Re: [mailop] Microsoft 365 send spam via high-risk delivery pool (instead of block it)
>>What if the email was beng sent to an abuse team to complain that
Simple:
If (this.header('to') =~ m/.*>What if this is someone asking a trusted one whether the deal is real?
>>..or their reply that it is not?
if (Checkinbox(from, this.header('to')) == true) {
Permit();
}
Else
{
Block();
}
Sub Checkinbox(header as string, targetvalue as string) as Boolean {
Result = false;
Foreach mail in inbox {
If mail.open.header(header) == targetvalue {
Result = true;
}
}
Return Result;
}
>>What if it's a blog / mailing list post when someone sent that?
That would be cumbersome, but so rare that it could be passed
>>Or a mail forwarded from a spamtrap?
The provider of course knows its spamtraps, and can excempt them from egress
filtering.
>>Or a newsletter alerting from certain scams on the rise?
>>Not to mention a mailing list such as this one, discussing spam topics.
Newslettes and mailing lists can gain a special trusted status when enough
people on the same provider have subscribed to it.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
Re: [mailop] Microsoft 365 send spam via high-risk delivery pool (instead of block it)
On 2022-09-29 at 08:19 +0200, Alessio Cecchi wrote: > if you can identify a message as unwanted why do you have to send it > anyway? It does not seem to me a positive contribution to the cause > of a better internet, but only a discharge of responsibility on the > receiving server. The tricky question is: How are you sure it's unwanted? Suppose the body of the email contains a well-known text of a Nigerian prince scam. Surely that email would be unwanted, right? Except... What if the email was beng sent to an abuse team to complain that *they* sent such email? What if this is someone asking a trusted one whether the deal is real? ...or their reply that it is not? What if it's a blog / mailing list post when someone sent that? Or a mail forwarded from a spamtrap? Or a newsletter alerting from certain scams on the rise? Not to mention a mailing list such as this one, discussing spam topics. > In any case, some one know what are the IP address in the "high-risk > delivery pool" of Microsft 365? This is a good question. Microsoft throughly documents its use of an High Risk Delivery Pool... but not which ranges it uses for that. According to https://o365info.com/high-risk-delivery-pool-and-exchange-online-part-9-17/ it would be using 157.56.0.0/15 Regards ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Microsoft 365 send spam via high-risk delivery pool (instead of block it)
Am 29.09.22 um 08:19 schrieb Alessio Cecchi via mailop: I think it is not a correct behavior, if you can identify a message as unwanted why do you have to send it anyway? Often such identification isn't 100% certain (in fact, no spam/ham distinction can ever be 100% correct). Of course, if the message originated from a Microsoft customer it might be more reasonable to return it to the sender with an indication of what was considered questionable, but even the decision whether a message was created by the customer may be difficult in cases of mail forwarding etc. Offloading the decision to the recipient at least ensures that no valid e-mail is ever prevented from reaching them, which is a (questionable IMO) legal requirement in the EU. I'd rather prefer if they rejected identified spam instead of delivering it, but then I also want world peace. And a pony. With my luck, I'll get none of these. Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Microsoft 365 send spam via high-risk delivery pool (instead of block it)
Hi, on Microsoft 365 documentations site I found an article where you can read: "[...] all outbound messages from Microsoft 365 datacenter servers that are determined to be spam are sent through the high-risk delivery pool." https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/high-risk-delivery-pool-for-outbound-messages So, when Microsoft 365 identify an outbound message as spam don't block it but was sent via "the high-risk delivery pool". I think it is not a correct behavior, if you can identify a message as unwanted why do you have to send it anyway? It does not seem to me a positive contribution to the cause of a better internet, but only a discharge of responsibility on the receiving server. In any case, some one know what are the IP address in the "high-risk delivery pool" of Microsft 365? Thanks -- Alessio Cecchi Postmaster @http://www.qboxmail.it https://www.linkedin.com/in/alessice ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
