Recent Discussions
Exchange 2016 Mail Flow is Not Working
We had issues with updating to a latest Cumulative Update and messed up our EMS and some Web Config. It seems our Exchange Server is totally bricked. So, we decided to boot our Exchange Server from backup. The backup was dated September 2025. Unfortunately, after booting up the September 2025 backup, we noticed that the internal and external mail flow is not working (our Exchange 2016 is Exchange hybrid configured). The outgoing emails are stuck in Draft folder. The following troubleshooting steps have been done to no avail: -Checked if the port 25 is open -> This port is opened -Check the network settings if the Preferred DNS Address points to the correct DNS Server --> It points to the correct DNS Server -Modified the DNS lookup under Exchange Admin Center > Servers > DNS Lookups > Internal DNS Lookups --> Added the IP Address of the DNS Server -Modified the hosts file under System32 > drivers > etc --> Pointed the IP Address of the Exchange Server to the FQDN of the Exchange Server Currently, are not sure of the next steps to do in order to fix the issue. Any advice?Exchange Server SE Licensing and Product Keys
It seems that there’s a lot of confusion about licensing and product keys for Exchange Server SE; not just here on the Tech Community, but also on LinkedIn, on Reddit, and in the general Exchange community. So, I thought I would write an article to try to clear up that confusion. Licensing Let’s talk about licensing first. Undoubtedly, changing the name of the product to Exchange Server Subscription Edition caused some of the confusion. Some mistakenly believed it meant that cloud connectivity would now be required for the first time in Exchange Server history. Others thought this meant that Microsoft would start updating on-premises Exchange servers the same way they update Exchange Online. Neither of these things are true—as with all previous versions of Exchange Server, cloud (or Internet) connectivity is not required for Exchange Server SE (although there are some features that do require cloud connectivity to be used, such as the Exchange Emergency Mitigation service and Feature Flighting). Despite the name change, though, the reality is that the https://www.microsoft.com/licensing/terms/productoffering/ExchangeServer/all (and distributions channels) for Exchange Server SE are exactly the same as Exchange Server 2019: there are three licensing options: Server licenses and client access licenses (CALs) that have active Software Assurance (SA); Exchange Online licenses; or CAL equivalency licenses. Purchasing server licenses and CALs with SA is the traditional approach and something that can be done with Exchange Server SE; however, some customers have chosen to purchase cloud licenses or equivalency licenses to modernize their license acquisition and to better manage their licenses. Qualifying cloud licenses that satisfy the Exchange Server SE CAL requirement include https://www.microsoft.com/microsoft-365/exchange/exchange-online, which provides a license equivalent to an Exchange Server Standard CAL, and https://www.microsoft.com/microsoft-365/exchange/compare-microsoft-exchange-online-plans, which provides a license equivalent to an Exchange Server Enterprise CAL, which gives you the right to use advanced features, such as In-Place Archive, In-Place Holds, Information Protection and Compliance, Custom Retention Policies, Per User/DL Journaling, Site Mailboxes – Compliance, Data Loss Prevention, Exchange Online Protection, and Cloud Voicemail. At the higher end of cloud licenses are Microsoft 365 E3 (ME3) and Microsoft 365 E5 (ME5), both of which include https://www.microsoft.com/licensing/terms/productoffering/Microsoft365 for on-premises Office servers, namely Exchange Server, SharePoint Server, and Skype for Business Server, depending on the type of agreement you have with Microsoft. For example, customers with an Enterprise Agreement and ME3 or ME5 licenses can “install any number of copies of” Office server software. In this scenario, though, all users and devices accessing the on-premises Office servers must have an ME3 or ME5 license. Note though that you don’t directly assign the license in this case; you simply need to purchase it. In addition, there are similar https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA available with Microsoft 365 A3 and A5 under the Microsoft Customer Agreement (MCA) program. As I mentioned earlier, these are the same requirements as Exchange Server 2019. So, if you are running Exchange Server 2019 and you have active SA, then you likely already satisfy the license requirements for Exchange Server SE, and you can deploy it in your environment without any additional licensing costs. If you are running an earlier version of Exchange Server and you have active SA or qualifying cloud licenses, then you also likely satisfy the license requirements for Exchange Server SE. But if you don’t have SA or cloud licenses (or a Volume License Agreement), then you will need to purchase qualifying licenses and sign the right agreement to be entitled to Exchange Server SE and updates. However, there is one key difference. Downgrade (aka previous version) rights are no longer available. This is simply because there are no other supported versions, so there’s nothing to downgrade to. So, if you don’t maintain a subscription, you lose the right to install updates and run the product. Product Keys Now let’s talk about product keys. As with previous versions of Exchange Server, there is no product key or license activation. You simply purchase the required licenses (or maintain your existing subscription) to get the rights to use the software and install updates. A product key validates that you have purchased a Standard or Enterprise Edition server license for Exchange Server SE. Without a product key, a server is considered a Trial Edition. The Trial edition operates identically to a Standard Edition server and can be used to evaluate Exchange in a non-production setting for up to 180 days. To continue using the server beyond this period, you must enter a product key; otherwise, the Exchange admin center (EAC) will begin displaying reminders to enter a product key on the server, which you can do using the EAC or the Exchange Management Shell. Although the EAC will display a warning when the trial period expires, there’s no loss of functionality, and the software will continue to operate as if it were licensed (except for the warning messages). If you are doing an in-place upgrade of a running Exchange Server 2019 that has an existing valid product key, the RTM version of Exchange Server SE will continue to use that key. This was done on purpose to support a smooth in-place upgrade. If you are doing a fresh install of Exchange Server SE RTM (which includes legacy upgrades from Exchange Server 2016), you can also enter a product key Exchange Server 2019, which you can get from the Volume License page in the Microsoft 365 admin center (after you’ve signed your agreement with Microsoft). Exchange Server SE is available in four Editions: Enterprise, which supports a maximum of 100 mounted databases per server. Standard, which supports a maximum of 5 mounted databases per server. StandardEvaluation, which is a 180-day time-limited Standard Trial Edition. Coexistence (aka Hybrid Deployment), which maintains the hybrid relationship with Exchange Online. As an aside, a mounted database is a database that's in use (an active mailbox database that's mounted for use by clients or a passive mailbox database that's mounted for log replication and replay). While you can create more databases than the described limits, you can only mount the maximum number of databases that are allowed by the Edition of Exchange, as determined by the product key. Note that recovery databases don’t count towards these limits. When you enter a valid product key, the supported edition for the server is established. You can use a valid product key to move from the Trial Edition to either Standard Edition or Enterprise Edition. Again, no loss of functionality occurs after the Trial Edition expires, so you can maintain lab, demo, training, and other non-production environments beyond 180 days without having to reinstall the Trial Edition of Exchange or enter a product key. You can use a valid product key to move from Standard Edition to Enterprise Edition, but you can't use a valid product key to downgrade from Enterprise Edition to Standard Edition or revert to a Trial Edition. You can only do these types of downgrades by uninstalling Exchange, reinstalling Exchange, and entering the correct product key. Product keys also apply to Edge Transport servers. When you create an Edge Subscription, the Edition of Edge Transport server is captured (as determined by the presence or absence of a product key). Edge Transport servers support two Editions: Trial or Standard. Enterprise doesn’t apply because there are no Enterprise features or mailbox databases on Edge Transport servers. Hybrid doesn’t apply because you can’t use an Edge Transport server as a hybrid server. If you create an Edge Subscription for an Edge Transport server that is a Trial Edition, it will appear as unlicensed to the internal organization. If you then enter a product key on a subscribed Edge Transport server, the server will reflect the change to Standard immediately, but the internal organization will not. To update the internal organization information, you must remove and recreate the Edge Subscription. If you don’t, the internal organization will continue to see the Edge Transport server as unlicensed, which is only cosmetic in nature (e.g., no changes in functionality). However, for compliance, auditing, etc., it is considered a best practice to recreate the Edge Subscription. As in previous versions, the Hybrid Configuration Wizard (HCW) provides the license for Hybrid servers, so it is expected that you have not entered a product key on the server. To obtain the Hybrid server license, click license this server now in the HCW and authenticate to your tenant. The HCW will update the product key on the server and refresh the page, and depending on replication latency, it might not update the Version from StandardEvaluation Edition to Coexistence Edition (Hybrid Deployment). However, you can verify the license using Get-ExchangeServer or simply toggle between the two on-premises server options in the HCW, which triggers detection and should choose the same server with updated properties. Final Note Although the Exchange Server 2019 product keys work with Exchange Server SE RTM, it is expected that new product keys specific to Exchange Server SE will be made available with Exchange Server SE CU1, which is expected in H1 of 2026. When the new keys are issues, they will be available from the Volume License area of the Microsoft 365 admin center, along with the CU1 download. I hope this clears up any confusion regarding licensing and product keys for Exchange Server SE.Exchange Server SE Licensing and Product Keys
It seems that there’s a lot of confusion about licensing and product keys for Exchange Server SE; not just here on the Microsoft Tech Community, but also on Reddit, on LinkedIn, and in the general Exchange community. So, I thought I would write an article to try to clear up that confusion. https://www.linkedin.com/pulse/exchange-server-se-licensing-product-keys-scott-schnoll-qjhic/ If you're confused about licensing or product keys, this may help.Exchange database dismounted due to NTFS file extent limit reached – unexpected outage
Hi everyone, We experienced a serious outage on our Exchange 2016 server recently, and I wanted to share what we found during the root cause analysis – in case it helps someone else avoid the same scenario. Summary: After digging deep, we discovered that the issue was caused by the NTFS file system hitting its internal file extent limit on the .edb file. Once this threshold was reached, the database could no longer grow, and the system dismounted the database unexpectedly. No prior warning, just service interruption. Details: The .edb was around 1.2 TB in size. This isn’t a limit on database size itself — it’s about how fragmented the file is on disk. Once NTFS couldn’t track any more extents, the database stopped working. Microsoft doesn’t publish a clear fix for this; only scattered references to similar behavior in past cases. What we did: Created a fresh, clean database. Manually moved user mailboxes into the new DB. The old database couldn't be mounted anymore, so we brought the system live without historical mail – just to maintain continuity. We're now working on extracting data from the unmounted .edb using third-party tools. Looking for thoughts: Has anyone else hit the NTFS extent wall with Exchange? How do you monitor extent growth proactively? Did switching to ReFS solve this for you long-term? Open to any input or similar experiences – appreciate it in advance. Thanks!
OL client in-app link for getting OL for iOS or Android not working
Hello! Redirected to this forum from here: https://learn.microsoft.com/en-us/answers/questions/5617563/ol-desktop-link-broken-file-get-ol-app-for-ios-and See error description and attempt to solve it by following the link. For some reason, Windows clients in our organization can not follow the Outlook desktop client in-app link for getting Outlook for iOS or Android. (hybrid, no mailboxes in MS-cloud, only on prem) The link for getting the Outlook app for iOS and Android under File when logged into Outlook app does not seem to work. Clicking on it seems to send user to the URL: go.microsoft.com/fwlink/?LinkId=2112779 but quickly redirects and ends up with https://w2.outlook.com/l/mobile?WT.mc_id=Backstage**Win32**All**Hyperlink** https://learn-attachment.microsoft.com/api/attachments/cb7d456f-ac6e-4566-a4ef-ffa912500423?platform=QnAhttps://learn-attachment.microsoft.com/api/attachments/cb7d456f-ac6e-4566-a4ef-ffa912500423?platform=QnA We haven't been able to figure out why, but since the same two different accounts mentioned in the thread above works on a private device on a private home network, is seems like something in our environment is the cause.I am receiving DMARC errors
Hello Please i need your help on this issue. Last night I started receiving DMARC and other errors when trying to send emails. I dont believe my business email is receiving messages either. Please help me 'fix' resolve these bounce back errors. I did try to find the solution on my own,, but its just out of my wheelhouse. Please help as my business is being affected by these errors and bounce backs.
Scoping application Crestron to access only room mailboxes of resourcetype Workspace
We got a requirement for to enable application Crestron to be able to access Workspace resourcetype Room mailboxes only. So, we thought of directly tieing the application to these mailboxes over the usual way of assigning it to a group because we had to create a group just for to maintain this delegation. Below are the steps we performed: #Create management scope Connect-ExchangeOnline New-ManagementScope -Name "Workspace Mailboxes" ` -RecipientRestrictionFilter "((RecipientTypeDetails -eq 'RoomMailbox') -and (ResourceType -eq 'Workspace'))" #Assign the management scope to Roles New-ManagementRoleAssignment ` -App "<AppID>" ` -Role "Application Calendars.ReadWrite" ` -CustomResourceScope "Workspace Mailboxes" ` -Name "MyApp-WorkspaceOnly" New-ManagementRoleAssignment ` -App "<AppID>" ` -Role "Application MailboxSettings.Read" ` -CustomResourceScope "Workspace Mailboxes" ` -Name "MyApp-WorkspaceOnly-Settings" #Verified the assignment via: Get-ManagementRoleAssignment -App "<AppID>" | ft Name, Role, CustomResourceScope Name Role CustomResourceScope ---- ---- ------------------- MyApp-WorkspaceOnly Application Calendars.ReadWrite Workspace Mailboxes MyApp-WorkspaceOnly-Settings Application MailboxSettings.Read Workspace Mailboxes Tested the scope of the assignment with a non-workspace mailbox and a workspace mailbox, the scope resulted false for non-workspace mailbox and true for a workspace mailbox. Later, admin consented for API permissions Calendars.ReadWrite, Mailboxsettings.Read & User.Read.All and generated an application secret with validity of 180 days to the application team and shared the secret key. ISSUE: When application team tested the access from Crestron application for a workspace mailbox it is resulting in Authentication Failed. This is the actual issue. In order to test whether this is happening because of scope , performed the below steps: $TenantId = "<TenantID>" $AppId = "<AppID>" $ClientSecret = "<ClientSecret>" $Body = @{ grant_type = "client_credentials" client_id = $AppId client_secret = $ClientSecret scope = "https://graph.microsoft.com/.default" } $TokenRequest = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token" ` -Method POST -Body $Body $AccessToken = $TokenRequest.access_token $WorkspaceMailbox = "<email address removed for privacy reasons>" Invoke-RestMethod ` -Uri "https://graph.microsoft.com/v1.0/users/$WorkspaceMailbox/events" ` -Headers @{Authorization = "Bearer $AccessToken"} The expected results for this test was to receive Workspace mailbox → Returns events. Non-Workspace mailbox → Should return 403 Forbidden. However, it resulted events in both the cases, when dug further I realised that Graph API will override the management scopes created at Exchange level, so need guidance on how we can take this further.
Exchange Server 2019 to Subscription Edition (SE) Licensing and Migration Guidance
1. Current Infrastructure Setup Component Detail Notes Product Microsoft Exchange Server 2019 Enterprise Edition Servers 3 Virtual Servers (VMware) Configured in a Database Availability Group (DAG) Version Cumulative Update (CU) 15 Licenses Server License and 1100 CALs (Standard/Enterprise) Purchased in 2019 without Software Assurance (SA). 2. Core Licensing and Compliance Queries We require definitive guidance on the following compliance and purchase requirements: Software Assurance (SA) Requirement: Is Software Assurance mandatory for our existing Exchange Server 2019 setup for ongoing compliance and full support? Please advise on the status of our current setup without SA. Standalone SA Purchase: As our Exchange Server licenses/CALs were purchased in 2019 without SA, is it possible for us to purchase standalone Software Assurance for our existing Exchange Server 2019 licenses now, or must we purchase a completely new license with SA? Client Access License (CAL) Migration: Will our existing Exchange Server 2019 Standard/Enterprise CALs be compatible and automatically migrate to the Subscription Edition (SE) requirement, or must we purchase new CALs specifically for Exchange Server SE? Please clarify if the old CALs will become obsolete. 3. Recommended Migration Path (Budgeting Focus) Based on the licensing realities, we need advice on the most financially responsible path to move to Exchange Server SE. Please guide us on which of the following scenarios is recommended: Option A: Purchase Software Assurance for our existing Exchange Server 2019 infrastructure, and then migrate to SE, utilizing the same 2019 CALs (if permissible). Option B: Forego purchasing SA for the 2019 environment and directly purchase new Exchange Server Subscription Edition (SE) licenses and corresponding new CALs (if necessary). We look forward to your detailed guidance to ensure full compliance and a smooth transition to Exchange Server SE. Thank you, Narayan Das Senior System Administrator
Need to Purge DiscoveryHolds Data from Archive Mailbox in Exchange Online
Hello Team, I am working on an Exchange Online mailbox where the archive mailbox has accumulated a large amount of data (over 335 GB) under the Recoverable Items → DiscoveryHolds folder. The mailbox is not on Litigation Hold or Retention Hold, and the InPlaceHolds property shows exclusions (-mbx...), so there are no active holds preventing deletion. Environment Details Service: Exchange Online Mailbox: email address removed for privacy reasons Archive mailbox size: ~335 GB DiscoveryHolds subfolders contain the bulk of the data. Background : Initially, the user’s primary mailbox was full because more than 100 GB of data resided in the Recoverable Items folder of the primary mailbox. Since I was unable to delete the data, so as a workaround, I enabled the archive mailbox and moved the data there. I have raised multiple tickets with Microsoft, but after more than 45 days, I still do not have a proper resolution. Mailbox Hold Status PS H:\> Get-Mailbox -Identity email address removed for privacy reasons -Archive | fl *hold* LitigationHoldEnabled : False RetentionHoldEnabled : False EndDateForRetentionHold : StartDateForRetentionHold : LitigationHoldDate : LitigationHoldOwner : ComplianceTagHoldApplied : True DelayHoldApplied : False DelayReleaseHoldApplied : False LitigationHoldDuration : Unlimited SCLDeleteThreshold : SCLRejectThreshold : SCLQuarantineThreshold : SCLJunkThreshold : InPlaceHolds : {-mbx23233XXXXXX, -mbx212433XXXXXX} RecipientThrottlingThreshold : Standard PS H:\> Get-MailboxFolderStatistics -Identity email address removed for privacy reasons -Archive -FolderScope RecoverableItems | ft Name,ItemsInFolder,FolderAndSubfolderSize Recoverable Items : 0 335.2 GB DiscoveryHolds : 80495 335.2 GB DiscoveryHolds_2022 : 177 20.7 MB DiscoveryHolds_2023 : 350 88.12 MB DiscoveryHolds_2024 : 4117 1.34 GB DiscoveryHolds_2025 (multiple subfolders): 47 GB – 55 GB each Issue : I need to purge only the DiscoveryHolds data from the archive mailbox without affecting other folders. I tried using Search-Mailbox , but received: The term 'Search-Mailbox' is not recognized as the name of a cmdlet... I understand that Search-Mailbox is deprecated in Exchange Online. Also, the Content search is not very helpful.
Exchange SE Transport Rule Query
I'm trying to use a transport rule to send a notification to an audit mailbox with a note of the names of all attachments being sent externally with From, To, CC, BCC details. It sort of works. Rule If message has an attachment that's larger than or equal to 0 bytes Do the following Set audit severity level to 'Not specified' and send the incident report to <audit mailbox>, include these message properties in the report: sender, recipients, subject, cc'd recipients, bcc'd recipients, severity, sender override information, matching rules, false positive reports, detected data classifications, matching content. If I send a message to: 'email address removed for privacy reasons', cc: 'email address removed for privacy reasons', bcc:'email address removed for privacy reasons' with 2 attachments the report includes the following: Sender: <sender> Recipient: To & CC Attachments: Only 1 attachment name i.e. Missing an attachment name and the BCC entry Is this a bug or a feature? I presume it is just flagging the first attachment greater than 0 bytes which is annoying but that wouldn't explain the missing BCC entry.Microsoft Blocks EWS Access for Kiosk Users
A December 2 announcement says that Exchange Online will block access to Exchange Web Services for users with kiosk or frontline worker licenses from March 2026. In fact, the Exchange Online service description has always excluded EWS access for these licenses, but the necessary code to enforce the exclusion was never implemented. It will be in March. Time to check licenses… https://office365itpros.com/2025/12/05/exchange-web-services-kiosk/
EWS Autodiscover Process in Hybrid with "internal" Exchange Servers
Hi everyone, i really need help about the EWS Autodiscover process in a specific hybrid Environment. Customer is starting to use Exchange Online. For Full Hybrid configuration there is a seperate new Exchange SE with a valid certificate, NAT for IP Ranges from M365 and public available URLs for Autodiscover,EWS,... There are internal Exchange Servers which are used only for internal access. Those are the servers with all mailboxes. All URLs are configured for internal use (mail.contoso.internal) Migration is working, access to own calender is working, mailfllow is working. But there are problems to access other users calender. If a user which is migrated to Exchange Online (or via Teams) try to access another calender which is onPrem, there is no access. So i tried to use connectivity analyzer for teams integration to find out whats the problem. Result: Autodiscover resolves, connects to Hybrid and gets EWS URL as answer. But it gets the internal EWS URL from the internal Exchange Servers, not from the public available URLs which are configured at the hybrid server. I visualised the two scenarios. Number1: Thats how i thought it would work Autodiscover to autodiscover.contoso.com Hybrid answers with EWS URL: hybrid.contoso.com Connect from EXO to hybrid EWS URL Proxy to Internal Exchange Number2 : Thats what really happens Autodiscover to autodiscover.contoso.com Hybrid relays request to internal Exchange (Mailbox Server) Server answers with internal EWS URL: mail.contoso.internal Connect from EXO to internal EWS URL (which is obviously not working) So as you can see, the autodiscover process asks the internal Exchange for its EWS URLs and not as i expected the hybrid server's URLs. I always thought, the hybrid server works as a sort of proxy for every external connection from EXO. But it seems that the hybrid just relays the autodiscover request to the server which holds the mailbox. And this servers in this scenario cannot change their EWS URLs to a public resolvable FQDN. So my question is: Is this correct? Does the process always works like this or did i do anything wrong in the configuration? I hope you understand my explanation. Thanks in advance!!!Remove Classic EAC Organization Add-ins?
Hello, Does anyone know how to remove the organization add-ins that were deployed with the Classic Exchange Admin Center? Now that the "classic view" is no longer accessible, our tenant shows a 400 Bad Request error when trying to go to "https://outlook.office.com/ecp/". This org add-in is pushed to all mailboxes by "organization administrators", and as far as I can tell, there isn't a way to remove the add-in. This legacy add-ins are not visible in the new "Integrated Apps" in O365. I contacted Microsoft Support but the support agent got to the point where he was having me run PowerShell commands to check the registry to see if it was "installed as a program on my computer", and that's when I knew he had exhausted his support resources. I can see the app if I execute: Connect-ExchangeOnline as a Global Admin & Tenant Admin (Exchange Online Role) and then run the Get-App | select DisplayName, AppID cmdlet. If I try to remove it Remove-App -Identity <AppID>, then I see a: Write-ErrorMessage : |Microsoft.Exchange.Data.ApplicationLogic.Extension.OwaExtensionOperationException|The app "Alert" is managed by organization administrators and can't be uninstalled by end users. If I check the Exchange Online roles, I am in the TenantAdmins_3744d role, which states that "it will be a member of the Organization Management role group and will inherit the capabilities of that role group". So far I have no way to remove this old add-in which normally was installed/uninstalled through Organization > Add-Ins in the Classic (Legacy) Exchange Admin Center.
Exchange SE and Domain / Forest Functional Level 2025 Support
Does anyone have any general idea on when they may test support for Domain / Forest Functional Level 2025? We're still rocking hybrid with Exchange SE and ExO and as such we're waiting on the supportability matrix (https://learn.microsoft.com/en-us/exchange/plan-and-deploy/supportability-matrix#supported-active-directory-environments) to get updated so we can raise the DFL/FFL. Currently Exchange SE supports 2025 AD servers so they've verified the schema update from 88 to 91 is good to go but our Exchange team doesn't want us to raise the functional level until this matrix shows that it's supported for our current Exchange version. Thanks for any insight. Supported Active Directory environments The following table lists the supported Active Directory environments for Exchange Server. Version Active Directory servers Forest Functional Levels Exchange Server SE Windows Server 2025 Windows Server 2022 Windows Server 2019 Windows Server 2016 Windows Server 2012 R2 Windows Server 2016 Windows S
Configure Dedicated Exchange Server Application
Currently our product ranning exchange 2019 CU15 with Exchange hybrid, so what else need configure other task for configuration of the dedicated application for Exchange Server. HCW8126 - Admin consent was not granted during the configuration of the dedicated application for Exchange Server. The application will be created but will not function until consent is provided. Please re-run the Hybrid Configuration Wizard (HCW) or grant consent via the Entra ID portal before using the application.We have set RejectDirectSend to true
Hello Please i need your help on this issue. We have set RejectDirectSend to true, but it is still possible to send mail anonymously through tenant Last Friday 3 oct 2025 we configured the tenant not to allow DirectSend from anonymous sources by setting the RejectDirectSend value to true using Powershell command. When we check the status with the Get-command it looks like it is set but it is not working - it is still possible to spoof emails by sending through the mx record as anonymous.
Recent Blogs
- We are happy to announce new parameters to help manage holds on inactive mailboxes in Exchange Online.Dec 10, 2025
- We have released Security Updates for Exchange Server SE. Exchange Server 2019 and 2016 ESU updates only.Dec 09, 2025
