Page 1 of 1

outlook.com

Posted: 25 Nov 2019 18:59
by tesme33
Hi
i just would like to make you aware about a badly interpretation or missuse of mail loadbalancing from Microsoft side.

Microsoft is offering to its outlook.com clients a protecttion mechanism which is also used for loadbalancing when sending.
This results in the behaviour that every email delivery attempt will come from a new IP.
Which means that email can never be delivered to you, because the subnet they are using has a lot of hosts, see below.

Only chance to get rid of hanging mail attempts is to whitelist outlook.com.


below a query for a real domain. I have changed the real domainname to domain.com as i didnt want to pinpoint to somebody.

-----

Code: Select all

>set querytype=MX

> domain.com
Server:        10.213.213.244
Address:    10.213.213.244#53

Non-authoritative answer:
domain.com    mail exchanger = 0 domain-com.mail.protection.outlook.com.

> set querytype=TXT

> domain.com
Server:        10.213.213.244
Address:    10.213.213.244#53

Non-authoritative answer:
domain.com    text = "v=spf1 include:spf.protection.outlook.com -all"
domain.com    text = "MS=ms46586979"

> spf.protection.outlook.com
Server:        10.213.213.244
Address:    10.213.213.244#53

Non-authoritative answer:
spf.protection.outlook.com    text = "v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/48 -all"

Re: outlook.com

Posted: 28 Nov 2019 13:50
by shawniverson
You will want to exempt this domain from the greylisting. Add to the following file:

/etc/sqlgrey/clients_fqdn_whitelist.local

Then execute the following:

Code: Select all

sudo update_sqlgrey_config

Re: outlook.com

Posted: 29 Nov 2019 13:28
by smyers119
I have found that greylisting although at one time may have been effective, the only thing that it is effective for nowadays is frustrating end users.

Re: outlook.com

Posted: 02 Dec 2019 10:28
by pdwalker
I have found that after running the mail server for a few years, few messages from big providers gets grey listed.

However, Shawn's fix is also effective.

Leaving greylisting on results in a lot less spam, and any reduction of spam has been worth the effort.

That's just my experience. I understand that not everyone feels this way.