Improve Email Security with Exchange Online Throttling & Blocking of Persistently Vulnerable Servers
Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online
Introduction
The Exchange Online Protection (EOP) team has recently implemented a new security mechanism in order to protect Exchange Online users from malicious emails sent from Exchange servers that have been persistently vulnerable. This mechanism involves throttling and blocking of email from these servers.
What is Throttling and Blocking?
When an Exchange Online user receives an email from a server that has been identified as persistently vulnerable, the message is subject to throttling and blocking. Throttling limits the amount of email that can be sent from the source server, while blocking will completely stop any email from the source server from being delivered.
Why is Throttling and Blocking Necessary?
Throttling and blocking is necessary in order to protect Exchange Online users from malicious emails sent from servers that have been identified as persistently vulnerable. These servers may have been compromised and are being used to send malicious emails, which can have serious consequences for the users of Exchange Online.
How is Throttling and Blocking Implemented?
When a persistently vulnerable server is identified, EOP will begin throttling and blocking of email from the source server. Throttling is implemented by limiting the number of messages that can be sent from the source server, while blocking will completely stop any email from the source server from being delivered. The throttling and blocking will remain in place until the source server is no longer identified as persistently vulnerable.
Conclusion
Throttling and blocking of email from persistently vulnerable Exchange servers to Exchange Online is a necessary security measure to protect Exchange Online users from malicious emails. When a persistently vulnerable server is identified, EOP will begin throttling and blocking of email from the source server until the server is no longer identified as persistently vulnerable. As a Cloud Architect, it is important to understand the implications of this security measure and how it can be used to protect Exchange Online users.
References:
Throttling and Blocking Email from Persistently Vulnerable Exchange Servers to Exchange Online
1. Throttling Email from Vulnerable Exchange Servers (Search Volume: 1