Microsoft has announced that in the last few days, four separate vulnerabilities in the Exchange Server platform have been identified.
Unfortunately, it would seem these have already been used by hackers to steal the mailbox content of many thousands of Exchange Server installations.
The detail on these vulnerabilities indicates that only the on-premise versions of Exchange Server are affected, so users of Cloud based Microsoft 365 products can breathe a sigh of relief. However, as on-premise Exchange Server is still a widely used platform the impact is considerable.
One of the most overlooked areas of email security is your own domain reputation. Unlike most email security solutions, Reputation is focused on you as the sender's ability to send email to recipients and to stop spammers from spoofing you and claiming to send email as your domain.
We've received a notification from the MDaemon Development Team that they've issued a critical patch to correct a potential vulnerability in MDaemon Remote Administration and Webmail (Worldclient).
Microsoft have announced that Basic Authentication is being deprecated and that they will start turning this authentication type off on 365 tenants beginning October 2022.
MailStore version 13 onwards makes it possible for Microsoft 365 customers to tighten up their security by utilising Microsoft's Modern Authentication integration.
This article aims to explain what changes have been made in MailStore to support Modern Authentication and what the process is to convert a MailStore installation over from using Basic Authentication to Modern Authentication.
So what changes need to be made in MailStore?
All the steps for configuring MailStore to archive an Office 365 Platform using Modern Authentication all covered in this MailStore 'Implementation guide'
However if you are converting an existing MailStore installation over from Basic Authentication to Modern Authentication, these are the main steps we would advise: (please check each step carefully)
Stop or delete all existing jobs from running by converting them to 'Manual' mode. An existing "journaling" job doesn't need to be removed.
Remove all existing basic authenticated users from MailStore with the exception of the default admin account (If you have any existing custom permissions for users to access other archives, you may want to make a note of these before you remove them and recreate them once the new users have been re-synced).
Synchronise your users again using the new Directory Services method 'Microsoft 365 (Modern Authentication)' - the details are in this guide. or you can follow this video
Once your users are synchronising correctly try logging in as one of the users using the MailStore Web Interface - this will check the verification is working correctly.
Create new archive jobs using the Email-Servers > Microsoft 365 Type to mirror any existing jobs you have set up using Basic Authentication. See this video for an overview
If the username format differs from the old username format, you may find you now have duplicate archives. To resolve this, rename the old archive so it has the username of the new archive. This action will cause MailStore to merge both the old archive and the new archive into a single new username archive.
The remainder of this guide explains how Basic Authentication differs to Modern authentication, to help you understand the mechanisms involved.
The MailStore team will be at the CompTIA EMEA virtual conference next week in the ‘Solutions Showcase’.
As a member of Zen’s partner program, they’d very much like you to join them.
This is one of the rare occasions we would ever recommend an industry event to our partner community, however this really is a worthwhile investment of time for any IT provider or MSP looking to grow their business.
Ever wondered about becoming MailStore certified but haven't yet gotten around to it?
Perhaps you're already certified but would like to bring your knowledge up to date
following the latest major release?
Now is the perfect opportunity to address that!
The latest version of SecurityGateway Email Firewall is now available, for detailed information about what's new in this new version, please go here.
...
MailStore version 13.0 is now live and includes important new security features for archiving cloud services. This release focuses on the following features:
Improved usability of MailStore with cloud services
Support for Modern Authentication (Office 365 and Google Gsuite)