Do you know that when you use the webmail component of Office 365, you also send your IP address to other people?
This is because the header of your emails contains your IP address when you use the Outlook 365 web service. Maybe Microsoft has a specific reason for automatically integrating IP addresses.
However, the company never informed Outlook 365 users about this. You should not ignore this issue as it is a major security and privacy risk for all of us.
Jason Lang recently identified these issues and shared the news on Twitter.
Privacy / opsec friendly reminder: If you are using the Outlook 365 web GUI, the original IP address of the connecting device (for example, your personal IP address) is smuggled into new entries. message heads. Super easy to bypass with the Brave browser and the new Tor window. The IP rotates with each new session. ? pic.twitter.com/vjsVhwJEV3
– Jason Lang (@ curi0usJack) July 24, 2019
It cannot be said that this was an accidental Microsoft leak. Obviously, Microsoft was deliberately injecting your IP address into emails.
Are you looking for a tool to hide your IP address? Here are the best options for Windows 10.
IT administrators use the sender’s IP address to search for particular emails. The IP address helps them recover a hacked account by tracing the location of the sender.
All of your emails that you send through https://outlook.office365.com have a header field called x-originating-ip.
At first glance, Microsoft has been using this feature for a few years. This is an older change that was already included in Outlook 365.
Twitter ser @ pranq5t3r who responded at the initial tweet the discussion continued:
It should also be noted that this happens in email clients with a provider that does not mask / remove the IP. Google, for example, gives an internal IP address when it uses them in a client. For providers that don’t, an add-on like TorBirdy in Thunderbird can provide a similar effect.
It should be noted that Office 365 admins can turn off this feature to remove the header in any way. They have the option to create a new rule in the Exchange admin center.
Another option is to hide your IP address using a VPN tool. Otherwise, anyone can track your location if you use the web client to send emails.
LEARN HOW TO HIDE YOUR IP ADDRESS FROM THESE GUIDES:
Thank you!
Start a conversation