Outlook.com продолжает запрашивать пароль ActiveSync на iPhone, а также на клиенте Outlook 2013

5968
DeepSpace101

Я проверяю свою почту (скажем, username@outlook.com) через Outlook 2013, а также мои устройства iOS.

Довольно часто (примерно 10-15 раз в день) я получаю случайное окно с запросом пароля как на клиенте Outlook 2013, так и на моем iphone или ipad. Мой пароль правильный, но время от времени он будет подсказывать мне 5-6 раз подряд, прежде чем уйти. Это почти как отключение на стороне сервера, но я не видел никаких проблем в интернете. Локальное подключение к Интернету также в порядке, так как любая другая интернет-служба работает, когда Outlook.com ActiveSync подходит.

Для Outlook 2013 я добавил свой username@outlook.comстандартный мастер Outlook 2013 - он, похоже, подобрал настройки сервера и принял пароль. Сервер, кажется, blu-m.hotmail.comкогда я снова открываю свойства учетной записи.

Для iOS я использовал опцию «Outlook.com» по умолчанию при настройке учетной записи электронной почты в приложении «Почта». Я не могу увидеть, какой сервер использует, так как настройки Mail не показывают меня (потому что я использовал этот стандартный мастер Outlook.com?)

У меня была двухфакторная аутентификация, но недавно я отключил ее, чтобы узнать, является ли это источником. Это не помогло - эта проблема сохраняется, несмотря на отключение двухфакторной аутентификации на Outlook.com

Кто-нибудь знает, на что мне смотреть дальше?

0

1 ответ на вопрос

1
DeepSpace101

Short version

I had some long forgotten SMTP clients (in-home IP security cameras) that kept failing logins to Outlook.com's SMTP server every minute! So outlook.com would periodically block all other email clients from connecting from my home's IP address, even with the right password, leading to the problem in the question.

Interesting but long story

I had IP security cameras setup to email me on some events. Those were setup to login and send email via SMTP and they were using my username@outlook.com + an old password. They are essentially "SMTP" clients but since they are fixed to the ceiling and outside, "out of sight = out of mind".

Yesterday, Outlook.com's login page (finally!) hinted that I was having too many wrong logins, so it wanted to verify if I'm a human (usual mangled text image). That was a clue, so I logged onto https://account.live.com/Activity and noticed that there was a failed login almost every minute (= 10,000 failed logins per week since who knows when!!). Even more surprising, the source IP address for all logins (failed or successful) matched the external IP address of my router. So either someone hacked into my WiFi or was spoofing my IP or my one of my email clients was just nuts.

I disabled Outlook.com email on my iPad, kept iPhone off my WiFi (only LTE) and kept Outlook 2013 as-is overnight. Still saw the weird failed logins at https://account.live.com/Activity so logged to my router (Apple Airport Extreme) to see if I had any suspicious WiFi clients connected. None, but I did notice the WiFi cameras and then it suddenly hit me that many months back I had setup SMTP notifications on the security cameras and I had changed my Outlook.com password in the last few weeks but had forgotten to reconfigure the security cameras!

I reconfiguring the security cameras for the new Outlook.com password (happened to be an application password since I now had two factor authentication) and sure enough, the IP camera sent me an email about the there being a reboot event sometime back. I have no idea how long the camera was attempting to send out that email (it was last rebooted a while back) but it had been trying, every minute for quite sometime effectively mounting a DoS attack on the rest of my email clients (by triggering a security response on the Outlook.com authentication servers).

Anyway, now everything works very well and I'm happy that this was my issue an not a Microsoft Outlook.com issue.

Microsoft has built a fantastic product with outlook.com and it worked exactly as expected. One suggestion would be to notify the user of 3+ failed logins on the next browser login AND putting a link to https://account.live.com/Activity right below that notice asking them to review that list.