Webmail goes offline
For business users who want to send and receive email with the simplicity that comes with Windows Live (formerly Hotmail) and GMail, but without the dreary advertising, Office 365’s Outlook Web Access (OWA) comes with simplicity, no ads, and the same tools available to the corporate world that makes OWA a serious alternative to Outlook for Desktop.
Mentioning Outlook stirs memories of an awkward email client that is too complicated to use and impossible to back up. Nor is there a shortage of clients who have worn out two buttons in Outlook – check mail, and send: Many users are only interested in email; calendars, tasks, contacts, etc. are just bloat. If any of this sounds familiar to you, you are not in the alone, and something that many people have hoped for which provides an advertising-free webmail service for commercial use is available to Office 365 users – Outlook Web Access, or OWA.
OWA is the portal for Microsoft’s Office 365. OWA is a web version of Outlook for Desktop which provides to Exchange Email, a service providing 50 GB of email per user account which can be synced across 5 devices – including sent items, which you will never see with POP accounts. Calendars, contacts, and more are all there too, albeit ring-fenced from email. although they are bound to be there. OWA is Microsoft Exchange. Importantly, whereas Google users expose their email to data mining, Exchange email is a secure content system that restricts access to “your eyes only”. Among other reasons, this privacy feature is why Exchange email is used almost overwhelmingly in commerce.
Perhaps the niftiest trick in Microsoft’s web based email client is the facility to run their email in “offline” mode.
Wait a minute. Read that one more time. Offline? Managing email with your web browser – offline? Did Hotmail ever do that? No. Nobody else did, either. That is why everybody needed Outlook for Desktop, or Outlook Express, or Eudora or Thunderbird. In case you still do not believe the proposition, the illustration above shows how offline mode is not more than two clicks away.
Offline email management is a trump card. Do not expect to see an entire mailbox in offline mode, more like a few day’s worth of traffic, but enough to keep you with something to do on the road. It is one feature of many “gimme’s” Microsoft deploys from time to time to keep the corporate world so attached to Exchange.
The great thing about OWA is that if you only want to run email, the browser interface does just that, and beautifully so on iPads. OWA connects directly to Exchange 2013, though, so all the tools that high end users need like shared address books, distribution groups, rules, instant messaging, administrator tools like mail policies and even in-line archiving, are there if you want them too.
You might be disappointed that this does not mean the end of Outlook for desktops. Outlook still has a place, and if anything has upped the ante as a portal not only for email, but for user access to Office 365 to document folders and Sharepoint mind boggling services ..but that is for another few articles.
For a thirty trial of Microsoft Exchange and OWA, contact Steve Galloway on 07834 461 266 or Fred Dreiling on 07919 340 570. No credit card required for trial services.
Using Outlook Web App (OWA)
Office 365 help series – Outlook Web App
About OWA
Microsoft Outlook Web App (OWA) is a browser-based email client. OWA lets you access Your Office 365 Exchange Server mailbox from almost any browser. OWA is also available as an app for Android and iOS.
Not all Office subscriptions include desktop versions of Microsoft’s desktop versions of Word, Excel, Powerpoint, etc. All business licenses (except Hosted Exchange) include online versions of these apps, however. OWA is perhaps the most widely used Office app, and its popularity can be pointed to its simplicity and reliability.
OWA is more than an email client. It provides functionality for calendars, contacts, and tasks. It works with both desktop and online versions of Office. Although OWA is a webmail client, it can even cache email for work in offline mode. Find out more about OWA in this 15 minute Microsoft webinar.
To open a client to follow along with, point your favourite web browser to mail.office365.com.
Using Shared email accounts in OWA
If you have full privileges to a shared mailbox that appears in an Exchange address book, you can use Outlook Web App or a desktop version of Outlook (for example, Outlook 2013), to open that mailbox.
Shared mailboxes allow a group of people to monitor and send email from a public email alias, like info@contoso.com or contact@contoso.com. When a person in the group replies to a message sent to the shared mailbox, the email appears to be from the shared mailbox, not from the individual user. You can also use the shared mailbox as a shared team calendar.
The admin for your organization has to create the shared mailbox and add you to the group of users before you can use it.
Display a shared mailbox using OWA
Use this method to monitor email from your primary mailbox and the shared mailbox at the same time. After you complete this task, each time you open Outlook Web App, the shared mailbox and its folders will display in the left navigation in Outlook Web App.
- Sign in to your account in Outlook Web App.
- Right-click your primary mailbox in the Folder pane, and then click Add shared folder.
- In the Add shared folder dialog box, type the name of the shared mailbox, select the name, and then click Add.
The shared mailbox displays in your Folder list in OWA. The shared mailbox will appear there each time you access OWA. You can expand or collapse the shared mailbox folders like you can your with your primary mailbox. You can remove the shared mailbox if you no longer want to view the shared mailbox in your folder list. To remove it, right click the shared mailbox, and then click Delete.
Display a shared mailbox in standalone mode
Use this method if you want to view and manage email for a shared mailbox in a its own browser window, rather than rendering the shared mailbox folder in OWA’s navigation tree.
- Sign in to your account in Outlook Web App.
- In the Navigation bar on the top of the Outlook Web App screen, click on your name. A drop-down list will appear.
- Click Open another mailbox.
- Type the email address of the other mailbox that you want to open. Another Outlook Web App session will open in a different window allowing access to the other mailbox.
Tip If you mistype the email address of the mailbox, a second window will open up stating that the webpage can’t be found. Try retyping the email address again.
Note also that shared mailboxes also attach to a calendar function. A shared calendar is established when administrators create a shared mailbox so that group members have mutual access and privileges to a shared calendar.
Connect Outlook 2007 to Office 365
This article explains how to connect Outlook 2007 to Exchange Online email services on Office 365. Business Premium and Enterprise users should download Office 2013 App suite from the Office 365 portal. . Outlook 2007 can be connected to Exchange Online, however its architecture was not designed with any anticipation of Microsoft’s Cloud computing services in mind. Outlook 2010 was the first release of Outlook that included considerations for Office 365.
In this respect, Outlook 2007 is not an ideal solution for business users. Outlook 2007 users who do not want to purchase Outlook 2013 for desktop, or do not have access to Outlook 2013 App via their Office 365 subscriptions, should consider using Outlook Web Access (OWA). OWA is a fully specified browser-based alternative to desktop Outlook solutions, and we have experience of companies using OWA as their principle email client to save licensing costs.
Connect Outlook 2007 to Exchange Online
NOTE: Outlook 2007 supports only one Exchange connection per Outlook profile. If Outloo returns an error when you try to add a second Exchange connection to an Outlook 2007 profile, you may need to create a new profile before you can use an Exchange connection with Outlook 2007. For information, see “What else do I need to know?” later in this article.
- Open Outlook 2007. If the Outlook 2007 Startup wizard displays automatically, on the first page of the wizard, click Next. Then, on the E-mail Accounts page of the wizard, click Next again to set up an email account. If the Outlook 2007 Startup wizard does not appear, navigate to the Tools menu and click Account Settings. In the Account Settings dialog box, on the E-mail tab, click New.
- On the Auto Account Setup page, Outlook may try to automatically fill in the Your Name and E-mail Address settings based on how you are logged on to your computer. If the settings are filled in and they are correct, click Next so that Outlook can establish your settings. If the settings in the Auto Account Setup page are not filled in or are inaccurate or wrong, do the following:
- If the settings on the Auto Account Setup page aren’t filled in for you, type the correct settings based on the information that was provided to you by the person who manages your email account.
- If the name in the Your Name box is not correct, you may need to reset the options on the Auto Account Setup page before you can edit your name. To reset the options, select and then clear the check box next to Manually configure server settings or additional server types.
After you click Next on the Auto Account Setup page of the wizard, Outlook will perform an online search to find your email server settings.Outlook 2007 will display a message that asks you to allow a website to automatically set up your account. Outlook must connect to that website periodically to make sure your account is up to date. If you don’t want to see this message every time Autodiscover runs, select Don’t ask me about this website again, and then click Allow.
Outlook 2007 will continue setting up your account. You will be asked for your user name and password before Outlook 2007 can connect to your account. Make sure you enter your full email address (for example, tony@contoso.com) as your user name. You may be prompted to enter your user name and password several times before you connect.
- If Outlook is able to set up your account, you will see the following text: Your email account is successfully configured to use Microsoft Exchange. Click Finish.
- If Outlook is not able to set up your account, see “What else do I need to know?” later in this topic.
What else do I need to know?
- If your email account is the type that requires registration, you need to register it the first time you sign in to Outlook Web App. You won’t be able to connect to your email account using Outlook if you haven’t registered your account through Outlook Web App. After you sign in to your account, sign out. Then try to connect using Outlook. For more information about how to sign in to your account using Outlook Web App, see Sign in to Outlook Web App.
- If Auto Account Setup can’t successfully connect you to your account, do one or more of the following:
- Wait a few minutes and try again.
- If you need to connect to your email account immediately, use a Web browser or an email program that supports POP or IMAP to connect to your account using Outlook Web App. For information about how to connect using a Web browser, see Sign in to Outlook Web App. For information about how to connect using a POP or IMAP email program, see Use IMAP or POP email programs.
- If you know the name of the person who manages your mailbox (sometimes called an email administrator), contact them and report the error you’re getting when you try to connect with Outlook.
- Outlook 2007 supports only one Exchange email account per Outlook profile. If you try to add a second Exchange connection while Outlook is running, you may get the following error. You cannot add a Microsoft Exchange account to this profile while Outlook is running. Exit Outlook and use the Mail icon in the Control Panel to add a Microsoft Exchange account.
- If you already have an Exchange connection in your Outlook profile, you may need to delete the current profile or create a new profile before you can follow the steps in this topic. For more information about Outlook profiles, see Add or remove an email account at the Microsoft Office Online Web site.
Email blacklisting
IP blacklisting happens when an email sent to a recipient is returned with an error message that includes the terse statement:
error 550: Message rejected due to sender IP reputation ([xx.xx.xx.xx])
A “Blacklist”, more properly called a “DNS-based Blackhole List”, is a real-time database that uses criteria to determine if an IP address is sending email that could be considered spam. There are over a hundred influential public blacklists including Spamhaus, Barracuda Reputation Block List, and SpamCop. They all have their own criteria for accepting inbound mail and all can seriously impair email delivery.
Perversely, blacklisting happens when an important email addressed to an important customer or supplier is returned and, worse, all subsequent messages are returned, followed by a contagion that spreads to effective paralysis.
Initially, users call their email supplier for help. However, the supplier has limited options. For instance, email was being despatched, and in one sense the “error 550” delivery failure message proves that the sender’s equipment worked well enough to have sent the email in the first place.
How does blacklisting happen?
The problem lies with the IP address associated with the sender’s email. Email is routed using IP addresses. Once, engineers imagined the number of IP addresses using “version” 4 would be impossible to consume. However, as the “Internet of things” continues to grow, “IPv4” faces a crunch. There are not enough IP addresses using the IPv4 convention to supply all devices with unique values, future growth notwithstanding. To keep costs down, engineers use techniques to delegate individual public IP addresses to cover several users. This has become a vulnerability. Larger organisations tend to use dedicated solutions which circumvent this vulnerability.
For example, company A (see “witness.org” in the illustration above) uses a mail server which is uniquely identified on the Internet as 67.36.243.81. However, company B has its owns services, but those services sit within server 67.36.243.81’s environment. In this way, potentially, several hundred organisations can use a common IP address. This practice is most commonly used in retail, or entry level, web hosting.
When an email address has been blacklisted, the IP address attached to an email has been associated with suspicious activity by virtue of the IP address (e.g. 67.36.243.81) which matches an existing entry held by a public blacklist as a source of unusual volumes or otherwise suspicious activity. The activity is not necessarily attributable to the sender at witness.org, in the case of the example above. However all users subscribed to 67.36.243.81 are seen by a public blacklist as one entity. The good news is that the message is returned to sender so that there is a chance for the sender to understand there is a problem.
If an email services have been blacklisted, it could be because a user with a common IP address has been detected distributing suspicious email. This is not always the case, though. It could also mean that the user’s own workstation or office network is responsible, using resources to distribute large mail volumes which might include the business’ own sensitive data. The only way to know a business’ web servers or local machines have not been infiltrated is to conduct a full security review.
There are several reasons that contribute to blacklisting. Perhaps the most usual culprits are catch-all email services, email forwarding, and poorly managed bulk email.
How to fix blacklisting problems
Blacklisting is such a common problem that ISPs need dedicated departments to manage this and other security issues. In terms of mail flow, the bottleneck happens at the recipient’s end. The sender’s services have despatched email, so the sender’s equipment works. However, in practice there is not much motivation for the recipient to intervene to clear the blacklisting block. Usually, the sending ISP intervenes to lift the block by tracing contaminated IP addresses and corresponding with the public blacklists involved. If the underlying reason for a blacklisting is not eliminated and blacklisting persists, eventually public blacklists will permanently block an implicated IP address. Further, if an ISP has reason to believe its user is breaking its contractual terms by causing suspected email to cross its networks, ISPs will usually terminate email services until the user can demonstrate what steps it is taking to arrest the abuse. Potentially, an ISP may seek financial penalties from its user.
More often, businesses are finding that premium services like Exchange, Hosted Exchange, etc. are increasingly necessary to provide the reliability they need.
Exchange mobile/tablet synch
Standalone Exchange licenses provide connectivity to users’ email accounts via mobile-enabled ActiveSync devices. Whereas Office 365 licenses provide up to 5 instances of Office 2013 apps, standalone Exchange does not provide Outlook for desktop or Office 2013 licenses for mobile devices. That is to say, while users can connect mobile phones, laptops, or tablets to their Exchange accounts via browsers or ActiveSync, Microsoft does not provide Office 2013 licenses for Outlook, Word, Excel, etc.
Exchange – shared mailboxes
Shared mailboxes make it easy for a specific group of people to monitor and send email from a common account, like public email addresses (for example, info@companyname.com or contact@companyname.com). When a person in the group replies to a message sent to the shared mailbox, the email appears to be from the shared mailbox, not from the individual user.
Shared mailboxes are a great way to handle customer email queries because several people in your organization can share the responsibility of monitoring the mailbox and responding to queries. Your customer queries get quicker answers and related emails are stored in one mailbox. The mailbox delivers to users’ OWA and Outlook desktop clients. However, shared email accounts do not forward to mobile devices. The reason is that shared accounts are aimed at departmental use so that the first available person with office resources can deal with incoming mail.
A shared mailbox does not have its own user name and password. You cannot log into a shared mailbox directly using Outlook or Outlook Web App. You must first be granted permissions to the shared mailbox, and then you access it using Outlook or Outlook Web App. You don’t need to assign licenses to shared mailboxes, except when they are over their storage quota of 10 gigabytes (GB). If your shared mailbox goes over its quota of 10GB and you don’t assign it a license, after one month the shared mailbox will be locked. You can avoid having to assign the license by using archiving to avoid going over your quota.
Exchange – connected mailboxes
Exchange’s “Connected Account”s feature enables Exchange Online users to connect up to 5 external email accounts (like GMail, Yahoo, Live/Hotmail) to their internal email account in Exchange Online, and then use Outlook Web App to interact with all their messages in one place. Connected Accounts automatically synchronize upon sign-in to Outlook Web App; users can also manually synchronize the accounts from Outlook Web App. Administrators can enable and disable this feature for specific users or all users through the Exchange Admin Center.
Data Loss Prevention Policies (DLP)
Exchange 2013 provides comprehensive capabilities to help organisations identify, monitor, and protect sensitive information from leaking to third parties.Microsoft provides standardised regional libraries of policies to cope with management of credit card and financial information, personal information, and a variety of other metrics to help organisations comply with data protection laws according to the countries in which users are situated.
Office 365 is the only “off the shelf” product acceptable to US Federal Government and EU Covernment purchasing departments, and Microsoft’s DLP provisioning i relied on overwhelmingly by instititions large and small to establish data protection policies with the minimum of additional cost.
In Exchange 2013 Micorosoft introduced Document Fingerprinting and Policy Tips in Outlook Web App (OWA) to enhance document control and user education. Document Fingerprinting enables you to match documents that are derived from the same template.
This can be useful for organizations that frequently use standard forms or templates, for instance a law firm that uses a standard template to draft patent applications that it files on behalf of its clients.
Policy tips are designed to notify users in your organization when they are sending sensitive information over email. Policy Tips are similar to MailTips, and you can use them in Outlook in several different ways to help users avoid sending sensitive information in email. For example, you can use Policy Tips to:
- Inform users of the presence of sensitive information and optionally block the email from being sent.
- Educate your users through a Notify Policy Tip when sensitive content is present in their emails.
- Empower your users to make case by case decisions by allowing them to override the sensitive information policy—with the option of including a business justification for the override.
Office 365 delegated network administration
Delegated network administrators are certified Microsoft Cloud Partners who meet Microsoft standards for planning, deployment, and ongoing support of Microsoft Exchange, Office 365, and other Microsoft Cloud product lines. Delegated administrators are experienced engineers and consultants who are capable of managing large and small installations according to Microsoft’s benchmarks. ComStat is a Microsoft Cloud Partner and certified delegated administrator.
Delegated administrators perform tasks like liasing with Microsoft Support, setting up mailboxes, adding or removing users and groups, data migration, managing domain names and zone records, managing security policies, managing Exchange-connected mobile devices, managing transport, DLP, and other Exchange services, etc. Whereas small businesses are often faced with steep learning curves and under-utilized software, delegated administrators provide a reliable point of contact to advise business owners and implement application features that are beyond the scope of limited in-house resources.
Delegated administrators allow users to get the maximum resources from Microsoft applications.
A delegated administrator assumes the same rights as a global administrator, who is typically the owner of subscribed services. However, the owner/global administrator have the right to withdraw or reassign delegated administrator rights. Office 365 administrator rights extend to include the following privileges:
- global administration
- delegated administration
- billing administration
- password administration
- services administration
- user management administration