Re: OT: Microsoft Breech

2024-03-19 Thread Giovanni Bechis
Il 19 marzo 2024 15:33:10 CET, Bill Cole ha scritto: >On 2024-03-19 at 09:51:04 UTC-0400 (Tue, 19 Mar 2024 08:51:04 -0500) >Thomas Cameron >is rumored to have said: > >> Does anyone else just block all traffic from *.onmicrosoft.com? > >Yes. No collateral damage noticed. That includes a

Re: OT: Microsoft Breech

2024-03-19 Thread Thomas Cameron
On 3/19/24 09:52, Michael Storz wrote: Am 2024-03-19 14:51, schrieb Thomas Cameron: Does anyone else just block all traffic from *.onmicrosoft.com? I have literally NEVER gotten anything from that domain which is not obvious junk. We block and have a whitelist with 49 entries at the moment.

Re: OT: Microsoft Breech

2024-03-19 Thread Michael Storz
Am 2024-03-19 14:51, schrieb Thomas Cameron: Does anyone else just block all traffic from *.onmicrosoft.com? I have literally NEVER gotten anything from that domain which is not obvious junk. We block and have a whitelist with 49 entries at the moment. Michael

Re: OT: Microsoft Breech

2024-03-19 Thread Bill Cole
On 2024-03-19 at 09:51:04 UTC-0400 (Tue, 19 Mar 2024 08:51:04 -0500) Thomas Cameron is rumored to have said: > Does anyone else just block all traffic from *.onmicrosoft.com? Yes. No collateral damage noticed. That includes a system that has administrative and alerting role accounts which

Re: OT: Microsoft Breech

2024-03-19 Thread Thomas Cameron
I am using this setup in my postfix main.cf. [obfuscated] is my actual key for spamhaus. smtpd_recipient_restrictions = check_sender_access regexp:/etc/postfix/sender_access permit_mynetworks permit_auth_destination permit_sasl_authenticated reject_rbl_client

RE: OT: Microsoft Breech

2024-03-19 Thread Marc
I am using spamcop and spamhaus to block. There are indeed outlook.com ip addresses that bounce. > > Does anyone else just block all traffic from *.onmicrosoft.com? I have > literally NEVER gotten anything from that domain which is not obvious junk. > > I set up postfix to just flat out

Re: OT: Microsoft Breech

2024-03-19 Thread Thomas Cameron
Does anyone else just block all traffic from *.onmicrosoft.com? I have literally NEVER gotten anything from that domain which is not obvious junk. I set up postfix to just flat out refuse anything from that domain.[1] If I get any complaints, I may ease it up, but I was getting TONS of spam

Re: OT: Microsoft Breech

2024-03-18 Thread Jared Hall via users
On 3/18/2024 10:13 PM, Jimmy wrote: It's possible that certain email accounts utilizing email services with easily guessable passwords were compromised, leading to abuse of the ".onmicrosoft.com " subdomain for sending spam via email. Well, there's (1) standard BEC,

Re: OT: Microsoft Breech

2024-03-18 Thread Jimmy
It's possible that certain email accounts utilizing email services with easily guessable passwords were compromised, leading to abuse of the ". onmicrosoft.com" subdomain for sending spam via email. I've observed an increase in the blocking of IPs belonging to Microsoft Corporation by the SpamCop