Microsoft recently faced an unusual issue where traffic meant for example.com—an address reserved for testing—was misrouted to a Japanese electronics cable company, Sumitomo Electric. According to the Internet Engineering Task Force’s RFC2606, example.com cannot be registered by any entity to prevent unwanted traffic when developers need a placeholder domain. Instead, they should use example.com, example.net, or example.org for testing purposes. Evidence indicates that Microsoft’s Azure network was mistakenly directing some email traffic to subdomains of sei.co.jp, specifically imapgms.jnet.sei.co.jp and smtpgms.jnet.sei.co.jp. This misrouting was linked to Microsoft’s autodiscover service, which automatically configures email accounts in Outlook. Cybersecurity expert Michael Taggart noted that this flaw could inadvertently expose user credentials from example.com to the Japanese domains. On Friday, when inquiries were made about the issue, Microsoft representatives could not provide an explanation and requested more time to investigate. By Monday morning, the routing problem had been resolved, but the company still hadn’t clarified the cause of the anomaly. The incident highlights potential vulnerabilities in how Microsoft manages email configuration, particularly for domains that should remain isolated for testing.