On 2022-01-17 1:10 a.m., Marc wrote:
Please also note that atleast for M365 licensed version of Outlook for Mac (version 16.57) now forces sync to microsoft cloud by default when adding IMAP account:
(says in image: For better experience, your messages will be synced to the Microsoft cloud)
I cannot opt-out from this. (Just realised that this actually might be something forced by my employers Intune policies)
And indeed after I continued to add the account the incoming IMAPS connection to my dovecot server came from 52.98.150.133 wwned by Microsoft.
I do no think it is related with settings. I have a 'airlocked' test environment with exch 2016 and I was surprised that the mobile outlook app is also connecting to the microsoft cloud. Which really surprised me, that must be against all GDPR legislation. Thus currently if you have an exchange server you can not get email on mobiles without using a 3rd party app. They are totally mental at microsoft.
Even worse, the initial setup of an email account against 3rd party email servers, attempts to initialize an authentication attempt from the Microsoft cloud, instead of from the client IP, breaking authentication restrictions, and the IP(s) used for this in the MS cloud, have exactly the same PTR and whois description as any other cloud IP, eg a malicious hacker could own. AND the credentials of course are now shared with an unexpected party (Privacy, not sure if that is listed in the Outlook terms and conditions). As well, (not confirmed) if the auto discovery includes attempting non SSL/TLS there is a risk of credentials going unencrypted over the air. Anyone else confirm that?
-- "Catch the Magic of Linux..."
Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company.