Comment by rurban
16 days ago
NSA probably. Gives them plausible deniability.
Maybe some of their targets did use example.com for some probing, and the NSA had a hand in Sumitomo Electric Industries' mail server.
16 days ago
NSA probably. Gives them plausible deniability.
Maybe some of their targets did use example.com for some probing, and the NSA had a hand in Sumitomo Electric Industries' mail server.
Reading the article, there is a huge flaw in the autodiscover protocol by Microsoft.
https://www.akamai.com/blog/security/autodiscovering-the-gre...
According to it, it seems that if someone registers autodiscover.com then example.com lacking autodiscover.example.com will make Outlook try checking if autodiscover.com has an entry.
It's just a braindead system.