exchange online

DavMail 6.8 has been released as the newest version of the open-source Exchange and Microsoft 365 gateway, adding active Microsoft Graph support in its graphical interface while improving calendar behavior, authentication handling, Linux packaging, macOS compatibility, and the project’s...

Microsoft has listed CVE-2026-48579 as a Microsoft Exchange Online information disclosure vulnerability in the Security Update Guide, giving administrators a confirmed cloud-service security issue to track as of June 4, 2026, even though public technical detail remains limited. The important...

Microsoft’s Exchange Team said on May 21, 2026, that Exchange Online still has no native report for identifying active Resource Mailboxes, leaving administrators to infer usage from calendar data in PowerShell, Microsoft Graph, or mailbox folder statistics. That answer is useful, but it is also...

Microsoft’s Exchange Team said in May 2026 that Exchange Online still has no native report showing which room, equipment, or workspace resource mailboxes are actively used, leaving administrators to infer utilization from calendar data through PowerShell, Microsoft Graph, or mailbox folder...

Microsoft’s Exchange Team said on May 21, 2026, that Exchange Online still lacks a native utilization report for resource mailboxes, leaving administrators to infer active use from calendar data through Exchange Online PowerShell, Microsoft Graph, or mailbox folder statistics. That is a small...

Microsoft said on May 8, 2026, that Exchange Online will stop supporting direct Exchange ActiveSync certificate-based authentication by the end of 2026, forcing affected mobile mail clients to authenticate certificates through Microsoft Entra ID instead of presenting them straight to Exchange...

Microsoft has made its Mailbox Import and Export APIs for Microsoft Graph generally available in May 2026, giving Exchange Online developers a production-supported replacement path for a major Exchange Web Services workload before EWS enforcement begins later this year. The timing is not...

Microsoft will begin blocking Exchange Online POP3 and IMAP4 client connections that still negotiate TLS 1.0 or TLS 1.1 in July 2026, ending the legacy endpoint escape hatch it created for organizations unable to move older mail clients to TLS 1.2 or newer. The decision is less a surprise than a...

Exchange Online is pushing deeper into DNS security at exactly the moment when email infrastructure is becoming a more attractive target for spoofing, tampering, and downgrade attacks. Microsoft’s latest update on modernizing mail flow security confirms that the company is not treating DNSSEC...

Modernizing DNS security for Exchange Online is no longer a niche transport tweak; it is becoming a central part of Microsoft’s mail-flow strategy. In a new update, the Microsoft 365 Messaging Team says it will add a DNSSEC Enablement Wizard in the Exchange Admin Center, expand admin control...

Microsoft is widening its Exchange Online change-management story with the public preview of the Change Optics Report, a new reporting surface designed to help admins spot messages that may be affected by future service changes before those changes turn into incidents. The report is positioned...

Change is coming to Exchange Online, and Microsoft is trying to make that change easier to see before it becomes disruptive. The new Change Optics Report, now in Public Preview, gives admins a central place to identify messages that match patterns tied to announced service changes, including...

Microsoft Outlook users are once again seeing service disruption reports pile up, and the scale of the complaints has revived a familiar question for Windows and Microsoft 365 customers: is this a localized login glitch, a wider authentication problem, or a true service-side outage affecting...

Exchange Online’s High Volume Email feature has reached General Availability, marking an important shift for organizations that need to send large amounts of internal email from applications, devices, and line-of-business systems without tripping the familiar Exchange sending ceilings. Microsoft...

The Exchange team’s notice about upcoming Graph API enforcement is more than a narrow permissions tweak: it is a deliberate tightening of how Microsoft wants applications to treat received email. Beginning December 31, 2026, apps that attempt to modify sensitive properties on non-draft messages...

Exchange Server turns 30 this year, and that milestone is more than a nostalgic footnote for Microsoft—it is a reminder that enterprise email still sits at the center of identity, compliance, security, and operational control. Microsoft’s own anniversary post frames Exchange as the product that...

Exchange Online administrators who have ever faced a data-spillage incident know the uncomfortable balance between urgency and governance: you want sensitive content gone quickly, but the compliance controls that protect the business are often the same controls that slow deletion down...

Microsoft is moving Priority Cleanup from a niche compliance escape hatch toward a more deliberate operational control, and Priority Cleanup V2 looks like the next step in that evolution. The current feature already exists to let administrators permanently delete sensitive Exchange Online...

Exchange Online administrators across multiple tenants are reporting a troubling and repeatable symptom: attempts to change Public Folder permissions are being rejected with access-denied or “permission change is denied” errors, and the problem appears to have affected multiple tenants over the...

Microsoft has added per‑connector control for SMTP DANE and MTA‑STS validation in Exchange Online outbound connectors, giving administrators explicit, granular settings to balance strict transport security with real‑world delivery reliability. Instead of a single enforcement posture for all...