Does anyone else just block all traffic from *.onmicrosoft.com? I have
literally NEVER gotten anything from that domain which is not obvious junk.
I set up postfix to just flat out refuse anything from that domain.[1]
If I get any complaints, I may ease it up, but I was getting TONS of
spam messages from that domain and I figured it was easiest to just
block it.
--
Thomas
[1]
[root@east ~]# grep onmicrosoft /etc/postfix/sender_access
/@*.onmicrosoft\.com/ REJECT
[root@east ~]# grep sender_access /etc/postfix/main.cf
check_sender_access regexp:/etc/postfix/sender_access
On 3/18/24 21:13, Jimmy wrote:
It's possible that certain email accounts utilizing email services with
easily guessable passwords were compromised, leading to abuse of the
.onmicrosoft.com subdomain for sending spam via email.
I've observed an increase in the blocking of IPs belonging to Microsoft
Corporation by the SpamCop blacklist since November 2023, with a notable
spike in activity during February and March 2024.
Jimmy
On Tue, Mar 19, 2024 at 12:10 AM Jared Hall via users
<users@spamassassin.apache.org <mailto:users@spamassassin.apache.org>>
wrote:
I've several customers whose accounts were used to send spam as a
result
of Microsoft's infrastructure breech.
Curiously, NOBODY has received any breach notifications from Microsoft,
despite personal information being compromised.
What has anyone else experienced?
Thanks,
-- Jared Hall