Microsoft Technical Bulletins

The latest updates for all the Microsoft Products you use every day.

Written by Richard Quatier

My goal is to help your business by integrating processes that automate mundane tasks and simplify complex ones without breaking budgets.

Categories: Exchange

December 15, 2020

Blog Home

Final Notice for disabling of TLS1.0 and TLS 1.1 Support for Exchange Online Mail Flow

From Microsoft Corporation

MC229914, Plan For Change, Published date: Dec 14, 2020
Admin impact, User impact

We will no longer support TLS 1.0 and TLS 1.1 from Exchange Online mail flow endpoints beginning January 11th 2021. As those versions of TLS are already retired (most recently communicated in MC218794, July ’20), Exchange Online customers and their partners should already be using TLS1.2 to protect SMTP connections between their email servers or devices and Exchange Online.

Key Points:

  • Major: Retirement
  • Timing: January 11th, 2021
  • Action: Review and assess impact for your organization

How this will affect your organization:

Organizations who are most at risk are those with hybrid routing and on-premises servers however there may be disruptions to mail flow for numerous other scenarios where these older TLS versions are still being used. If you have not done so already, please ensure that all mail servers and devices connecting to Exchange Online use TLS1.2. While some traffic may still flow after the change is made because TLS is used opportunistically by default, connections involving on-premises or partner connectors require TLS and the certificates that are shared for authentication purposes.

To help identify traffic still using TLS1.0 and TLS 1.1 review: Investigating TLS usage for SMTP in Exchange Online.

We’ll be gradually making the change and so initial impact could be messages getting delayed and only when the change is completed will messages fail to be delivered to their destinations.

What you need to do to prepare:

Any mail servers, devices, or applications sending emails to your Exchange Online endpoint (.mail.protection.outlook.com) or receiving email from Exchange Online servers will need to be upgraded to make use of TLS1.2.

Resources:

Additional information

You May Also Like…

Plus addressing to be enabled for all Exchange Online customers

Plus addressing to be enabled for all Exchange Online customers

From Microsoft CorporationTechnical Bulletin: MC276028 ยท Published Aug 6, 2021ACTION REQUIRED by Jan 14, 2022 Message Summary Plus addressing support in Exchange Online was released in September 2020 as an opt-in feature. This was...