Over the past month, we have seen an increasing number of automated attempts to 'brute force' Microsoft Office 365 email accounts by repeated attempts to guess the account password. Following good practice, as described in this earlier blog post, is essential to keep your users and data secure: http://www.rm.com/blog/2017/december/office-365-email-security-advice-and-guidance.
The main route used for password cracking attempts is IMAP. This is a legacy email protocol used to connect older desktop/smartphone mail apps to an email service like Office 365, but is increasingly being used by attackers to test thousands of user passwords in the hope of getting one right. Over the past month, we have seen significantly increased levels of IMAP traffic targeting Office 365 indicating automated attempts to crack account passwords for Office 365 domains.
As a result of this, we have taken the decision the disable support for the IMAP protocol across RM Unify in order to protect the security of user accounts and to avoid any impact on our service.
We have not taken this decision lightly and we are aware that it will inconvenience some customers, but maintaining the security and availability of RM Unify are our highest priority. This will not affect anyone using the Microsoft desktop/mobile apps, nor any app using Exchange ActiveSync (this includes iOS Mail, Apple Mail, GMail app, Android Mail). We maintain an on-going review of security and we will only consider re-enabling IMAP if we can be confident that we can do so without compromising security or risking the reliability of service that our users expect.