This is the same company that mishandled the Office brand (abandoned it) and is mishandling the Xbox brand (what even is an Xbox anymore?). Are we surprised?
Not surprised. They used to have training material incentivizing professionals to use .local as TLD for Active Directory realms. Thats a reserved domain for Multicast DNS.
Working on Linux automation systems we would need to make sure to disable anything related to Avahi in our images otherwise name resolution would fail for some customers.
This is why I never use these IANA-reserved domains like .test, .example, .invalid, .localhost.
I always make up some impossible domains like domain.tmptest
Otherwise you're one DNS "misconfiguration" away from sending dev logs and auth tokens to some random server.
> Since at least February 2020, Microsoft's Autodiscover service has incorrectly routed the IANA-reserved example.com to Sumitomo Electric Industries' mail servers at sei.co.jp, potentially sending test credentials there.
That’s why example.com states “Avoid use in operations”, not only that could create unnecessary traffic for them as well as leak information as in situations like this.
Hold up, does this mean outlook sends your full credentials to Microsoft when you try to set up an outlook account? I'm sure they pinky promise they keep your credentials secure, but this feels like it breaks all sorts of security/privacy expectations.
Just a guess but why do I get the feeling it’s because someone who setup sei.co.jp in Azure Entra (aka Azure AD) some how managed to add/claim the domain “example.com” against their companies tenant.
It’s clearly not using the DNS records for discovery because they don’t exist, the only other option I can see is some weird fall through or hard coded value and it seems like an odd one to pick.
18 comments
[ 2.9 ms ] story [ 32.0 ms ] threadMaybe some of their targets did use example.com for some probing, and the NSA had a hand in Sumitomo Electric Industries' mail server.
Working on Linux automation systems we would need to make sure to disable anything related to Avahi in our images otherwise name resolution would fail for some customers.
I always make up some impossible domains like domain.tmptest
Otherwise you're one DNS "misconfiguration" away from sending dev logs and auth tokens to some random server.
> Since at least February 2020, Microsoft's Autodiscover service has incorrectly routed the IANA-reserved example.com to Sumitomo Electric Industries' mail servers at sei.co.jp, potentially sending test credentials there.
It is reserved by ICANN since 2024-07-29.
https://en.wikipedia.org/wiki/.internal https://www.ietf.org/archive/id/draft-davies-internal-tld-00...
Wait, does their autodetect send email and password to their servers, instead of just domain???
Hold up, does this mean outlook sends your full credentials to Microsoft when you try to set up an outlook account? I'm sure they pinky promise they keep your credentials secure, but this feels like it breaks all sorts of security/privacy expectations.
Not quite true, SMTP will use the A record if there is no MX.
It’s clearly not using the DNS records for discovery because they don’t exist, the only other option I can see is some weird fall through or hard coded value and it seems like an odd one to pick.
The IPv4 for example.com used to be 93.184.216.34
Was there an announcement somewhere