October has been a busy month of changes for Exchange Online users. This article summarizes recent updates and announcements from Microsoft on the Exchange Team Blog.

A photo of the Microsoft Exchange Online logo.

1) Farewell to Remote PowerShell in Exchange Online

Earlier this year, Microsoft officially depreciated the Remote PowerShell Protocol (RPS) in Exchange Online. This month, RPS is no longer available to worldwide cloud customers, with plans for sovereign cloud customers to soon follow suit.

When RPS is disabled for a tenant, a Service Health Notification will be provided in the Microsoft 365 admin center. Users must transition to the Exchange Online PowerShell v3 module and use Connect-ExchangeOnline for future PowerShell sessions. The UseRPSSession parameter and older modules no longer function.

Read Microsoft’s blog post here.

2) Deprecation of Exchange Online PowerShell UserPhoto cmdlets

Microsoft is deprecating the Exchange Online PowerShell UserPhoto cmdlets and transitioning customers to the Microsoft Graph PowerShell SDK. Starting in April 2024, tenant admins will no longer be able to use the Exchange Online PowerShell UserPhoto cmdlets to Get, Set, and Remove user profile photos. Note that these cmdlets will remain functional in Exchange Server (on-premises).

Read Microsoft’s blog post here.

3) Implementing Inbound SMTP DANE with DNSSEC for Exchange Online Mail Flow

In March 2024, Microsoft is introducing a Public Preview for Inbound SMTP DANE with DNSSEC in Exchange Online. SMTP DANE is a security protocol that uses DNS to authenticate email certificates and protect against TLS downgrade attacks. DNSSEC is a set of extensions to DNS that verifies DNS records, preventing DNS spoofing and adversary-in-the-middle attacks to DNS.

The upcoming architecture change will affect the old Exchange Online DNS setup, specifically the mail.protection.outlook.com domain. Email admins and third-party organizations working with Microsoft 365 or Exchange Online for mail flow should check for any necessary actions before the new feature is rolled out.

Read Microsoft’s blog post here.

4) New Authentication Standards for Outbound Email

Microsoft has warned 365 email senders of potential issues with delivering emails to popular email service providers, due to new authentication standards. For example, in an effort to prevent spam, Google has implemented stricter security requirements to authenticate incoming email messages – particularly those sent in large volumes. 

Users should note that bulk (mass) email is not a supported use of Microsoft 365. Microsoft recommends using Azure Communication Services (ACS) Email, on-premises email servers, or a third-party provider to facilitate high volume emails.

Read Microsoft’s blog post here.

5) EWS to Microsoft Graph Migration Guide Series

    The EWS to Microsoft Graph Migration Guide Series is a new initiative by Microsoft to provide customers with guidance and resources to migrate from EWS to Microsoft Graph. The series will consist of several articles covering aspects of the migration process, such as:

    • How to identify and assess your current usage of EWS
    • How to plan and execute a migration strategy
    • How to leverage the features and capabilities of Microsoft Graph to enhance your apps and solutions
    • How to troubleshoot and resolve common migration issues and challenges

    Their first article in the series was released yesterday, which guides customers through identifying and managing applications in their tenant using Outlook REST v2 API and Exchange Web Services (EWS) API.

    Read Microsoft’s blog post here.