Big Daddy Microsoft say’s it’s impolite to over secure your messaging systems..? 😛
Disrupts the days of the attacker, they don’t get proper family time and become surly, expressing them selves in more vindictive ways..?
I think it’s very likely some of those boxes are part of honey nets, email is a glittering prize for an information broker.
I do think that there are lots of good ways to mitigate this ZTNA tools, Old Trusty the VPN and unfashionable though it is patch your systems.
More broadly whilst there are some decent Microsoft Security products out there, it’s the organisation itself does not make money from the security of business or safety and privacy of its consumers. The only way I see to fix this(given how institutionally unresponsive it is) is co-ordinated and punitive regulation across its key markets and if that fails, break it up.
