8. February 2022

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

Microsoft adds SMTP MTA Strict Transport Security (MTA-STS) support feature in Exchange Online to improve Office 365 customers’ email security. Redmond disclosed MTA-STS’s release in September 2020. after mentioning that it was also adding inbound and outbound support for DNSSEC (Domain Name System Security Extensions) and DANE for SMTP (DNS-based verification of Known Entities). The Exchange Online Transport Team has been validating and implementing and is now ready to disclose support for MTA-STS for all outgoing messages via Exchange Online. 

Office 365 now has MTA-STS, which means that emails sent by users with Exchange Online will be sent over connections having authentication and encryption. It will protect the mails from threat actors and hacking attempts. The new feature improves Exchange Online email security and resolves various SMTP security problems, it includes out-of-date TLS certificates, poor secure protocols support, and certifications not trusted by third parties or same server domain names. Before MTA-STS, emails sent via unsafe TLS connections were vulnerable to external threats like man-in-the-middle and downgrade attacks. 

Exchange Team says “downgrade attacks are possible where the STARTTLS response can be deleted, thus rendering the message in cleartext. Man-in-the-middle (MITM) attacks are also possible, whereby the message can be rerouted to an attacker’s server. MTA-STS (RFC8461) helps thwart such attacks by providing a mechanism for setting domain policies.” Microsoft offers assistance on adopting MTA-STS, this includes hosting of the policy files on the domain web infrastructure. 

Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: