SlideShare ist ein Scribd-Unternehmen logo

High Risk Delivery Pool and Exchange Online | Part 9#17

Eyal Doron
Eyal Doron

High Risk Delivery Pool and Exchange Online | Part 9#17 http://o365info.com/high-risk-delivery-pool-and-exchange-online-part-9-17 How Office 365 (Exchange Online) is handling a scenario of internal \ outbound spam by using the help of the Exchange Online- High-Risk Delivery Pool. Eyal Doron | o365info.com

Technologie
1 von 21
Downloaden Sie, um offline zu lesen
Page 1 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com HIGH RISK DELIVERY POOL AND EXCHANGE ONLINE | PART 9#17 The term: “High Risk Delivery Pool”, describes a “dedicated Exchange Online server’s pool” which is responsible for “handling” mail that was posted by Office 365 recipients, which was recognized as “problematic mail”. The current article and the next article: High Risk Delivery Pool and Exchange Online | Part 10#17 ,are dedicated to the description of: How Office 365 (Exchange Online) is handling a scenario of internal outbound spam, by using the help of the Exchange Online- High Risk Delivery Pool.
Page 2 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com General thoughts upon the subject of outbound mail spam in Office 365 environment Q: What is the meaning of “problematic mail”? A: Outbound mail that is sent by Office 365 user, sent to the EOP (Exchange Online protection) for security check and was identified as a mail, which has a potential of spamjunk mail. Q: What could lead to a scenario in which my mail will be considered as “problematic mail” by Exchange Online? A: There is no clear definition or “public information” information about the factors that will lead Exchange Online and EOP to “decide” that a specific E-mail message that was sent by Office 365 users are classified as spamjunk mail.
Page 3 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com It’s reasonable to assume that the spam filter that is used by Exchange Online is based on the standard method for identifying a specific E-mail message as spamjunk mail. For example – E-mail message that includes a “problematic content” or, a scenario or bulk mail. You can read more information about the “factors” that could lead to a scenario in which E-mail is recognized as spamjunk mail in the articles:  My E-mail appears as spam | The 7 major reasons | Part 5#17  My E-mail appears as spam | The 7 major reasons | Part 6#17 Q: What is the meaning of: “Exchange Online server pool that will handle problematic mail”? A: In a scenario in which Exchange Online identify a “problematic E-mail” that is sent by Office 365 users, the E-mail will not be deleted or blocked, but instead, will be sent out by using a specific Exchange Online server’s pool.
Page 4 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Exchange Online single server or servers farm? When we say something like: “our mail server”, the association is a “single server”, which stands alone in the cold rain and wind, always ready to serve and protect. When we use Exchange Online as our mail infrastructure, none of these “images” are correct. We relate to “Exchange Online” as a singular entity while in reality, we need to address the Exchange Online infrastructure as: plural that is realized by using dozens or even hundreds of separated mail server’s that are “scattered” word wide in the different Office 365 data centers. Each of the Office 365 data center includes. 1. The “standard” Exchange Online server pool
Page 5 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 2. A dedicated pool of Exchange Online server who should solve the problem of “internal spam” (spamjunk mail) that is sent by our organization Office 365 users to other recipients. What is the range of possibilities, which could be implemented by Office 365 mail infrastructure for dealing with a phenomenon of outbound spam? Note – the current heading, won last year in the international competition for the “longest titles in the universe”
Page 6 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Theoretically, there could be a couple of “solutions” that could have been implemented by Exchange Online infrastructure when dealing with a scenario of – internal spam mail. For example, Exchange Online could have implemented any of the following options when an E-mail message that is sent by Office 365 recipients identified as spamjunk mail: Option 1: Don’t implement outbound spam checks. Many mail infrastructures do not implement an email security policy for “outbound mail” because, the basic assumption is that mail that is sent by “our organization users” can be trusted. In Exchange Online environment, this “assumption” in which mail that is sent by organization users can be trusted cannot be implemented because – Exchange Online servers “represents” tens and even hundreds of thousands of organizations and, for this reason, Exchange Online doesn’t have this “luxurious” blindly of trusting organization users.
Page 7 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Exchange Online mail infrastructure is based on the assumption that the security risks can come “Indoors” and “outdoors” equally. Option 2: implement outbound spam check | Delete the E- mail message Another method that could have implemented by Exchange Online (and it’s not implemented) is to “block” any mail that was sent by Office 365 users and identified as spamjunk mail. The term “block”, could be translated into several options such as: delete the E-mail, send the E-mail message to a quarantine + inform the Office 365 users and so on. In reality, none of these “actions” is implemented. There is no “formal Microsoft answer” regarding why does outbound spam, is not blocked, deleted or sent to quarantine. My opinion is that the actions of “blocking” or deleting E-mail messages that were identified as spamjunk mail, could have led to many lawsuits and additionally, breaches the principle of Office 365 customer privacy. For this reason, the Office 365 mail infrastructure will not delete or block outbound spam but instead, will send out the E-mail message to her destination by routing the E-mail message to a specific Exchange Online server pool. Note – Exception to the above rule, is a scenario of a bulk E- mail that is sent by Office 365 users. In a very specific scenario, this user will be blocked.
Page 8 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com You can read more information bulk E-mail in Office 365 environment in the article: My E-mail appears as spam | The 7 major reasons | Part 5#17 Option 3: implement an outbound spam check | Route E- mail message to an alternate mail server pool This is the option that is implemented by Exchange Online. When Exchange Online (EOP if we want to be more accurate) scan the outgoing mail and identify that the mail can be classified as spamjunk mail, instead of blocking or deleting the E-mail message, the E-mail message will be routed to dedicated Exchange Online server poll named: “High Risk Delivery Pool”. In a scenario in which E-mail is routed to the “High Risk Delivery Pool”, the “operation” will not be reported by default (Exchange Online administrator is not aware to this “redirection process” by default). Only when the Exchange Online administrator “activate” the option of: outbound spam, Exchange Online will send E-mail notification to the provided E-mail for each of the mail items that was routed (delivered) to the “High Risk Delivery Pool”.
Page 9 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com In reality, the “High Risk Delivery Pool” is not just a specific Exchange Online server. As the name implies, a “pool” or mail servers. Additionally, each of the Office 365 data center use is “own pool” of Exchange Online server who acts as the “High Risk Delivery Pool”. Q: Does Microsoft publish public information about the IP range of the Exchange Online- High Risk Delivery Pool in each of the Office 365 data centers? A: As far as I know, there is not such “public information”. The logic is that the Interest of Microsoft is to keep this information “hidden” and not public. Technically speaking, Microsoft publicly publishes the complete public IP range of the Exchange Online and Exchange EOP IP range, but this data doesn’t include a specific indication for the Exchange Online- High Risk Delivery Pool. From my experience and I must stress that this is no “formal information” that you can rely upon, the “High Risk Delivery Pool” IP ranges in the “Europe Office 365 data centers” are represented by the following IP range: 157.56-57.0.0.
Page 10 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Note – you can read more information about the Office 365 IP address ranges in the articles:  Office 365 URLs and IP address ranges  Exchange Online Protection IP addresses What is the purpose of the “High Risk Delivery Pool”? The purpose of the Exchange Online “High Risk Delivery Pool” is a little confusing because their job is to “distract the fire” from the “standard Exchange Online server’s pool”. The most appropriate metaphor that I can think of is: scapegoat The Exchange Online “High Risk Delivery Pool” serves as a scapegoat in a scenario of internal spam.
Page 11 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Let’s go back to the moment, in which Exchange Online identifies a specific E-mail message that was sent by Office 365 users as a spamjunk mail. Because Exchange Online is not “allowed” to stop or block this type of E-mail, Exchange Online will need to find a safe way for “delivers“ the E-mail message to the destination without compromise the integrity and the reliability of the standard Exchange Online server pool. For example, in the case that the E-mail message was sent to external recipients, Exchange Online will need to contact the mail server of the external recipient and try to deliver him the E-mail message. But in this case, the main risk is that the “external mail server” will also identify the E-mail message as a spamjunk mail and for this reason, will add the IP address of the “standard Exchange Online pool IP address to a blacklist. In this scenario, the damage is not only to the specific organization that sent the “spam E-mail” but instead, to all the other Office 365 tenants who send E-mail via the specific Exchange Online which his IP address was blacklisted. Exchange Online – High Risk Delivery Pool as a Risk- Management solution The answer to this “challenge” is: implementing Risk Management process.
Page 12 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com In the scenario of a “problematic E-mail” that is sent by Office 365 users, the problematic E-mail messages will be routed to a deducted Exchange Online server pool: the “High Risk Delivery Pool”. The Exchange Online- High Risk Delivery Pool will be used to send out the “problematic E-mail”. At a first glance, this “declaration” looks a little peculiar, but this is that exact purpose of the “Exchange Online High Risk Delivery Pool”. Instead of sending the problematic E-mail message via the “standard” Exchange Online server and by doing so, put at risk all the other Office 365 tenants (customers) who rely on the Exchange Online mail infrastructure, the problematic E-mail message will be sent by the “scapegoat” Exchange Online server: “High Risk Delivery Pool”. Because the “High Risk Delivery Pool” will send most of the time, E-mail that is classified as spamjunk mail, there is a reasonable chance that the IP address of the specific Exchange member in the Exchange Online- High Risk Delivery Pool, will appear as blacklisted. By using the Exchange Online- High Risk Delivery Pool, Exchange Online infrastructure manages to complete the two goals: 1. Avoid from a scenario in which the Exchange Online will block or delete E-mail message that was sent by Office 365 users.
Page 13 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 2. Avoid from a possibility in which the “standard Exchange Online” public IP address will be blacklisted. Exchange Online- High Risk Delivery Pool half of the solution? Blacklist providers, “recognize” organization by two main elements: 1. The IP address of the mail server that send E-mail “on behalf” of an organization. 2. The domain name of the organization (the “right part” of E-mail address) Pay attention to the simple fact that although the “problematic E-mail message” is sent via the Exchange Online “High Risk Delivery Pool”, the domain name which included in the “problematic E-mail message” could also be listed in blacklists. In other words: the use of Exchange Online: “High Risk Delivery Pool” prevents the option in which the IP address of “our mail server” will appear as blacklisted but cannot prevent a scenario in which our domain name will appear as blacklisted. To add another layer of understanding about the purpose of Exchange Online- High Risk Delivery Pool, here is a quotation from a Microsoft article: When a customer’s email system has been compromised by malware or a malicious spam attack, and it is sending outbound spam through the hosted filtering service, this can
Page 14 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com result in the IP addresses of the data center servers being listed on other block lists. In addition, destination servers that do not use the hosted filtering service, but use these block lists, end up rejecting all email sent from any of the hosted filtering IP addresses that have been added to those lists. Therefore, all outbound messages that exceed the spam threshold are delivered through a High risk delivery pool. The High risk delivery pool is a secondary outbound email pool that is used to send messages that may be of low quality, thus helping to protect the rest of the network from sending messages that are more likely to result in the sending IP address being blocked. [Source of information: High Risk Delivery Pool for Outbound Messages]
Page 15 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series
Page 16 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that are involved in this scenario, outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our
Page 17 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
Page 18 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on. Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of
Page 19 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side. My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the
Page 20 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a
Page 21 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.

Empfohlen

Pron d i_r_ci_ne_ripasso_bas2
Pron d i_r_ci_ne_ripasso_bas2Pron d i_r_ci_ne_ripasso_bas2
Pron d i_r_ci_ne_ripasso_bas2Danilo Buccarello
 
Cristian Cobos Photography
Cristian Cobos PhotographyCristian Cobos Photography
Cristian Cobos PhotographyQriztian Kinomoto
 
20130313 het abc van sociale media ename
20130313 het abc van sociale media ename20130313 het abc van sociale media ename
20130313 het abc van sociale media enamekwb_eensgezind
 
default_change.pdf
default_change.pdfdefault_change.pdf
default_change.pdfsptlove
 
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...HPCC Systems
 
Proyecto de vida
Proyecto de vidaProyecto de vida
Proyecto de vidaAndres Castiblanco
 
Teaser Trailer Analysis
Teaser Trailer AnalysisTeaser Trailer Analysis
Teaser Trailer Analysissmdoyle
 
Definitions of personnel management
Definitions of personnel managementDefinitions of personnel management
Definitions of personnel managementBrijesh Shukla SEO
 

Empfohlen

Pron d i_r_ci_ne_ripasso_bas2
Pron d i_r_ci_ne_ripasso_bas2Pron d i_r_ci_ne_ripasso_bas2
Pron d i_r_ci_ne_ripasso_bas2Danilo Buccarello
 
Cristian Cobos Photography
Cristian Cobos PhotographyCristian Cobos Photography
Cristian Cobos PhotographyQriztian Kinomoto
 
20130313 het abc van sociale media ename
20130313 het abc van sociale media ename20130313 het abc van sociale media ename
20130313 het abc van sociale media enamekwb_eensgezind
 
default_change.pdf
default_change.pdfdefault_change.pdf
default_change.pdfsptlove
 
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...
HPCC Systems Engineering Summit - Applications of HPCC Systems at Clemson Uni...HPCC Systems
 
Proyecto de vida
Proyecto de vidaProyecto de vida
Proyecto de vidaAndres Castiblanco
 
Teaser Trailer Analysis
Teaser Trailer AnalysisTeaser Trailer Analysis
Teaser Trailer Analysissmdoyle
 
Definitions of personnel management
Definitions of personnel managementDefinitions of personnel management
Definitions of personnel managementBrijesh Shukla SEO
 
Bahsa slang amerika
Bahsa slang amerikaBahsa slang amerika
Bahsa slang amerikaMiz Endang
 
FloatMagic Power Point Presentation
FloatMagic Power Point PresentationFloatMagic Power Point Presentation
FloatMagic Power Point Presentationstoneworts
 
5 saso2012-presentation
5 saso2012-presentation5 saso2012-presentation
5 saso2012-presentationAle Cignetti
 
UK Film Consumption
UK Film ConsumptionUK Film Consumption
UK Film Consumptionsmdoyle
 
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowPanel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowHPCC Systems
 
Webinar 2013 11-21-sebillo
Webinar 2013 11-21-sebilloWebinar 2013 11-21-sebillo
Webinar 2013 11-21-sebillosmespire
 
Webinar23ott13 lamma
Webinar23ott13 lammaWebinar23ott13 lamma
Webinar23ott13 lammasmespire
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessasmespire
 
Enjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesEnjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesCMS Computer
 
Connettivi per contraddire
Connettivi per contraddireConnettivi per contraddire
Connettivi per contraddireDanilo Buccarello
 
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2Eyal Doron
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...Eyal Doron
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Eyal Doron
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...Eyal Doron
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comEyal Doron
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...Eyal Doron
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Eyal Doron
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Eyal Doron
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Eyal Doron
 

Weitere ähnliche Inhalte

Andere mochten auch

Bahsa slang amerika
Bahsa slang amerikaBahsa slang amerika
Bahsa slang amerikaMiz Endang
 
FloatMagic Power Point Presentation
FloatMagic Power Point PresentationFloatMagic Power Point Presentation
FloatMagic Power Point Presentationstoneworts
 
5 saso2012-presentation
5 saso2012-presentation5 saso2012-presentation
5 saso2012-presentationAle Cignetti
 
UK Film Consumption
UK Film ConsumptionUK Film Consumption
UK Film Consumptionsmdoyle
 
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowPanel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowHPCC Systems
 
Webinar 2013 11-21-sebillo
Webinar 2013 11-21-sebilloWebinar 2013 11-21-sebillo
Webinar 2013 11-21-sebillosmespire
 
Webinar23ott13 lamma
Webinar23ott13 lammaWebinar23ott13 lamma
Webinar23ott13 lammasmespire
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessasmespire
 
Enjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesEnjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesCMS Computer
 

Andere mochten auch (10)

Bahsa slang amerika
Bahsa slang amerikaBahsa slang amerika
Bahsa slang amerika
 
FloatMagic Power Point Presentation
FloatMagic Power Point PresentationFloatMagic Power Point Presentation
FloatMagic Power Point Presentation
 
5 saso2012-presentation
5 saso2012-presentation5 saso2012-presentation
5 saso2012-presentation
 
UK Film Consumption
UK Film ConsumptionUK Film Consumption
UK Film Consumption
 
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for TomorrowPanel Discussion – Grooming Data Scientists for Today and for Tomorrow
Panel Discussion – Grooming Data Scientists for Today and for Tomorrow
 
Webinar 2013 11-21-sebillo
Webinar 2013 11-21-sebilloWebinar 2013 11-21-sebillo
Webinar 2013 11-21-sebillo
 
Webinar23ott13 lamma
Webinar23ott13 lammaWebinar23ott13 lamma
Webinar23ott13 lamma
 
Webinar 2013 10-23-premessa
Webinar 2013 10-23-premessaWebinar 2013 10-23-premessa
Webinar 2013 10-23-premessa
 
Enjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training coursesEnjoy Upto 50% Discounts on all computer training courses
Enjoy Upto 50% Discounts on all computer training courses
 
Connettivi per contraddire
Connettivi per contraddireConnettivi per contraddire
Connettivi per contraddire
 

Mehr von Eyal Doron

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2Eyal Doron
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...Eyal Doron
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Eyal Doron
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...Eyal Doron
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comEyal Doron
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...Eyal Doron
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Eyal Doron
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Eyal Doron
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Eyal Doron
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Eyal Doron
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Eyal Doron
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Eyal Doron
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Eyal Doron
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Eyal Doron
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Eyal Doron
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Eyal Doron
 

Mehr von Eyal Doron (20)

How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2How to simulate spoof e mail attack and bypass spf sender verification - 2#2
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...How does sender verification work how we identify spoof mail) spf, dkim dmar...
How does sender verification work how we identify spoof mail) spf, dkim dmar...
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.comWhat is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
 
What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...What are the possible damages of phishing and spoofing mail attacks part 2#...
What are the possible damages of phishing and spoofing mail attacks part 2#...
 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
 
Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...Mail migration to office 365 measure and estimate mail migration throughput...
Mail migration to office 365 measure and estimate mail migration throughput...
 
Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...Mail migration to office 365 factors that impact mail migration performance...
Mail migration to office 365 factors that impact mail migration performance...
 
Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...Mail migration to office 365 optimizing the mail migration throughput - par...
Mail migration to office 365 optimizing the mail migration throughput - par...
 
Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4Mail migration to office 365 mail migration methods - part 1#4
Mail migration to office 365 mail migration methods - part 1#4
 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36Autodiscover flow in an office 365 environment part 3#3 part 31#36
Autodiscover flow in an office 365 environment part 3#3 part 31#36
 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 
Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...Autodiscover flow in an exchange on premises environment non-active director...
Autodiscover flow in an exchange on premises environment non-active director...
 

Kürzlich hochgeladen

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

High Risk Delivery Pool and Exchange Online | Part 9#17

  • 1. Page 1 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com HIGH RISK DELIVERY POOL AND EXCHANGE ONLINE | PART 9#17 The term: “High Risk Delivery Pool”, describes a “dedicated Exchange Online server’s pool” which is responsible for “handling” mail that was posted by Office 365 recipients, which was recognized as “problematic mail”. The current article and the next article: High Risk Delivery Pool and Exchange Online | Part 10#17 ,are dedicated to the description of: How Office 365 (Exchange Online) is handling a scenario of internal outbound spam, by using the help of the Exchange Online- High Risk Delivery Pool.
  • 2. Page 2 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com General thoughts upon the subject of outbound mail spam in Office 365 environment Q: What is the meaning of “problematic mail”? A: Outbound mail that is sent by Office 365 user, sent to the EOP (Exchange Online protection) for security check and was identified as a mail, which has a potential of spamjunk mail. Q: What could lead to a scenario in which my mail will be considered as “problematic mail” by Exchange Online? A: There is no clear definition or “public information” information about the factors that will lead Exchange Online and EOP to “decide” that a specific E-mail message that was sent by Office 365 users are classified as spamjunk mail.
  • 3. Page 3 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com It’s reasonable to assume that the spam filter that is used by Exchange Online is based on the standard method for identifying a specific E-mail message as spamjunk mail. For example – E-mail message that includes a “problematic content” or, a scenario or bulk mail. You can read more information about the “factors” that could lead to a scenario in which E-mail is recognized as spamjunk mail in the articles:  My E-mail appears as spam | The 7 major reasons | Part 5#17  My E-mail appears as spam | The 7 major reasons | Part 6#17 Q: What is the meaning of: “Exchange Online server pool that will handle problematic mail”? A: In a scenario in which Exchange Online identify a “problematic E-mail” that is sent by Office 365 users, the E-mail will not be deleted or blocked, but instead, will be sent out by using a specific Exchange Online server’s pool.
  • 4. Page 4 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Exchange Online single server or servers farm? When we say something like: “our mail server”, the association is a “single server”, which stands alone in the cold rain and wind, always ready to serve and protect. When we use Exchange Online as our mail infrastructure, none of these “images” are correct. We relate to “Exchange Online” as a singular entity while in reality, we need to address the Exchange Online infrastructure as: plural that is realized by using dozens or even hundreds of separated mail server’s that are “scattered” word wide in the different Office 365 data centers. Each of the Office 365 data center includes. 1. The “standard” Exchange Online server pool
  • 5. Page 5 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 2. A dedicated pool of Exchange Online server who should solve the problem of “internal spam” (spamjunk mail) that is sent by our organization Office 365 users to other recipients. What is the range of possibilities, which could be implemented by Office 365 mail infrastructure for dealing with a phenomenon of outbound spam? Note – the current heading, won last year in the international competition for the “longest titles in the universe”
  • 6. Page 6 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Theoretically, there could be a couple of “solutions” that could have been implemented by Exchange Online infrastructure when dealing with a scenario of – internal spam mail. For example, Exchange Online could have implemented any of the following options when an E-mail message that is sent by Office 365 recipients identified as spamjunk mail: Option 1: Don’t implement outbound spam checks. Many mail infrastructures do not implement an email security policy for “outbound mail” because, the basic assumption is that mail that is sent by “our organization users” can be trusted. In Exchange Online environment, this “assumption” in which mail that is sent by organization users can be trusted cannot be implemented because – Exchange Online servers “represents” tens and even hundreds of thousands of organizations and, for this reason, Exchange Online doesn’t have this “luxurious” blindly of trusting organization users.
  • 7. Page 7 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Exchange Online mail infrastructure is based on the assumption that the security risks can come “Indoors” and “outdoors” equally. Option 2: implement outbound spam check | Delete the E- mail message Another method that could have implemented by Exchange Online (and it’s not implemented) is to “block” any mail that was sent by Office 365 users and identified as spamjunk mail. The term “block”, could be translated into several options such as: delete the E-mail, send the E-mail message to a quarantine + inform the Office 365 users and so on. In reality, none of these “actions” is implemented. There is no “formal Microsoft answer” regarding why does outbound spam, is not blocked, deleted or sent to quarantine. My opinion is that the actions of “blocking” or deleting E-mail messages that were identified as spamjunk mail, could have led to many lawsuits and additionally, breaches the principle of Office 365 customer privacy. For this reason, the Office 365 mail infrastructure will not delete or block outbound spam but instead, will send out the E-mail message to her destination by routing the E-mail message to a specific Exchange Online server pool. Note – Exception to the above rule, is a scenario of a bulk E- mail that is sent by Office 365 users. In a very specific scenario, this user will be blocked.
  • 8. Page 8 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com You can read more information bulk E-mail in Office 365 environment in the article: My E-mail appears as spam | The 7 major reasons | Part 5#17 Option 3: implement an outbound spam check | Route E- mail message to an alternate mail server pool This is the option that is implemented by Exchange Online. When Exchange Online (EOP if we want to be more accurate) scan the outgoing mail and identify that the mail can be classified as spamjunk mail, instead of blocking or deleting the E-mail message, the E-mail message will be routed to dedicated Exchange Online server poll named: “High Risk Delivery Pool”. In a scenario in which E-mail is routed to the “High Risk Delivery Pool”, the “operation” will not be reported by default (Exchange Online administrator is not aware to this “redirection process” by default). Only when the Exchange Online administrator “activate” the option of: outbound spam, Exchange Online will send E-mail notification to the provided E-mail for each of the mail items that was routed (delivered) to the “High Risk Delivery Pool”.
  • 9. Page 9 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com In reality, the “High Risk Delivery Pool” is not just a specific Exchange Online server. As the name implies, a “pool” or mail servers. Additionally, each of the Office 365 data center use is “own pool” of Exchange Online server who acts as the “High Risk Delivery Pool”. Q: Does Microsoft publish public information about the IP range of the Exchange Online- High Risk Delivery Pool in each of the Office 365 data centers? A: As far as I know, there is not such “public information”. The logic is that the Interest of Microsoft is to keep this information “hidden” and not public. Technically speaking, Microsoft publicly publishes the complete public IP range of the Exchange Online and Exchange EOP IP range, but this data doesn’t include a specific indication for the Exchange Online- High Risk Delivery Pool. From my experience and I must stress that this is no “formal information” that you can rely upon, the “High Risk Delivery Pool” IP ranges in the “Europe Office 365 data centers” are represented by the following IP range: 157.56-57.0.0.
  • 10. Page 10 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Note – you can read more information about the Office 365 IP address ranges in the articles:  Office 365 URLs and IP address ranges  Exchange Online Protection IP addresses What is the purpose of the “High Risk Delivery Pool”? The purpose of the Exchange Online “High Risk Delivery Pool” is a little confusing because their job is to “distract the fire” from the “standard Exchange Online server’s pool”. The most appropriate metaphor that I can think of is: scapegoat The Exchange Online “High Risk Delivery Pool” serves as a scapegoat in a scenario of internal spam.
  • 11. Page 11 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Let’s go back to the moment, in which Exchange Online identifies a specific E-mail message that was sent by Office 365 users as a spamjunk mail. Because Exchange Online is not “allowed” to stop or block this type of E-mail, Exchange Online will need to find a safe way for “delivers“ the E-mail message to the destination without compromise the integrity and the reliability of the standard Exchange Online server pool. For example, in the case that the E-mail message was sent to external recipients, Exchange Online will need to contact the mail server of the external recipient and try to deliver him the E-mail message. But in this case, the main risk is that the “external mail server” will also identify the E-mail message as a spamjunk mail and for this reason, will add the IP address of the “standard Exchange Online pool IP address to a blacklist. In this scenario, the damage is not only to the specific organization that sent the “spam E-mail” but instead, to all the other Office 365 tenants who send E-mail via the specific Exchange Online which his IP address was blacklisted. Exchange Online – High Risk Delivery Pool as a Risk- Management solution The answer to this “challenge” is: implementing Risk Management process.
  • 12. Page 12 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com In the scenario of a “problematic E-mail” that is sent by Office 365 users, the problematic E-mail messages will be routed to a deducted Exchange Online server pool: the “High Risk Delivery Pool”. The Exchange Online- High Risk Delivery Pool will be used to send out the “problematic E-mail”. At a first glance, this “declaration” looks a little peculiar, but this is that exact purpose of the “Exchange Online High Risk Delivery Pool”. Instead of sending the problematic E-mail message via the “standard” Exchange Online server and by doing so, put at risk all the other Office 365 tenants (customers) who rely on the Exchange Online mail infrastructure, the problematic E-mail message will be sent by the “scapegoat” Exchange Online server: “High Risk Delivery Pool”. Because the “High Risk Delivery Pool” will send most of the time, E-mail that is classified as spamjunk mail, there is a reasonable chance that the IP address of the specific Exchange member in the Exchange Online- High Risk Delivery Pool, will appear as blacklisted. By using the Exchange Online- High Risk Delivery Pool, Exchange Online infrastructure manages to complete the two goals: 1. Avoid from a scenario in which the Exchange Online will block or delete E-mail message that was sent by Office 365 users.
  • 13. Page 13 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 2. Avoid from a possibility in which the “standard Exchange Online” public IP address will be blacklisted. Exchange Online- High Risk Delivery Pool half of the solution? Blacklist providers, “recognize” organization by two main elements: 1. The IP address of the mail server that send E-mail “on behalf” of an organization. 2. The domain name of the organization (the “right part” of E-mail address) Pay attention to the simple fact that although the “problematic E-mail message” is sent via the Exchange Online “High Risk Delivery Pool”, the domain name which included in the “problematic E-mail message” could also be listed in blacklists. In other words: the use of Exchange Online: “High Risk Delivery Pool” prevents the option in which the IP address of “our mail server” will appear as blacklisted but cannot prevent a scenario in which our domain name will appear as blacklisted. To add another layer of understanding about the purpose of Exchange Online- High Risk Delivery Pool, here is a quotation from a Microsoft article: When a customer’s email system has been compromised by malware or a malicious spam attack, and it is sending outbound spam through the hosted filtering service, this can
  • 14. Page 14 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com result in the IP addresses of the data center servers being listed on other block lists. In addition, destination servers that do not use the hosted filtering service, but use these block lists, end up rejecting all email sent from any of the hosted filtering IP addresses that have been added to those lists. Therefore, all outbound messages that exceed the spam threshold are delivered through a High risk delivery pool. The High risk delivery pool is a secondary outbound email pool that is used to send messages that may be of low quality, thus helping to protect the rest of the network from sending messages that are more likely to result in the sending IP address being blocked. [Source of information: High Risk Delivery Pool for Outbound Messages]
  • 15. Page 15 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com Internal outbound spam in Office 365 environment | Article series index A quick reference for the article series
  • 16. Page 16 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com My E-mail appears as a spam | Article series index | Part 0#17 The article index of the complete article series Introduction to the concept of internal outbound spam in general and in Office 365 and Exchange Online environment My E-mail appears as a spam – Introduction | Office 365 | Part 1#17 The psychological profile of the phenomenon: “My E-mail appears as a spam!”, possible factors for causing our E-mail to appear a “spam mail”, the definition of internal outbound spam. Internal spam in Office 365 – Introduction | Part 2#17 Review in general the term: “internal outbound spam”, miss conceptions that relate to this term, the risks that are involved in this scenario, outbound spam E-mail policy and more. Internal spam in Office 365 – Introduction | Part 3#17 What are the possible reasons that could cause to our mail to appear as spamjunk mail, who or what are this “elements”, that can decide that our
  • 17. Page 17 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com mail is a spam mail?, what are the possible “reactions” of the destination mail infrastructure that identify our E- mail as spamjunk mail?. Commercial E-mail – Using the right tools | Office 365 | Part 4#17 What is commercial E-mail? Commercial E-mail as part of the business process. Why do I think that Office 365 Exchange Online is unsuitable for the purpose of commercial E-mail? Introduction if the major causes for a scenario in which your organization E-mail appears as spam My E-mail appears as spam | The 7 major reasons | Part 5#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail: 1. E-mail content, 2. Violation of the SMTP standards, 3. BulkMass mail My E-mail appears as spam | The 7 major reasons | Part 6#17 Review three major reasons, that could lead to a scenario, in which E- mail that is sent from our organization identified as spam mail:
  • 18. Page 18 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com 4. False positive, 5. User Desktop malware, 6. “Problematic” Website Introduction if the subject of SPF record in general and in Office 365 environment What is SPF record good for? | Part 7#17 The purpose of the SPF record and the relation to for our mail infrastructure. How does the SPF record enable us to prevent a scenario in which hostile elements could send E-mail on our behalf. Implementing SPF record | Part 8#17 The “technical side” of the SPF record: the structure of SPF record, the way that we create SPF record, what is the required syntax for the SPF record in an Office 365 environment + mix mail environment, how to verify the existence of SPF record and so on. Introduction if the subject of Exchange Online - High Risk Delivery Pool High Risk Delivery Pool and Exchange Online | Part 9#17 How Office 365 (Exchange Online) is handling a scenario of internal outbound spam by using the help of
  • 19. Page 19 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com the Exchange Online- High Risk Delivery Pool. High Risk Delivery Pool and Exchange Online | Part 10#17 The second article about the subject of Exchange Online- High Risk Delivery Pool. The troubleshooting path of internal outbound spam scenario My E-mail appears as spam – Troubleshooting path | Part 11#17 Troubleshooting scenario of internal outbound spam in Office 365 and Exchange Online environment. Verifying if our domain name is blacklisted, verifying if the problem is related to E-mail content, verifying if the problem is related to specific organization user E-mail address, moving the troubleshooting process to the “other side. My E-mail appears as spam | Troubleshooting – Domain name and E-mail content | Part 12#17 Verify if our domain name appears as blacklisted, verify if the problem relates to a specific E-mail message content, registering blacklist monitoring services, activating the
  • 20. Page 20 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com option of Exchange Online outbound spam. My E-mail appears as spam | Troubleshooting – Mail server | Part 13#17 What is the meaning of: “our mail server”?, Mail server IP, host name and Exchange Online. One of our users got an NDR which informs him, that his mail server is blacklisted!, How do we know that my mail server is blacklisted? My E-mail appears as spam | Troubleshooting – Mail server | Part 14#17 The troubleshooting path logic. Get the information from the E-mail message that was identified as spamNDR. Forwarding a copy of the NDR message or the message that saved to the junk mail My E-mail appears as spam | Troubleshooting – Mail server | Part 15#17 Step B – Get information about your Exchange Online infrastructure, Step C – fetch the information about the Exchange Online IP address, Step D – verify if the “formal “Exchange Online IP address a
  • 21. Page 21 of 21 | High Risk Delivery Pool and Exchange Online | Part 09#17 Written by Eyal Doron | o365info.com De-list your organization from a blacklist | My E-mail appears as spam | Part 16#17 Review the charters of a scenario in which your organization appears as blacklisted. The steps and the operations that need to be implemented for de-list your organization from a blacklist. Summery and recap of the troubleshooting and best practices in a scenario of internal outbound spam Dealing and avoiding internal spam | Best practices | Part 17#17 Provide a short checklist for all the steps and the operation that relates to a scenario of – internal outbound spam.