Author: Rob Walton
-
Capture DMARC Reject Email Copies
It is recommended to ensure you have the highest SPF, DKIM, and DMARC email protection for all your email domains. This includes setting the DMARC email protection level to the highest “reject” mode. DMARC “reject” mode will result in rejection for any email sent from your domain name that is not covered by SPF and…
-
Email Security for unused email domains
Organizations usually own a large number of email domains, for brand protection reasons. But only use a subset of those email domains for their mailboxes. Typically any email security measures are only applied to the email domains being used. This means the unused email domains can be at risk of being subject to cyber attack.…
-
Review Older TLS Versions and Cipher Suites
TLS 1.3 is becoming prevalent across messaging platforms as we enter 2025. Exchange Online support for TLS 1.3 is due soon – see this TLS 1.3 Blog Post from office365migrate.com . Commonly TLS 1.2 is used as the default message transfer protocol, and this has superseded the previous versions of TLS which were TLS 1.0…
-
End of Support for Exchange 2016 and Exchange 2019
Microsoft have announced a set of important dates for end of support for both Exchange 2016 and Exchange 2019, during 2025. The new version of Microsoft Exchange, called Microsoft Exchange SE (Subscription Edition) is being released as RTM, and then as CU1. All existing customers of Microsoft Exchange are expected to use solely Exchange Online,…
-
DANE DNSSEC for M365 Exchange Online
Microsoft have released support for DANE and DNSSEC to improve the email security of your M365 registered email domains. DANE with DNSSEC will help protect your email domains against man-in-the-middle attacks. DANE stands for DNS-based Authentication of Named Entities, and is covered by RFC 6698 here https://datatracker.ietf.org/doc/html/rfc6698. It is recommended to enable the provided DANE…