Microsoft Exchange and Active Directory Blog
Ray Tomlinson died of a heart attack on Saturday. Without him, we probably wouldn't have an @ sign on our keyboards. Ray Tomlinson was the first person to use the @ sign to send an e-mail in 1971. The Wikipedia article is unfortunately very thin: https://de.wikipedia.org/wiki/Ray_Tomlinson Heise writes a nicer obituary: http://www.heise.de/newsticker/meldung/Ray-Heaven-zum-Tode-von-Ray-Tomlinson-3129308.html Rest in peace R@y! (Source: http://openmap.bbn.com/~tomlinso/ray/ka10.html)
Mail spoofing is often used to persuade users to open dangerous attachments in emails. The aim is to make it look as if the email is coming from a colleague or a device such as a scanner or Fax2Mail. Mail spoofing is used to falsify the sender's address so that it looks to the user as if the email is coming from an internal ... Read more
I have already published some approaches to getting the ransomware plague under control here: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ https://www.frankysweb.de/locky-verseuchte-clients-identifizieren/ https://www.frankysweb.de/clients-vor-infektion-mit-ransomware-schuetzen-locky-cryptolocker/ However, I also receive many emails every day asking what else is possible. I have to say: It depends... The scripts in the articles don't work in every environment, but probably have to be ... Read more
VMware has published a document on best practices for Exchange 2016 on VMware vSphere: http://www.vmware.com/files/pdf/vmware-microsoft-exchange-server-2016-on-vsphere-best-practices-guide.pdf Most Exchange servers will probably be installed as VMs, so I think the document is well worth reading. I find the part about Exchange 2016 on all-flash storage quite interesting, but you can read that for yourself... HP has also ... Read more
We should slowly give ransomware the finger, we can already protect file servers and identify infected clients: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ https://www.frankysweb.de/locky-verseuchte-clients-identifizieren/ Something can also be done on the clients to prevent infection. However, there is no one-size-fits-all solution here, but with GPOs you have a powerful tool at hand to at least react to current situations ... Read more
In these two articles, I already presented a way to protect Windows file servers from Locky and other ransomware: https://www.frankysweb.de/windows-fileserver-vor-ransomware-crypto-locker-schuetzen/ https://www.frankysweb.de/windows-fileserver-vor-ransomware-schuetzen-update/ Tobbi has also implemented the idea for Netapp Filer: http://www.tobbis-blog.de/netapp-ontap-fileserver-gegen-ransomware-abschotten/ But there are still the clients, from which most of the danger emanates. The faster the computers are identified that are infected with ... Read more
Yesterday I already reported on how Windows file servers can be protected against ransomware such as Cryptolocker, Cryptwall or Locky using the "Resource Manager for File Servers". The following comment was made on the article: Hi Frank, great article! Is there a trick on how to intercept the user and possibly only allow the user access to ... Read more
Ransomware such as Crypto Locker or Locky and other names are becoming more and more of a plague. Only in a few cases is it possible to restore the encrypted data. Without a backup, the damage can quickly become very extensive. Since the Trojans usually start encrypting data from a client and in doing so ... Read more
I have just uploaded version 3.1 of the Exchange Reporter. This time I mainly fixed bugs that crept in despite many tests in different environments. I have made the following changes: Bugfixes O365report.ps1: The report only returned the first 1000 results, thanks to Kaari fixed Mbxreport.ps1: Bug in the listing of limits fixed, if more ... Read more
If the search in Outlook Web Access, or Outlook on the Web, no longer works, a broken index is usually to blame. However, the index can be recreated quite easily and in most cases this solves the problem. You can find out whether the index should be recreated using the Exchange Management Shell: Get-MailboxDatabaseCopyStatus ... Read more
