Exchange Online 方案 1: Exchange Online 方案 2: 安全可靠的企業級電子郵件，每個使用者享有 50 GB 的信箱。 Exchange Online 方案 1 的所有功能，再加上無限制的儲存空間、託管式語音信箱和資料外洩保護。 大型信箱. When your mailbox size exceeds 50 GB, the organization has only two options left – either upgrade the Office 365 subscription (exchange license) or delete/archive data from the mailbox. If you don't want to upgrade your subscription, it is suggested to archive your mailbox, the quote of Online Archive mailbox is 50GB. For your reference.

Azure Active Directory Premium P1 (41781fb2-bc02-4b7c-bd55-b576c07bb09d) Azure Information Protection Premium P1 (6c57d4b6-3b23-47a5-9bc9-b3) Exchange Online (Plan 2) (efb87545-963c-4e0d-99df-69c6916d9eb0) Microsoft Azure Active Directory Rights (bea4c11e-220a-4e6d-8eb8-8ea15d019f90) Microsoft Azure Multi-Factor Authentication. The storage quota for the archive mailbox is unlimited for users with an Exchange Online Plan 2 license or for users who have both an Exchange Online Plan 1 and an Exchange Online Archiving license. For information about increasing the Recoverable Items quota, see Increase the Recoverable Items quota for mailboxes on hold. Exchange Online Protection; Microsoft Defender for Office 365 plan 1 and plan 2; Microsoft 365 Defender; Exchange Online Protection (EOP) is the cloud-based filtering service that helps protect your organization against spam and malware. EOP is included in all Microsoft 365 organizations with Exchange Online mailboxes.

NOTE: This article was first published almost an year ago, since then I’ve added some additional methods and, thanks to a post by Mark Galvin at Experts Exchange, discovered a much easier method that does NOT require knowing the GUID upfront. I’ve reorganized the article accordingly, and left the older bits at the end.

​First of all, you should be using Autodiscover. Like always. Not only it makes your life easier, it’s a requirement now. Don’t believe me? Here’s an official statement from Microsoft. So no excuses there, go configure it! Unfortunately, some DNS registrars limit the creation of CNAME records and thus are causing problems. The prime example here is 1&1, but others might be doing the same. Microsoft has since published an article to further clarify on this here.

In the rare case that you need to configure an Exchange Online account manually, you can do so by following the instructions below. First however, you will need to obtain the ExchangeGUID of the mailbox. Why? Because there are some architectural changes in Exchange 2013. You can read more about them here, but here’s the relevant bit:

Outlook clients no longer connect to a server FQDN as they have done in all previous versions of Exchange. Outlook uses Autodiscover to create a new connection point comprised of mailbox GUID, @ symbol, and the domain portion of the user’s primary SMTP address. This simple change results in a near elimination of the unwelcome message of “Your administrator has made a change to your mailbox. Please restart.” Only Outlook 2007 and higher versions are supported with Exchange 2013.

Now that we have cleared that part, how to actually configure the mailbox? Well, as mentioned in the top note, with Exchange Online it is not actually necessary to know the GUID, as we can ask Outlook to find it out for us. I will discuss some other methods of obtaining it ‘manually’ later. For the moment, lets focus on creating the new account. Make sure Outlook is closed and navigate to the Control Panel. On the top right corner, change the view to Large or Small items and locate the “Mail” icon, then double-click on it. You can either directly press on “E-mail Accounts” or create a new profile first, up to you. Once you have started the “Add Account” wizard, select the “Manual setup or additional server types” checkbox and press Next. On the next page, select “Microsoft Exchange Server or compatible service” and press the Next button. This is where the important part starts, so be careful! In the “Server” field, enter the Server Name we obtained above using Autodiscover, or if you were using PowerShell, enter the mailbox_guid@domain.com. If you do not have the GUID, enter outlook.office365.com (pod51047.outlook.com will also work here, can you guess why?). In the “User Name” field, enter the primary SMTP address/UPN. Make sure the “Use Cached Exchange Mode” checkbox is selected and adjust the slider as per your preference of keeping mail locally.

We’re not done yet! Now, press the “More Settings” button and navigate to the “Connection” tab. Tick the “Connect to Microsoft Exchange using HTTP” checkbox and press the “Exchange Proxy Settings” button. In the first field, “Use this URL to connect to my proxy server for Exchange”, type in the host address outlook.office365.com. Make sure that the “Connect using SSL only” and the “Only connect to proxy servers that have this principal name in their certificate“
checkboxes are selected, and then type msstd:outlook.com in the field below. Click to select the On fast networks, connect using HTTP first, then connect using TCP/IP check box, and then click to select the On slow networks, connect using HTTP first, then connect using TCP/IP check box. Lastly, under Proxy authentication settings, select Basic Authentication. Here’s how it should look like:

But wait… there is still more to do! Press the “OK” button to return to the “More Settings” dialog. Here, navigate to the “Security” tab and under “Logon network security“, select “Anonymous Authentication“. Scary, I know, but that’s the reality of Exchange Online.

Now we should be done! Press “OK” to confirm the changes and once you are back in the “Add Account” wizard, press the “Check Name” button. If asked for credentials (which in most cases is bound to happen), make sure to provide the full UserPrincipalName and the correct password! Then watch the magic happen 🙂

Now after you have gone through all this, don’t you with you had autodiscover configured in the first place? I bet you do! 🙂

Since the ​outlook.office365.com trick will only work for Exchange Online, and for the sake of completeness, here are some other ways to obtain the actual mailbox GUID. For the PowerShell lover, that’s an easy task:

For those of you not familiar with PowerShell, follow the instructions in this article to connect it to Exchange Online. Once connected, simply type in the following cmdlet:

But what if you don’t have access to remote PowerShell? You will have to resort to… Autodiscover. And I’m not being funny here, there is no other way, and this is why Microsoft is insisting on having Autodiscover working.

You can get the relevant information either using the built-in “Test E-Mail AutoConfiguration” tool (for those of you that do not know about it, hold the CTRL button and right-click on Outlook’s icon in the tray). What you are looking for is the Server name section in the autodiscover.xml file:

Exchange Online P10

Alternatively, you can also use the Microsoft Remote Connectivity Analyzer, just select the Office 365 tab and select Outlook Autodiscover under Microsoft Office Outlook Connectivity Tests. In the first two fields type in your email address/UPN, then enter the password, tick both checkboxes and fill in the captcha. The test needs to run successfully in order to display the needed info, and you can obtain the ServerName by selecting the “Expand All” and navigating down to the XML content. Here is how it looks like:

In both cases, the Server Name consists of the mailbox GUID, the @ symbol and the domain part of the primary SMTP address, as explained in the article above.

UPDATE: Turns out there is another method to obtain the mailbox GUID/server name. You will need a working account for this. The trick is to open Account settings, More Settings, Advanced then press the Add button, as if you were adding additional mailbox. Here comes the tricky part, you need to type in an ambiguous query here, so that more than one result is returned (and of course make sure that the query will include the mailbox you are trying to obtain the settings for). After the search results are returned, in the Check Name dialog you will have the Properties button visible. Pressing it will reveal some more info about the selected entry, including the SERVER NAME. See the screenshot below:

The good news is this is exactly what you need: the ExchangeGUID@domain.com. Bad news is it will NOT work if the query returns single result, as the Properties for that entry will not be displayed then.

And lastly, here’s a little tip: even if you have not configured autodiscover, you can always use the default domain which comes with your Office 365 subscription. Autodiscover will ALWAYS work for user@tenant.onmicrosoft.com, provided you actually have a mailbox for that user. You might have to adjust the username in the credentials prompt if it doesn’t match though (i.e. if Outlook keeps asking you for credentials when using user@tenant.onmicrosoft.com, just use the user@domain.com address when prompted).

Hope this helps!

Exchange online protection:

EOP is a cloud-based email filter service that helps protect your organization against malware, and spam, include features to protect your organization from messaging policy violation like any user cannot send .exe file your organization. EOP provides malware filter, connection filter, Spam filter, outbound spam, Quarantine, features we will look at these protection features that are protected from spam and malware.

Malware Filter:

Malware is comprised of viruses and spyware. The virus affects other programs, data and spread throughout your system. Spyware refers to malware that collects your personal information like sign-in information or personal data that is sent back to the malware author.

Create a malware filter policy.

Exchange Online P100

• Go to Exchange admin center > Protection
• Click Malware Filter, you have seen here default malware filter policy implement.
• Create another malware policy Click + sign.
• Enter the name of the policy.
• Enter the policy description.
• Choose malware detection Response, if malware detects, notify default text or custom to the exchange recipients.

• You have chosen common attachment type filters on or off if you choose type filter like .ace that's mean you got an email with attachment these types of filters this policy detect email attachment is malware that email stored in the quarantine. There are 96 types of filter file types available.
• Another option Notification is available, you have notified an administrator for undelivered message attachment that sent from an internal or external sender. Add an admin email address.

• Enable custom notification text option to send both internal and external senders, add a name, email address, subject and message.

• You have added a condition for specified users, groups, domain for the policy applies by creating the recipient's rules.

• An internal user sends an attachment with .exe file and malware notification received by exchange admin. here is a preview image.

In this article, we discuss EOP and implement Malware filter policy in my next coming article we will implement connection and spam filters.