Recently we had an issue with the Exchange autodiscover.xml appending ".com" to our mail servers autodiscover address. It resulted in a certificate error due to the name not matching the certificate. After hunting that down and correcting it (by someone much smarter than me) I got to thinking how, other than by a dumb mistake, would that get changed?
Obviously my main concern is some type of vulnerability or exploit in our network or mail server. After a little research I couldn't find anything real obvious that it could be and I was hoping someone here would be able to point me to some resources I could use to continue my research.
Also any thoughts on how else this could have happened and how it could be prevented in the future would be appreciated.