Microsoft has announced a significant change in how new Accepted Domains in Exchange Online are provisioned with MX records. Between early and late July 2026 (previously February), MS will gradually switch provisioning of all A records for new Accepted Domains into the new subdomains under mx.microsoft. *.mx.microsoft At first glance, this may look like a …
Microsoft just introduced cloud-managed remote mailboxes for directory-synced users. In plain English: you can manage Exchange attributes for synced mailboxes directly in Exchange Online without keeping an on-prem Exchange server for recipient admin. This post explains what that means for your business, the most valuable use cases, when not to enable it, and a 7-step pilot you can run this week. If “the last Exchange server” has been blocking your roadmap, this is the feature that finally moves you past it.
EWS in Microsoft 365: Why You Must Act Now As Microsoft 365 continues to evolve, one of the most impactful changes underway is the retirement of Exchange Web Services (EWS) in Exchange Online. While EWS has served as a core integration protocol for over a decade, Microsoft has made it clear: EWS is on the …
Attackers rarely miss an opportunity to twist a convenient feature into a phishing tool. Exchange Online’s Direct Send is the latest example: security researchers have documented campaigns that drop fake “internal” messages straight into corporate inboxes—no credentials required. Headlines warn that these messages “bypass SPF, DKIM and DMARC,” leaving IT teams wondering whether the standard …
A Modern SMTP Relay for Post-Exchange Environments As more organizations retire their last on-premises Exchange server, and as Microsoft Defender for Office 365 introduces more aggressive email throttling, many customers are facing the challenge of finding a new reliable SMTP relay. Azure Communication Services (ACS) with Email capabilities is emerging as a modern, scalable alternative. …
Licensing Microsoft Entra administrator accounts for email is a common practice, but it introduces avoidable security risks. Privileged accounts should remain isolated from unnecessary communication channels to minimize vulnerabilities. This guide shows how to set up email notifications for admin accounts without assigning them a mailbox license. We’ll also include visual steps for enabling plus …
Enhancing Email Security: Opportunistic TLS and Encryption Solutions In Part 1 of this series, we explored how SMTP DANE and DNSSEC collaborate to secure email communications in Exchange Online, ensuring authenticity and encryption between servers. In this follow-up, we focus on two critical components of email security: Opportunistic TLS and email encryption. Specifically, we’ll examine …
Introduction to SMTP DANE and DNSSEC Securing email communication is critical in the modern digital landscape. SMTP DANE (DNS-based Authentication of Named Entities) and DNSSEC (Domain Name System Security Extensions) are two technologies that strengthen email security by protecting against DNS-based attacks and ensuring encrypted connections between mail servers. What is DNSSEC? DNSSEC enhances the …
What is DMARC DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance, is a crucial email authentication and anti-phishing technology designed to enhance the security of email communication. It helps organizations combat email fraud, phishing attacks, and unauthorized use of their domain names by allowing domain owners to specify policies for how their email …
In a recent blog post on January 20. the Exchange Team blog announced support for stacking exchange online licenses. Introducing Support for Concurrent Exchange Online License Assignments – Microsoft Community Hub There is several benefits to this new possiblity, mostly its great when you need to change the licensing plan for a user. For example. …
