Re: [mailop] Very large spike in false positives with Microsoft domains

2016-02-26 Thread Dickie LaFlamme 
Thanks for the update on the "invalid arguments" code. Look forward to the
blank response resolution

Thanks,

Dickie LaFlamme / Deliverability Specialist
On Feb 26, 2016 2:50 PM, "Michael Wise" <michael.w...@microsoft.com> wrote:

> I am told they found the issue on our side and took the server out of
> rotation, so hopefully that clears up **THAT**.
>
> Still waiting on an explanation of the empty reply explanation.
>
>
>
> Aloha,
>
> Michael.
>
> --
>
> *Michael J Wise* | Microsoft | Spam Analysis | "Your Spam Specimen Has
> Been Processed." | Got the Junk Mail Reporting Tool
> <http://www.microsoft.com/en-us/download/details.aspx?id=18275> ?
>
>
>
> *From:* mailop [mailto:mailop-boun...@mailop.org] *On Behalf Of *Dickie
> LaFlamme
> *Sent:* Friday, February 26, 2016 2:16 AM
> *To:* Maarten Oelering <maar...@postmastery.net>
> *Cc:* mailop@mailop.org
> *Subject:* Re: [mailop] Very large spike in false positives with
> Microsoft domains
>
>
>
> Thanks Maarten. We ended up getting to the root of "transaction failed".
> We started reclassing the hard bounce to a soft on the 17th.
>
> Thanks,
>
> Dickie LaFlamme / Deliverability Specialist
> +1 603-296-1952
>
> On Feb 26, 2016 5:07 AM, "Maarten Oelering" <maar...@postmastery.net>
> wrote:
>
> I noticed you are using PowerMTA. You can defer these emails instead of
> bouncing by adding this to your :
>
>
>
> *reply /554 Transaction failed/ skip-mx*
>
>
>
> We saw the last of these errors on the 19th. I am willing to share SMTP
> traces if it’s still relevant.
>
>
>
> Maarten Oelering
>
> Postmastery
>
> W: postmastery.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fpostmastery.com=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=QzBBiHMjjbSAEBnPfHnXRGgb7YngMiUcU0NRqs1NN54%3d>
> T: +31 20 261 0438
>
>
>
> On 25 feb. 2016, at 20:31, Dickie LaFlamme <rlafla...@dyn.com> wrote:
>
>
>
> I wanted to see if other followers have heard any chatter about Microsoft
> incorrectly classifying hard bounces for other providers/customers. We've
> been trying to get to the root cause of why they could be creating so many
> false positives for our platform over the past few weeks.
>
>
>
> Final-Recipient: rfc822; (*taken out for confidentially*)@hotmail.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=LnlCWeY2J7VY93wllArPqaBsMJKtjsKgo7FXJDK6tDI%3d>
>
> Action: failed
>
> Status: 5.4.0
>
>
>
> By the RFC they should be at least including a diagnostic code, but they
> are not, this is from a full header to note as well.
>
>
>
> Final-Recipient: rfc822;(*taken out for confidentially*)@hotmail.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=LnlCWeY2J7VY93wllArPqaBsMJKtjsKgo7FXJDK6tDI%3d>
>
> Action: failed
>
> Status: 5.0.0 (undefined status)
>
> Remote-MTA: dns;mx3.hotmail.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fmx3.hotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=aC8Q9ai26%2fcap9QUNOAJtgXMV%2bsOwd992wNYvAQgfwg%3d>
>  (65.55.33.135)
>
> Diagnostic-Code: smtp;554 Transaction failed
>
> X-PowerMTA-BounceCategory: other
>
>
>
> Essentially all we got back from Microsoft was that "this should be
> classified as a soft bounce in your system": No help since we knew that.
> We've since reclassified that bounce as well as this bounce below:
>
> Final-Recipient: rfc822; (*taken out for confidentially)*@hotmail.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=LnlCWeY2J7VY93wllArPqaBsMJKtjsKgo7FXJDK6tDI%3d>
> Action: failed
> Status: 5.5.4
> Diagnostic-Code: smtp;501 5.5.4 Invalid arguments
>
>
>
>
>
> We've seen this occuring at Hotmail, Live.com
> <https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flive.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7c7a1e11a2139042a9b01908d33e96dae6%7c72f988bf86f141af91ab2d7cd011db47%7c1=ge6FjiixE1TAOpPW%2bEQJk2OgQxe2p2jCNgJ1Q66KCTs%3d>
>  and Outlook.com
> <https://na01.safelinks.protection.outlook.com/?ur

Re: [mailop] Very large spike in false positives with Microsoft domains

2016-02-26 Thread Dickie LaFlamme 
Thanks Maarten. We ended up getting to the root of "transaction failed". We
started reclassing the hard bounce to a soft on the 17th.

Thanks,

Dickie LaFlamme / Deliverability Specialist
+1 603-296-1952
On Feb 26, 2016 5:07 AM, "Maarten Oelering"  wrote:

> I noticed you are using PowerMTA. You can defer these emails instead of
> bouncing by adding this to your :
>
> *reply /554 Transaction failed/ skip-mx*
>
> We saw the last of these errors on the 19th. I am willing to share SMTP
> traces if it’s still relevant.
>
> Maarten Oelering
>
> Postmastery
> W: postmastery.com
> T: +31 20 261 0438
>
> On 25 feb. 2016, at 20:31, Dickie LaFlamme  wrote:
>
> I wanted to see if other followers have heard any chatter about Microsoft
> incorrectly classifying hard bounces for other providers/customers. We've
> been trying to get to the root cause of why they could be creating so many
> false positives for our platform over the past few weeks.
>
> Final-Recipient: rfc822; (*taken out for confidentially*)@hotmail.com
> Action: failed
> Status: 5.4.0
>
> By the RFC they should be at least including a diagnostic code, but they
> are not, this is from a full header to note as well.
>
> Final-Recipient: rfc822;(*taken out for confidentially*)@hotmail.com
> Action: failed
> Status: 5.0.0 (undefined status)
> Remote-MTA: dns;mx3.hotmail.com (65.55.33.135)
> Diagnostic-Code: smtp;554 Transaction failed
> X-PowerMTA-BounceCategory: other
>
> Essentially all we got back from Microsoft was that "this should be
> classified as a soft bounce in your system": No help since we knew that.
> We've since reclassified that bounce as well as this bounce below:
>
> Final-Recipient: rfc822; (*taken out for confidentially)*@hotmail.com
> Action: failed
> Status: 5.5.4
> Diagnostic-Code: smtp;501 5.5.4 Invalid arguments
>
>
> We've seen this occuring at Hotmail, Live.com  and
> Outlook.com . I'm not looking for a golden ticket
> from anyone, but I wanted to see if fellow Deliverability professionals
> are seeing these kind of problems from Microsoft domains. We're just left
> scratching our heads as we try to fight these fires for our customers both
> the deliverability team and engineers.
>
> Has anyone else been having these problematic issues with Microsoft
> domains?
>
> Thanks,
>
> [image: Dyn logo, Dyn.com] 
> [image: Dyn
> facebook account] 
> [image:
> Dyn LinkedIn account] 
>
> Dickie LaFlamme / Deliverability Specialist
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
>
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Very large spike in false positives with Microsoft domains

2016-02-25 Thread Michael Wise 
You should have seen the last of, “Transaction Failed” at about 1pm last 
Thursday, Feb 18th.
If you’ve seen it since, we need to see the whole bounce.

As to the rest … I’d need to see some more explicit samples. “Redacted” is fine.
But we need to know the banner you got when you connected, and as much of the 
transaction as you can share.

Aloha,
Michael.
--
Michael J Wise | Microsoft | Spam Analysis | "Your Spam Specimen Has Been 
Processed." | Got the Junk Mail Reporting 
Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ?

From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Dickie LaFlamme
Sent: Thursday, February 25, 2016 11:32 AM
To: mailop@mailop.org
Subject: [mailop] Very large spike in false positives with Microsoft domains

I wanted to see if other followers have heard any chatter about Microsoft 
incorrectly classifying hard bounces for other providers/customers. We've been 
trying to get to the root cause of why they could be creating so many false 
positives for our platform over the past few weeks.

Final-Recipient: rfc822; (taken out for 
confidentially)@hotmail.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=KTiZw9fcVdO1Vb4xS4y2cQjvE1tomIt8BH26MmxP9Sc%3d>
Action: failed
Status: 5.4.0

By the RFC they should be at least including a diagnostic code, but they are 
not, this is from a full header to note as well.

Final-Recipient: rfc822;(taken out for 
confidentially)@hotmail.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=KTiZw9fcVdO1Vb4xS4y2cQjvE1tomIt8BH26MmxP9Sc%3d>
Action: failed
Status: 5.0.0 (undefined status)
Remote-MTA: 
dns;mx3.hotmail.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fmx3.hotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=8VmnJmqayr9syrmRaamLHlJr0oqTNuEmB2z1Nmwijo8%3d>
 (65.55.33.135)
Diagnostic-Code: smtp;554 Transaction failed
X-PowerMTA-BounceCategory: other

Essentially all we got back from Microsoft was that "this should be classified 
as a soft bounce in your system": No help since we knew that. We've since 
reclassified that bounce as well as this bounce below:

Final-Recipient: rfc822; (taken out for 
confidentially)@hotmail.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fhotmail.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=KTiZw9fcVdO1Vb4xS4y2cQjvE1tomIt8BH26MmxP9Sc%3d>
Action: failed
Status: 5.5.4
Diagnostic-Code: smtp;501 5.5.4 Invalid arguments


We've seen this occuring at Hotmail, 
Live.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2flive.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=l9XkgBhKDVnmR2tBgkbo9xddP%2fOnqvwvTq4XQVn9pJ8%3d>
 and 
Outlook.com<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2foutlook.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=tOrbmJv6Rax%2fGZBmCQf89m5dO6GMtr1JEOPK4Rhhrok%3d>.
 I'm not looking for a golden ticket from anyone, but I wanted to see if fellow 
Deliverability professionals are seeing these kind of problems from Microsoft 
domains. We're just left scratching our heads as we try to fight these fires 
for our customers both the deliverability team and engineers.

Has anyone else been having these problematic issues with Microsoft domains?

Thanks,

[Dyn logo, 
Dyn.com]<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2fdyn.com%2f=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=8CBDOxFVmJdOf99SAcDS1kD%2bX5p61BByumZOqj1IcVU%3d>

[http://dyn.com/wp-content/uploads/2013/08/esignature-icon-dyn-twitter.png] 
<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ftwitter.com%2fdyn=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=s7S1EQ%2bkXogSmbWY5%2f5OFD1kMJiczVKA8vJ5kbM8eIQ%3d>

<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ftwitter.com%2fdyninc=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=ZezHTA4zesWKSwPJMrOIrlUZkGXKUCS5gnglRe6iTDU%3d>
 [Dyn facebook account] 
<https://na01.safelinks.protection.outlook.com/?url=http%3a%2f%2ffacebook.com%2fdyn=01%7c01%7cmichael.wise%40microsoft.com%7cb599ec358a7a4ff3a29c08d33e1b52cc%7c72f988bf86f141af91ab2d7cd011db47%7c1=6BeeEhHi87P8cVBjAkBOORGqyPfEByqWRCUVxd1YZ%2fA%3d>

&l