cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Office 365 IP is trying to authenticate to my local mail server

esoriauy
Copper Contributor

‎Aug 21 2020 01:51 PM - edited ‎Aug 21 2020 01:52 PM

‎Aug 21 2020 01:51 PM - edited ‎Aug 21 2020 01:52 PM

Office 365 IP is trying to authenticate to my local mail server

Hello all !

Some days ago an internal user of the company where I work, changed his email password. All the email accounts are hosted on an internal mail server that is not MS.
After the password change, the user updated it on all his devices but his account began to be blocked due to repeated failed attempts to log in. After making sure all their devices were turned off, we saw that the attempts were continuing. Looking at the logs on our FW, we see that a Microsoft IP (40.102.33.173) is trying to log externally to our mail server all the time:

 

imap - authentication failed for [xxxxx@yyyy.com] (external LDAP auth failed, LDAP error: - unable to ldap authenticate: invalid credentials)

 

The user assures us that he uses Office on her iPhone but there he no longer has the account configured or on any other device (checked).

My question is: how is it possible that a Microsoft IP is trying to connect through a high port to an LDAP? What would the user have to do to achieve this and where could I start to investigate to delete this configuration?

 

Thank you very much in advance.

511 Views
0 Likes
0 Replies
Reply
0 Replies