Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Ultimatum to Exchange Admins – Run Supported Servers or Else

March 29, 2023

In a baseball game, you get three strikes before you are out. Microsoft is a lot more generous in its rules to enforce secure email operations. Despite warnings and patch releases from Microsoft, we still see unpatched and unsupported on-premise Exchange servers being the subject of data breaches. As the Microsoft Exchange Team posted, “To address this problem, we are enabling a transport-based enforcement system in Exchange Online that has three primary functions: reporting, throttling, and blocking. The system is designed to alert an admin about unsupported or unpatched Exchange servers in their on-premises environment that need remediation (upgrading or patching). The system also has throttling and blocking capabilities, so if a server is not remediated, mail flow from that server will be throttled (delayed) and eventually blocked.”

In other words, run a supported Exchange environment or mail flow will eventually be blocked. It is pretty generous that Microsoft gives admins multiple warnings before throttling email flow and ultimately blocking transmissions. According to the chart for enforcement, it appears that admins will get around eight strikes before being called out. The clear message to admins is get your act together or move over to Exchange Online.

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com