Is your company still mailing from an Exchange Server 2007, 2010 or 2013? Microsoft is starting to slow down and eventually block emails sent from vulnerable mail servers. If so, it's time to upgrade to a newer and more secure version of Exchange.

Why is Microsoft going to block mails from vulnerable mail servers?

Microsoft has decided to block emails from vulnerable mail servers to improve email security and reduce phishing attacks. This decision is based on the fact that vulnerable mail servers are often an easy entry point for hackers into the rest of the network. By blocking emails from vulnerable mail servers, Microsoft aims to force users of such a vulnerable and old mail server to update to a secure version. This measure will improve the security of e-mail systems and strengthen the protection of user data.

What does this mean for me?

Do you mail from an Exchange server 2007 to an e-mail address handled by Exchange Online? If so, the e-mails will first arrive delayed to the Exchange Online user. This ensures that the administrator of a vulnerable mail server is not suddenly faced with the fact that emails are no longer being sent. Microsoft incrementally increases the number of minutes of delay to increase the inconvenience and ensure that the need to update becomes great enough. Later, the emails don't even arrive at all.

After Exchange 2007, the same thing is about to happen for Exchange 2010 and 2013. Exchange 2016 and 2019 servers that are significantly behind on security updates are also seen as persistently vulnerable. For these servers, Microsoft is not yet applying the ‘slow down and block’ protocol.

When will the measure start?

Microsoft is sending targeted notices to customers 30 days before their version of Exchange Server is included in the enforcement system. Should we be able to help your organization upgrade or transition to the cloud (Microsoft 365), we'd love to hear from you.