Occasional Contributor

Dear community,

 

I just got external access working with both test tenants that my organization has. However, I want to clarify some things about what external access opens up for other users from other organizations (in case of "open federation"). My questions are the following:

 

1. In case of "Open Federation / no blocked domains": Can anyone who has access to my emailaddress, has Teams and external access with "open federation" as well, just send me a chat message, without any form of me having to accept that incoming chat message?

 

2. In case of "Open Federation / no blocked domains": Can anyone who has access to my emailaddress, has Teams and external access with "open federation" as well, just give me an ad hoc call via their Teams chat, without any form of me having to accept that incoming call?

 

I am asking this just to make sure I get this straight. Because if there is no sort of security in the sense of blocking incoming external calls or messages when using external access in combination with "Open federation", then potentially you open up a new channel for spamming and phishing right? 

 

Thank you so much for your help,

 

Sylvester

www.000webhost.com