Close-up of a conference badge for the Exchange Summit 2025. The badge has a blue background with a digital network design featuring small envelope icons. The text reads "Dave Stork" in white, "SPEAKER" in bold red letters on a yellow background, and "Exchange Summit 2025" in white at the bottom.

Ready for #MSExchangeSummit in Würzburg, Germany! Speaking today after lunch: “We need to talk about (on-prem) Exchange Server”
#MSExchange #Microsoft365 #SimplifyNow #SMTP

Reading #WeekITtip for the weekend. I am currently involved in a case in which mail (auto)forwarding is used but that is causing the forwarded mail to be rejected. When #SPF, #DKIM and #DMARC are implemented properly, this can break legitimate mail forwarding.

#SimplifyNow #MSExchange #SMTP

Also check several breaking changes in #MSExchange Online such as legacy tokens, EWS deprecation, external recipient rate limits. Some take effect in January, others later but some mitigations might take time.

Now you have some of your #SMTP New year resolutions! 😉 See you next year!

#SimplifyNow

This might also be a time to do a (periodic!) review of your overall #Defender settings, processes, and awareness training (with an ethical attack simulation). Like previously indicated, there are still a lot of incoming threats via email.

#SimplifyNow #Security

Microsoft 365 Roadmap | Microsoft 365 The Microsoft 365 Roadmap lists updates that are currently planned for applicable subscribers. Check here for more information on the status of new features and updates.

Now #Microsoft has announced the rollout for #Mobile Outlook iOS/Android in Message Center post MC960818. You do not have to do anything, but this might be a time to evaluatie if the older add-in still needs to be deployed. See also roadmap id: https://buff.ly/49Qz669

#SimplifyNow #Security

Day 23 of #ITAdvent. More than a week ago I posted about the Junk Report button being integrated within Classic #Outlook. New Outlook & OotW (Outlook on the Web) already had that button. This would remove the need to deploy the reporting add-in in those clients.

#SimplifyNow #Security

Unfortunately, these options require self-learning and might miss important real-life nuance & interaction. Of course you could use fora, social media to ask your specific questions. As a last resort contact known trainers (MCTs or often MVPs) for a custom course/workshop.

#SimplifyNow #Training

Day 22 of #ITAdvent. There are no #Microsoft #MSExchange specific #certification available. Which unfortunately also means that there is less training offered, as they are based on Microsoft Official Courseware or #MOC. So, I sometimes see the question what options there are.

#SimplifyNow #Training

Don't forget other upcoming potentially breaking changes, such as removal of legacy tokens, EWS and Client Access rules, enforcing external recipient rate limits to name some.

#SimplifyNow

Announcing Public Preview of the New Message Trace in Exchange Online | Microsoft Community Hub We are excited to announce that the Public Preview of the new Message Trace in the Exchange admin center (EAC) in Exchange Online.

The changes in the #PowerShell cmdlet might have impact on scripts, as paging is no longer supported. The max results is increased to 5000 though. Check your scripts as this might be a breaking change, I know that I wil have to.

Read more: https://buff.ly/3P63zDL

#SimplifyNow #Mail #SMTP

Internetveiligheid bij de overheid: Forum Standaardisatie roept op tot snelle actie | Forum Standaardisatie De beveiliging van internetdomeinnamen van de overheid laat te wensen over. Hoewel er afspraken gemaakt zijn om moderne internetstandaarden versneld te adopteren, blijkt uit de laatste meting van…

The post is interesting. I do wonder why adoption is not higher, but perhaps I am missing things. I for one am open to give educate, train and consult your org if needed. I am sure a lot of other experts are willing as well.

Read more: https://buff.ly/49OzXVe

#SimplifyNow #Security #Compliance

RFC 7489: Domain-based Message Authentication, Reporting, and Conformance (DMARC)

Also see DMARC RFC: https://buff.ly/41C2lrh

Do note that I've just scratched the surface & there are nuances IRL. This is my attempt to create awareness, their need and the need to configure and use them properly. Let's make mail a little bit safer!

#SimplifyNow #SMTP #Authentication #Security

- Often a 1024 key length is still used, while 2048 is more robust. Solve this in #MSExchange Online by rotating your DKIM keys with PowerShell with a higher value. See more here: https://buff.ly/4fkd50L

Did you encounter other common issues with DKIM?

#SimplifyNow #Security #Compliance

RFC 7208: Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1 Email on the Internet can be forged in a number of ways. In particular, existing protocols place no restriction on what a sending host can use as the "MAIL FROM" of a message or the domain given on…

Did I forget any common mistakes? Do you have any you want to share?
If you want to dig deep in SPF, read the RFC7208: https://buff.ly/3ZGk2mW

#SimplifyNow #SMTP #Security #Authentication

Luckily, there are various tools & services that can check syntax or flatten your record by replacing includes with IP addresses, reducing the DNS lookups. Often, those services also offer DMARC reporting (I will come back to that) analysis.

#SimplifyNow #SMTP #Security #Authentication

- Having ?all or ~all, which in a way indicates that the org is uncertain what servers could send mail.
- Valid mail sent from servers but not included in the record. The last part can happen if the org does not have a well-known policy in place on how the mail domain is used

#SimplifyNow #SMTP

- Forgotten sub domains: SPF does not inherit to subdomains
- Not having a correct syntax: typos or linefeeds where they shouldn't.
- Too many DNS lookups: the max is 10 and cumulative, but third party includes might unexpectedly add additional lookups.

#SimplifyNow #SMTP #Security #Authentication

Day 16 of #ITAdvent. Let's talk about #SPF or Sender Policy Framework! Especially the most common mistakes I see happening, be sure to check those periodically (but during the holiday period you also might have time to do this):

#SimplifyNow #SMTP #Security #Authentication

Record a meeting in Microsoft Teams - Microsoft Support Learn how to record Teams meeting. Capture audio, video, screen sharing activity, and troubleshoot recordings in Microsoft Teams.

Obviously, there are other options available, some depend on which license the #MicrosoftTeams Meeting Organizer has. Do note that also the recording itself has additional configuration options, such as retention. https://buff.ly/4gDJe4D

#SimplifyNow #Microsoft365

Meeting options in Microsoft Teams - Microsoft Support Admins set default meeting settings. They try to optimize for most use cases, but if you want to adjust your options for a specific Teams meeting, go to Meeting options.

You can enable automatic recording of your meeting via the Meeting Options in #MicrosoftTeams. There are different ways to get to that, in the Meeting request there is a link. Or in #Teams go to the calendar. https://buff.ly/3VHDheN

#SimplifyNow #Microsoft365

Day 15 of #ITAdvent. In many organizations #MicrosoftTeams is the digital meeting solution used to attend meetings. Ad-hoc meetings but also recurring meetings such as dailies. It can useful having #recording or #transcript, but you might forget that manual action.

#SimplifyNow #Microsoft365

Do note: With MC841229 the recent rollout of the default #Junk Report button in Classic Outlook was announced, no longer requiring an add-in be pushed. Be sure to check whether you have two buttons to report & change your config/documentation.

#SimplifyNow #Defender #MSExchange #Phishing

Day 14 of #ITAdvent. In 2024 #Microsoft reported in their Digital Defense Report 2024 that #Phishing is still the greatest threat from #mail. So, it's good to periodically review your orgs #security preparedness on this.

#SimplifyNow #Defender #MSExchange #Phishing #Junk

Day 13 of #ITADvent. Administrating #Microsoft365 comes with a lot of #PowerShell work, requiring to install and update lots of different modules. The ones I have to use frequently I know by heart. Others, not so much...

#SimplifyNow #Management #Script

How to set up a multifunction device or application to send emails using Microsoft 365 or Office 365 Learn how to set up printers, scanners, LOB applications to send emails using Microsoft 365 or Office 365.

Your investigation should focus on non-authenticated mail, it could come from external misconfigured applications or from an on-premises environment such as described in option 2 & 3 of this article: https://buff.ly/4iz0BoJ

#SimplifyNow #SMTP

Why? "Most of the traffic exhibiting multiple P2 From Addresses without a Sender Address will be inbound spam destined for your tenant sent by malicious spammers on the internet." as stated in #MC886603. However, it could be possible that you have valid mail that does this.

#SimplifyNow #SMTP

Day 12 of #ITAdvent. Be sure to check whether you have apps/devices that send #mail with multiple FROM: headers (or P2) without a SENDER: header. To comply with RFC5322 #Microsoft365 will reject those mails.

#SimplifyNow #SMTP

Run new Outlook and classic Outlook side-by-side - Microsoft Support If there are features or workflows you use that aren't available in new Outlook as yet, you can toggle back to classic Outlook for Windows.

You can run New and Classic #Outlook concurrently side-by-side on the same device! No need to toggle on/off every time. Read how to achieve this here: https://buff.ly/3ZNuCde

#SimplifyNow #Adoption

New Outlook for Windows: A Guide to Product Availability | Microsoft Community Hub Answers to frequent questions about new the Outlook for Windows timeline, how organizations can prepare, and future availability of classic Outlook for...

While I also think that New #Outlook might not be ready for most orgs, there are also some misconceptions surrounding this switch. First: #Microsoft will support Classic until at least 2029. See https://buff.ly/3ZNuKte Second: you can block the switch. And third:...

#SimplifyNow #Adoption

Dave Stork (@davestork.nl) Day 9 of #ITAdvent. With Message Center post MC949965 #Microsoft announced that #Microsoft365 Enterprise users will get the New #Outlook per default from April 2026. But if you are a Bussines user,…

Day 11 of #ITAdvent. Well, there are strong opinions on New #Outlook! Especially about changing the default #Microsoft365 client this January for Business users & in 2026 for Enterprise orgs which I posted about on day 9. See: https://buff.ly/4fbvwon

#SimplifyNow #Adoption