@JaredBusch said in Tenant disabling of Basic Auth cause OAUTH iPhone to break:

Disabling of Basic Auth should have done nothing.

If the security setting are changed on an account it makes sense to force users to reauthenticate. It might even be best practice.

I think it works the same on other providers.

But there should be some better mechanism regarding authentication in ios and android.

@scottalanmiller said in Does the end of O365 Basic Authentication mean no more app passwords:

@Pete-S said in Does the end of O365 Basic Authentication mean no more app passwords:

@JaredBusch said in Does the end of O365 Basic Authentication mean no more app passwords:

Customer has a LoB application called Enfocus Switch.

It has a mail retrieval function that connects via IMAP using an app password on a normal O365 email account with MFA enabled.

It stopped retrieving email on the morning of Wednesday October 12th.

Since Microsoft finally killed Basic Auth on Tuesday, I assume this is related, but I can find no information on this at all.

The vendor do what they do, but I noticed that most applications that need this kind of functionality uses mail forwards from customers mailboxes to their own IMAP mailboxes.

That can be a way to solve this when microsoft kills it. Redirect from customers O365 mailbox to another provider that supports IMAP with normal authentication. Have the LoB application use that inbox instead.

We have customers doing that. Setting up MailCow to get past all the primary vendor security systems.

That makes sense.

I think you could probably run a bare mailserver with just dovecot as well. Since it only needs to handle incoming email from Microsoft and be an IMAP server, there's a lot things that becomes irrelevant - like spam detection, ip reputation etc.

@pete-s said in printing notes section of Calendar Outlook on the web:

@dashrender said in printing notes section of Calendar Outlook on the web:

I have a user who wants to print what's written into the notes section of a calendar entry. Unfortunately, it's more than one page, and when you ctrl ^ P you only get the first page worth.

Outlook-on-the-web is pretty thin on printing features. I logged in and tried a couple of different ideas but couldn't find a way to print a long event description either. It is what it is I guess.

We use Zoho primarily and as a comparison Zoho's calendar lacks rich text formatting in the description but render links and will print multiple pages of description - if you pick print while viewing an event, not ctrl+p.

Gmail on the other hand will also print several pages of the description - if you pick print on an appointment, not ctrl+p. It supports rich text formatting but will drop the formatting when printing.

Thanks for looking - I'm definitely not changing systems just for that function - but perhaps that will be helpful for someone else.

Yeah I found the issue, the environment has MFA enforced, but does not have Modern Authentication enabled.

Just getting approval from the customer before making the change as I'm sure Outlook will prompt for the MFA codes for existing users.

@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:

@dashrender said in Whack a mole: Dealing with Spam/Phishing:

@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:

@dashrender said in Whack a mole: Dealing with Spam/Phishing:

@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:

@dashrender said in Whack a mole: Dealing with Spam/Phishing:

@pete-s said in Whack a mole: Dealing with Spam/Phishing:

@gjacobse said in Whack a mole: Dealing with Spam/Phishing:

@pete-s said in Whack a mole: Dealing with Spam/Phishing:

@gjacobse said in Whack a mole: Dealing with Spam/Phishing:

@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:

The problem is the process... why would someone be reporting spam and why is someone blocking it? That doesn't make sense. Get a good spam filter, configure, train people how to delete, done

"But this is the way we (they) have always done it... "

You mean they are "reporting" as in actually reporting it to someone? And not by marking it as spam in the email client?

Yeah, that doesn't make any sense. Far too time consuming.

Outlook Toolbar.. Reporting
d4517c20-ac54-44fd-a195-1b6ef87caf87-image.png

OK, but that just ends up sending an alert email to the designated phishing mail contact, which is IT right?

It would have made more sense if those emails had been forwarded to Trend Micro automatically and their adaptive algorithm would have learned how to detect them.

Right now Trend Micro doesn't have a clue what emails their user are classifying as spam or phishing attempts. Because that happens way after the email has passed through their gateway.

That's interesting.

With Appriver - we forward emails to [email protected] and appriver deals with it. Other than constantly reminding people that's where the report needs to go - I don't really deal with it.

Thought as Scott mentioned - so much spam is a once and done situation - so reporting it is often pointless.

That's not a bad process. But still a bit more than just "mark as spam" which is really simple.

oh, that most definitely is. and it's an option we have in O365.... but we now have two layers of spam filtering - appriver and MS...

So people have to report to O365 AND AppRIver? Do they really catch enough different to justify filtering twice?

no, they don't - and likely they aren't. I've shown nearly no one how to report to MS - so that's the one that's skipped. Everyone has been told about forwarding email to spam@appriver - and yes, it's more work than just right click - mark as spam, but not so much so that people don't do it.

Why report to that one when O365 is the important one and the one that's like 10x more likely to be permanent instead of being clearly in the "should be removed" category? Less work, better results, less long term risk.

Time, the old process is already in place. It's just a matter of informing people at this point - it just hasn't happened yet.

@dbeato said in MS O365 Autodiscovery: Failing:

@dustinb3403 said in MS O365 Autodiscovery: Failing:

@dbeato said in MS O365 Autodiscovery: Failing:

@dustinb3403 What do you mean disabling autodiscover for a user? Are you talking about a registry key?

No, within O365 you can either selectively disable authentication protocols because you're a glutton for punishment or you can do so with conditional access policies or Security Defaults.

Well you can disable Autodiscover as a whole organization through the modern authentication setting, however in order to have conditional access you have to have higher licensing than normal which is why I am confused at the disabling comment.

Just a P2 license to setup a conditional access license for the administrator account(s). The user accounts don't require this level of licensing.

Why is it a confusing question?

@dustinb3403 said in Group Policy Blocked O365?:

@wrcombs That would be the culprit.

Disable it for the user workstation and run gpupdate /force

Thanks Dustin, this fixed it last night. I just was ready to get out of here.

@dashrender said in Phishing rules versus poor translations:

Garage office getting an upgrade?

Customer site. The 5 year old Black & Decker unit they had died.

Looks like @Osvaldo was able to get it.

@dbeato said in O365 - shared mailbox full access to another calendar.:

YOu can actually give Full Details mailbox permissions to calendar to the Shared Mailbox either with PowerShell or Local in Outlook or Web access.

I'll admit that my user told me they couldn't - I didn't try myself... I'll if if I can remote in and give the shared mailbox access.

These seems rather bizarre that you would give permissions to the shared mailbox because it could be an end around for someone who shouldn't have permission to get them.. but meh.

@Dashrender said in O365 Outbound email issue:

@JaredBusch said in O365 Outbound email issue:

For the record, even though I made the above connector and it failed to verify, I did save the connector. Apparently, that was enough as email is sending now.

So which connector is solving this - the TLS regardless of cert condition, or the No-TLS

I only left the TLS regardless of cert, so it has to be that one.

@IRJ said in encrypted email options?:

Another advantage is that you control the data until they download. Which means you can set links that expire or remove content at anytime. Could the user have downloaded it, sure. However, you control the full delivery process and can actually remove access at anytime. An email will sit in their inbox forever.

Well, think of the email as having been downloaded and now they are the same. In either case, if the patient automatically downloads everything and just leaves it somewhere, it's just there forever. In both cases, you don't care.

@BraswellJay said in Email phishing attempt against one of our vendors was successful ...:

Enough to sting but not crippling to us or the vendor involved.

Thankfully!

@Obsolesce said in Microsoft Search in Bing and Office 365 ProPlus:

@scottalanmiller said in Microsoft Search in Bing and Office 365 ProPlus:

Since I switched to DDG, I've noticed Google has gone down hill significantly.

That's why, it's because YOU switched.

No reason to keep it good, I guess, lol.

@scottalanmiller said in How to handle inbox with multiple users in Zoho or O365?:

@Dashrender said in How to handle inbox with multiple users in Zoho or O365?:

@scottalanmiller said in How to handle inbox with multiple users in Zoho or O365?:

@Dashrender said in How to handle inbox with multiple users in Zoho or O365?:

What I don't know is, can more than one person share an alias address in Zoho?

No, you'd need a distribution list for that. An alias can only point to one thing.

Well the distro list would get you incoming, but not outgoing ability on that address.

https://help.zoho.com/portal/community/topic/how-do-i-send-an-email-from-the-group-email-address-i-e-from-sales-mycompany-com

Zoho Groups allow it.

So does Office 365/Exchange. I now have about 10 domains where we have users with their own respective groups for domains that they need to send out from. The main issue with this is dealing with mobile devices; there isn't a way that I know if to send from a group.

This is working on several machines now. But @romo reports that it is still hit or miss, it's not a reliable or permanent fix, but it more reliable than other attempts. It remains, as MS has stated, somewhat random.

As above what they are are saying is that using Hybrid AD is fine with a domain name that is not the same as long as you add the UPN in Active Directory Domain Trusts and then you adjust all the users in the domain to match that domain either manually or scripted.
https://docs.microsoft.com/en-us/office365/enterprise/prepare-a-non-routable-domain-for-directory-synchronization

My only concern with this is that you might not need to sync AD but if you are already setup then it is kinda hard to revert.

@WLS-ITGuy said in O365 & Spam filter:

I thought I read it somewhere. Thanks.

What about backups? I thought I read somewhere that O365 doesn't do backups. So if an end user deletes an email or accidentally deletes/moves a folder there is no way to retrieve that.

Although the backups are for Microsoft themselves see this
https://docs.microsoft.com/en-us/office365/servicedescriptions/exchange-online-service-description/high-availability-and-business-continuity

https://docs.microsoft.com/en-us/exchange/back-up-email

Same as what @JaredBusch said on a user level or even an admin.

I've seen issues with search for the last week or so. A few people here have been unable to search public folders or their inboxes on and off. Supposedly resolved. We'll see...