email - Comstat | Ruthin, North Wales

How to Manage Microsoft 365 Email Signatures for Small Business Admins

by Steve Galloway | Oct 5, 2025

Why Email Signatures Matter for Small Businesses

Microsoft 365 email signatures are more than just contact details—they’re a branding tool, a compliance requirement, and a way to maintain professional consistency across your organisation. In small businesses, it’s common for employees to create their own signatures in Outlook or Outlook Web App (OWA). While this offers flexibility, it can lead to:

Inconsistent branding
Broken formatting
Blocked images
Compliance risks

To avoid these issues, Microsoft 365 offers both user-level and server-level options for managing email signatures. Lastly, email signatures can be used as a method for generating email templates.

Click open the headers below to learn how to use Microsoft 365 email signatures. Please read through this entire article before starting the proceudure. Be sure to contact us for general advice if you are in doubt. Support options are available for professional assistance.

User-Level Signature Management

Admins can guide users to create their own signatures in Outlook or OWA. This is suitable for small teams but requires oversight to ensure consistency.

How to create a signature in Outlook (Desktop)

Go to File > Options > Mail > Signatures
Click New, name your signature
Add contact info, branding, and disclaimers
Set default signature for new emails and replies

How to create a signature in Outlook Web App (OWA)

Go to Settings > Mail > Compose and Reply
Create or edit your signature
Choose when it should be applied (new messages, replies)

Formatting tips

Use web-safe fonts (e.g., Arial, Calibri)
Avoid large images or logos that may be blocked
Keep layout simple for mobile compatibility

Server-Level Signature Management with Microsoft 365

For better control, admins can create organisation-wide signatures using Exchange Online mail flow rules. Using Microsoft 365 email signatures this way prevents end users from using email signatures that could be inaccurate or misleading. It gives your business the chance to guarantee uniformityy and accuracy.

Benefits

Centralised management
Consistent branding
Automatic application to all outgoing emails

How to set up server-side Microsoft 365 signatures

Go to Microsoft 365 Admin Center > Exchange Admin Center
Navigate to Mail Flow > Rules
Create a new rule: “Apply disclaimers or signatures”
Set conditions (e.g., apply to all users or specific groups)
Add HTML-formatted signature content
Save and test the rule

Note: Server-side signatures are appended after the email is sent, so users won’t see them while composing.

Using Signatures as Email Templates

Signatures can also be used creatively as email templates. This is useful for:

Customer service replies
Standard form memos
Internal announcements

How to use signatures as templates using Outlook (Desktop) or Outlook OWA

Create multiple signatures for different scenarios
Include full email body text along with contact info
Select the appropriate signature when composing a message

Using Microsoft 365 email signatures this way is a creative solution for quickly inserting pre-written content, saving time and ensuring consistency. Micrsoft Outlook does provide a utility for template generation, however user feedback indicates that Outlook’s approach to generating templates is awkward. Another solution for templates is to use Outlook’s Resend Message option. See this article for help with “Resend Message”

Summary

Microsoft 365 email signatures maintain professionalism, brand identity, and compliance. Whether you choose user-level or server-level management—or a mix of both—make sure formatting and image use are carefully considered, and check output with users in Gmail and Apple envirnments to check how your output works. Lastly, do not overlook the power of signatures as a simple way to build a library of reusable email templates.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including website design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

What Is BoxTrapper in cPanel and Why Email Users Should Care

by Steve Galloway | Oct 2, 2025

BoxTrapper in cPanel: A Simple Yet Effective Spam Filter

BoxTrapper is a built-in spam filtering tool available in cPanel web hosting dashboards. It works by using a challenge-response system: when someone emails you, BoxTrapper checks if the sender is on your approved list. If not, it sends a verification email asking them to confirm they’re human. Only verified senders get through.

BoxTrapper is useful for users who receive a lot of unsolicited emails or run public-facing contact forms. It is a straightforward way to reduce inbox clutter without needing advanced filtering rules or third-party tools.

Click on the headers below to learn about BoxTrapper. Click on images to view at full-sized resolution. For guidance about BoxTrapper, please contact us for help.

Why BoxTrapper Is Useful for Everyday Email Users

Spam filters usually rely on complex algorithms or blacklists. BoxTrapper takes a different approach—putting the sender to the test.

For example, imagine you run a small business and get dozens of emails daily. Most are genuine, but some are spam bots trying to sell you things. With BoxTrapper enabled, those bots never make it to your inbox unless they reply to the verification email—which they rarely do.

This keeps your inbox clean and ensures you only deal with real people. It is especially handy for users who do not want to manage detailed filtering rules or pay for premium anti-spam services.

How BoxTrapper Differs from Microsoft 365 and Exchange Online Filtering

Microsoft 365 and Exchange Online use advanced filtering systems powered by AI and threat intelligence. These platforms scan email content, sender reputation, and attachments to detect spam, phishing, and malware.

BoxTrapper, by contrast, is much simpler. It does not scan content or use AI—it just asks senders to verify themselves. While this can be effective for basic spam control, it lacks the nuance and automation of enterprise-grade solutions.

For users who need granular control, reporting, or integration with security policies, Microsoft’s tools are more powerful and flexible. For small websites or personal email accounts hosted on cPanel, BoxTrapper offers a low-maintenance alternative.

Managing BoxTrapper as a Virtual Host Account Administrator

BoxTrapper is configured at server level, not email account level. If you have server admin privileges, you can enable, configure, and manage BoxTrapper from your cPanel web server control panel:

Log into cPanel and go to the Email section.
Click on BoxTrapper.
Select the email account you want to protect.
Enable BoxTrapper and customise the verification message.
Add trusted senders to your whitelist.
Review logs and manage queue messages as needed.

You can also set up auto-whitelisting for people you reply to, reducing friction for regular contacts. Admins can manage multiple accounts and tweak settings to suit different users. For current BoxTrapper specifications, see this article at cPanel Docs.

Summary

BoxTrapper is a simple way to reduce incoming spam. Server admins can apply BoxTrapper selectively on email accounts, or globally. However, BoxTrapper’s success depends on users white-listing approved email addresses. This means that senders may not understand that they need to respond to a verification email to successfully dispatch an email to you. Also, email users need to pay attention to their email whitelists.

Micrsoft 365 provides a more naunced approach, however this can be subject to someone understanding the intricacies of Exchange Online to micro-manage spam-filtering.

About ComStat.uk: Internet Service Provider Comstat provides IT support, web hosting, and media services including web design, Microsoft 365 setup, and audio/video production, serving businesses across Denbighshire, North Wales and Wirral from Ruthin, and Lancashire and the Northwest from Bolton.

Create a Microsoft 365 Exchange Online connector

by Steve Galloway | Aug 15, 2025

Configuring Microsoft 365 Connector for Web Server Email Relay

Use this summary to successfully configure a Microsoft 365 Exchange Online connector to relay email from a cPanel web server.

Some web server applications might not be equipped to connect to Microsoft 365 to relay email from your web server If you use Multifactor Authentication (MFA) to login to your email and 365 services.

Instead, an Exchange Online connector recognizes your web server as a legitimate mail server within your Micrsosoft 365 email environment. This means that a properly configured Exchange online connector relays email via Microsoft 365 to recipients without having to deal with MFA.

This article shows you how to configure an Exchange Online connector in Microsoft 365 to accept incoming traffic from your web server on port 25 using TLS. This assumes that your web server application, such as Clientexec, is:

properly configured to send email using SMTP on port 25.
your web server’s email routing configuration is established for “remote mailer”.
your web server uses a static IP address
- in our default web server congiuration, you will need to contact us to arrange an IP address, which is subject to annually renewable cost.

Click open the headers below to find out more about how you can properly configure your Microsoft Exchange connector on your server.

1. Verify proper admin privileges in 365

Before you create an Exchange online connector, make sure your Microsoft 365 admin account has the correct permissions, even if you are already a Global Administrator:

Go to Microsoft 365 Admin Center > Roles > Admin Roles
Assign your account, or the user you want to authorize to <Organization Management> if not already enabled

To add your user account to Organization Management role, click open Organization Management and add your user account. If you belong to a group, you can add that group to this role too.

This role is required to access and configure TLS settings in connectors. Without this role, TLS options may be hidden even in the new Exchange Admin Center.

2. Access the New Exchange Admin Center

Use the Microsoft 365’s modern interface to create and edit an Exchange Online connector:

Go to URL: https://admin.exchange.microsoft.com
Navigate to Mail Flow > Connectors

Note: be sure you are logged in to the new Exchange Admin Center. The legacy admin center will not support the options you need. Log into the new Exchange admin centre for managing roles and mailflow > connectors. You can tell by checking that the path in your browser navigation bar includes the link above.

3. Create a New Connector

Use these settings:

From: Partner organization
To: Microsoft 365
Purpose: Accept email from your web server

Important configuration steps:

Connector Type: Must be set to Partner (not Internal)
Sender IP Address: Add your web server’s public IP address
TLS settings:
- Require TLS: Must be checked
- Require that the subject name of the certificate matches this domain name: Must be checked
- the domain name you enter must also be registered in your Microsoft 365 tenancy.

If you do not see these TLS preferences, you either have insufficient privileges, or you have chosen the wrong type of connector

The last preference enforces certificate validation during an SMTP handshake

4. Testing the Connector from the Web Server

Verify DNS and SMTP Connectivity

On your web server, use teh Linux “dig command to confirm mailflow routing using SSH or cPanel’s terminal. This demonstrates that by showing a Microsoft IP address in output, the outgoing message is not intercepted by Exim or other processes on your web server.

# Check MX records
dig “yourdomainname.com” MX

Use openSSL to confirm TLS handshake with SMTP server with SSH or terminal. You may need to llok up your mailhost in 365. Usually it looks like “yourdomainname-com” rather than “yourdomainname.com”

openssl s_client -starttls smtp -connect “yourmailhost”.mail.protection.outlook.com:25

Send a test email via PHP using a script like:

$to = “insert valid 365 email address”;
$subject = “Test Email from Web Server”;
$message = “This is a test message.”;
$headers = “From: insert email address”;

if (mail($to, $subject, $message, $headers)) {
echo “Email sent successfully.”;
} else {
echo “Email sending failed.”;
}

Use different From: and To: addresses to avoid spoofing or loopback issues. Also, this can be saved as a script, uploaded to public_html on your web server, and run via a browser by pointing yout browser to the php file you have saved. Delete the file after testing.

5. Verify Connector Status with PowerShell

.Use Windows PowerShell 5.1 with the Exchange Online Management Module. Powershell 7.x does not currently carry the inventory of commandlets used for Exchange Online that v5.1 supports. If you are not familiar with Powershell, find help on checking and enabling “ExecutionPolicy” to enable scripts to run. Also, you may need to install a module called Connect-ExchangeOnline.

# Connect with MFA
Connect-ExchangeOnline -UserPrincipalName youradmin@yourdomain.com
# List connectors
Get-InboundConnector | Format-Table Name, ConnectorType, Enabled, RequireTLS, TlsSenderCertificateName
# Detailed view
Get-InboundConnector -Identity “YourConnectorName” | FL Name, ConnectorType, Enabled, RequireTLS, TlsSenderCertificateName, SenderDomains

6. Understand Sent Items Behavior

Emails sent via the connector:

Do not appear in Sent Items of the mailbox listed in the From: field
Are treated as externally relayed messages, not user-initiated

Summary

Microsoft 365 connectors are powerful but require

properly configured 365 admin roles
TLS enforcement
Correct connector type and IP configuration
Careful testing from the sending server

2025 Email Security Guide for Business Owners: Avoiding Scams and Attacks

by Steve Galloway | Aug 8, 2025

The Hidden Dangers of Business Email in 2025

Email remains a vital tool for business communication. But in 2025, it’s also a growing target for cybercriminals. From phishing scams to AI-powered fraud, threats are evolving fast. Let’s explore what business users need to watch out for—and how to stay safe.

Click on the headers below to find out more about email Inbox threats. Click on inmages to view at full-sized resolution.

Phishing Scams: Smarter, Sharper, and More Targeted

Phishing is no longer about mass emails with poor grammar. Today’s scams are precise and convincing. Attackers use generative AI to craft messages that mimic real people and companies according to Threatlabz. These emails often target HR, finance, and payroll teams—where sensitive data and money flow.

The only way to tell that this evidently legitimate email from Microsoft is a hoax was to hover over the “verify payment information” link to see that the link was not a valid Microsoft end point.

Key tactics include:

Voice phishing (vishing): Scammers impersonate IT support over the phone.
CAPTCHA-protected phishing sites: These look legitimate and bypass basic security.
Crypto wallet scams: Fake alerts trick users into giving up credentials.

Threatlabz goes on to say that even education sectors are under attack, with phishing up 224% in 2024. The goal? Steal data, money, or access to systems.

AI-Powered Fraud: A New Era of Deception

AI is changing the game. It helps scammers build fake websites, clone voices, and create deepfake videos [2]. These tools make fraud faster and harder to detect.

Common scams include:

• Fake job offers: AI-generated listings lure applicants into sharing personal info.
• E-commerce fraud: Entire storefronts are built with fake reviews and products.
• Tech support scams: Attackers pose as IT staff to gain remote access.

Microsoft reports that AI tools are being used to scan the web for company data. This helps attackers create highly personalized lures.

Summary

Customizing folder colours is a great way to help you and others find content easily, especially in large folder lists. Remember, you can also “favourite” a folder to help find your content faster.

Changing a folder’s colour in OneDrive will only be visible to you.

Changing a folder’s colour in Sharepoint will be visible to users who you share it to.

Since Teams stores folders and files in Sharepoint, Teams administrators can change folder colours by opening a Teams’ file library using <View in Sharepoint>.

Lastly, Sharepoint’s broader capabilities means that advanced users can automate folder properties including folder colours.

Business Email Compromise (BEC): The Silent Threat

BEC attacks are rising. These scams involve impersonating executives to request wire transfers or sensitive data according to Socium. AI helps attackers mimic writing styles and internal workflows.

Watch out for:

Lookalike domains: Slight changes in email addresses trick employees.
Predictive phishing: AI analyzes past emails to time attacks perfectly.
Urgent requests: Messages often pressure staff to act fast without thinking.

BEC is costly and hard to detect. It’s one of the most damaging threats facing businesses today.

How to Stay Protected

Cyber threats are evolving, but so are defenses. Here’s how to stay ahead:

Use multi-factor authentication (MFA) across all platforms.
Train employees regularly with phishing simulations.
Deploy AI-powered email filters to catch suspicious content.
Secure mobile devices against smishing and app-based attacks.
Consider enhanced security like Conditional Access, which limits access to approved devices.

Zero Trust principles and advanced threat detection tools are key. They help limit damage even if an account is compromised.

Summary

Email threats in 2025 are smarter and more dangerous than ever. AI is helping attackers craft believable scams that bypass traditional defenses. But with awareness, training, and the right tools, businesses can fight back.

It is difficult to explain the catastrophinc effect that a professional hack on a business has. Even with resources that companies like Marks & Spencer have, a well executed hack brings enormous costs and losses to bear. Worryingly, high profile hacks are only the tip of the iceberg – small business statistically bear the brunt of hacks than any other business class. Nor is it business that any IT professional wants to have to take one. Usually, this is because it was avoisdable in the first place. Talk to us first.

Email migration from cPanel to Microsoft 365

by Steve Galloway | Jul 13, 2025

Step-by-step guide

Use our workflow in this article to prepare for email migration from cPanel to Microsoft 365. This workflow explains how to migrate one account. If you have multiple email accounts, we recommend migrating one account at a time. It is possible to migrate an entire email resource, but this is complex and is not recommended unless you have expert in-house IT skillsets. Be advised that this is professional-level work. Your data could be at risk and if you are not confident, please contact us for help.

Click on the headers below to follow our migration workflow. Click on inmages to view at full-sized resolution.

Email migration - overview

Preparation: Gather necessary information and prepare your environment
Backup Emails: Ensure all emails are backed up
Set Up Microsoft 365: Configure your Microsoft 365 environment
Migrate Emails: Transfer emails from cPanel to Microsoft 365
Update DNS Records: Point your domain to Microsoft 365
Verify and Test: Ensure everything is working correctly

Preparatory Steps

1. Gather information:

Delete junk email and deleted items from cPanel email accounts
List and assess email accounts/data volumes to be migrated
Assess broadband to calculate projected download/upload times
Login credentials for cPanel and Microsoft 365 admin accounts
Login credentials for your domain name registrar, or wherever your authoritative domain name’s zone record is managed. In some case this might be handled by your Microsoft 365 tenancy.

2. Backup emails:

cPanel does not have an email migration tool. Instead, use either:

Outlook desktop to download a .pst file of your email account
A paid solution like EML to PST Converter Wizard to export email accounts

3. Setup or review your Microsoft 365 tenancy

Ensure you have the necessary Microsoft 365 licenses
Use the Email Accounts tool to download emails as .mbox or .pst files

Email migration Process

1. Log into cPanel dashboard with your admin credentials

2. Export your emails

Navigate to the Email section
Use the <Email Accounts> tool to download emails as .mbox or .pst files
You may have to use Outlook desktop or a paid third party tool e.g. Bitrecover

3. Log in to Microsoft 365 Admin Center with your global admin credentials

4. Set Up your 365 Migration Endpoint

Go to the Exchange admin center
Navigate to Recipients > Migration > More > Migration endpoints
Create a new migration endpoint using the IMAP server details from cPanel

5. Create a Migration batch

In the Exchange admin center, go to Recipients > Migration
Click on “+” and select “Migrate to Exchange Online”
Choose “IMAP migration” and follow the prompts to create a migration batch

6. Start the migration

Start the migration batch and monitor progress
Once the migration is complete, verify that all emails have been transferred

Update DNS Records

1. Log into your domain name registrar

Access your domain registrar’s dashboard with your credentials

2. Update MX records

Replace the existing MX records with those provided by Microsoft 365
This ensures that new emails are delivered to Microsoft 365

3. Update other DNS records

Update SPF, DKIM, and DMARC records as recommended by Microsoft 365
Review rDNS and edit as necessary

Verify and Test

1. Check Email Delivery

Send test emails to and from the migrated accounts to ensure proper delivery

2. Verify new 365 account settings

Ensure that all email settings and folders are correctly configured in Microsoft 365

3. Monitor for Issues

Keep an eye on the accounts for any issues over the next few day

Summary

These steps will migrate accounts from cPanel to Microsoft 365. Unless you are expert, you should migrate one email account at a time. This affords better scope for stepping back if you encounter issues, and also migration of accounts in bulk require practiced experience.

Large email accounts backups can take a lot of time to download especially with poor broadband, and uploading content can take even longer. Be prepared for some hours of outage if you have large backups and poor bandwidth.

Bear in mind that IMAP is an older technology and it is possible when migrating to Microsoft’s more modern ActiveSync environment, it accounts with large folder may appear corrupted. In this case, creating a new folder and copying content (rather than moving) usually resolves the problem.

If you encounter any issues, Microsoft’s support resources are well documented for additional help.

« Older Entries