Jul 11 08:20:04 be msd[1974542]: CONN: 52.96.233.45 -> 587 GeoIP = [US]
PTR = NXDOMAIN OS = Windows NT kernel
Jul 11 08:20:04 be msd[1974542]: EHLO command received, args:
SJ1PR84MB3115.NAMPRD84.PROD.OUTLOOK.COM
The fingerprint looks funky too.. trying to see if this is an actual
cloud outlook, or a forgery..
Sure be nice if Microsoft properly SWIP'ed those segments of it's IP
space dedicate to o365, instead of making people guess if this is an
Azure abuse or not..
I am sure not ALL of this range is cloud outlook..
NetRange: 52.96.0.0 - 52.115.255.255
CIDR: 52.112.0.0/14, 52.96.0.0/12
NetName: MSFT
NetHandle: NET-52-96-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-11-24
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/52.96.0.0
OrgName: Microsoft Corporation
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
