Everybody with an Internet-faced Microsoft Exchange server, Outlook Web Access (OWA) or Exchange Active Sync (EAS) can consider his or her system as compromised since January. This is reported by security experts like Chris Krebs1 and news magazines like Golem2 or Heise3. In Germany, the BSI has contacted more than 9,000 companies4. The scope of the current security vulnerabilities are comparable to the previous Microsoft major Incidents regarding Eternal-Blue5 and Wannacry6 4 years ago. Read more

There is an uneasy feeling when reading reports of major hacks and data leaks. Am I exposed is the main question. Leak checkers promise to provide answers. The Hasso Plattner Institute (HPI) in Potsdam runs a well-known plattform1, another from the University of Bonn2 is slightly less popular. Both share the same functional principle: Get an email, compare it with a database full of leaks, send back the answer. The details are where the differences lie, and unfortunately they are not comfortable. Read more

40.000 Companies in Germany affected The BSI (German Federal Authority for Informationsecurity) warns with the second highest level “orange” (= the IT threat situation is mission critical. massive disruption of regular operations) in the public media1. Around 40,000 companies in Germany alone are affected by several critical vulnerabilities because security updates have not yet been installed2. In fact, Heise speaks of playing Russian roulette3. It’s not without reason that I have been warning for several years now about interlocking internal AD and internet functions like Microsoft does deliberatly. Unfortunately many hang their Exchange server directly “in the Internet” including OWA and EAS without any firewalls, mail gateways or reverse proxies. The normal case is totally negligent: Via port forwarding! Read more

One more SME customer (approx. 250 users spread over several nationwide locations) is migrating away from Exchange to free and Open Source solution. With the ready-to-use installation of a new Linux mail server I have provided my very modest contribution. The rest of the user and the data transfer will be done by the customer’s own IT department. Users can continue to work in their familiar Outlook and mobile client environment when the new EAS accounts are rolled out “side-by-side” to the existing onces. From one second to another, the switch can be carried out without hassle or downtime just by reconfiguring the reverse proxy and the mail gateway. Time-consuming, cost-intensive and above all “hard” migration paths are no longer necessary. Read more

I really just wanted to show you this Fnord, which is a very Microsoft-like thing: Well however, you might ask why I am tackling with Outlook 2019, let me please explain. A company with 40 mailboxes has decided to abandon its Exchange server. The following sentence is for all accountants and auditors: We are talking about cost-savings of 15-25% per year! Now everything runs with common internet standards on a Debian 10 with all the comfort and convenience as before: Starting with EAS-ActiveSync for Outlook (sigh if it has to be), a great webmailer, public folders, calendars, contacts and even resources. Here are some more screenshots: Read more