Views, News & more
If you use Exchange Online you're about to start missing out on some emails.
And if you have your own Exchange Server, your emails could get blocked if you don't keep your server patched.
It's down to a bold decision from Microsoft. It has decided to have Exchange Online throttle and block emails from 'persistently vulnerable Exchange Servers.'
The block will initially affect emails received from Exchange Server 2007. But Microsoft intends to add Exchange Server 2010 and Exchange Server 2013 to the block list later.
Mail servers running Exchange Server 2016 and Exchange Server 2019 will also be blocked if the server is 'significantly behind on security updates.'
Exchange Online accounts for over 30% of hosted email accounts, so these blocks will begin to cause significant deliverability issues for many organisations running an out-of-date Exchange server.
Initially, the changes will only affect servers that connect to Exchange Online over an inbound connector of type 'OnPremises', though Microsoft intends to eventually widen this to ALL Exchange Servers sending email to Exchange Online via any connection type.
Yes. Microsoft has effectively decided to make a million of its customers reject valid emails from certain other Microsoft customers in the hope that delivery problems will prompt the latter group into belatedly addressing their security vulnerabilities.
Exchange Server 2007 support ended in 2017, so hasn't been entitled to security patches for six years.
Exchange Server 2010 support ended in late 2020, so it hasn't been entitled to security patches for over two years.
Exchange Server 2013 is over a decade old and no longer eligible for security patches as of 11th April 2023.
Doing nothing about these insecure mail servers might be some IT manager's preferred option, but it's not in their long-term interests.
Many email servers are reachable by anyone on the Internet - including hackers - and contain data that could be used to conduct phishing attacks on customers and suppliers. Not patching such servers for years is asking for trouble - both for those running the insecure mail servers and those receiving malicious emails from servers that have been hacked.
As of May 2023, Microsoft has yet to indicate when the throttling of emails from Exchange Server 2010 and Exchange Server 2013 will begin.
If you're running Exchange Server 2013, 2010, or 2007, upgrade to Exchange Server 2019 or a hosted email service such as Exchange Online.
In the case of Exchange Server 2019, you'll receive security patches until at least 2029.
In the case of Exchange Online, the service is patched for you as long as you subscribe.
As a Microsoft partner, hSo can provide you with the licenses you need to use Exchange Online. That will ensure your mail servers are promptly patched, without you having to do anything.
Exchange Online is typically bought as part of Microsoft 365, so you may also get SharePoint Online document sharing, OneDrive file-syncing, plus popular Microsoft Office apps Word, Excel, PowerPoint, and Teams.
Keeping your email server secure is just one element of protecting your organisation. Another important element is filtering your LAN, WAN, and VPN traffic to protect users from malicious websites and inappropriate content.
hSo's Unified Threat Management service can help keep your staff safe from problematic websites. It can also help you spot and control problematic shadow IT such as unauthorised file-sharing apps.