I heard reporting to [email protected] is the correct way. As I've
never received a feedback after sending abuse reports there I can't really
vouch for it.
Are the domains of the (regex) form
"[a-z]{3}[0-9]{8}.onmicrosoft.com"? If yes, you might use that pattern to
reject everything from these apparently bot-created tenants.
Cheers,
Hans-Martin
Am 26. Januar 2026 16:20:34 schrieb Lukas Adrian Kron via mailop
<[email protected]>:
> Apparently there are Mails from "Microsoft Power BI
> <[email protected]>"
> that are correctly DKIM signed and are (as far as I can see) sent by
> Microsoft.
>
> I suspect it works by creating a Scorecard and subscribing the User to that.
>
>
> In the Mail is the *.onmicrosoft.com E-Mail that was used for this attempt.
> Is there any point in reporting it to Microsoft, if so - where?
> Or would it be sent "to the void" 🙂
>
>
> --
>
> Mit freundlichen Grüßen
>
> Lukas Adrian Kron
> Geschäftsführung
>
> Bitte denken Sie an die Umwelt, bevor Sie diese Nachricht drucken.
> [email protected], www.lugges.eu, +49 2302-9838905
> lugges UG (haftungsbeschränkt), Heintzmannstraße 174
> 44801 Bochum AG Bochum HRB 19066, GF.: Lukas Adrian
> Kron_______________________________________________
> mailop mailing list
> [email protected]
> https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
