Terry Zink: Security Talk
Discussing Internet security in (mostly) plain English
The Terry Zink Security Talk blog comes to an end
Please note: The Terry Zink Security Talk blog is being deprecated in March 2019 in order to focus...
Date: 06/20/2018
The unauthenticated sender '?' comes to Outlook
Update: This blog post is being deprecated and information is being moved to support.office.com:...
Date: 06/20/2018
Chasing the (very) long tail of unauthenticated domains
One of the requests that frequently crosses my desk (computer screen) is a vulnerability claim that...
Date: 06/08/2018
If your MX record doesn't point to Office 365, how do you disable spam filtering in Office 365?
One of the questions that has come up recently, especially as a lot of customers migrate over from...
Date: 06/05/2018
A way to (sort of) approximate DMARC aggregate reports in Office 365
One of the most common questions people ask me is "How do you get Office 365 to send out DMARC...
Date: 05/21/2018
How to get images to load in Outlook.com, Office 365, and Outlook email clients
People sometimes ask me "How do I, as a sender into Office 365, get images to load by default? Every...
Date: 02/23/2018
If you use Office 365 but your MX record doesn't point to Office, you may want to close down your security settings
Even though it's not a recommend configuration for our customers (in terms of spam filtering), some...
Date: 12/28/2017
When creating support tickets about spam, be sure to include message headers
When users get spam and phishing messages in the inbox, we ask users to submit them back to us,...
Date: 11/30/2017
How to securely add a sender to an allow list in Office 365
Background We sometimes see users creating allow rules, either through Exchange Transport Rules...
Date: 11/29/2017
Does SPF need an update to handle non-existent includes? I say yes.
Over the past month, my team and I have been going over logs in our system, looking for SPF...
Date: 11/19/2017
A second update to the problem of email forwarding in Office 365
18 months ago, I wrote the following blog post: Why does my email from Facebook, that I forward from...
Date: 11/03/2017
How we got to enforce DMARC for sub-domains of Microsoft's largest consumer email brands
I couldn't believe it. I had been blind for ages. Why had I not seen it before? The month was August...
Date: 10/21/2017
Blocking invalid From: addresses in Office 365
A couple of weeks ago, we made an announcement in Office 365 that we would be implementing stricter...
Date: 10/21/2017
Showing a question mark '?' in the sender photo when a message is not authenticated
In order to help stop phishing messages, Office 365 and Outlook.com already filter messages using...
Date: 09/05/2017
Does DMARC need an update to handled branded TLDs? I say yes
Some background As I've said before, one of the things I like about DMARC is how I don't have to...
Date: 08/24/2017
Does SPF need an update so subdomains can inherit the policy of its organizational domain? I say yes
The good thing about DMARC One of the great things about DMARC is that subdomains can inherit the...
Date: 08/15/2017
How we use the Certified Senders Alliance IP reputation list
If you are a subscriber to the good folks at Eco over in Germany, you might have noticed in their...
Date: 07/06/2017
Disabling unauthorized forwarding in Outlook.com
Over the past week, I've noticed an increase in user escalations asking to disable unauthorized...
Date: 06/23/2017
An update on the forwarding email problem in Office 365
Update on Nov 3, 2017 - See A second update on the problem of email forwarding in Office 365 Well...
Date: 06/22/2017
What do we mean when we refer to the 'sender' of an email?
There's a lot of ambiguity about the term "sender" when talking about the sender of an email. What...
Date: 06/22/2017
Why messages sometimes end up in the Junk folder in Outlook.com even when the sender is on your Safe Senders list
In Outlook.com, occasionally we get a complaint from a user saying that a message is in their Junk...
Date: 05/21/2017
Fixing a problem with "Unsubscribe" in Outlook.com
One of the problems that some of our users have been experiencing in Outlook.com is using the "You...
Date: 04/30/2017
Why adding to Blocked Senders sometimes doesn't block the sender
Recently in Outlook.com, I've seen a spurt of user complaints that they are adding senders to the...
Date: 03/28/2017
A tip for mailing list operators to interoperate with DMARC to avoid failures
One of the problems with DMARC is how mailing lists deal with participants that publish p=reject...
Date: 03/22/2017
A quick overview of Outlook.com (Hotmail) sender support
Over the past two months, I have taken on a role to deal with deliverability and user complaints for...
Date: 03/17/2017
If you want to send to Outlook.com, send with a valid From: address
I've been quiet on this blog for a couple of weeks, and that's because I've been helping out...
Date: 02/17/2017
The difference between adding Safe and Blocked senders in Outlook, vs. Outlook.com
I'm currently doing a bunch of work around making Outlook.com better, and one the things I've...
Date: 01/31/2017
Where email authentication falls flat at stopping phishing - impersonation attacks using display tricks
In this series so far, we've seen how email authentication is a great thing at stopping phishing...
Date: 12/06/2016
Where email authentication is potentially great – protecting against spoofing from domains with weak authentication
So, in the past couple of posts, I've talked about how email authentication is not that great...
Date: 12/03/2016
Where email authentication is totally great at stopping phishing – springboard attacks (and filling in the gaps)
As I was saying in my other blog post about email authentication, and how it struggles to stop...
Date: 11/28/2016
Where email authentication is not so great at stopping phishing - random IT phishing scams
On this blog, I've written a lot about email authentication and preached its virtues. If you are a...
Date: 11/23/2016
Troubleshooting the red (Suspicious) Safety Tip for fraud detection checks
Introduction It has now been about 8 months since we released our antispoofing protection in Office...
Date: 11/02/2016
Hotmail/Outlook.com evaluates DKIM a little differently than Office 365
If you're a user in Hotmail, Outlook.com, or any other of Microsoft's consumer email services, you...
Date: 10/18/2016
Messages going to Junk even though they aren't spam? Check to see if you have Safe-Lists-Only enabled
Recently, I've been seeing a spike in customer escalations saying that messages that aren't marked...
Date: 10/12/2016
How we moved microsoft.com to a p=quarantine DMARC record
In case you hadn’t noticed, Microsoft recently published a DMARC record that says p=quarantine:...
Date: 09/27/2016
Sending mail with invalid From: addresses to Office 365
One of the changes to go into Office 365 in the past year is an antispam rule that rejects on...
Date: 08/25/2016
The outbound IP and HELO format for Office 365
Regularly, Office 365 is asked by other email receivers about the way our mail servers and IP...
Date: 07/15/2016
Exchange Online increases its URL filtering
One of the ways in which Exchange Online detects spam, malware, and phishing is through URL...
Date: 07/01/2016
Why does my email from Facebook, that I forward from my outlook.com account, get rejected?
Update on Jan 25, 2017 - Still no timeline on a fix for this, we have repeatedly hit issues. :(...
Date: 05/19/2016
Seven things to know about Safety Tips
As I posted on this blog a couple of months ago, and as we posted on the Office blog last month,...
Date: 05/13/2016
Taking the hassle out of email authentication
Last month in Cologne, Germany, at the Certified Senders Alliance conference, I gave a presentation...
Date: 05/11/2016
Outlook.com DKIM signing done, now on to hotmail.com
A couple of months ago, I wrote a blog post that we were starting to roll out DKIM signing for our...
Date: 04/13/2016
Understanding Safety Tips in Office 365
Exchange Online Protection (EOP) already protects you with industry-leading spam and malware...
Date: 03/30/2016
What Gmail's changes in their web interface means to you as a customer of Office 365
A few weeks ago, Gmail made several changes to better reflect the security status of messages...
Date: 03/28/2016
Can TLS make the user experience better?
This blog post reflects only my opinion about encryption and the protection of sensitive personal...
Date: 03/23/2016