Wednesday, August 18, 2021

Kerio Calendar Data Weirdness

 One of those things we always worry about is data integrity.

We've seen weird stuff.

And now it's Kerio's turn to provide us with weird.

Take a look at this raw ICS file from some recent field data:


I'll cut to the chase.  The END date (line 14) of this recurring appointment is later than the UNTIL date in the RRULE (line 15).  So trying to insert this Microsoft Exchange Web Services called us very bad do-bees.   

Not hard to generate odd situations with a variety of clients on a technologically moribund server.


Wednesday, August 11, 2021

Block Mail to Recipients Outside of your Organization

We recently announced that we've started work on a  Kerio Server Migration to Office 365.  One of our clients gave us test data from a few departed/terminated users to test our code.  It's easy to test in our Exchange on-prem sandbox to ensure no "external" email gets sent to their users -- we unplug the Ethernet connection to the Router. It's a little more complicated in Office 365, but not all that difficult.  Here are the steps:

In the Exchange Admin Center, under Mail Flow, Rules, click the "+" sign to create a new rule.

  • Name the rule.  We called it "Block Mail sent to External Email"
  • Select the option from Apply this rule pulldown: "The Recipient is Located...."
  • Select the option "Outside The Organization" from the subsequent pulldown that the recipient is located 
  • Select "Reject the message with the explanation" from the pulldown "Do the Following..."
  • Enter a message (optional):  We entered "The message was not sent. The Recipient is located outside the company."
  • We chose to Enforce the rule, and finally
  • Saved it

  Here is a screen shot:



So now let's say a user tries to send email outside your domain.  They will be informed that is an unsanctioned action with this message:


Tuesday, August 10, 2021

Kerio Connect Migration to Office 365

So we got a request for a Kerio Connect to Office 365 calendar migration from someone who we discovered was an old pal from the early days of group scheduling.

How could we say no?

So we've got that under development now -- anyone else interested in testing it out please drop us a line.

We've got full-state calendar migrations going, as well as contacts and tasks.  

Notes become tasks (because Microsoft's EWS API does not allow us to create Notes). 

A few of the recurrence patterns do not transfer to Office 365 so we insert them and flag them as problem children.  Biggest example: Last weekday or weekend day of the month is supported on Kerio but not in Office 365.  

Of course we include our UNDO functionality for testing and remediation. 

Wednesday, July 28, 2021

Sender-recipient pair receiving limits in Microsoft Office 365

 Got this in the mail today from our friends in Redmond, Washington:

We are updating our receiving limits in Exchange to help prevent attacks on your mail flow experience. Earlier this year in (February MC239262) we announced a stricter enforcement of our mailbox receiving limits. Taking your feedback into consideration, we are releasing an additional limit to block single-sender mail storms and deter DoS attacks.

Our mailbox receiving limits, as previously stated, apply to the messages received by a Microsoft Office 365 mailbox. If volume exceeds 3,600 messages in a given 60-minute window, the mailbox will no longer accept messages from the Internet, from other tenants, or from on-premises senders.

Starting in September 2021, we are adding a limit on sender-recipient pairs (SRP). This feature will apply to the messages received by a Microsoft Office 365 mailbox from each specific sender. If a single sender sends over 33% of the threshold (3,600 per rolling hour) to a specific recipient, the SRP limit will kick in, and the mailbox will no longer accept messages from that sender. The mailbox will continue accepting messages from other senders.

Note: If the identified sender is from a Microsoft Office 365 mailbox in the same tenant, messages will be allowed even after the limit is exceeded. If the identified sender is from an on-premises mailbox, a Microsoft Office 365 in a separate tenant, or outside of Microsoft Office 365, messages will be blocked.

This change helps prevent a malicious user from blocking mail flow to a Microsoft Office 365 mailbox, as part of our continuing efforts to improve your Exchange Online experience.

Key Points:

  • Timing: September 2021
  • Action: review and assess

How this will affect your organization:

Rollout of the mailbox receiving limit as detailed in (February MC239262) is ongoing. We are continuing to lower the threshold over the next few months until we reach 3,600.

Rollout of the SRP limit will begin in September 2021. This limit is set to 33% of the mailbox receiving limit.

Note: Most users are not likely to be impacted by this, as only a small percentage of mailboxes are currently hitting SRP limits.

If a mailbox exceeds the SRP limit, messages to that mailbox from the identified sender will be throttled. Affected mailboxes will receive an email informing them of the throttling, while the identified sender will receive a non-delivery report under response code 5.2.121. Emails from that sender will be throttled until the limit resets one hour from when the threshold was exceeded.

Administrators will be able to view users that exceed their SRP limit through the “Mailbox exceeding receiving limits” report in the Exchange Admin Center. Please contact affected users to understand why they are receiving so many messages from particular senders.

What you need to do to prepare:

No direct action is required on your part, though it is recommended that you review the new limits and update training and documentation as appropriate.

View this message in the Microsoft 365 admin center

This is not going to have an effect on any of our calendar migrations unless you are a multi-domain tenant (we had one of those in the last year) or we've managed to so optimize the batch operations we've exceeded Microsoft's limits AND you have massive current meetings.



Thursday, May 20, 2021

Travel Time for Outlook / OWA

OK folks, we have an updated version of our Travel Time add-in for you.



Documentation

  • Uses Outlook API (destined for decomissioning in November 2022 but who are we kidding?  It'll go way beyond that!) and Office JavaScript.
  • Will work with OWA or Outlook 2016/2019 on Windows 10 and needs an Office 365 account .  Need other platforms, please let us know.
  • It’s not (yet) in the Microsoft Store, so you’ll need to side-load the application.  This link tells you how if you do not know.

Privacy and Permissions

We hate spyware. Sumatra’s Travel Time Outlook addin does do not collect ANY of your calendar information, passwords, usernames, etc.   Only you know what you’re using this for.  We will rely on you to let us know what you think.  

This applications runs only on your machine, and only if you are logged into Office 365. You do not need your administrator to modify your company’s server permissions.  BUT, this add-in requires read-write access to your mailbox (otherwise we can’t create new appointments).

You will need to side-load with this address:

 https: // sumatra.com/tt/ SumatraTravelTimeManifest.xml

Thursday, April 22, 2021

Migrating to Office 365? Hint: Disable Throttling

Throttling is a wonderful feature to get rid of during a migration.  You have the need -- the need for speed.  Throttling can sometimes be the annoying speed bump or rumble strip that at best slows you down and at worst halts your migration.

Fortunately there's a good guide to how to disable using the user interface on Office 365:  Disable EWS throttling in Office 365 – Exchange Online

We don't re-do work that's already been done -- this is a good, straight-forward guide.

If your interface does not have this option, open "Help" and type in "Increase EWS Throttling Policy."  Should bring up this page and you're good to go.