• 5 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle




  • As a guy responsible for a 1,000 employee O365 tenant, I’ve been watching this with concern.

    I don’t think I’m a target of state actors. I also don’t have any E5 licenses.

    I’m disturbed at the opaqueness of MS’ response. From what they have explained, it sounds like the bad actors could self-sign a valid token to access cloud resources. That’s obviously a huge concern. It also sounds like the bad actors only accessed Exchange Online resources. My understanding is they could have done more, if they had a valid token. I feel like the fact that they didn’t means something’s not yet public.

    I’m very disturbed by the fact that it sounds like I’d have no way to know this sort of breach was even occurring.

    Compared to decades ago, I have a generally positive view of MS and security. It bothers me that this breach was a month in before the US government notified MS of it. It also bothers me that MS hasn’t been terribly forthcoming about what happened. Likely, there’s no need to mention I’m bothered that I’m so deep into the O365 environment that I can’t pull out.





  • Yep. I’ve hosted my own mail server since the early oughts. One additional hurdle I’d add to you list is rDNS. If you can’t get that set up, you’ll have a hard time reaching many mail servers. Besides port blocking, that’s one of the many reason it’s a non-starter on consumer ISP.

    I actually started on a static ISDN line when rDNS wasn’t an issue for running a mail server. Moved to business class dsl, and Ameritech actually delegated rDNS to me for my /29. When I moved to Comcast business, they wouldn’t delegate the rDNS for the IPv4. They did create rDNS entries for me, and they did delegate the rDNS for the IPv6 block. Though the way they deal with the /56 IPv6 block means only the first /64 is useable for rDNS.

    But, everything you list has been things I’ve needed to deal with over the years.