Hello,
I don't know about the switch to subscription based licensing, but I wouldn't be surprised that it happens. It's a long time they (and not only microsoft) heads to software as a rented service (and the need to connect to their cloud) instead of the standard buy the product once and use it the way you like.
This is very annoying.
About the proxying, that is something we've noticed while troubleshooting customer issues on Outlook mobile apps.
While doing IMAP connection troubleshooting we were searching for the customer IP address in our IMAP logs and were not able to find anything.
Instead there was connections from microsoft's network trying to log in as our customer.
So what does it means ?
It means that their apps doesn't connect directly anymore to the service but instead is more like a frontend that connects a backend of their client app that runs on their servers and this is unacceptable.
- What happens if their backend is temp. down, it would add a point of failure and customers would blame us for this as for them they are customers of OUR services.
- What's up with security and encrypted communications. Their backend are connecting to our service with TLS with a secure connection and another secure connection is established between their backend and the application. Ok well but isn't this a man in the middle attack ? They have access to the clear text data stream, also to the creditentials, etc. Unacceptable again.
- Also how then you keep some control of IP based whitelisting/blacklisting/ratelimits if everything gets proxied through their cloud
So at the moment it seems the mobile versions of outlook are working like this. I've heard the new outlook for mac version will also be like this as they tend to want to use the same engine for all.
We were in a hurry so I had not the time to dig deeper and "wireshark" communications client and server side to study better the story, but it's really worrying.
Kind regards.