Niels K.
Martin ███████@nielsk So would it make sense to block MS on submission and IMAP ports? What legitimate business could they have?
@unixtippse If your users use the new Outlook which will replace Windows Mail you can’t block them.
@nielsk You haven't tested whether it falls back to direct communication, though, have you?
@unixtippse No, I didn’t. I just had a support team member telling me that Outlook didn’t work and if we can make it work (it worked for him after a reboot) and that’s why I did what I did.
J$@nielsk @unixtippse yes you can. And should.
@js @unixtippse Well, I operate a mail-platform for external users. I can’t do that because the support-team will kill me.
@nielsk @unixtippse Well, I’d say its not up to you to break your spine to create workarounds for broken-by-design end user software. They have plenty of working clients to choose from.
EndlessMason
Wolf480pl@nielsk @unixtippse I think from a security point of view, it's better when it doesn't work. More than that, every time your server sees a user successfully log in from a Microsoft IP, it should reset (or disable) that user's password, since you have to assume it's compromised.
railmeatIt sounds like they proxy all the connections so all the mail passes through their servers. I wonder how long they keep it? I guess everyone’s emails become grist for AI.
I wonder what their terms of service say about that?
@railmeat @unixtippse I dunno. But it is more less the same what they do with the mobile Outlook-clients
I guess that is the world we live in now. Not really my preference.
Yet another reason to move my computing to self hosted and possibly Linux.
Mr Cool@railmeat @nielsk @unixtippse If we don't stop companies from implementing toxic business culture, it will get worse. Someday we will live in a world we don't really want to live in. We will no longer own anything, not even our data.
Too many people don't care and even defend these companies.
Too many people don't care and even defend these companies.
Tom@mrcool @railmeat @nielsk @unixtippse
Agreed, except for the word 'someday'.
It will get worse for sure, but that's already the world we live in.
@Tom @railmeat @nielsk @unixtippse You are right. Even I can see how I'm slowly getting used to it. And that's how it will continue. Small steps, so that people don't realize that their rights and their data are gradually being taken away from them.
Menel 
XToo late! We already gave up our entire life to them.
Sadly, this is true.
Angela Scholder@mrcool @railmeat @nielsk @unixtippse With M$, Google, Meta, AWS basically in charge of at least a large part of the Internet we can quietly already wonder how far we are on our way to a World like that.
And too many companies, and especially governments, are still quietly moving our personal data into the hands of these companies.
Certainly anyone working in an administrative position in government can work perfectly with a Linux based computer, but all they want is Windows.....
Chewie@railmeat if you have time, bandwidth and money, I would highly recommend self-hosting, I've learnt loads by doing it!
seism0saurusIt's documented, that they store the credentials to the Mailservers in cleartext on their servers and fetch the Mails there. It's a shitty design.
@seism0saurus @unixtippse @nielsk
Credentials in plain text? I thought we got past that in the’90s.
Where is that documented?
Otherwise they can't access your Mailservers.
I'm not sure if the data at rest is unencrypted but at least it is reversible since they need it for login to your mailservers.
It is definitely not a standard like bcrypt or scrypt there the credentials are secured by a one way function
Cassandrich
Asta McCarthy@AstaMcCarthy @railmeat @unixtippse @nielsk By the letter of the law, yes, but norms have gone to hell and nobody will prosecute.
It would be great if someone prosecuted them.
I would guess users agree to it in the terms of service. But who knows, no one has time to read that.
bananas_pizza@unixtippse @nielsk why not stop using it altogether instead of going all out sadomaso just to use their crappy software?
@unixtippse @nielsk No legitimate interests at all, but I guess they use the data to feed their AI crap..