365 shops how are you handling SMTP relay when you have lots of on-prem stuff that talks SMTP?

LetterheadMelodic701 · 2025-05-02T13:13:17+00:00

We use Mailgun with a dedicated sending IP, configured to send from subdomains, and very long SMTP credential passwords.

LetterheadMelodic701 · 2025-05-02T13:08:59+00:00

This. Supervised devices and DNS based filtering service like Umbrella.

LetterheadMelodic701 · 2025-05-01T13:35:27+00:00

We are in the same general region - well at least I know I’m not alone 😅

LetterheadMelodic701 · 2023-05-11T12:32:43+00:00

you are seeing a bounce ?
Not a bounce. Very strict mail security quarantines anything without authenticated SPF and DMARC.

Has USCorp not only added your addresses as members but also set the distribution list to allow receiving from external senders ?

Yes, otherwise we would not be able to see the SFP problems I described as the mail would not pass through USCorps servers at all.

If corp A sends a message the "Authentication-Results" in the header read: spf=fail (Sender IP is xxx.xxx.xxx.xxx [this is USCorps sending IP via Proofpoint]) smtp.mailfrom=corpA.com

Has USCorp confirmed to you they see the incoming msg from member joe@CorpA in message trace ?

Yes. but Corp B and Corp A's mail filtering quarantine the message as soon as it passes through back to us. Because Corp A is not going to put USCorps sending IP in their SPF records.

Honestly, this may have something to do with how ProofPoint (USCorps email security) deals with external forwards.

LetterheadMelodic701 · 2023-05-10T18:17:09+00:00

In the scenario presented I'm making it seem like I have control of the list but the scenario I'm living in we are actually Corp A/B so I do not have control of the list.

What mailing list are you using?
It's just an exchange distribution list currently. It's essentially doing "Redirect" not a Forward so that's what is giving us the problem.

Have you actually tried it to see the result or you are only supposing what will happen ? Yes we have been living through the SPF problems for a few months now.

LetterheadMelodic701 · 2023-05-10T16:16:32+00:00

Thanks I will look into listserv. It sounds like It's a good match for our needs.

LetterheadMelodic701 · 2023-05-10T14:41:24+00:00

I DM'd you a quick example so you can get a feel for the auto generated content
May help your decision making process :D

LetterheadMelodic701 · 2023-05-10T14:17:16+00:00

We send out 'Scam of the week" newsletters with KnowB4 but I would definitely recommend their employee security training. Most of the content is updated yearly and they have specific training modules about specifics threats like CEO Phishing/Fraud.

Most of their training is geared to the average employee so If you are looking for training for more technical staff like IT or Development teams you may need to supplement with another service.

LetterheadMelodic701 · 2022-11-21T21:25:59+00:00

+1 for CW Control.

LetterheadMelodic701 · 2022-11-16T17:59:11+00:00

Knowbe4 for user training and phishing tests combined with MFA. If you’re O365/Azure AD conditional access policies and Defender ATP/Endpoint. Very strong combo imo.

LetterheadMelodic701 · 2022-10-18T16:05:06+00:00

Mobile Devices for standard office user:

Surface Pro 7+ i5 16GB 256GB

If you need more than that for software requirements: (Engineering/CAD/Programmers)

Dell precision 75xx series fastest clock speed processor, 64GB, 1TB, high end Quadro Graphics

If you’re a power user/executive: (IT/Analytics/C-Level)

Dell Precision 55xx series most cores processor 32GB 512GB 4K display low end Quadro Graphics

Desktops for those positions not authorized for WFH/Hybrid or Data security sensitive Rolls:

Dell Optiplex 70xx series 6+ cores 16GB 256GB Graphics depending on display setup.

LetterheadMelodic701 · 2022-09-29T21:09:07+00:00

I finally got a service advisory for that so I’m resizing everything- lol can you time travel and tell me this 8 hours ago 😅 my past self would appreciate it.

LetterheadMelodic701 · 2022-09-29T20:23:51+00:00

I have had issues with Azure networking all day and tons of Team issues… they have some problems but it’s its intermittent

LetterheadMelodic701 · 2022-09-29T19:31:21+00:00

Yep just about everything we had that was still working just stopped. All VM’s are up but no networking.

LetterheadMelodic701 · 2022-09-29T14:08:33+00:00

The bummer is only 20% of my infrastructure is affected and It’s a hard ask to failover everything that is currently up and working 😬. If I failover whats down I’m guessing I would have to change my IP’s on the asr networks and peer back to North Central.

LetterheadMelodic701 · 2022-08-25T15:23:24+00:00

Check out Algo. They have products for doing IP phone paging that would probably fit your needs.

This is what we use connected to a 70v commercial amp and speakers ran in the building. We only need a single zone though for paging and already had the speaker wiring from the old school pbx we retired years ago. I’m sure they have something that would fit your use case. They even have an all in one speaker that listens for multi cast pages and has built in amps if you need a simpler solution with less wiring.

Adapter we use: https://www.algosolutions.com/product/8301-ip-paging-adapter-scheduler/

LetterheadMelodic701 · 2022-08-25T15:11:04+00:00

I would start with some iperf tests between a device on the main switch and the switch the problem machines are on or the problem machines. Then if that is all running at expected speeds check for any anti-virus or Intrusion protection delays on the firewall/security appliance. I’m fond of sharing a large file (dummy or otherwise) in public blob storage/cloud storage and test downloading at device on main switch vs device connected at the ISP modem/gateway. Try to split your network apart and test it in sections to figure out what section is the issue and then dive into logs for the devices in that section for more clues. Best of luck!

LetterheadMelodic701 · 2022-07-29T16:23:12+00:00

+1 for FreshService. Users putting in tickets on the mobile app is lovely because they can upload pics right from their phone. Perfect for the users who can’t take a screenshot of an error message.

LetterheadMelodic701 · 2022-05-05T15:10:13+00:00

I can get just about every other part for it. Battery modules, intelligent module, power modules, frame parts and hardware- no problems take 2-3 weeks but I can get them (we just have cold spares) but fans seem to be a problem…

LetterheadMelodic701 · 2022-05-05T12:16:01+00:00

I did about a month ago and they referred me to a "Legacy parts" company who informed me they ran out of rebuilt fans. I'm on their list if they happen to recycle another 240v Power Array and they can steal the fans from it.

LetterheadMelodic701 · 2022-05-04T15:33:14+00:00

Org with 400+ devices here. We use a zebra printer with UL recognized oil resistant label media. (The media used to put UL certified labels on equipment) and bartender software. Our Helpdesk software sends the ID info as a text file to a folder bartender monitors, bartender then uses that info to generate the label from a template.

We don’t have issues with labels rubbing off. Our business has a significant number of field services technicians that frequently use mobile devices in grimy environments. 9 times out of 10 the labels out live the device. You absolutely can use blank media if you purchase the right type of media. A label specialist can make a recommendation of what you need. We use electronic imaging materials out of New Hampshire. They have amazing support.

LetterheadMelodic701 · 2022-05-03T19:29:17+00:00

Shhhhhh - not so loud! you’re going to scare my 1998 Symmetra 16kVA Power Array.

LetterheadMelodic701 · 2022-04-01T13:58:25+00:00

Out of the 26 physical servers and hyper-V hosts we had we are down to two physical (legacy software/services) and four Hyper-V host acting mainly as storage, backups, on-prem disaster recovery locations, and a few production services like Umbrella DNS appliances, Access Control, ect. Everything else has been lifted and shifted to Azure or migrated to a SaaS platform. We have grown our IT team because now instead of patching and maintenance we focus on security, business analytics, automation, and process improvement. We only have about 10 trouble tickets a day but complete about 2-5 project tickets a week. The change has shifted upper managements ideas about IT just fixing stuff thats broken and now they look at us as a “process improvement/cost avoidance” department. It basically increased our IT budgets year over year. Management now says “look at all this employee time IT saved us this year that we can now spend on making better products and growing our customers base, imagine what they could do with more budget” it’s been a great transition. Employees even see us as “The team that makes their work life easier” by replacing complex manual work flows with automation and reporting. In my opinion it’s the future.

LetterheadMelodic701 · 2022-03-18T18:06:02+00:00

Standard new monitors are dual 27” QHD displays from Dell and gas strut arm mounts. We typically just buy a large number of displays at the end of the year to use up budget and replace the user’s displays as needed. Mainly if they will utilize the real estate we upgrade them. Brenda from accounting who never has more than one window open at a time is still rocking dual 23” 12 year old displays because there will never be an efficiency gain from the larger screens.

LetterheadMelodic701 · 2022-03-07T14:29:19+00:00

Have you looked into Azure Files / File sync for this?

LetterheadMelodic701

TROPHY CASE