About Michel de Rooij

Michel de Rooij, with over 25 years of mixed consulting and automation experience with Exchange and related technologies, is a consultant for Rapid Circle. He assists organizations in their journey to and using Microsoft 365, primarily focusing on Exchange and associated technologies and automating processes using PowerShell or Graph. Michel's authorship of several Exchange books and role in the Office 365 for IT Pros author team are a testament to his knowledge. Besides writing for Practical365.com, he maintains a blog on eightwone.com with supporting scripts on GitHub. Michel has been a Microsoft MVP since 2013.

Security Recommendation Exchange 2016-2019

Posted on February 26, 2021 by Michel de Rooij

A quick blog on an updated security publication for Exchange Server 2016 and 2019. This publication addresses the following vulnerability:

CVE-2021-1730: Microsoft Exchange Server Spoofing Vulnerability

A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.

As mentioned in the CVE report, this vulnerability can be mitigated in Exchange 2016 and Exchange 2019 by implementing a separate namespace for inline images. These images are served when using Outlook Web Access. Since I never see customers implementing this option, I will repeat these steps below to bring this to your attention.

First, pick a namespace to serve these images from, e.g. img.mail.contoso.com. Create a CNAME for this entry in the DNS, and point it to your OWA namespace, for example img.mail.contoso.com. Add this namespace to your existing SSL certificate (SAN) unless you are using a wildcard certificate and the chosen namespace is covered by it.

Next, configure the InternalDownloadHostName and ExternalDownloadHostName properties from OWAVirtualDirectory configuration, e.g.

Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalDownloadHostName img.mail.contoso.com -InternalDownloadHostName img.mail.contoso.com

Configure the Exchange organization to use download domains:

Set-OrganizationConfig -EnableDownloadDomains $true

Finally, restart IIS or recycle the OWA application pool using Restart-WebAppPool MSExchangeOWAAppPool.

Security Update Exchange 2016-2019 (Feb2021)

Posted on February 10, 2021 by Michel de Rooij

A quick blog on security updates for Exchange Server 2016 and 2019. These fixes address the following vulnerability:

CVE-2021-24085: Microsoft Exchange Server Spoofing Vulnerability

The exploit can be fixed by single security update, which you can find in the table below per current Exchange version.

Exchange	Download	Build	KB	Supersedes
Exchange 2019 CU8	Download	15.2.792.5	KB4602269	KB4593465
Exchange 2019 CU7	Download	15.2.721.8	KB4602269	KB4593465
Exchange 2016 CU19	Download	15.1.2176.4	KB4602269	KB4593465
Exchange 2016 CU18	Download	15.1.2106.8	KB4602269	KB4593465

Be advised that these security updates are Cumulative Update level specific. You cannot apply the update for Exchange 2016 CU17 to Exchange 2016 CU16. Also, the security update download has the same name for different Cumulative Updates, and I would suggest tagging the file name with the CU level, e.g. Exchange2019-CU6-KB4588741-x64-en.msp.

Also, run the Security Update from an elevated command prompt, to prevent issues during installation. And on a final note, as with any patch or update, I’d recommend to apply this in a acceptance environment first, prior to implementing it in production.

Annual Report 2020

Posted on January 1, 2021 by Michel de Rooij

Happy new year to all my dear readers and followers. And what a crazy year 2020 has been, where the pandemic forced the hand of those delaying digital transformation. The uptake of work from home and supporting technologies and adoption was phenomenal, and professionally it has been an extremely busy year. As you can spend your time only once, the year again proved to be a challenge for those busy working on customer projects while tending to the community as well. In the end, it is all about finding a balance, especially if you are working from home and the rest of the household is as well. And then there’s this cat.

That said, I thought it would be nice to kick 2021 off with reinstating the annual report. I’d like to share with you some of blog’s statistics of 2020, the blog’s 10th year running. The statistics come directly from the site and without additional observations, apart from that for some reason looking things up related to Exchange 2010 still remains to be very popular.

General 2020 Stats

Number of views: 300,370 (2,811,923 all-time)
Unique visitors: 129,905 (1,457,892 all-time)
Number of posts: 20 (629 total)
Followers: 450
Busiest day: November 18th (3,496 views – Teams Custom Background referrals)
Most time: Wednesday, 4pm
Top post of 2020: Configuring Exchange Online with IMAP & OAuth2

Most popular blogs from 2020

Apart from the Versions, Builds and Dates, Schema Versions and Toolkit pages, the newly introduced Teams Custom Backgrounds page stood out this year with 13,117 in just a few months. When it comes to blogs published in 2020, the most viewed posts are:

Blog from 2020
Configuring Exchange Online with IMAP & OAuth2
Exchange Online Management using EXOv2 module
Outlook Connectivity changes per Nov2021
Security Updates Exchange 2010-2019 (Dec2020)
Holiday Season Teams background

Most popular all-time blogs

BLOG (All-Time)
Limiting Exchange 2010 Database Cache / Limiting Exchange 2010 SP1 Database Cache
Exchange ActiveSync and Inheritable Permissions issue
TargetAddress, ExternalEmailAddress and Set As External
The Attribute, the Myth, the legacyExchangeDN
Exchange Message Size Limits

Top Scripts in 2020 (GitHub)

Script
Connect-Office365Services
Get-EventSession
Remove-DuplicateItems
Install-Exchange15
Remove-MessageClassItems

Top visitor countries in 2020

Country
United States
United Kingdom
Germany
Netherlands
Canada

Top referrers in 2020

Referer
Google
Bing
Spiceworks (community)
Twitter
Practical365 (blog)

Most used search terms in 2020

Search term(s)
exchange versions
exchange 2010 end of life
exchange schema versions
office 2016 support lifecycle
exchange version 15.1

Holiday Season Teams background

Posted on December 16, 2020 by Michel de Rooij

Update: Per request, added SharePoint and OneDrive, and did some manual corrections.

A really short post on a Ugly Sweater background with Exchange, Teams and Outlook theme to use during those conference calls end of December. Enjoy!

Like it or not, leave feedback in the comments. Also, suggestions are welcomed. In case you are not aware, I keep a set of custom background for you to enjoy here.

Exchange Updates – December 2020

Posted on December 15, 2020 by Michel de Rooij

The Exchange Team released the quarterly Cumulative Updates for Exchange Server 2019 as well as Exchange 2016. Be advised that Exchange 2016 will receive its final CU in March, 2021.

Links to the updates as well as a description of changes and fixes are described below.

Version	Build	KB	Download	UMLP	Schema	PrepareAD
Exchange 2019 CU8	15.2.792.3	KB4588885	VLSC		N	Y
Exchange 2016 CU19	15.1.2176.2	KB4588884	Download	UMLP	N	Y

Exchange 2019 CU8 fixes:

4588297 Attachments can’t be downloaded or previewed from Outlook Web App
4583531 Design change about inline images will be forced to download but not open in a new tab of OWA in Exchange Server 2019
4583532 ELC MRM archiving fails due to DomainName in AuthServer in Exchange Server 2019
4583533 Exchange Server 2019 installation fails with error “The user has insufficient access rights”
4583534 Event ID 65535 System.Runtime.Serialization errors in Application log in Exchange Server 2019
4583535 New-Moverequest, Resume-Moverequest, and Remove-Moverequest not logged in Audit logs in Exchange Server 2019
4583536 Set-MailboxFolderPermission is included in Mail Recipient Creation in Exchange Server 2019
4583537 Update Korean word breaker in Exchange Server 2019
4583538 Microsoft Teams REST calls exceed the default value of maxQueryStringLength in Exchange Server 2019
4583539 Non-breaking space is visible in message body in Outlook in Exchange Server 2019
4583542 Server assisted search in Outlook doesn’t return more than 175 items in Exchange Server 2019
4583544 Lots of LDAP requests for FE MAPI w3wp lead to DDoS on DCs in Exchange Server 2019
4583545 Make DomainName in Authserver a multivalued parameter in Exchange Server 2019
4593465 Description of the security update for Microsoft Exchange Server 2019 and 2016: December 8, 2020

Exchange 2016 CU19 fixes:

4588297 Attachments can’t be downloaded or previewed from Outlook Web App
4583531 Design change about inline images will be forced to download but not open in a new tab of OWA in Exchange Server 2016
4583532 ELC MRM archiving fails due to DomainName in AuthServer in Exchange Server 2016
4583533 Exchange Server 2016 installation fails with error “The user has insufficient access rights”
4583534 Event ID 65535 System.Runtime.Serialization errors in Application log in Exchange Server 2016
4583535 New-Moverequest, Resume-Moverequest, and Remove-Moverequest not logged in Audit logs in Exchange Server 2016
4583536 Set-MailboxFolderPermission is included in Mail Recipient Creation in Exchange Server 2016
4583537 Update Korean word breaker in Exchange Server 2016
4583538 Microsoft Teams REST calls exceed the default value of maxQueryStringLength in Exchange Server 2016
4583539 Non-breaking space is visible in message body in Outlook in Exchange Server 2016
4583545 Make DomainName in Authserver a multivalued parameter in Exchange Server 2016
4593465 Description of the security update for Microsoft Exchange Server 2019 and 2016: December 8, 2020

Notes:

These Cumulative Updates contain schema changes compared to the previous Cumulative Update. This requires you to run /PrepareSchema. Also, Active Directory changes require you to run PrepareAD (which also can perform the schema update, depending permissions). Consult the Exchange schema versions page for object version numbers.
When upgrading from an n-2 or earlier version of Exchange, or an early version of the .NET Framework, consult Upgrade Paths for CU’s & .NET.
Don’t forget to put the Exchange server in maintenance mode prior to updating. Regardless, setup will put the server in server-wide offline mode post-analysis, before making actual changes.
When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are allowed to trail at most one version (n-1).
If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
Cumulative Updates can be installed directly; no need to install RTM prior to installing Cumulative Updates.
Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
The order of installation shouldn’t matter with the “every server is an island” concept, yet recommended is to upgrade internet-facing, non-internet-facing servers first, followed by Edge Transports.

Caution:

As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.