How to blacklist a domain in Office 365

Written by jeremydahl. Posted in Office 365

Log in to your Exchange admin center, and go to mail flow – rules:

Click on the plus icon to create a new rule, and choose Bypass spam filtering:

Note: You can use this same rule to either whitelist or blacklist a domain depending on the options you choose later.

011314 2329 Howtoblackl1 How to blacklist a domain in Office 365

As you can see, there are a lot of options to choose from – we’re going to be blocking by domain, so choose The sender… – domain is:

011314 2329 Howtoblackl2 How to blacklist a domain in Office 365

Add the domain that you’d like blocked, and hit the plus sign to add it to your list:

011314 2329 Howtoblackl3 How to blacklist a domain in Office 365

Then click OK to save your changes:

011314 2329 Howtoblackl4 How to blacklist a domain in Office 365

Your next step is to specify the Spam Confidence Level (SCL): click on Bypass spam filtering:

011314 2329 Howtoblackl5 How to blacklist a domain in Office 365

And set it as high as you want it to be (in this case 9)

011314 2329 Howtoblackl6 How to blacklist a domain in Office 365

Note that if you are trying to whitelist a domain, you would leave the option at Bypass spam filtering which sets its SCL to -1 (see the list below for more details)

For a breakdown of the SCL ratings and what they do, see the image below – clicking on it will take you to the TechNet article.

011314 2329 Howtoblackl7 How to blacklist a domain in Office 365

Next, set the rule to Enforced.

011314 2329 Howtoblackl8 How to blacklist a domain in Office 365

Alternately, you can choose to test the rule before making it live – here’s what the different options do:

  • Enforce   This will turn on the rule and it will start processing messages immediately.
  • Test with Policy Tips   This will turn on the rule, and what would have happened if the rule was enforced is logged in message tracking logs. Exchange doesn’t take any action that will impact the delivery of the message. In addition, senders are notified of the actions the rule will take if the rule contains the Notify the sender with a Policy Tip action.
  • Test without Policy Tips   This will turn on the rule, and what would have happened if the rule was enforced is logged in message tracking logs. Exchange doesn’t take any action that will impact the delivery of the message

From <>

Note that policy tips only work with Outlook 2013, and will not show up in OWA – make sure that if you plan to test your rule with Policy Tips that you are testing from a system with Outlook 2013

Next, choose an activation date. Note that you need to set a date in the future, so if you want it active today, set the time forward by the next half hour increment, or it will complain about your policy trying to be activated in the past.

011314 2329 Howtoblackl9 How to blacklist a domain in Office 365

I also set the rule to match sender address in message: Header or envelope to make sure that it catches spam that is spoofing as legitimate email.

011314 2329 Howtoblackl10 How to blacklist a domain in Office 365

  • If your rule analyzes the sender address, it only examines the message headers by default. However, you can configure your rule to also examine the SMTP message envelope. To specify what’s examined, click one of the following values for Match sender address in message:
    • Header   Only the message headers will be examined.
    • Envelope   Only the SMTP message envelope will be examined.
    • Header or envelope   Both the message headers and SMTP message envelope will be examined.

From <>

After that, click Save and you should be good to go.

Delegated Access & Sent items

Written by jeremydahl. Posted in Office 365, Technology

Keeping sent items in the correct mailbox is a common problem for Exchange users who have delegated access to a shared mailbox, or even Send As permissions on another user’s mailbox. Thankfully, there is a solution to this problem, and it works the same whether your Exchange is on premise, or in Office 365.

The Problem?

Any email that a user sends ends up in their own sent items, and not the sent items of the shared or delegated mailbox. This makes it hard to share a mailbox, as you are forever wondering whether an email has been replied to, and you don’t have the conversation history to go back to – very frustrating!

The Solution:

Note that for this to work, Outlook must be in cached mode – if your email is in online (or non-cached) mode, this fix won’t work.

For Outlook 2013:

Edit the following key in your registry:


Create a new DWORD Value:

121813 0434 DelegatedAc1 Delegated Access & Sent items

Name it DelegateSentItemsStyle and set its value to 1.

121813 0434 DelegatedAc2 Delegated Access & Sent items

This fix will also work with older versions of Office, just use the key appropriate to your version below:

For Outlook 2010:


For Outlook 2007:


For Outlook 2003:


Also, if you’re in Exchange 2010, you can set this setting in PowerShell, so that it will take effect not only in Outlook, but in OWA as well. Check this link for more information, but you basically use the cmdlet Set-MailboxSentItemsConfiguration to specify where email is saved once it has been sent. I’m not sure why they removed this from Exchange 2013, because it would be nice to have this globally applied, and not just on a per machine basis, but there you have it… hope this helps someone!

IMAP Migrations: Last synced time is WRONG!!

Written by jeremydahl. Posted in Office 365

This has been driving me crazy – I’m running an IMAP migration for one of our clients, and the batches don’t appear to have been running their regular incremental sync (by default supposed to run every 24 hours).

After digging around in PowerShell cmdlets trying to see if I could find a way to determine the last synced time of a batch, or even restart it and force a sync, I came across this article from Microsoft Support:

Basically, the Last Synced Time status doesn’t accurately represent the most recent sync time of the batch:

113013 0009 IMAPMigrati1 IMAP Migrations: Last synced time is WRONG!!

Here’s how you check to see when your migration batch actually synced last:

  1. Click on your migration batch and then click View details on the right:

    113013 0009 IMAPMigrati2 IMAP Migrations: Last synced time is WRONG!!

  2. Click on one of your users, and then read the details on the right, and you’ll see when the last successful sync happened:

    113013 0009 IMAPMigrati3 IMAP Migrations: Last synced time is WRONG!!

This is actually pretty important to do, because I found a number of users whose status was Incremental failed even though the overall status of the batch was synced. This just goes to confirm my feelings about IMAP migrations – they are definitely the very last on the list of migration options, and I only do them if there are no other viable options.

Office on Demand

Written by jeremydahl. Posted in Office 365

The latest revision of Office 365 includes a great feature called Office on Demand – this is available for Office 365 Home Premium, Small Business, Midsize and Enterprise. In a nutshell, it allows you to use a full version of Office programs** on a public computer without having to install anything. As soon as you close the application, the streamed version of Office disappears and you’re all done!

** Supported client applications: Word, Excel, PowerPoint, Publisher, Access, Project & Visio (Provided you have Project Pro or Visio Pro for Office 365 subscriptions)

Office 365 Home Premium Users:

Go to, and log in to My Office:

112913 2142 OfficeonDem1 Office on Demand

Since this is the Home Premium version of Office 365, you’re going to be using a Microsoft account not an organizational account.

112913 2142 OfficeonDem2 Office on Demand

Once you type in your address, it’ll automatically redirect you to the Microsoft account login page – go ahead and sign in.

112913 2142 OfficeonDem3 Office on Demand

Once you log in, you’ll see your recent documents – you can click on one of your recent documents to trigger Office on Demand, or just click on the program you want to run from the options below:

112913 2142 OfficeonDem4 Office on Demand

Do I want to use Office on Demand? DO I EVER!!

112913 2142 OfficeonDem5 Office on Demand

Install the plugin that pops up (this is the only actual software that gets installed to the computer):

112913 2142 OfficeonDem6 Office on Demand

Click Run:

112913 2142 OfficeonDem7 Office on Demand

And sit back while Office begins to stream the program you requested – on a normal, fairly fast internet connection this process took less than a minute before I had Word open and ready to start typing.

112913 2142 OfficeonDem8 Office on Demand

Well, that was easy!

112913 2142 OfficeonDem9 Office on Demand

If you check your installed programs, you’ll see the only thing that got installed was the Browser Add-on… very nice and clean

112913 2142 OfficeonDem10 Office on Demand

Office 365 Enterprise (or Small / Midsize Business) Users:

For the business user, the process is similar, and just as easy: Log in to your Office 365 portal at, and click on SkyDrive:

112913 2142 OfficeonDem11 Office on Demand

Down the left navigation, click on Use Office on Demand:

112913 2142 OfficeonDem12 Office on Demand

Same as before, click on the Program you want to run:

112913 2142 OfficeonDem13 Office on Demand

One especially awesome thing about this feature is that you can sign in to Office from within Word (or whatever program you’re using), and save the documents you’re creating right back to your SkyDrive, or open files from your SkyDrive and edit them in your streamed copy of Office.

112913 2142 OfficeonDem14 Office on Demand

This is a great feature for when you need more functionality than the built in web apps (which are already pretty awesome) can provide – Great job, Microsoft!

Yammer for all Office 365 Enterprise customers

Written by jeremydahl. Posted in SharePoint

Yammer for you!

Depending on your own personal level of adoption of the business social network, this announcement by Microsoft may or may not be exciting news for you: All Enterprise Office 365 accounts now have Yammer Enterprise licensing baked right in.

Not sure what Yammer Enterprise brings to the table? Here’s a breakdown of the differences.

Yammer and Office 365 Roadmap

You can read the full article above, but here’s some of the things I’m looking forward to (or at least interested to see how they work)

  • Email Interoperability: Because we know enterprise social adoption often takes time, we’ve invested in greater email interoperability so users can collaborate via Yammer and email together without having to leave their preferred communication channel. Email users can now participate in Yammer group discussions via email without having to set up a Yammer account.
  • Document conversation: Social is most effective when it’s woven into the apps people use every day. Now users can start a Yammer conversation for any document that is stored in a SharePoint Online document library or SkyDrive Pro web client. This enhancement makes it easier for users to collaborate, as well as improves the discoverability of the document by others.
  • Messaging: We are making it easier for users to communicate in real-time with an improved messaging experience on Yammer. New enhancements include: typing indicators, real-time likes, the ability to easily add multiple coworkers to a conversation and more.
  • Office 365 Integration: We’ve also been hard at work laying the foundation for deeper integration between Yammer and Office 365. Right now we’re focused on user mapping between Yammer and Office 365 (Office 365 users will be able to seamlessly access Yammer from their Office 365 navigation bar) and deepening connections across documents and conversations. 

    The Office 365 integration is the big one for me – right now, if you activate Yammer as your default newsfeed in Office 365, all it does is replace your Newsfeed link at the top of the page with a link that takes you to the Yammer website. Once the feed is integrated more tightly and accounts mapped accordingly, I think Yammer is going to get a lot more exciting in Office 365.

    Activating Yammer in Office 365

    To activate Yammer as the default newsfeed in Office 365, go to the SharePoint admin center, and click on settings: Choose use service as your default social experience, then scroll down to the bottom of the page and click Save.

    110813 0501 Yammerforal1 Yammer for all Office 365 Enterprise customers


    110813 0501 Yammerforal2 Yammer for all Office 365 Enterprise customers


    110813 0501 Yammerforal3 Yammer for all Office 365 Enterprise customers

    Don’t forget that clicking that link will still just take you to, but don’t worry… at the speed that Microsoft is rolling out these changes, it’ll be woven in to your Office 365 experience soon enough – enjoy!

Use PowerShell to find email aliases

Written by jeremydahl. Posted in Office 365, Technology

Something I run into all the time is trying to figure out who is holding a specific email address or alias – it can get pretty easy to lose track of aliases, as they don’t show up in your list of users either in the admin center, or in the Exchange Control Panel.

I found this great PowerShell command from the Office 365 Community Forums that allows you to generate a list of all email addresses tied to the mailboxes in your tenancy – here it is:

Get-Mailbox | Select-Object DisplayName,@{Name=”EmailAddresses”;Expression={$_.EmailAddresses |Where-Object {$_ -LIKE “SMTP:*”}}} | Sort | Export-Csv C:\email-aliases.csv

** Note that this script runs against mailboxes, so it will show you the addresses for shared and resource mailboxes, but it won’t tell you what email addresses are used for your distribution groups.

And here is how you run it:

Open PowerShell – the Windows Azure Active Directory Module is required for managing any Office 365 tenancies, so make sure you have it installed:

102713 1934 UsePowerShe1 Use PowerShell to find email aliases

Log on to your Exchange Control Panel: I’ve found that when trying to manage a tenancy that you have delegated administration rights to, it’s still easiest to log on as the tenant admin (or at least a global admin account), rather than trying to use your delegated account – trying to make the connection jump from your credentials to a client’s never seems to work well for me.

Authenticate: $LiveCred = Get-Credential

102713 1934 UsePowerShe2 Use PowerShell to find email aliases

Connect to ECP:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $LiveCred -Authentication Basic -AllowRedirection

102713 1934 UsePowerShe3 Use PowerShell to find email aliases

And then initiate your remote session:

$importresults = Import-PSSession $Session

Once it connects, you can run your script to generate your list of email aliases:

Get-Mailbox | Select-Object DisplayName,@{Name=”EmailAddresses”;Expression={$_.EmailAddresses |Where-Object {$_ -LIKE “SMTP:*”}}} | Sort | Export-Csv C:\email-aliases.csv

You might want to change the path that you’re saving to, depending on how your system is configured – if you don’t have permission to write to the root of your C:\, then just change your path to c:\users\yourusername\desktop\email-aliases.csv

Disconnect your session - when you’re finished, either run the following command, or just close your PowerShell Window – the session will time out and end after a while, but it’s always best practice to close the door when you leave:

Remove-PSSession $Session

That’s it – enjoy!

Mail Flow Guided Walkthrough

Written by jeremydahl. Posted in Office 365

Here’s a sweet utility that Microsoft has provided for troubleshooting email in Office 365 – it’s a great starting place for investigating any email issues your end users might be experiencing.

Start by going to the Mail Flow Guided Walkthrough: Bookmark this page for future reference – you’re going to want to keep this one in your toolkit!

Let’s walk through a common scenario (Office 365 user unable to receive email from an external source) and see what this troubleshooter does for us…

1. Start by choosing the option that best describes your scenario:

10 16 2013 7 38 00 PM Mail Flow Guided Walkthrough

2. Next step:

101713 0257 MailFlowGui21 Mail Flow Guided Walkthrough

3. Next, how many users are affected:

101713 0257 MailFlowGui31 Mail Flow Guided Walkthrough

4. Follow these steps! Each one of those plus signs expands to give you helpful instructions on how to achieve each troubleshooting step, and is really well laid out.

101713 0257 MailFlowGui41 Mail Flow Guided Walkthrough

5. Sadly, our issue is not resolved, so we’re gonna just keep swimming:

101713 0257 MailFlowGui51 Mail Flow Guided Walkthrough

6. The next step walks you through performing a mail trace to see what is happening to your missing email:

101713 0257 MailFlowGui61 Mail Flow Guided Walkthrough

7. Based on the results of your trace, you can either report that your issue has been fixed, or not:

101713 0257 MailFlowGui71 Mail Flow Guided Walkthrough


101713 0257 MailFlowGui81 Mail Flow Guided Walkthrough

Now, I get that no tool can magically fix every problem – so I really like that Microsoft gives you a clear troubleshooting path to take to try and resolve your issues. And, if they’re not resolved by this troubleshooter, you can submit a service request, or post on the community forums. Even if you have to get more help, you now have a chain of your troubleshooting steps which Tech Support or the Community can use to help get you back up and running again.

This utility should definitely be part of every Office 365 admin’s toolkit!

Buy a domain in Office 365

Written by jeremydahl. Posted in Office 365

A recent feature added in Office 365 allows you to buy a domain directly from your Office 365 admin center – a sweet feature that integrates with and allows you to buy directly without leaving your Office 365 set-up! Also, if you already have a domain through GoDaddy, Office 365 will automatically do the DNS setup and configure the domain for you.

To buy a new domain, simply click on Domains and then Buy a domain:

101213 0033 Buyadomaini1 Buy a domain in Office 365

Type in the name of the domain you want to purchase, and the wizard will run the requisite checks to see if it’s available, and then give you a link to buy it:

101213 0033 Buyadomaini2 Buy a domain in Office 365

One downside to this feature, is that it doesn’t seem to be available in Canada yet – once you click the link to purchase your domain, you get shot over to, and you have to purchase the domain through the website like a normal person icon sad Buy a domain in Office 365

This is what it should look like:

101213 0033 Buyadomaini3 Buy a domain in Office 365

Even though the blog post says that this feature is available for Small Business as well as Enterprise clients, I only saw the “buy a domain” option on Enterprise and Midsize Business tenancies. I still need to test the automatic setup of a domain that is already purchased through GoDaddy, and I’ll post on my findings once I’ve done that.

Hopefully they continue to develop this feature, as I think it will be a great option for clients who just want to be able to manage all their stuff in one spot.

Lync 2013 Test Drive

Written by jeremydahl. Posted in Office 365, SharePoint, Technology

Found this excellent post by Benoit Hamet – Microsoft has provided a complete Test Drive environment allowing you to set up a Lync 2013 Lab for testing and evaluation purposes:

This download comes as a pre-configured set of VHD’s. This download enables you to fully evaluate the Microsoft Lync 2013, Microsoft Exchange 2013, SharePoint 2013, and UC developer platform APIs including the Microsoft Lync 2013 SDK, the Exchange Web Services Managed API 2.0 as well as the Microsoft Lync Server 2013 SDK and the Microsoft Unified Communications Managed API 4.0. Also, Lync Server

From <>

This is great for testing various environment configurations, including Unified Messaging and different Office 365 Hybrid scenarios. Get ‘em while they’re hot!