You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Awesome tool BTW, but currently checking on large Edu tenant and getting stalled at:
Getting MX Reports for all domains - consistently stopping here for 30 - 50 mins plus
Tried running Get-ORCAReport -Collections Get-AcceptedDomain more or less to try "something" and it seemed to get past it - but now reporting that ATP is not installed in Tenant?
Hey @dcaddick - yeh, the speed of ORCA for tenants with a large amount of domains went down drastically after the addition of the enhanced filtering/skip listing check. This is because that check needs to know if the MX is pointed to EOP or a third-party, and it uses the Get-MxRecordReport command to do that, which can take a minute or so per domain.
We could, either:
Have an option to disable the check
Instead of using the Get-MxRecordReport command, poll the MX records directly on the client. The issue here though is that quite a few customers have split DNS configured with an internal zone for their domains (so the MX record on the polling client may not be accurate). This is the least favorite option because it will generate false positives.
Closing this out, because it's expected that the Get-MXReport will take a long time when there are a large qty. of domains - and it's outside the control of ORCA (that's something to do with Exchange Online itself). The MX reports are required for SPF, DKIM, Enhanced Filtering checks, etc, so it's not something I think we want to bypass.
Hi Cam,
Awesome tool BTW, but currently checking on large Edu tenant and getting stalled at:
Getting MX Reports for all domains - consistently stopping here for 30 - 50 mins plus
12/14/2020 15:23:50 Getting Anti-Spam Settings
12/14/2020 15:23:53 Getting Tenant Settings
12/14/2020 15:23:54 Getting Anti Phish Settings
12/14/2020 15:23:55 Getting Anti-Malware Settings
12/14/2020 15:23:56 Getting Transport Rules
12/14/2020 15:23:58 Getting ATP Policies
12/14/2020 15:23:59 Getting Accepted Domains
12/14/2020 15:24:00 Getting DKIM Configuration
12/14/2020 15:24:01 Getting Connectors
12/14/2020 15:24:01 Getting MX Reports for all domains
Tried running Get-ORCAReport -Collections Get-AcceptedDomain more or less to try "something" and it seemed to get past it - but now reporting that ATP is not installed in Tenant?
12/14/2020 15:50:17 Performing ORCA Version check...
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Anti-Spam Policy Rules
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Safety Tips
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Phish Action
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Bulk Complaint Level
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - High Confidence Spam Action
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Allowed Senders
12/14/2020 15:50:26 Analysis - Anti-Spam Policies - Bulk Action
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - IP Allow Lists
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Domain Whitelisting
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Quarantine retention period
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Outbound spam filter policy settings
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - High Confidence Phish Action
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Mark Bulk as Spam
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Spam Action
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - Advanced Spam Filter (ASF)
12/14/2020 15:50:27 Analysis - Anti-Spam Policies - End-user Spam notifications
12/14/2020 15:50:27 Analysis - Connectors - Domains
12/14/2020 15:50:27 Analysis - Connectors - Enhanced Filtering Configuration
12/14/2020 15:50:27 Analysis - DKIM - Signing Configuration
12/14/2020 15:50:27 Analysis - DKIM - DNS Records
12/14/2020 15:50:27 Analysis - Malware Filter Policy - Malware Filter Policy Policy Rules
12/14/2020 15:50:27 Analysis - Malware Filter Policy - Internal Sender Notifications
12/14/2020 15:50:27 Analysis - Malware Filter Policy - Common Attachment Type Filter
12/14/2020 15:50:27 Analysis - Malware Filter Policy - External Sender Notifications
12/14/2020 15:50:27 Analysis - Tenant Settings - Unified Audit Log
12/14/2020 15:50:27 Analysis - Transport Rules - Domain Whitelisting
12/14/2020 15:50:27 Analysis - Zero Hour Autopurge - Zero Hour Autopurge Enabled for Malware
12/14/2020 15:50:27 Analysis - Zero Hour Autopurge - Zero Hour Autopurge Enabled for Phish
12/14/2020 15:50:27 Analysis - Zero Hour Autopurge - Zero Hour Autopurge Enabled for Spam
12/14/2020 15:50:27 Analysis - Zero Hour Autopurge - Supported filter policy action
12/14/2020 15:50:27 Generating Output
12/14/2020 15:50:27 Output - HTML
12/14/2020 15:50:28 Complete! Output is in C:\Users......
ORCA--202012141550.zip
The text was updated successfully, but these errors were encountered: