Internal mail.onmicrosoft.com addresses leaked/known to the outside?

Question

Let's say my mail domain is @Trevor .com and the free domain in Exchange Online is @Trevor .mail.onmicrosoft.com

When checking the message trace in Exchange Online I see mails being sent to recipient addresses with @Trevor .mail.onmicrosoft.com domain. Now the name before the @-sign is not in the same format as our main mail domain. Due to an email address policy on the local Exchange, the name is the SamAccountName in our local AD, which is neither equal to the UserPrincipalName nor to the mail address. In the message trace I see that mails are getting sent to those addresses even from external, see the example below:

*From: *****@sender.com
To: SamAccountName@Trevor .mail.onmicrosoft.com

Message received by: XXXXXXXX.eurprd02.prod.outlook.com using TLS1.2 with AES256
The message was resolved to UserPrincipalName@Trevor .com
The message was successfully delivered

How do external senders know our mail addresses? Does this mean our user information got leaked to the outside at some point or is there a technical explanation for what I am seeing?

Answer 1

not uncommon. Could be that in the past someone shared a contact list or added a name to a website or put their samaccountname online or the sender is just trying combinations that work.
It not big deal IMO, anyone can guess or surmise an email address for user in another company. The important thing is you have the necessary protections in place for anti-spam and anti-phishing.