Exchange News

This week was a big week for Exchange. Microsoft released its sixth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2019 Cumulative Update 6 (VLSC)| KB4556415

Exchange 2016 Cumulative Update 17 | KB4556414 | UM Language Pack

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft added thirteen new blocked file types for use with the OWA Mailbox Policy. The additions included several scripting extensions, including many python file types such as .py, .pyc, and .pyo. For a full list of the new extensions, check the following article.

These cumulative updates also correct an issue when using the Restore-RecoverableItems command in a pipe. We covered the cloud-exclusive GUI version of this command in an article earlier this week. Be sure to check it out.

Companies leveraging Hybrid Modern Authentication will also want to take note of these updates as they fix unexpected authentication prompts during certificate rollovers.

Customers leveraging Edge Transport will also want to take note as these updates resolve a situation where Edge Transport servers may become unresponsive due to deadlock in the shadow redundancy manager.

For a full list of all fixes, be sure to check out the KBs KB4556415 and KB4556414.

Recover deleted mail using the new Exchange Admin Center in Office 365

In the last quarterly update, we covered the new Exchange Admin Center in Office 365. Exclusive to the new admin center is the ability to recover deleted items back into a user’s mailbox. This process has been available using PowerShell for some time.

Keep in mind you can only recover up to the limit of your single item recovery policy. By default, this is 14 days in Office 365, but can be increased to 30 days (although you will need to set this ahead of time).

You can read more about how to recover deleted items in the following article.

Preventing Reply-All Storms in Exchange Online

Microsoft has added a new feature to combat reply-all storms. These storms are particularly prevalent when numerous people execute a reply-all to a massive distribution list.

Microsoft’s initial reply-all protection will block replies to an email thread for 4 hours if it detects more than ten reply-all messages within 60 minutes to a thread with over 5,000 recipients.

The eleventh sender will receive a non-delivery report titled Reply-All Storm Protection with the reason the message was blocked.

This week was a big week for Exchange. Microsoft released its fifth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2019 Cumulative Update 5 (VLSC)| KB4537677

Exchange 2016 Cumulative Update 16 | KB4537678 | UM Language Pack

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft has resolved a number of security and non-security issues. You can read more about those in KBs 4537677 and 4537678.

This series of cumulative updates shipped with a new version of the calculator for Exchange 2019. This new calculator corrects an issue where developing a design around mailbox size or IOPs was not producing the correct number of mailboxes per database.

Cumulative Update 5 also corrects an issue in the Manage-MetaCacheDatabase.ps1 script that ships with Exchange 2019. The script has been corrected to only return solid-state disks that are initialized. It does this by filtering out all disks with no disk number. This issue was first identified in this article.

These Cumulative Updates also fix an issue with how cookies are handled in Google Chome 80 and later. The SameSite cookie issue was first identified in this post.

This week was a big week for Exchange. Microsoft released its fourth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2019 Cumulative Update 4 (VLSC)| KB4522149

Exchange 2016 Cumulative Update 15 | KB4522150 | UM Language Pack

Exchange 2010 support extended

Back in September, the Exchange Team announced that is was extending support for Exchange 2010 by nine months. Exchange 2010 now shares the same end-of-life date as Office 2010 and SharePoint 2010, which is October 13th, 2020.

While this extension allows for a little more breathing room, it does not extend support for Windows Server 2008 R2, which is the underlying operating system for many Exchange 2010 installations. Server 2008 R2 will still go end of life on January 14th, 2020.

The Exchange Team has provided this extension to allow companies more time to migrate to a newer email platform, such as Office 365, or, Exchange 2016.

Unfortunately, there is no direct path to Exchange 2019 from 2010. If you do plan to stay on-prem, you will need to migrate to either 2013 or 2016 (I’d recommend 2016 as 2013 is now in extended support). From there you can migrate to 2019.

For more information on migrating from Exchange 2010 to 2016, check out this recent blog article from the Exchange Team: Exchange On-Premises Best Practices for Migrations from 2010 to 2016

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft has resolved a number of security and non-security issues. You can read more about those in KBs 4522149 and 4522150.

Most notably this fixes an issue I had run into myself in both Exchange 2016 CU13 and CU14. The issue was after running the Hybrid Configuration Wizard you could no longer modify the Outbound to Office 365 send connector if your source servers were Edge Transport servers.

Attempting any modifications to the send connector would result in the errors: Error 0x5 (Access is denied) from cli_GetCertificate or Error 0x6ba (The RPC server is unavailable) from cli_GetCertificate. This error was caused because the Exchange organization was attempting to access the certificates on the Edge Transport servers. I can confirm CU15 resolved this error for me.

Note: Error 0x5 (Access is denied) from cli_GetCertificate was also reported in Exchange 2019 CU2 and CU3. It has been resolved in CU4.

This week was a big week for Exchange. Microsoft released its third cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2019 Cumulative Update 3 (VLSC)| KB4514141

Exchange 2016 Cumulative Update 14 | KB4514140 | UM Language Pack

Exchange 2010 SP3 Rollup 29 | KB4509410 (Released in July)

Exchange 2010 support extended

In a recent blog post, the Exchange Team announced that is was extending support for Exchange 2010 by nine months. Exchange 2010 now shares the same end-of-life date as Office 2010 and SharePoint 2010, which is October 13th, 2020.

While this extension allows for a little more breathing room, it does not extend support for Windows Server 2008 R2, which is the underlying operating system for many Exchange 2010 installations. Server 2008 R2 will still go end of life on January 14th, 2020.

The Exchange Team has provided this extension to allow companies more time to migrate to a newer email platform, such as Office 365, or, Exchange 2016.

Unfortunately, there is no direct path to Exchange 2019 from 2010. If you do plan to stay on-prem, you will need to migrate to either 2013 or 2016 (I’d recommend 2016 as 2013 is now in extended support). From there you can migrate to 2019.

For more information on migrating from Exchange 2010 to 2016, check out this recent blog article from the Exchange Team: Exchange On-Premises Best Practices for Migrations from 2010 to 2016

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft has resolved a number of security and non-security issues. You can read more about those in KBs 4514141 and 4514140. In addition, this set of cumulative updates addresses changes to daylight savings.

This week was a big week for Exchange. Microsoft released its second cumulative update for Exchange 2019 as well as cumulative updates for Exchange 2016 and 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange 2019 Cumulative Update 2 (VLSC)| KB4488401

Exchange 2016 Cumulative Update 13 | KB4488406 | UM Language Pack

Exchange 2013 Cumulative Update 23 | KB4489622 | UM Language Pack

Exchange 2010 SP3 Rollup 27 | KB4491413

The final countdown – 208 days left for Exchange 2010

Here is a quick reminder that extended support for Exchange 2010 is coming to an end. After January 14th, 2020, no further technical support or updates will be available. This includes security, bug and time zone updates.

Unfortunately, there is no direct path to Exchange 2019 from 2010. If you do plan to stay on-prem you will need to migrate to either 2013 or 2016 (I’d recommend 2016 as 2013 is now in extended support). From there you can migrate to 2019. Alternatively, you can migrate to Office 365.

For more information about the Exchange 2010 life-cycle check out the Exchange Team blog.

So, what’s new in these Cumulative Updates?

In the last set of cumulative updates, Microsoft reduced the number of permissions Exchange had in Active Directory. In an ongoing effort to further tighten the security posture of Exchange, Microsoft has further reduced Exchange’s permissions in Active Directory.

This includes two notable changes. The first is that Exchange can no longer assign service principal names (SPN). Second, a deny attribute has been added to the DNS Admins group. The Exchange Team determined neither of these rights was necessary for the operation of Exchange.

In the previous Exchange 2019 cumulative update, you could disable legacy protocols on a per-user basis. In cumulative update 2, you can now globally disable legacy authentication at the organization level.

This series of updates also introduces support for .NET Framework 4.8. While optional now, 4.8 will be mandatory as part of the December 2019 updates.