On 2020-09-28 09:36+1000, raf wrote: > One reason is MFA. Where I work, we are often receiving > emails from the hacked email accounts of our clients.
That would help some of the problems, I suppose. But a compromised copy of Outlook would still act as a spam mill once the login connection is established. I think what would happen is that between your login to exchange and getting 'a ok login' in response the MFA device needs to approve. Malware surely just waits a little longer, it would look like normal behaviour to someone who just started outlook, I would have thought. I seem to remember Outlook being one of the more buggy mail clients. There was a nasty issue without Outlook Express that would execute code in mail headers prior to display. Unless my memory is wrong. Exploitation doesn't go away with MFA, it might reduce some issues with compromised clients, but I think MFA is supposed to give some protection for that, unless you authorise the client connection. I really don't know, and I'm trying to see sense. It seems like wilful look-in, there's avenues for alternatives with things like BYOD becoming commonplace, but then to enforce Outlook or Office 365 rubs me the wrong way. Ed