Microsoft Mishandling Example.com
3 months ago
- #Autodiscover
- #Microsoft
- Microsoft's Autodiscover service has been incorrectly routing the IANA-reserved domain example.com to Sumitomo Electric Industries' mail servers since at least February 2020.
- Outlook auto-configures [email protected] to use Sumitomo's servers (imapgms.jnet.sei.co.jp and smtpgms.jnet.sei.co.jp) despite example.com being a reserved domain that should not resolve to real services.
- DNS verification confirms example.com has no records pointing to sei.co.jp, indicating the misconfiguration is within Microsoft's database.
- A curl request to Microsoft's Autodiscover API returns a JSON response with Sumitomo's server details, further confirming the issue.
- The x-debug-support header reveals this misconfiguration was manually added to Microsoft's database in February 2020 and has persisted for nearly six years.