Forum Discussion

Brass Contributor

Mar 07, 2018

SMTP via User

Our CFO has Multi-Factor authentication set up and working. Someone tried to send an email on his behalf to a non-existent email address, so he received the bounce back in his inbox. The original ema...

exchange

office 365

Tyler Miller

Brass Contributor

Mar 07, 2018

This is hard for me to believe, simply because I have devices on my network that I have set up to send alerts via SMTP, and if I do not authenticate as the same email as the sender it fails to send the email. SMTP via O365 seems to be very picky on what it accepts, simply because SMTP use to be so open and allow for anyone to send anything. I thought that was fixed now.

Anonymous

Mar 07, 2018

This email originated from some other IP outside of 365. You don’t have to use their servers to send as their domains.

Tyler Miller
Brass Contributor
Mar 07, 2018
So you are saying that their servers allowed them to send email from our O365 domain to us, using their SMTP servers, not ours? If so, wouldn't it show the email address they used to authenticate against their SMTP server, or they just sent it anonymously with no authentication?
- Anonymous
  Mar 07, 2018
  They didn’t send anything to your servers you said it got blocked and then you got the NDR. I can go right now to my smtp server and send as you to some random place and if it got blocked you would get the NDR.
  - Tyler Miller
    Brass Contributor
    Mar 07, 2018
    oh, we got a bounce back because the TO email address does not exist, not because it was blocked as spam. The email address they were sending to was not valid. If it would have been, the email would have been delivered and we would have never known about it.