Microsoft 365 Header

Streamlining Communication with Exchange Online

Written by Paul Schnackenburg / 19.02.2024 /
Home » Blog » Streamlining Communication with Exchange Online

Email is the lifeblood of business communication, even in this age of Teams, Slack, and numerous other communication tools. It’s the lowest common denominator – the one tool that you can always use to reach someone if you’ve got their email address.

And email is a commodity – every business needs it, but no business is going to be more competitive by running it “more efficiently” than another.

It’s a Hybrid World

One of the strengths of M365 over Google Workplace, for instance, is the clear migration path from what you have today to the cloud because of Microsoft’s large footprint in corporate data centers around the world. If you have Exchange 2013+ on-premises, you can pick any of the migration methods, some of which provide a hybrid co-existence.

The full hybrid option lets you continue running your on-premises infrastructure for as long as you’d like and chapmove mailboxes in batches to the cloud on your own schedule. You can even move mailboxes back to on-premises should the need arise.

As you’d expect, there are many details to manage in a hybrid setup, including prerequisitesActiveSync connectivity, and mailbox permissions – especially when a user on-premises has permissions to a mailbox in the cloud or vice versa.

If all you’re looking for is a simple way to move mailboxes from Exchange to Exchange Online – Hornetsecurity has an excellent Mailbox Migration Tool.

Backup and Native Data Protection

One thing to realize about O365 is that Microsoft is going to make sure that you don’t lose your mailbox data, which they do through the native data protection in Exchange – keeping three copies of your mailbox data on separate servers, along with a “lagged copy” (behind in time, for instances where the data is corrupted rather than lost) on a fourth server.

They DON’T, however, keep backup copies of your data going back into the past, which may or may not be an issue for your business, depending on your regulatory needs. Several third-party services on the market will do backups of your Exchange and SharePoint online data. Hornetsecurity 365 Total Backup is an excellent backup solution for mailboxes, Teams, OneDrive for Business, SharePoint, and files on endpoints.

A deleted user account and mailbox can be recovered if no more than 30 days have passed.

Autodiscover

Whether your Exchange server is in the cloud or on-premises it’s important that client applications can find it – this is the job of the Autodiscover records in DNS. There are a number of other DNS records required for M365 – find them in this article

If you have a hybrid Exchange deployment the Autodiscover records need to point to your on-premises Exchange 2016/2019 Mailbox Server.

Managing Mailboxes

There are many tasks associated with mailbox management, one of them is quota management. F3 licenses get 2 GB quotas, E1 are set at 50 GB (with a 50 GB archive) and E3+ have 100 GB quotas with archive mailboxes that can be max 1.5 TB.

The difference between a mailbox and an archive mailbox is that the archive is only available when you’re online. You can control how much mailbox data is stored offline on each device with a slider in Outlook.

If you’re migrating large mailboxes to Office 365, ensure they’re smaller than 100 GB and no item is larger than 150 MB before starting the move.

In the Exchange console you can configure settings for a mailbox such as adding email aliases, see quota usage, control which clients (OWA, Unified Messaging) and the protocols (EAS, MAPI, IMAP and POP) the user can use, message retention and mailbox delegation.

This last option lets you configure other users to Send As emails as the user, Send on Behalf where the recipient can see that the email is sent on behalf of the user, and Full Access.

Mailbox Archive

As mentioned earlier you can enable an Archive mailbox for mailbox content which essentially serves as a “bottomless” storage area for older content, hopefully stopping users from adopting PST files as an archiving solution.

The Outlook mobile client (iOS and Android) cannot access Archive mailboxes. You can enable auto expanding archives for E3 and E5 licensed users using PowerShell:

Set-OrganizationConfig -AutoExpandingArchive

You can also enable Archive mailboxes on a per user basis. Note that the Archive folder that’s created in a mailbox when you right click an item and select archive isn’t related to the Archive mailbox.

Mail Forwarding

Be aware that users can set up their mailboxes to forward mail to an external email address (optionally delivering to both inboxes).

This is something you should keep an eye on because while there may be legitimate business reasons to forward mail, it’s also a favored attack vector for hackers where they silently read emails and then use that for various nefarious purposes.

There’s a report in the Mail Flow dashboard to show you what forwarding rules exist. You can also block users from being able to forward mail in several ways.

Shared Mailboxes

There are times when you’d like a mailbox that doesn’t “belong” to a particular user, such as sales or support, where you have a team of users accessing the same alias.

As long as the Shared mailbox doesn’t have a larger quota than 50 GB or uses an Archive mailbox, it won’t consume a license.

It’s also one option for handling staff that have left your company while you still need to monitor their email for incoming emails; converting their mailbox to a shared mailbox and assigning access to the appropriate staff will free up the license to be assigned to a new user.

From a security point of view, make sure direct login to shared mailboxes is blocked – users should only access shared mailboxes by adding them as an additional mailbox in Outlook.

Mail Contacts And Users

Both Mail Contacts and Users show up in All Contacts, the Global Address List (GAL), and the Offline Address Book (OAB). A contact is a pointer to an email address in an external system, whilst a user is also a pointer to an external address, but the user has O365 credentials to be able to access SharePoint Online or OneDrive for Business.

The latter is a remnant of on-premises Exchange, modern external sharing such as Teams, Planner, and others use Azure Business to Business (B2B) collaboration for guest access.

Distribution Lists

Grouping email addresses together to facilitate communication with teams of people is something that email systems have been doing for decades – in the Exchange Online Admin Center (EAC), you can create Distribution Lists (DL).

Note that the default is to create an M365 Group instead, and in fact, Microsoft is pushing to replace DLs with Groups.

Dynamic Groups make maintaining membership easier, basing the membership on an Entra ID attribute such as “department” – if that’s set to Marketing, for instance, the user is automatically included in the right group.


To properly protect your Microsoft 365 environment, use Hornetsecurity one-of-a-kind services: 

To keep up with the latest Microsoft 365 articles and practices, visit our Hornetsecurity blog now.


Conclusion

In summary, Exchange Online offers a seamless transition to cloud-based communication, providing robust data protection and efficient mailbox management.

Leveraging features like Autodiscover and mailbox archives, organizations can enhance productivity and streamline communication processes.

FAQ

How do I connect to Exchange Online in PowerShell?

Use the “Connect-ExchangeOnline” cmdlet in PowerShell. Install and import the Exchange Online PowerShell module, and then run the cmdlet to initiate a connection. Provide your credentials when prompted.

How do I connect to Exchange Server in PowerShell?

Utilize the “Connect-ExchangeServer” cmdlet. Ensure the Exchange Management Shell is installed. Run PowerShell as an administrator, import the module, and execute the cmdlet with appropriate server information.

How do I Connect to Office 365 in PowerShell?

Connect to Office 365 PowerShell using “Connect-AzureAD” and “Connect-MSOLService” for the MSOnline module. Provide credentials and follow prompts. Ensure modules are installed and updated for seamless connectivity; for more information, see here.