15
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Jun 2025
15 points (100.0% liked)
Information Security
330 readers
1 users here now
founded 2 years ago
MODERATORS
I suppose that is a concern, but I think those are cloud IPs they move around occasionally and wouldn't want to make every user update their TXT records.
So for this use case I am pretty sure they would always be DNS names if the admins are following Microsoft's instructions.
It looks like they have you set your txt record to spf.protection.outlook.com which resolves to a txt record with a bunch of their IPs. So if you really wanted to make sure there weren't installs with IPs in their list you can use that txt record to get Microsoft's IP ranges and search for those as well.