"Exchange Online to Block Emails from Vulnerable On-Prem Servers"
Microsoft is implementing a new security feature for Exchange Online that will automatically start throttling and eventually block all emails sent from "persistently vulnerable Exchange servers" 90 days after the admins are pinged to secure them. These are Exchange servers in on-premises or hybrid environments running end-of-life software or that have not been patched against known security vulnerabilities. According to the Exchange Team, any Exchange server that has reached end-of-life, such as Exchange 2007, Exchange 2010, and soon Exchange 2013, is unpatched for known vulnerabilities. For example, Exchange 2016 and Exchange 2019 servers that are behind on security updates are regarded as continuously vulnerable. Microsoft says this new Exchange Online "transport-based enforcement system" has three primary functions: reporting, throttling, and blocking. The new system's primary goal is to help Exchange admins identify unpatched or unsupported on-premises Exchange servers, so they can update or patch them before they evolve into security risks. However, it will also be capable of throttling and eventually blocking emails from Exchange servers that have not been fixed prior to reaching Exchange Online mailboxes. This new enforcement system will only impact servers running Exchange Server 2007 using OnPremises connectors to send mail in order to enable fine-tuning before expanding to all Exchange versions. This article continues to discuss the new Exchange Online security feature.
Bleeping Computer reports "Exchange Online to Block Emails from Vulnerable On-Prem Servers"