, What is MTA-STS Mail Transfer Agent Strict Transport Security (MTA-STS) makes sure that Emails are Transfered over a secured TLS Connection but has lower requirements than DNS based Authentification of Named Entities (DANE). “Mail Transfer Agent Strict Transport Security (MTA-STS)” has been defined in 2018 in the following RFC rfc8461 SMTP MTA Strict Transport Security (MTA-STS) MTA-STS benefits: Emails are transfered over a secure TLS connection Must use TLS-Version 1.

Hi All, While writing the Blog Article that Microsoft is moving to New cloud.microsoft Domain for M365 i’ve been stumbled across something very interesting. In the Article from the Exchange Team Blog from Septemer 2023, they have anounced that Inbound DANE will be available between March and July 2024 using a new Domain *.mx.microsoft Implementing Inbound SMTP DANE with DNSSEC for Exchange Online Mail Flow I’ve decided to test DNSSEC with MXToolbox

Hi All, Microsoft has published several Blog Articles on the Exchange Team Blog, that they will throttle then block old and unpatched on-premises Exchange Servers. Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online Update on Transport Enforcement System in Exchange Online How to pause throttling and blocking of out-of-date on-premises Exchange Servers Timeline They started in Summer 2023 with Exchange 2007. Now in February 2024 they start to block Exchange 2013 - Extended Support ended on 11 April 2023

Hi All, A few years ago, i have already written an Article how to Enable DKIM in Exchange Online. Enable DKIM in Office 365 Things change over time and so does the Exchange Admin Center. Enabling DKIM has moved to the Microsoft Defender Admin Portal. Here are some older Articles regarding DKIM SPF / DKIM / DMARC DKIM with Exchange To enable DKIM in Exchange Online you have to go to the Microsoft Defender Admin Portal and select > Policies & rules > Threat Policies > Email authentication settings

Hi All, You might think that only Domain Administrators are able to add Computers to the Active Directory Domain. But that’s not true. AD Schema documentation MS-DS-Machine-Account-Quota attribute The number of computer accounts that a user is allowed to create in a domain. As a result, a regular Domain User can join up to 10 Computers to a Domain. If you open up adsiedit.msc and check the Properties on the Domain container and search for the Active Directroy Attribute “ms-DS-MachineAccountQuota” you can see that it has a value of “10”.

Hi All, I’ve published a new Swiss Domain Security Report Q4 2023 to rise awareness about the available Security technologies around Domains and Mailsecurity. It shows the adoption of diffrent technologies for the whole .ch TLD (Top Level Domain). Hope you enjoy it and learn something. Let’s improve the Security in Switzerland! Note: I am a private Person and this is just a Hobby Project. But i still believe this Report can be useful as an Overview of the Mail- and Domain Security in Switzerland.

Hi All, It’s again Patchday and Microsoft has released Security Updates for Exchange 2016 and 2019. Exchange Team Blog Released: November 2023 Exchange Server Security Updates Updates: Security Update For Exchange Server 2019 CU12 SU11 (KB5032146) Security Update For Exchange Server 2019 CU13 SU4 (KB5032146) Security Update For Exchange Server 2016 CU23 SU11 (KB5032147) I’ve downloaded the - MonitorExchangeAuthCertificate And checked the Exchange Auth Certificate .\MonitorExchangeAuthCertificate.ps1 Run the Setup after downloading

Hi All, My old TLS Certificate from GoDaddy has expired a few Days ago. I have already used “Let’s Encrypt” Certificates for Exchange in some Test Environements. Today i want you to show how to set up initionally and then use a Script to renew the Certificate on a regular basis. Initial Setup First of all you need a Client that can handle the “Let’s Encrypt” Certificate Request. There are plenty of alternatives out there.

Hi All, It’s again Patchday and Microsoft has released Security Updates for Exchange 2016 and 2019. Exchange Team Blog Released: October 2023 Exchange Server Security Updates Updates: Security Update For Exchange Server 2019 CU12 SU10 (KB5030877) Security Update For Exchange Server 2019 CU13 SU3 (KB5030877) Security Update For Exchange Server 2016 CU23 SU10 (KB5030877) The Token Cache will be fixed with the OS Updates for IIS. Today, Windows team has released the IIS fix for root cause of this vulnerability, in the form of fix for CVE-2023-36434.

Hi All, A few Days ago, i have received an update for my OnePlus 9 Android Smartphone. It includes the Android 2023.09 Security Updates. Details can be found in the OnePlus Community OxygenOS 13.1.0.591 for the OnePlus 9/9 Pro Changelog Integrates the September 2023 Android security patch to enhance system security. Regards Andres Bohren Unified Messaging Logo