Re: Hold on...
Actually, the problem IS the protocol. The sequence of host names is completely wrong. Why have the option of a DNS or SRV record if you don’t check it first? Why write a protocol that assumes the host name of the Exchange server is on the root of the domain when it is highly unlikely to ever be so?
And lastly, why not have some sort of handshake in the protocol before just handing over the password. I don’t think people appreciate how big a deal this really is. Every CyberSecurity person will tell you to keep public and private systems separate. But Microsoft designed a protocol that BY DESIGN leaves the safe corporate environment FIRST?
Biting the hand that feeds IT
