Security News > 2023 > March > Exchange Online will soon start blocking emails from old, vulnerable on-prem servers

Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company's Exchange Online hosted cloud service to deliver email.

Blocking potentially malicious emails from reaching Exchange Online.

In the first stage of this planned enforcement, Microsoft will just make it obvious to Exchange Server admins that a particular server is unsupported or out-of-date: by showing alerts in a new mail flow report in the admin center in Exchange Online, and via a post in the Message Center that all Exchange Server customers will see.

"Persistently vulnerable" servers and the emails sent from them can't be trusted, Microsoft says, and are a danger to all Exchange Online cloud instances, as well as email recipients.

"The enforcement system will eventually apply to all versions of Exchange Server and all email coming into Exchange Online, but we are starting with a very small subset of outdated servers: Exchange 2007 servers that connect to Exchange Online over an inbound connector type of OnPremises," the Exchange Team added.

Scott Schnoll - Microsoft's Product Manager for Exchange Online and Exchange Server - said that Microsoft won't be stopping support for newer versions of Exchange servers.

News URL

https://www.helpnetsecurity.com/2023/03/28/exchange-online-blocking-emails-from-vulnerable-servers/