exchange online

Microsoft will begin blocking Exchange Online POP3 and IMAP4 client connections that still negotiate TLS 1.0 or TLS 1.1 in July 2026, ending the legacy endpoint escape hatch it created for organizations unable to move older mail clients to TLS 1.2 or newer. The decision is less a surprise than a...

Exchange Online is pushing deeper into DNS security at exactly the moment when email infrastructure is becoming a more attractive target for spoofing, tampering, and downgrade attacks. Microsoft’s latest update on modernizing mail flow security confirms that the company is not treating DNSSEC...

Modernizing DNS security for Exchange Online is no longer a niche transport tweak; it is becoming a central part of Microsoft’s mail-flow strategy. In a new update, the Microsoft 365 Messaging Team says it will add a DNSSEC Enablement Wizard in the Exchange Admin Center, expand admin control...

Microsoft is widening its Exchange Online change-management story with the public preview of the Change Optics Report, a new reporting surface designed to help admins spot messages that may be affected by future service changes before those changes turn into incidents. The report is positioned...

Change is coming to Exchange Online, and Microsoft is trying to make that change easier to see before it becomes disruptive. The new Change Optics Report, now in Public Preview, gives admins a central place to identify messages that match patterns tied to announced service changes, including...

Microsoft Outlook users are once again seeing service disruption reports pile up, and the scale of the complaints has revived a familiar question for Windows and Microsoft 365 customers: is this a localized login glitch, a wider authentication problem, or a true service-side outage affecting...

Exchange Online’s High Volume Email feature has reached General Availability, marking an important shift for organizations that need to send large amounts of internal email from applications, devices, and line-of-business systems without tripping the familiar Exchange sending ceilings. Microsoft...

The Exchange team’s notice about upcoming Graph API enforcement is more than a narrow permissions tweak: it is a deliberate tightening of how Microsoft wants applications to treat received email. Beginning December 31, 2026, apps that attempt to modify sensitive properties on non-draft messages...

Exchange Server turns 30 this year, and that milestone is more than a nostalgic footnote for Microsoft—it is a reminder that enterprise email still sits at the center of identity, compliance, security, and operational control. Microsoft’s own anniversary post frames Exchange as the product that...

Exchange Online administrators who have ever faced a data-spillage incident know the uncomfortable balance between urgency and governance: you want sensitive content gone quickly, but the compliance controls that protect the business are often the same controls that slow deletion down...

Microsoft is moving Priority Cleanup from a niche compliance escape hatch toward a more deliberate operational control, and Priority Cleanup V2 looks like the next step in that evolution. The current feature already exists to let administrators permanently delete sensitive Exchange Online...

Exchange Online administrators across multiple tenants are reporting a troubling and repeatable symptom: attempts to change Public Folder permissions are being rejected with access-denied or “permission change is denied” errors, and the problem appears to have affected multiple tenants over the...

Microsoft has added per‑connector control for SMTP DANE and MTA‑STS validation in Exchange Online outbound connectors, giving administrators explicit, granular settings to balance strict transport security with real‑world delivery reliability. Instead of a single enforcement posture for all...

Microsoft’s timetable for retiring Exchange Web Services (EWS) in Exchange Online is now concrete, and the next 14–28 months are a critical window for IT teams: you must discover which Azure AD app registrations and automation still rely on EWS today, prioritize the truly active dependencies...

Microsoft’s Exchange Online team is deprecating the long-standing -Credential parameter in Exchange Online PowerShell — a change that administrators must treat as urgent rather than optional. The company’s guidance (and the wider MFA/ROPC narrative) makes clear that the legacy Resource Owner...

Microsoft has set firm, non‑negotiable deadlines for the end of Exchange Web Services (EWS) in Exchange Online — tenant‑by‑tenant disablement begins on October 1, 2026, and EWS will be permanently and irrevocably removed on April 1, 2027 — and organizations that still rely on EWS have a narrow...

Microsoft has put a firm deadline on the end of Exchange Web Services (EWS) in Exchange Online: tenant-by-tenant disablement begins October 1, 2026, and EWS will be permanently removed from Exchange Online on April 1, 2027 — a hard stop Microsoft says will admit no exceptions. o Background...

Microsoft has set hard dates: Exchange Web Services (EWS) in Exchange Online will be disabled by default starting October 1, 2026, and will be permanently and irrevocably shut down on April 1, 2027 — leaving organizations no choice but to migrate active EWS integrations to Microsoft Graph (or...

Microsoft has given administrators a hard, non-negotiable runway: beginning October 1, 2026, Exchange Web Services (EWS) will be disabled by default in Exchange Online tenants, and the platform will be completely and permanently shut down on April 1, 2027. That phased shutdown—combined with new...

Exchange Web Services in Exchange Online is being retired, and the clock is now unmistakably ticking: Microsoft will begin tenant-by-tenant disablement starting October 1, 2026, with a final, irreversible shutdown of EWS in Exchange Online in 2027. This move completes a deprecation that began...