In our ongoing commitment to enhance email security and protect our users from malicious activities, we are making changes in handling emails with non RFC-compliant P2Sender addresses. This change reflects our dedication to combating email spoofing, impersonation, and the various evasion techniques employed by attackers.
Understanding Non-RFC Compliant Emails
The Internet Engineering Task Force (IETF) publishes the Request for Comments (RFC) documents, which define the standards for internet protocols, including email formatting and transmission. Emails that do not adhere to these standards are considered non RFC- compliant. Attackers often exploit these non-compliant formats to bypass security filters, making it challenging to detect and block malicious emails effectively.
What Is Changing
We are enhancing our detection mechanisms to better identify and handle non RFC-compliant emails. Users may notice safety tips or warnings in their Outlook clients when they receive messages from non-compliant addresses. These tips are designed to increase awareness and encourage caution when interacting with such emails.
Web/ New Outlook:
Win32 Outlook Desktop:
Over time, we plan to strengthen these measures, which may include blocking or rejecting emails that do not comply with RFC standards. Our ultimate goal is to ensure a safer email environment by reducing the risk of phishing, spoofing, and impersonation attacks that exploit non-compliant email formats.
Example of a Non-RFC Compliant Email Address
|
Example |
Issue |
Explanation |
|
From: Admin\x0000<evil@fabrikam.com> |
Invalid characters like \x0000. |
The display name contains invalid characters, making the email non-compliant with RFC standards. |
|
From: jane.ch@ <contoso.com jane.chContoso.com> |
Invalid email in braces and @ in display name without quotes. |
The space in <contoso.com jane.ch@contoso.com> and unquoted @ in the display name violate RFC compliance. |
|
From: \"fax@\" <fabrikam.com fax@fabrikam.com> |
Space in the email address. |
The email address fabrikam.com fax@fabrikam.com is invalid due to a space in the email field. |
|
From: =?UTF-8?B?VU9CQ29tascGxpYW5jZUBzdWNjZXNzZmFjdG9ycy5jb20=?=, John Doe <john.doe@contoso.com> |
Email is populated in the display name field and actual email field is empty. |
Decoded, the first part appears as user@email.com<> and leaves the email field blank, violating standards. |
|
From: display name <abc@@fabrikam.com> |
Double @ in the email address. |
An email address with multiple @ symbols is invalid under RFC standards. |
|
From: sender1@contoso.com <sender1@kmsrc.fabrikam.com> |
Display name contains @ and is not in quotes. |
Display names containing emails (e.g., sender1@contoso.com) must be enclosed in quotes for RFC compliance. |
These kinds of malformed addresses are used to evade detection by mimicking legitimate addresses or domains. By enforcing RFC compliance, we can better prevent these deceptive tactics from being effective.
Why This Matters
Non-RFC compliant emails can be used to:
- Evade Detection: Malicious actors use malformed email addresses to trick filters and deliver harmful content directly to inboxes.
- Mislead Recipients: Manipulating email headers and sender addresses can make emails appear as if they are coming from legitimate sources.
- Facilitate Phishing and Fraud: These techniques increase the likelihood of successful phishing attacks, potentially leading to data breaches and financial losses.
By addressing this issue, we aim to enhance security for all users and maintain the integrity of email communications.
What This Means for Email Senders
If you are an email sender currently using non RFC-compliant P2Sender addresses, it is important to update your email systems to align with RFC standards. Transitioning to RFC-compliant formats will ensure that your emails continue to reach recipients without being flagged by our filters or show the safety tip.
Our Commitment to You
We are dedicated to providing a secure and reliable email experience. By enforcing RFC compliance, we aim to:
- Enhance Security: Protect users from phishing, spoofing, and impersonation attacks.
- Improve Deliverability: Ensure that legitimate emails are delivered promptly and reliably.
- Promote Best Practices: Encourage the adoption of standardized protocols across the email ecosystem.
We understand that changes to email policies can impact your operations. We will continue to communicate updates through MCposts when we make any further changes.
Microsoft
