Internal addresses leaked/known to the outside?

David Trevor 301 Reputation points

Let's say my mail domain is @Trevor .com and the free domain in Exchange Online is @Trevor

When checking the message trace in Exchange Online I see mails being sent to recipient addresses with @Trevor domain. Now the name before the @-sign is not in the same format as our main mail domain. Due to an email address policy on the local Exchange, the name is the SamAccountName in our local AD, which is neither equal to the UserPrincipalName nor to the mail address. In the message trace I see that mails are getting sent to those addresses even from external, see the example below:

To: SamAccountName@Trevor

Message received by: using TLS1.2 with AES256
The message was resolved to UserPrincipalName@Trevor .com
The message was successfully delivered

How do external senders know our mail addresses? Does this mean our user information got leaked to the outside at some point or is there a technical explanation for what I am seeing?

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,378 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 145.1K Reputation points MVP

    not uncommon. Could be that in the past someone shared a contact list or added a name to a website or put their samaccountname online or the sender is just trying combinations that work.
    It not big deal IMO, anyone can guess or surmise an email address for user in another company. The important thing is you have the necessary protections in place for anti-spam and anti-phishing.

    1 person found this answer helpful.
    0 comments No comments