Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-22 Thread Michael Rathbun via mailop 
On Thu, 20 Apr 2023 14:25:41 -0500, Jarland Donnell via mailop
 wrote:

>I'm surprised they even have an abuse inbox. I just block spammy senders 
>from MS/O365 domains and let them deal with the reduced number of people 
>they can do business with, as the result of their choice to send spam.

As long as nobody at or above the reporting level that was Rajesh Jha a decade
back understands the issues and takes ownership, an abuse (policy enforcement,
actually) "department" will not exist, functionally.

Having built (or rebuilt) successful Policy Enforcement groups over time, I
was increasingly alarmed when I started working at MSFT as a Spam Analyst.  

Many years ago, Allegiance Telecom had acquired a highly competent abuse team,
but essentially defanged them.  It wasn't until the COO directly hired a
Policy Enforcement director, with the authority to disconnect customers with
up to US$50,000 monthly billing by simply dialing a 4-digit number, that the
network began to behave responsibly.  My job was basically to let my team do
their job, and keep the Mahoganites off their case.  Thus, they were in MD and
I was in Dallas, 3 floors down from C-ville.

MSFT has no path to such a solution.

mdr
-- 
   "There will be more spam."
  -- Paul Vixie

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-21 Thread Carsten Schiefner via mailop 
And whatever is being reported via this form will probably be internally sent 
to .

|-)

-- 
Von meiner Hängematte aus gesendet.

-Original Message-
From: Mark Foster via mailop 
To: Benoit Panizzon 
Cc: mailop@mailop.org
Sent: Sa., 22 Apr. 2023 7:28
Subject: Re: [mailop] ab...@microsoft.com => Mailbox full

Per https://msrc.microsoft.com/report/abuse it appears they would like 
you to fill in a web form, in order to "report suspected cyberattacks or 
abuse originating from Microsoft Online Services, such as Microsoft 
Azure, Bing, OneDrive, and Office 365."

It does cite ab...@microsoft.com as a valid contact for reporting Child 
Sexual Abuse imagery, which suggests a real person should be reading 
abuse@ - but I would not be surprised if they do the typical huge-org 
thing and filter out everything that should've been reported via another 
method, as a poor-persons's way to manage volume. I'm sure there's 
plenty of it.

Mark.

On 2023-04-21 01:32, Benoit Panizzon via mailop wrote:
> For heaven's sake Microsoft!
> 
> I'm trying to report the same spaming Office 365 Customer again which
> uses a shared ip address with some other Swiss companies that use
> Office 365 and experience collateral damage...
> 
> That is NOT the reply I expect.
> 
> === snipp ===
> 
> Delivery has failed to these recipients or groups:
> 
> ab...@microsoft.com<mailto:ab...@microsoft.com>
> The recipient's mailbox is full and can't accept messages now. Please
> try resending your message later, or contact the recipient directly.
> 
> === snapp ===
> 
> Yes please, how can I contact the microsoft abuse desk more directly?
> 
> Mit freundlichen Grüssen
> 
> -Benoît Panizzon-
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-21 Thread Mark Foster via mailop 
Per https://msrc.microsoft.com/report/abuse it appears they would like 
you to fill in a web form, in order to "report suspected cyberattacks or 
abuse originating from Microsoft Online Services, such as Microsoft 
Azure, Bing, OneDrive, and Office 365."


It does cite ab...@microsoft.com as a valid contact for reporting Child 
Sexual Abuse imagery, which suggests a real person should be reading 
abuse@ - but I would not be surprised if they do the typical huge-org 
thing and filter out everything that should've been reported via another 
method, as a poor-persons's way to manage volume. I'm sure there's 
plenty of it.


Mark.

On 2023-04-21 01:32, Benoit Panizzon via mailop wrote:

For heaven's sake Microsoft!

I'm trying to report the same spaming Office 365 Customer again which
uses a shared ip address with some other Swiss companies that use
Office 365 and experience collateral damage...

That is NOT the reply I expect.

=== snipp ===

Delivery has failed to these recipients or groups:

ab...@microsoft.com
The recipient's mailbox is full and can't accept messages now. Please
try resending your message later, or contact the recipient directly.

=== snapp ===

Yes please, how can I contact the microsoft abuse desk more directly?

Mit freundlichen Grüssen

-Benoît Panizzon-

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-21 Thread Michael Peddemors via mailop 

On 2023-04-20 09:51, Michael Rathbun via mailop wrote:

On Thu, 20 Apr 2023 15:32:18 +0200, Benoit Panizzon via mailop
 wrote:

...


Delivery has failed to these recipients or groups:

ab...@microsoft.com
The recipient's mailbox is full and can't accept messages now. Please try 
resending your message later, or contact the recipient directly.


Back when I worked in the O365 spam analysis process, I launched a crusade to
discover who, if anybody, actually reads abuse@microsoft.  The eventual result
was that there was a person who supposedly looked at it now and again.

[snip]


Yes please, how can I contact the microsoft abuse desk more directly?


There wasn't one when I worked there.  Not from lack of trying to get one
launched.

mdr


Isn't that something that can be raised with M3AAWG or ARIN if that is 
listed in their whois information?


--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-20 Thread Hans-Martin Mosner via mailop 

Am 20.04.23 um 21:25 schrieb Jarland Donnell via mailop:
The age old problem: Hire a bunch of people to read it that aren't skilled enough to do anything about it, or hire 
people who are skilled to handle it but don't have the time or manpower to read it all. 


There's a third option: Handle most of the incoming reports automatically by matching them with known abuse-emitting 
servers (whether exploited or rented by the spammer), let the few skilled people look at the interesting stuff to 
identify trouble spots quickly, and give them sufficient banning power to keep the total amount of abuse emanating from 
your network at any time low enough that they are not overworked.


Cheers,
Hans-Martin
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-20 Thread Jarland Donnell via mailop 
The age old problem: Hire a bunch of people to read it that aren't 
skilled enough to do anything about it, or hire people who are skilled 
to handle it but don't have the time or manpower to read it all.


I'm surprised they even have an abuse inbox. I just block spammy senders 
from MS/O365 domains and let them deal with the reduced number of people 
they can do business with, as the result of their choice to send spam.


On 2023-04-20 11:51, Michael Rathbun via mailop wrote:

On Thu, 20 Apr 2023 15:32:18 +0200, Benoit Panizzon via mailop
 wrote:

...


Delivery has failed to these recipients or groups:

ab...@microsoft.com
The recipient's mailbox is full and can't accept messages now. Please 
try resending your message later, or contact the recipient directly.


Back when I worked in the O365 spam analysis process, I launched a 
crusade to
discover who, if anybody, actually reads abuse@microsoft.  The eventual 
result

was that there was a person who supposedly looked at it now and again.

[snip]


Yes please, how can I contact the microsoft abuse desk more directly?


There wasn't one when I worked there.  Not from lack of trying to get 
one

launched.

mdr

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-20 Thread Michael Rathbun via mailop 
On Thu, 20 Apr 2023 15:32:18 +0200, Benoit Panizzon via mailop
 wrote:

...

>Delivery has failed to these recipients or groups:
>
>ab...@microsoft.com
>The recipient's mailbox is full and can't accept messages now. Please try 
>resending your message later, or contact the recipient directly.

Back when I worked in the O365 spam analysis process, I launched a crusade to
discover who, if anybody, actually reads abuse@microsoft.  The eventual result
was that there was a person who supposedly looked at it now and again.

[snip]

>Yes please, how can I contact the microsoft abuse desk more directly?

There wasn't one when I worked there.  Not from lack of trying to get one
launched.

mdr
-- 
   "There will be more spam."
  -- Paul Vixie

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] ab...@microsoft.com => Mailbox full

2023-04-20 Thread Aban Dokht via mailop 


Benoit Panizzon via mailop wrote:

Delivery has failed to these recipients or groups:

ab...@microsoft.com
The recipient's mailbox is full and can't accept messages now. Please try 
resending your message later, or contact the recipient directly.



This is normal at Microsoft, they don't really care about it.
Have same issue for their DKIM/DMARC reporting mailbox, but nobody cares for 
months now.


Diagnostic information for administrators:

Generating server: DM4PR21MB3783.namprd21.prod.outlook.com
Total retry attempts: 1

itex-...@microsoft.com
Remote server returned '554 5.2.2 mailbox full;



Regards
Aban

--
 Aban Dokht   aban.do...@abando.de
--
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] ab...@microsoft.com => Mailbox full

2023-04-20 Thread Benoit Panizzon via mailop 
For heaven's sake Microsoft!

I'm trying to report the same spaming Office 365 Customer again which
uses a shared ip address with some other Swiss companies that use
Office 365 and experience collateral damage...

That is NOT the reply I expect.

=== snipp ===

Delivery has failed to these recipients or groups:

ab...@microsoft.com
The recipient's mailbox is full and can't accept messages now. Please try 
resending your message later, or contact the recipient directly.

=== snapp ===

Yes please, how can I contact the microsoft abuse desk more directly?

Mit freundlichen Grüssen

-Benoît Panizzon-
-- 
I m p r o W a r e   A G-Leiter Commerce Kunden
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop