question

James-8867 avatar image
0 Votes"
James-8867 asked JamesTran-MSFT edited

Email links being scanned 30/40 minutes after recieving them

Hi,

I'm in a situation where one of our software sends emails with links to approve certain types of requests (you get a link to approve and a link to refuse).

If these email notifications are sent through a connector (typically our on-prem exchange server) in our 365 exchange server on our tenant then all is well. If instead they are sent through a software I have running that accepts incoming SMTP requests and sends the email through the graph APIs after about 30/40 minutes of having received the email something scans\opens the email links thus approving the requests without the users knowledge.

Any ideas of what is scanning the notifications only when they are sent through graph? And for some reason 30/40 minutes after delivery?

We are also running defender on the client machines.

Thanks,

James

office-exchange-server-administrationoffice-exchange-server-mailflowmicrosoft-graph-mailwindows-365-enterprise
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

yagmoth555 avatar image
0 Votes"
yagmoth555 answered

Hi, does the graph API respect the SPF, DMARC & DKIM rules ? I ask as some API often send via their own source and can make the email look suspicious from the remote computer.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

James-8867 avatar image
0 Votes"
James-8867 answered

Yes I've already checked this. To be honest the sent emails only pass the SPF check not the DMARC but we don't have DMARC checks on internal emails and from an email header I can see that the email originate and end up in the same domain so they should be considered internal

![202881-image.png][1]



image.png (83.4 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.