Microsoft Redirects Example.com Traffic to Japanese Company: Here’s Why
Microsoft recently faced an unusual networking issue that redirected traffic intended for example.com to a Japanese electronics manufacturer. This scenario raised several questions about the integrity of the company’s network configuration.
Traffic Redirection Explained
According to the Internet Engineering Task Force, example.com is a domain reserved for testing and is not available for public use. It is protected by RFC2606 to prevent unintentional traffic misdirection. Other domains like example.net and example.org serve the same purpose.
Despite these regulations, Microsoft’s network was found to be routing some traffic from Azure and other services to specific subdomains of sei.co.jp, which is owned by Sumitomo Electric.
Technical Findings
Inferring from terminal command output like cURL, evidence showed that email traffic was being routed to the following destinations:
- imapgms.jnet.sei.co.jp
- smtpgms.jnet.sei.co.jp
Users attempting to configure an Outlook account with an example.com domain were unwittingly sending credentials to these subdomains. The information returned during these processes, including a JSON response with email services, indicated that Microsoft’s autodiscover service misled traffic.
Expert Commentary
Michael Taggart, a senior cybersecurity researcher at UCLA Health, noted that this incident highlighted a probable misconfiguration within Microsoft’s system. He conveyed concerns that users might inadvertently relay sensitive credentials to unintended destinations.
As inquiries were made to Microsoft, their representatives could not provide an immediate explanation for the issue. This led to speculation about the company’s internal networking protocols.
Resolution of the Issue
By the following Monday, it was observed that the erroneous traffic routing had ceased. However, the cause remained unclear as Microsoft had yet to offer a statement addressing the root of the problem.
This incident serves as a reminder of the importance of proper network management and the potential risks posed by misconfigurations in cloud services.
