The Department of Bizarre Anomalies reports that Microsoft has managed to suppress a strange occurrence on its network involving traffic mistakenly directed to example.com being routed to a Japanese electronics cable manufacturer.
According to RFC2606, maintained by the Internet Engineering Task Force, example.com is designated for testing purposes only and should not be used by any outside party. This domain is intended to resolve to IP addresses managed by the Internet Assigned Numbers Authority, preventing any inadvertent traffic to non-testing domains. Developers and penetration testers are directed to use example.com, along with example.net and example.org, to avoid any unintended mishaps.
Misconfiguration Addressed, Uncertainty Remains
Findings from the terminal command cURL revealed that within Microsoft's Azure and other networks, traffic was incorrectly routed to subdomains of sei.co.jp, a domain owned by Sumitomo Electric. The usual output was expected, but anomalies appeared in JSON-based responses, which included:
{"email":"email@example.com","services":[],"protocols":[{"protocol":"imap","hostname":"imapgms.jnet.sei.co.jp","port":993,"encryption":"ssl","username":"email@example.com","validated":false},{"protocol":"smtp","hostname":"smtpgms.jnet.sei.co.jp","port":465,"encryption":"ssl","username":"email@example.com","validated":false}]}Similarly, setting up a test@example.com account in Outlook generated similar results, which directed traffic to the sei.co.jp subdomains imapgms.jnet.sei.co.jp and smtpgms.jnet.sei.co.jp, due to Microsoftâs autodiscover service.
Michael Taggart, a senior cybersecurity researcher at UCLA Health, commented, âWhile Iâm not an expert on Microsoftâs infrastructure, this seems to be a straightforward misconfiguration. It resulted in Outlook account setups for example.com unknowingly sending test credentials to these subdomains.â
Early Friday, Microsoft could not explain the anomaly and requested additional time. By Monday, the issue was resolved, yet a spokesperson still had no further explanation.