Re: [mailop] Outlook/Hotmail Blacklist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wed, 2019-03-13 at 13:50 -0400, Scott Mutter wrote: > >Received: from hawk.wznoc.com ([209.140.28.140]) > >envelope-from > >From: Scott Mutter > >Message-ID: <20190306210316.gb19...@ams-salesandsupport.com> > > > > That's 3 different domains for the same simple email... Hm... > > Well, it's important to note that this address that I am writing from, the > server I am sending these messages through, everything to do with the > communication TO and FROM this discussion list has absolutely no bearings on > the server or IP address I am referring to. > > We have several servers and IP addresses. I don't use just one for > everything. In fact, I think it's a good policy to keep my communication > completely separate from any interactions that our clients may have with > their emails and the emails that they send out. > > Second to all of this... I have message for this particular mailing list set > up completely separate from our normal support system. So yea, I agree it's > complicated... but it also has absolutely nothing to do with the server/IP > that was experiencing this problem. Going slightly off-topic... I actually > abhor mailing lists, I would much rather see this "list" as a forum or > discussion board, but that's something else entirely. There's a Slack channel that might interest you then. https://emailgeeks.slac k.com > > So again, I would encourage anyone reading through this thread to focus on > the content of the messages (you know... what's in the "body" of the message) > and not the inner workings as to "how these messages got to this Mailops > mailing list." Just so you don't miss my earlier comment, your separate mail system is DKIM signing "Mailing list specific" headers: DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=amssupport. info; s=default; h=In-Reply-To:Content-Type:MIME-Version: References:Message- ID:Subject:To:From:Date:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content- ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent- To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List- Subscribe:List-Post:List-Owner:List-Archive; > But again, just to make sure it's abundantly clear, my issue with all of this > has been resolved. Good to hear, - -Jim P. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEECPbAhaBWEfiXj/kxdRlcPb+1fkUFAlyJSegACgkQdRlcPb+1 fkXV+xAAlNFN53aQxh+YtWF7PcCg9SYT/L8DdaqV4ZJBuOYNqNF8UYmACHi6FqW1 NsslSZc+t4iajUgd8G3xWHYwbh4ZfkEszNGhK87wOgrEArDXA5KXd5/BwHyQO4u9 IFSfPLFZaT3mwqnUcuTGtcf018o1L5L8NO2gLnLS30216EVZDkfvk8cz3AfA9koM mPFPY9IJMObPy8FZKdPdGZOGaXodhxe2R5lyGtR2mI4dSuY7ACFrUSMhu7G7m4vq 6y77H1zD7Z2EtzL3g5I3/Wt6QBuuKnRauwZm70/yIgGDF5dtBYNUPwWauiI2Var8 o1HMqOlcV70D3M30QeKJLHthrhdFU9vBv9FrN1nO599vaoRgUoTrb53OnnNOKjU6 SfFhzBfQv5+1kz0MiaRUMBJ6kPhsNyCh/1Lix6cSdHO6fL4REekoJe1yJXLQfj9A xTGjk60uUZkR1nIJfWbfVFrb9NS9J1Vxqf0b1hH2MosaehUChWa7rxTO+QmINkUz TyaEfw8/hhoPuFjunJ4gnZCKGGXsABb7zBz0ohgtXk1r1Z40/AK8xSjeREoyXkzH Csuwe8JFYr8vBjNILiFoPXHFlafraVLqMVtT9554XnkMnn2d4YsP7lYqSWdThwOh 4c2ol8VGYA7S9CzIQMN5KBtUIv9ITPd3XVASi9i5qkWe2k++V/A= =ayQF -END PGP SIGNATURE- ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
>Received: from hawk.wznoc.com ([209.140.28.140]) >envelope-from >From: Scott Mutter >Message-ID: <20190306210316.gb19...@ams-salesandsupport.com> > > That's 3 different domains for the same simple email... Hm... Well, it's important to note that this address that I am writing from, the server I am sending these messages through, everything to do with the communication TO and FROM this discussion list has absolutely no bearings on the server or IP address I am referring to. We have several servers and IP addresses. I don't use just one for everything. In fact, I think it's a good policy to keep my communication completely separate from any interactions that our clients may have with their emails and the emails that they send out. Second to all of this... I have message for this particular mailing list set up completely separate from our normal support system. So yea, I agree it's complicated... but it also has absolutely nothing to do with the server/IP that was experiencing this problem. Going slightly off-topic... I actually abhor mailing lists, I would much rather see this "list" as a forum or discussion board, but that's something else entirely. So again, I would encourage anyone reading through this thread to focus on the content of the messages (you know... what's in the "body" of the message) and not the inner workings as to "how these messages got to this Mailops mailing list." But again, just to make sure it's abundantly clear, my issue with all of this has been resolved. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wed, 2019-03-06 at 16:03 -0500, Scott Mutter wrote: > Hello list > > I'm looking for any assistance in trying to get off of an Outlook/Hotmail > mailinst list with Microsoft. Received: from hawk.wznoc.com ([209.140.28.140]) envelope-from From: Scott Mutter Message-ID: <20190306210316.gb19...@ams-salesandsupport.com> That's 3 different domains for the same simple email... Hm... And then there's the short TTLs on the SPF RRs. H... ~$ dig +noall +answer TXT amssupport.info amssupport.info.12 IN TXT "v=spf1 include:ams- salesandsupport.com ip4:209.140.28.141 ~all" ~$ dig +noall +answer TXT hawk.wznoc.com. hawk.wznoc.com. 900 IN TXT "v=spf1 a mx ip4:192.110.160.37 +ip4:168.235.104.229 ip4:72.44.93.24 ip4:209.140.28.140 ip4:162.219.26.34 -all" ~$ dig +noall +answer TXT ams-salesandsupport.com ams-salesandsupport.com. 505IN TXT "v=spf1 ip4:192.154.108.91 ip4:209.236.125.156 ip4:72.44.93.24 ip4:69.90.152.138 ip4:108.61.48.234 ip4:184.171.247.137 ip4:209.140.28.140 ip4:76.72.170.148 a mx ip4:192.110.160.35 ip4:104.245.200.178 ip4:108.61.48.236 ip4:108.61.48.238 - -all" I'm not an expert, but what you have appears extremely overly complicated for a service provider within a service provider. Also, something that is not quite yet clear to me, it looks like you are DKIM signing List-* headers. Best wishes! - -Jim P. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEECPbAhaBWEfiXj/kxdRlcPb+1fkUFAlyIXjUACgkQdRlcPb+1 fkVCCg//VG/WUmH7PSfjYZ8k34O3LhNwObj4pKbPTpipDTAIXfA8Ey4mVTuuUn1v PebtorzLB6ZAxjX9cBvChn+YLAyKnWVVglWcYVMpcOwGIEnRvbXXxzcWdjddyTal t+jUZ5H2gwsEP6Fqo6NxDFoJpX5DjQyHfdeRLbJAJsylb99ckHzTXHDyEpw69Mpm uWypCAHF+T0gwF9xryMgL/dN6l0vOK9nGVyk6OdWp1+ai4N+CMiWY2UNB3SnWVuY imMFU7YkeHI9hWHlMVLNkcu+eX2PgX07Ss9nZFfrzoYOzMwzrciJC2tpOboF6/Hi ocjZf9ihUD91/O+vedtOzpuycoFXoq4v7jh4reuztt/NLr5bgyrlIwIyYA+0UiN+ GhcQZD/BG5WbQ/t1sxrYPd/HRDtfiDY+PGAX5GRS8ZZeVhmp+KMXpsePLMX/5uQK v1OFNOjmADi+zgkRJxhbUlZYwaDhrzUAhm32RmvGJ9TasSlJ8nvntVw3y65JgdYx qBjo3NrUU/yJnbFys+rW9DHzKNb1YTWI9AxNyFaEWD5ffYZ6ly5MaurvYGJK0x6k +zxWwJ4PKZW2o9Hp+nX84YNCSL0fTZR6gticYSq52oEhIgagBXzDV3yC30XWlisW Xnx5g4/+7kwtAttNKvKx8pOlIqj/oUQZxHDCGzBhSC+z9zUCGGc= =RkDU -END PGP SIGNATURE- ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Scott Mutter described exactly my pain. I have been sending more than a million emails daily for two years and never had any problem with Microsoft / Outlook / Hotmail. Recently I had 12 blocked IPs in a week. I submited the postmaster form twice, at the second time I got the answer: the block has been lift, but that's not a true statement. It keep listed on SNDS. I had to write Microsoft again, then they said the block will continue and can't provide more information about that. I tried several times and no way. I just got tired to reply those "machines". I wish Microsoft could be more transparent and help us to solve the issue instead make everything difficult. I wanted to fix the problem I had, but the only choice left was a workaround to keep delivering. I added a new /24 network. Definitely that is not the best way to deal with, but as Scott said, our customers need to delivery their messages. Sincerely, Erik Figueiredo From: mailop on behalf of Michael Wise via mailop Sent: Tuesday, March 12, 2019 8:24:39 PM To: Scott Mutter; mailop@mailop.org Subject: Re: [mailop] Outlook/Hotmail Blacklist Yeah, we get that a lot about the, "Don't really see anything..." There are a number of issues with that, one of which is, being blocked isn't the whole story, as a lot can happen to the traffic from the time it passes the edge to the time it arrives at the mailbox server, and even until the final decision is made about which part of the INBOX to store it into, be that the main area, or be that the Junk folder. All of this can be short-circuited if the recipient has explicitly Safe-Sendered the sender. But that is ultimately the recipient’s call. All such traffic, once it gets past the edge ... is deemed received for purposes of deciding if any further mitigation is required. Thus the importance of replying to that human using the boiler-plate and stating your case. If the traffic from that IP is all transactional, for instance, that's always a good way to lead the petition. We are sensitive to the need for the tools to perform in a predictable and CORRECT fashion, and for the humans using them to be providing the best possible answers given our other constraints. We are looking into these issues on a number of fronts. So please keep those cards and letters coming! 😊 Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? -Original Message- From: mailop On Behalf Of Scott Mutter Sent: Monday, March 11, 2019 6:46 PM To: mailop@mailop.org Subject: Re: [mailop] Outlook/Hotmail Blacklist Just to be clear - all of my issues are resolved at this time. I'm just replying back here because I think it's important to learn from mistakes and how improvements can be made. I don't imagine my opinion counts for much, but in case it does... > If you respond to the second email detailing the mitigation, or the lack > thereof, and don't receive an email from a live human (they'll use > boilerplate; they're required to), or you don't receive that second email > with the details of the machine mitigation... Well, the issue was - they kept telling me that they didn't see anything that would be blocking mail from that IP. Which, again, I don't necessarily doubt them... but the end result was still the same: my IP was being blocked. They would not mitigate anything because to them, there was nothing to mitigate. So I don't know what their procedures are for this. I kind of suspect that they just copy and paste an IP into a tool that spits something out for them and if that tool was returning nothing, then that's a problem with the tool. It's either not getting valid information or isn't checking deep enough. Secondly, if the human being that I'm talking to can't see why my IP is being blocked - and when I'm showing clear evidence that it being blocked - then that human needs to escalate the ticket up to a more knowledgeable human and it needs to keep going up until it finds a human that can see why my IP is being blocked. That does not appear to be what happened. I get that we all make mistakes. To be honest, I've actually been that human in this. I once had a client that told me he couldn't reach his website, I didn't see a block. He kept writing back saying he was blocked. It took a few emails back and forth, but I did find that his IP was part of a larger block and we were actually blocking him. It didn't take a full week to solve, it took a few hours, but those are hours that the client really deserved to be unblocked or have an explanation for. I learned from t
Re: [mailop] Outlook/Hotmail Blacklist
Yeah, we get that a lot about the, "Don't really see anything..." There are a number of issues with that, one of which is, being blocked isn't the whole story, as a lot can happen to the traffic from the time it passes the edge to the time it arrives at the mailbox server, and even until the final decision is made about which part of the INBOX to store it into, be that the main area, or be that the Junk folder. All of this can be short-circuited if the recipient has explicitly Safe-Sendered the sender. But that is ultimately the recipient’s call. All such traffic, once it gets past the edge ... is deemed received for purposes of deciding if any further mitigation is required. Thus the importance of replying to that human using the boiler-plate and stating your case. If the traffic from that IP is all transactional, for instance, that's always a good way to lead the petition. We are sensitive to the need for the tools to perform in a predictable and CORRECT fashion, and for the humans using them to be providing the best possible answers given our other constraints. We are looking into these issues on a number of fronts. So please keep those cards and letters coming! 😊 Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? -Original Message- From: mailop On Behalf Of Scott Mutter Sent: Monday, March 11, 2019 6:46 PM To: mailop@mailop.org Subject: Re: [mailop] Outlook/Hotmail Blacklist Just to be clear - all of my issues are resolved at this time. I'm just replying back here because I think it's important to learn from mistakes and how improvements can be made. I don't imagine my opinion counts for much, but in case it does... > If you respond to the second email detailing the mitigation, or the lack > thereof, and don't receive an email from a live human (they'll use > boilerplate; they're required to), or you don't receive that second email > with the details of the machine mitigation... Well, the issue was - they kept telling me that they didn't see anything that would be blocking mail from that IP. Which, again, I don't necessarily doubt them... but the end result was still the same: my IP was being blocked. They would not mitigate anything because to them, there was nothing to mitigate. So I don't know what their procedures are for this. I kind of suspect that they just copy and paste an IP into a tool that spits something out for them and if that tool was returning nothing, then that's a problem with the tool. It's either not getting valid information or isn't checking deep enough. Secondly, if the human being that I'm talking to can't see why my IP is being blocked - and when I'm showing clear evidence that it being blocked - then that human needs to escalate the ticket up to a more knowledgeable human and it needs to keep going up until it finds a human that can see why my IP is being blocked. That does not appear to be what happened. I get that we all make mistakes. To be honest, I've actually been that human in this. I once had a client that told me he couldn't reach his website, I didn't see a block. He kept writing back saying he was blocked. It took a few emails back and forth, but I did find that his IP was part of a larger block and we were actually blocking him. It didn't take a full week to solve, it took a few hours, but those are hours that the client really deserved to be unblocked or have an explanation for. I learned from this. My hope is that Microsoft/Outlook/Hotmail might learn from this. Regarding the tickets being closed. I was told in a direct message from @Outlook on twitter that my tickets had been closed and that's why I wasn't getting any response. I don't know which tickets they were referring to. I'm sure I opened too many tickets on this. I'm sure I showed out a little bit in some of the tickets. I'm sorry about that. But under the circumstances... being told I wasn't blocked when I was blocked... that will get under your skin a little bit. Especially when we have clients screaming at us because they can't send to hotmail - and they all believe that Microsoft/Outlook/Hotmail can do no wrong, so it has to be on our end. So again, just to reiterate, my issue with this is resolved at this time. There's no need to spend time working on this. If you want to look at something, look at how the tools and procedures for handling situations like this are done with Outlook/Hotmail support and perhaps how those can be improved. ___ mailop mailing list
Re: [mailop] Outlook/Hotmail Blacklist
Just to be clear - all of my issues are resolved at this time. I'm just replying back here because I think it's important to learn from mistakes and how improvements can be made. I don't imagine my opinion counts for much, but in case it does... > If you respond to the second email detailing the mitigation, or the lack > thereof, and don't receive an email from a live human (they'll use > boilerplate; they're required to), or you don't receive that second email > with the details of the machine mitigation... Well, the issue was - they kept telling me that they didn't see anything that would be blocking mail from that IP. Which, again, I don't necessarily doubt them... but the end result was still the same: my IP was being blocked. They would not mitigate anything because to them, there was nothing to mitigate. So I don't know what their procedures are for this. I kind of suspect that they just copy and paste an IP into a tool that spits something out for them and if that tool was returning nothing, then that's a problem with the tool. It's either not getting valid information or isn't checking deep enough. Secondly, if the human being that I'm talking to can't see why my IP is being blocked - and when I'm showing clear evidence that it being blocked - then that human needs to escalate the ticket up to a more knowledgeable human and it needs to keep going up until it finds a human that can see why my IP is being blocked. That does not appear to be what happened. I get that we all make mistakes. To be honest, I've actually been that human in this. I once had a client that told me he couldn't reach his website, I didn't see a block. He kept writing back saying he was blocked. It took a few emails back and forth, but I did find that his IP was part of a larger block and we were actually blocking him. It didn't take a full week to solve, it took a few hours, but those are hours that the client really deserved to be unblocked or have an explanation for. I learned from this. My hope is that Microsoft/Outlook/Hotmail might learn from this. Regarding the tickets being closed. I was told in a direct message from @Outlook on twitter that my tickets had been closed and that's why I wasn't getting any response. I don't know which tickets they were referring to. I'm sure I opened too many tickets on this. I'm sure I showed out a little bit in some of the tickets. I'm sorry about that. But under the circumstances... being told I wasn't blocked when I was blocked... that will get under your skin a little bit. Especially when we have clients screaming at us because they can't send to hotmail - and they all believe that Microsoft/Outlook/Hotmail can do no wrong, so it has to be on our end. So again, just to reiterate, my issue with this is resolved at this time. There's no need to spend time working on this. If you want to look at something, look at how the tools and procedures for handling situations like this are done with Outlook/Hotmail support and perhaps how those can be improved. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Just... One... Caveat. If you respond to the second email detailing the mitigation, or the lack thereof, and don't receive an email from a live human (they'll use boilerplate; they're required to), or you don't receive that second email with the details of the machine mitigation... Then by all means do open another ticket, and say that you're opening another ticket because no mitigation detail, or no human response. It does seem that this is required from time to time. We’re working that issue. Aloha, Michael. -- Michael J Wise Microsoft Corporation| Spam Analysis "Your Spam Specimen Has Been Processed." Got the Junk Mail Reporting Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ? -Original Message- From: mailop On Behalf Of Ángel Sent: Saturday, March 9, 2019 2:49 PM To: mailop@mailop.org Subject: Re: [mailop] Outlook/Hotmail Blacklist Good it got fixed. Something that caught my eye on your email is that you said you "opened ticket after ticket after ticket". You should not open a new ticket, but reply to the closed ticket, stating that it is not fixed. Ask for escalation if they still do not provide a satisfactory answer. If you open a new ticket, you get another low level tech repeating exactly the same steps as the prior one and thus leading to the same answer. (Maybe that's what you were doing, but it wasn't clear from your mail, so it seemed worth stating explicitly) Best regards ___ mailop mailing list mailop@mailop.org<mailto:mailop@mailop.org> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fchilli.nosignal.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fmailop&data=02%7C01%7Cmichael.wise%40microsoft.com%7Ce6c842da1c6e4357111c08d6a4e2a173%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636877690613389441&sdata=%2FivVAs6Wc3Nfx%2BXrCeVETHj3MNenlWYVFUCa%2BYqsZdU%3D&reserved=0 ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Good it got fixed. Something that caught my eye on your email is that you said you "opened ticket after ticket after ticket". You should not open a new ticket, but reply to the closed ticket, stating that it is not fixed. Ask for escalation if they still do not provide a satisfactory answer. If you open a new ticket, you get another low level tech repeating exactly the same steps as the prior one and thus leading to the same answer. (Maybe that's what you were doing, but it wasn't clear from your mail, so it seemed worth stating explicitly) Best regards ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Some background information. We are a web hosting company. We sell shared hosting accounts. I'm not sure how familiar everyone on this list is with this. Basically we rent server and IP space from various datacenters/server companies throughout the world and then split that server up into multiple shared hosting accounts. We use cPanel, maybe you are familiar with that. Having said all of that, we don't actually own any of the servers or IP addresses that are used. But we are a steward of that server and everything associated with it (at least that's how we work, maybe other hosting companies react differently?) So while we really only have control over the IP address listed, there may be other IPs in that subnet that are behaving badly. We don't have any control over that. And yes, that is sometimes an issue with blacklists as they might tend to block an entire class C or subnet regardless of which IPs are behaving badly. I also can't speak to past behaviors of these IPs. So all this talk about this IP being owned by Tailor Made Servers or dfw-datacenter.com, that's certainly valid. Should this process all go through Tailor Made Servers? I suppose you can make that argument. But they have no vested interest in getting this resolved, they're not the ones having customers screaming at them because they can't send out mail to hotmail and outlook. That's why I typically try to resolve these issues myself if at all possible. Back to this particular issue... the part that really upsets me, is that Hotmail/Outlook was blocking this IP address and would not cop to it. Please explain to me the argument where they can say they were not blocking the IP address. Maybe it's true that they weren't blocking the 67.222.128.248 IP specifically. Maybe they were blocking the 67.222.128.0/24 or 67.222.128.0/19 network. I don't know. But regardless - 67.222.128.248 is in that subnet. Don't tell me you aren't blocking it when you are blocking it and I show you direct evidence that you are blocking it. I don't know how Microsoft/Outlook/Hotmail support works. I'm assuming you initially get a low level tech, they plug an IP address into a tool and it spits back if its blocked. If that's the case, then this tool needs to be looked at as it's not working properly. It's not searching a full subnet or it's just not looking deep enough into why an IP address might be blocked. Secondly - when I provide evidence that Outlook/Hotmail is in fact blocking the message and if the low level tech is not able to determine why. Don't close the ticket. Escalate the ticket up until you can find someone that understands that Outlook/Hotmail is in fact blocking the IP and (hopefully) give me some remediation steps. This is not what was happening. I opened ticket after ticket after ticket, each time showing them this raw SMTP transaction and that Outlook/Hotmail was blocking the IP and requesting escalation. Each time, they would respond with "I don't see where we are blocking the IP" and come to find out, they were closing the tickets. If the answer is "We're blocking all of Tailor Made Servers" at least give me that. Give me something. The handling of this situation was about as poor as poor could be. To a greater scope of dealing with blacklisted IPs, I do realize it's a thin line. I like to think we do a pretty good job of keeping spam abusers off of our servers. But when Outlook/Hotmail or AT&T or any other major system that uses a private blacklist blocks our IPs and when none of the major public blacklists (Spamhaus, Spamcop, CBL, etc) are showing any issues, that's when I start to get a bit skeptical. Are you blocking our IPs just because you can? Or do you have legitimate evidence of spam being sent from our IPs? If you operate a blacklist, you really need to understand that we (the stewards of that IP) can't really do anything to stop this activity without a little bit of information as to why you are blacklisting the IP. Now I understand that's a thin line - you can't exactly give out the information that lead to the blacklisting because what if I'm a spammer and I'm trying to learn how to circumvent your system? I get that, I really do. But if I'm not seeing any evidence of spamming in our logs or in any other public blacklists, it's really just impossible for us to know which user on the server sent you the spam and offer any assurances that it won't happen again. Back to this particular issue with Outlook/Hotmail. I am happy to report that this issue appears to have been resolved. Unfortunately, I had to open so many tickets and reply to so many tickets, post every where I could find to try and get someone's attention to this matter - I do not know what ultimately lead to this resolution. I still stand by my points from above that there is a huge disconnect with the tools and procedures that Outlook/Hotmail used within this incid
Re: [mailop] Outlook/Hotmail Blacklist
On 3/8/2019 4:30 PM, mai...@richardw.ca wrote: 67.222.128.0/19 dfw-datacenter.com aka Tailor Made Servers aka tailoredservers.com. I can see why Hotmail has that blocked. Lots of spam to traps out of that /19 But if you look at that range here: https://talosintelligence.com/reputation_center/lookup?search=67.222.128.0%2F19 ...then sort by IP reputation, with the best reputations listed at the top, there is a significant amount of "green" and then a significant amount of "yellow" - BEFORE you get to the "red". I'm not saying that a little collateral damage isn't warranted on occasion - but I've seen too many times where, this past year or so, hotmail/outlook's spam filtering (but NOT O365!) went "too draconian" - and that is ironic considering how much egregious spam comes from microsoft's IP space. For example, a large portion of those egregious bitcoin extortion spams come from their IPs. In some cases this past year, hotmail/outlook PERMANENTLY banned normally legit senders that had a short term security problem that was solved. These were situations where MUCH legit email started getting routinely blocked. If I did stuff like that with my invaluement anti-spam blacklist...permanent "FU" listings - I'd lose almost all my subscribers - and I'd be laughed at by the internet security industry. But it's OK when a large 800-pound Silicon Valley gorilla does it, right? (iow - this comes across to me as hypocritical bullying) -- Rob McEwen https://www.invaluement.com ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
On Fri, Mar 08, 2019 at 03:01:42PM -0500, Scott Mutter wrote: > So I'm back, because I'm getting absolutely no where with Outlook Support. > > Here is a log of the SMTP transaction: [..] > 550 5.7.1 Unfortunately, messages from [67.222.128.248] weren't sent. Please > contact your Internet service provider since part of their network is on our > block list (S3150). You can also refer your provider to > http://mail.live.com/mail/troubleshooting.aspx#errors. > [SN1NAM02FT029.eop-nam02.prod.protection.outlook.com] I do know such messages too. They will block you, but will not provide any information on the SNDS pages ... such IPs are simply left unmentioned. So, I'm regulary proceed as follows: (maybe you know this already) From http://mail.live.com/mail/postmaster.aspx -> Troubleshooting https://sendersupport.olc.protection.outlook.com/pm/troubleshooting.aspx I went to the section "Sender services, tools, and issue submission" There is a here-link in paragraph "If your email complies with our policies and guidelines and you are still experiencing email delivery problems that are not addressed in the FAQ below, click here to contact support. " leading to http://go.microsoft.com/fwlink/?LinkID=614866 I filled out this form, submitted it, and then the website responded with an processing ID (with an notification to be prepared to receive mails from css.one.microsoft.com). AFAIK no such e-mail ever reached me, but the blocking went away ... Johann ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
On 3/8/19 3:01 PM, Scott Mutter wrote: So I'm back, because I'm getting absolutely no where with Outlook Support. Here is a log of the SMTP transaction: --SNIP-- # telnet hotmail-com.olc.protection.outlook.com 25 550 5.7.1 Unfortunately, messages from [67.222.128.248] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [SN1NAM02FT029.eop-nam02.prod.protection.outlook.com] The error message does say to "contact your ISP since part of their network is on our block list" and it didn't say your IP address is on their block list. As mentioned in our previous response, we do not see anything offhand with the IP (67.222.128.248) that would be preventing your mail from reaching our customers. Ok yes, being inordinately nitpicky, but if you take the MS responses verbatim, they also said they don't see any problem with your specific IP address which could still be true if the problem is with your upstream. In fact, if I look up a Sender Score for this IP I get: Insufficient Email Seen I just don't see anything that points to any reason why this IP would be blacklisted. My guess would be that it's a relatively new IP address that Microsoft is seeing as sending messages, and thus it's being punished for having no reputation. The MS error is clear in what is saying. As many as the MS errors are, I would expect a different error for insufficient reputation. But that's just a guess on my part because Microsoft seems unwilling to explain in adequate terms - instead just giving a broad response. I have some deadwood entries in a block list here dating back to 2010 (yes they need to be pruned out) for IP ranges that used to be listed as being under Tailor Made Servers, now listed as DFW Datacenter. I'm not currently experiencing problems from those ranges but Talos / Senderbase currently shows some trouble in DFW's 209.236.112.0/20. Maybe MS has some correspondingly old entries that are giving you trouble with your address in 67.222.128.0/19 because of the DFW association. If you're getting connectivity through DFW and you're having trouble it's possible that others are having trouble through them also. Would seem like a good idea to escalate through them as well. - John J. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Yes, that's one of the first things I did on Sunday when I first noticed this issue at the behest of Outlook Support. But... since the IP is blocked from sending any email, surprise, surprise... there's "No data for specified IPs on this date" (or any date). * On Fri, Mar 8 3:30PM Hansen, Christoffer said : > Scott, > > On 08/03/2019 21:01, Scott Mutter wrote: > > So I'm back, because I'm getting absolutely no where with Outlook Support. > > This may or may not be a stupid suggestion. > > https://sendersupport.olc.protection.outlook.com/snds > > Sign up for SPAM rapports for IP addresses allocated to your organisation. > > May or may not be helpful to you. > > //christoffer ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Scott, On 08/03/2019 21:01, Scott Mutter wrote: > So I'm back, because I'm getting absolutely no where with Outlook Support. This may or may not be a stupid suggestion. https://sendersupport.olc.protection.outlook.com/snds Sign up for SPAM rapports for IP addresses allocated to your organisation. May or may not be helpful to you. //christoffer ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
So I'm back, because I'm getting absolutely no where with Outlook Support. Here is a log of the SMTP transaction: --SNIP-- # telnet hotmail-com.olc.protection.outlook.com 25 Trying 104.47.36.33... Connected to hotmail-com.olc.protection.outlook.com. Escape character is '^]'. 220 SN1NAM02FT029.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Fri, 8 Mar 2019 19:55:00 + EHLO maverick.wznoc.com 250-SN1NAM02FT029.mail.protection.outlook.com Hello [67.222.128.248] 250-SIZE 49283072 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-BINARYMIME 250-CHUNKING 250 SMTPUTF8 mail from: 550 5.7.1 Unfortunately, messages from [67.222.128.248] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [SN1NAM02FT029.eop-nam02.prod.protection.outlook.com] --SNIP-- I sent this to Outlook Support - SRX1464746929ID - (or is it just SRX1464746929? or 1464746929?) ... There are several other tickets, this is just the latest one. This is the response I got back --SNIP-- Hello, My name is Meeta and I work with the Outlook.com Sender Support Team. I do not see anything offhand with the IP: (67.222.128.248) that would be preventing your mail from reaching our customers. For further queries please provide us with the exact error message [Error code along with the IP address] so that we could investigate further. --SNIP-- And then --SNIP-- Hello, My name is Jothi and I work with the Outlook.com Sender Support Team. As mentioned in our previous response, we do not see anything offhand with the IP (67.222.128.248) that would be preventing your mail from reaching our customers. --SNIP-- Is this seriously as educated as Outlook technicans get? I've dealt with this all week. And I think I'm going to seriously lose it if one more person sends me to https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-8122-3ba03d6b8d75 How on God's green earth do you get a hold of someone at Microsoft with any sense? * On Wed, Mar 6 4:59PM Scott Mutter said : > Hi Eric > > Not listed there. > > In fact, if I look up a Sender Score for this IP I get: > > Insufficient Email Seen > > I just don't see anything that points to any reason why this IP would be > blacklisted. My guess would be that it's a relatively new IP address that > Microsoft is seeing as sending messages, and thus it's being punished for > having no reputation. But that's just a guess on my part because Microsoft > seems unwilling to explain in adequate terms - instead just giving a broad > response. > > But - submitting a ticket to Microsoft results in a: > > Our investigation has determined that the above IP(s) do not qualify for > mitigation. > > I thought maybe someone from Microsoft or Outlook might be monitoring this > list and might be able to look up the ticket (SRX1464104161ID) and give some > type of explanation. > > > * On Wed, Mar 6 4:31PM Eric Tykwinski said : > > Scott, > > > > Did you check out SenderScore/ReturnPath: > > https://www.senderscore.org/blocklistlookup/ > > I do believe MS has long been using them. > > > > Sincerely, > > > > Eric Tykwinski > > TrueNet, Inc. > > P: 610-429-8300 > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Hi Eric Not listed there. In fact, if I look up a Sender Score for this IP I get: Insufficient Email Seen I just don't see anything that points to any reason why this IP would be blacklisted. My guess would be that it's a relatively new IP address that Microsoft is seeing as sending messages, and thus it's being punished for having no reputation. But that's just a guess on my part because Microsoft seems unwilling to explain in adequate terms - instead just giving a broad response. But - submitting a ticket to Microsoft results in a: Our investigation has determined that the above IP(s) do not qualify for mitigation. I thought maybe someone from Microsoft or Outlook might be monitoring this list and might be able to look up the ticket (SRX1464104161ID) and give some type of explanation. * On Wed, Mar 6 4:31PM Eric Tykwinski said : > Scott, > > Did you check out SenderScore/ReturnPath: > https://www.senderscore.org/blocklistlookup/ > I do believe MS has long been using them. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] Outlook/Hotmail Blacklist
Not really sure why you obfuscated your IP Address, if you are looking for help in solving the situation. Assuming you 'might' be using the same one as you just sent this email from... hawk.wznoc.com ([209.140.28.140]) You 'might' want to contact your provider.. Found a referral to rwhois.networktransit.net:4321. Timeout. This may be related.. Otherwise actually post the IP Address of your email server in question. On Wed, 6 Mar 2019 16:03:16 -0500 Scott Mutter wrote: > Hello list > > I'm looking for any assistance in trying to get off of an Outlook/Hotmail > mailinst list with Microsoft. > > We have a ticket opened with Microsoft - SRX1464104161ID - and they do not > see why the IP is being blocked, but yet it is. We do not seem to be getting > any responses on that ticket any longer. > > SNDS and JMRP are not reporting anything for this IP. The IP is not on any > other public blacklist. I'm really kind of at a stand still. > > The specific error message we are seeing: > > 550 5.7.1 Unfortunately, messages from [XX.XX.XX.XX] weren't sent. Please > contact your Internet service provider since part of their network is on our > block list (S3150). You can also refer your provider to > http://mail.live.com/mail/troubleshooting.aspx#errors. > [DB5EUR01FT045.eop-EUR01.prod.protection.outlook.com] > > This rejection comes right after MAIL FROM in the SMTP transaction, so I do > not believe it is related to DKIM signing. SPF is set up correctly. Reverse > DNS is set up. For what it's worth, we are a web hosting / email service > provider. Essentially we are renting the server and the IP space from > another company that has the servers in the datacenter. From the error > message being given, it's making me think that maybe the range of IPs is > blacklisted in some way. But when the Microsoft tech replied back and said > he couldn't see why our messages weren't being accepted, that kind of threw a > wrench in that possible explanation. Or maybe that tech doesn't know what > he's talking about. I'm really at a loss. > > Any help would be appreciated. > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > -- -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" is a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
