back to article Email blocklisting: A Christmas gift from Microsoft that Linode can't seem to return

Microsoft appears to have delivered the unwanted Christmas gift of email blocklisting to Linode IP addresses, and two weeks into 2022 the company does not seem ready to relent. Problems started as large chunks of the world began packing up for the festive period. Complaints cropped up on Linode's support forums when customers …

  1. Charlie Clark Silver badge

    Bully boy tactics

    While of of the reasons for the range block may be down to the use of servers for things Micrsoft doesn't approve of (pop-up servers are just as likely to be used for spam as they are for load balancing or VPNs), there's no doubt that Microsoft is keen to drive as many people as possible towards its increasingly proprietary mail service. This probably isn't the cause here but you can imagine the Microsoft support droids telling people that the problems wouldn't happen if they used Microsoft 365…

    1. Disgusted Of Tunbridge Wells Silver badge

      Re: Bully boy tactics

      I was just wondering whether Linode could sue. I bet they could.

      1. Androgynous Cupboard Silver badge

        Re: Bully boy tactics

        See the history of spamhaus etc as to why this isn't likely to be the case.

        1. katrinab Silver badge
          Meh

          Re: Bully boy tactics

          There is a difference between publishing a list of IP addresses along with your opinion on their spaminess, and actually blocking email.

          Such a court case may still fail, but Spamhaus is not going to count has precedent here.

      2. Charlie Clark Silver badge

        Re: Bully boy tactics

        Blacklisting of ip addresses and ranges for all kinds of reasons is standard practice. At the end of the day it's their network.

        1. Yet Another Anonymous coward Silver badge

          Re: Bully boy tactics

          Unless you are a convicted monopolist operating under an agreement with the feds and you block a competitor to a service that you have just announced in your latest financials as a major profit center.

          Then you can expect a distinctly different look from the judges compared to Spamhaus - especially if you sue them in th eeu

        2. Anonymous Coward
          Anonymous Coward

          Re: Bully boy tactics

          "At the end of the day it's their network."

          Yeah, but by the next morning, they should remember that it's a network that they are renting to their O365 customers, some of whom may actually need to get email from the addresses they have secretly blocked.

        3. Max Pyat

          Re: Bully boy tactics

          setting a default browser is a "standard practice" too.

          However, once you reach a certain scale, there are competition law restrictions on what you can and can't do. This certainly has a market-abuse smell about it.

        4. The Thinker

          Re: Bully boy tactics

          And also is a crime in several jurisdictions to block communications or disrupt them without justification. This smells like a good suit against Microsoft.

          1. Charlie Clark Silver badge

            Re: Bully boy tactics

            Given that the blocks are almost temporary and can be removed on appeal I don't see suits going anywhere. And, for businesses, the answer is likely to be: do whatever is necessary to make it work.

            1. The Thinker

              Re: Bully boy tactics

              I have been asking them to remove my block (can't send to hotmail, office.com) for a year, my IP has been clean all this year, and yet they refuse and won't remove it.

              So I don't find this is temporary. It is arbitrary and capricious, that is an easy way to be detrimental to independent mail servers, and force them to use third party services to send email.

      3. The Thinker

        Re: Bully boy tactics

        Sure, in fact I recommended that to the EFF as Microsoft under the pretense to control spam, blocks most IP addresses from competitors like Digital Ocean, Linode, OVH and similar companies.

        Microsoft is so dirty on its practices, that you can get blocked even when your IP is clean in overr 50 SBL, DBL and Spam Lists like SpamHaus. Don't even try to ask for removal in Microsoft Block Lists, they won't do it.

        1. bpfh
          Flame

          Re: Bully boy tactics

          I don't know. My OVH server ended up in a blocklist because of the "bad neighbourhood" network I was connected to. I contacted the MS Postmaster, went through their resolution process, described what mitigations I had on my specific dedicated IP, and it was unblocked in 48 hours (although other ip's on the subnet I knew of remained blocked), so for me that specific process works.

          Now, what doesn't work is when Microsoft Defender on Office 365 decides your mails that get into a MS managed inbox (either via O365 or Outlook.com) have links that "contain viruses" because you have a redirected link. Even if your link is clean, your systems clean, in no blocklists, all security scans you can imagine come up negative, you complain on the O365 forums about a false positive, get sent to the postmaster, who tells you "we don't manage Defender, so we can't help you", and you can't do anything while all your clients are raising hell but wait and hope that they fix their false positive on their own...

    2. unimaginative
      Flame

      Re: Bully boy tactics

      I think Linode is one of the lower risk VPS providers. Their default is ot block outgoing connections on ports needed to send email, and they require proper DNS config and manual intervention to allow it. I was actually thinking of moving to Linode as less likely to get blocked!

      MS are the main problem for people running their own mail servers. I have been running my own mail server for the last few months and MS have been the only problem I have had to deal with. If you look at forums where people ask for help with blocks, its almost always MS that seem to block people who are not spamming, and often sending low volumes.

      In my case I seem to be blocked by Hotmail but not by MS 365, so its not that bad.

      1. unimaginative
        Alien

        Re: Bully boy tactics

        To add, a quick Google found this which might be helpful to people running their own mailservers who have problems with MS:

        https://discourse.mailinabox.email/t/how-to-unblock-from-microsoft-hotmail-live/7921

      2. The Thinker

        Re: Bully boy tactics

        Very accurate your Microsoft depiction, MS is totally arbitrary on this issue. Their support forums are full of situations like you mention, even their own customers are reporting that without reason, suddenly they are being blocked and MS refuses to remove them from their list.

        Micorsoft are the worst of the big Clouds on this issue and totally opaque on their motives.

  2. Anonymous Coward
    Anonymous Coward

    Mark my words...

    Before long, all email will have to be sent through one of the "big" providers. The days of running your own toy mailserver are numbered...

    Flame on...

    1. Arthur the cat Silver badge

      Re: Mark my words...

      Flame on...

      Not really, I doubt whether there's anyone who'd seriously disagree. (Hope is a different matter.) The problem will come when "big" becomes "very big" or even "top <N> for single digit N". One would hope there would be an anti-trust/monopoly action against the big providers before that happens, but that's in the lap of the gods or the pockets of the politicians (and I don't believe in either).

    2. Clausewitz 4.0
      Devil

      Re: Mark my words...

      When the "big" providers block some particular emails from you and your clients, due to business dispute, you will prefer to run your own mail server.

      1. Yet Another Anonymous coward Silver badge

        Re: Mark my words...

        Not much point if Google / Microsoft / Apple refuse to deliver your email to their clients.

    3. Kevin McMurtrie Silver badge

      Re: Mark my words...

      The "big" providers are where the spam comes from. If you want good access to the Internet, a reputable provider is the way to go.

      How many thousands of spam complaints did Linode ignore before getting blocked? A quick search shows that they have active problems.

      1. doublelayer Silver badge

        Re: Mark my words...

        "How many thousands of spam complaints did Linode ignore before getting blocked? A quick search shows that they have active problems."

        You can't run a service where users can send out packets of any kind without getting people sending spam. I'm sure they do have spammers using their systems. However, this doesn't mean they're unusually helpful to spammers. Microsoft also has spammers using their systems, but I doubt they would be very happy to have Azure's IP blocks shadow-banned.

        1. Anonymous Coward
          Anonymous Coward

          Re: Mark my words...

          Office 365, Outlook.com and Hotmail.com utilise Azure. And not some small, reasonable section earmarked for email traffic, but the _entire_ Azure netblock. Spammers also utilize Azure. Funny that you cannot block the Azure netblock for SPAM without automatically killing off Hotmail & Office 365. Almost like MS wants that spammy business...

      2. Anonymous Coward
        Anonymous Coward

        Re: Mark my words...

        I reported SPAM from Linode IP's for months and didn't even get any response from Linode at all. Same IP's over and over again.

        Linode created this problem. Having an abuse group to look into SPAM and other ToS/AUP violations costs money. Not having one costs nothing....in the beginning. Eventually it causes issues and then it a lot harder to fix the problem as it has gotten so big.

        The same can be said for Microsoft IP's and SPAM. Microsoft has at least three different groups you can report abuse too, but they each only handle certain Microsoft products/services. So if you send to the wrong group, nothing will get done. The Whois information is also not accurate for which is the correct abuse group to contact.

        The best is Microsoft blocking SPAM reports as they view the message as SPAM but they were more than happy to accept the message in the first place and not treat it as SPAM.

    4. Ken Moorhouse Silver badge

      Re: Before long, all email will have to be sent through one of the "big" providers

      Well, if this is the case, make sure that you have an IT consultant on-board to assist when things go wrong.

      Which incidentally takes us full-circle. The reason to go with Big Provider appears often to be so you can ditch your IT consultant(s).

      Going back to my opening para. One of my customers who bought a "toy" (your word, not mine) email server from me was having problems receiving email from one of their customers (a global name, let's call them Big Company). I got involved in trouble-shooting and found that Big Company had out-sourced their email to Big Provider. By the sounds of it Big Provider provided no support as to potential mail sending/delivery problems... Thank you for your subscription, you are now on your own... I pointed out a glaring error in their config which meant that it was touch and go as to whether their emails would be successfully received or not - so it might have taken some time before they sussed out something was wrong. Having rectified that I got a nice thank you email from them.

      This is the danger. When Big Providers are all the choice that is available, who is going to point out and fix the problems as they arise?

      1. unccvince

        Re: Before long, all email will have to be sent through one of the "big" providers

        In our company we have had to buy a mail gateway from GOOG and one from MSFT. It costs more to pocess the GOOG and MSFT invoices than what the products themselves cost, but whatever.

        Our MTA is now configured :

        - mail goes to MSFT managed mail => routed via paid MSFT mail gateway

        - mail goes to GOOG managed mail => routed via paid GOOG mail gateway

        - mail goes to self-hosted managed mail => routed via our SMTP

        We thought this solution would solve our problems, we hoped.

        Now, our legitimate mail spamness score is downgraded because the MSFT gateway estimates that we don't send enough emails, so this looks suspicious, and the IP address of the GOOG mail gateway has itself a very much fluctuating intra-day trust ratio, so the spam filters on the receiving end send legitimate mails into the SPAM Inbox.

        This is very, very frustrating to say the least without employing any curse word appropriate to the situation.

    5. Anonymous Coward
      Anonymous Coward

      Re: Mark my words...

      Yup, had to register a company mail name at Outlook and GMail, as currently less than 50% of business customers appear to receive emails.

      There are zero bounce messages. Some go into spam folders, but others just disappear.

      It doesn't seem to matter whether they come via my hosting or via the telecoms fibre ISP.

      DKIM doesn't seem to have helped.

      I assume that this reflects companies using one of the two to provide the email service, and those two have been ratcheting up a default policy to reject anything that originates from all other servers. The commercial interest in enforcing a duopoly is pretty evident.

  3. gannett

    My domain name hosting partner offloads mail handing to a ?big? aggregate provider. Despite my domains impeccable reputation, my email to folks on Hotmail sometimes gets blocked (by Hotmail) because of the bad behaviour of others using the same provider at the IP address level of that provider. Not much to be done except moan to domain name provider and send email again in a few days when the landscape changes. I only send about 10 emails per day but the reputation of the sending domains seems to count for nothing.

    1. J27

      Yes, the domain doesn't have anything to do with your email reputation. It's all about the sending server. This is why people who send a lot of email pay big mail providers for dedicated IP addresses.

      1. doublelayer Silver badge

        Until someone on a different IP but in the same block sends out a lot of spam, and someone decides to ban the whole ASN or subnet. It's not a logical thing to do, but it happens all the time. The same way some people will firewall off an entire country just because they get bots running from those addresses; it's opening a nut by driving over it but sometimes people are too lazy to do it properly.

  4. Anonymous Coward
    Anonymous Coward

    At our place we've found that Microsoft & Google are having a spat: Emails from Office 365 to GMail are getting bounced by GMail with Google saying some of Microsoft's servers are on the naughty step.

    1. Anonymous Coward
      Anonymous Coward

      Yes, MS seems to have difficulty getting its servers into the DNS, and does not seem to care that the SMTP RFC requires that machines sending email are in the DNS. Some of MS's servers are in the DNS, so not all emails get rejected by Gmail, and by other providers which enforce the letter of the RFC. The random nature of the problem makes testing difficult.

      Strangely @work, which only recently transitioned to O365, does not think that this is an issue at all.

      1. Yet Another Anonymous coward Silver badge

        >Strangely @work, which only recently transitioned to O365, does not think that this is an issue at all.

        They tested sending messages to somebody else in the company and it worked so the problem must be outside

      2. SImon Hobson Silver badge

        As someone else running their own server, I've found that enforcing DNS accuracy will result in lots of legitimate mail being rejected because there's an awful lot of supposedly professional IT and Network people out there who can't cope with the basics. And if you try and report the problem, often you'll come up against people who take the attitude that because it works with "real" email services (i.e. Google and Microsoft) then it must be my server that's at fault regardless of any evidence you point them to which says otherwise.

      3. PRR

        > MS seems to have difficulty getting its servers into the DNS, and does not seem to care that the SMTP RFC requires that machines sending email are in the DNS.

        Not malicious, just incompetent. Incompetent, incompetent, incompetent!

        As msobkow says, MicroSoft has never taken email -or- DNS seriously. (Not invented here?)

        Back in the 2006 era, my university started enforcing DNS back-match on incoming email, and about 5% of MS-box emails were being rejected. Users thought _I_ was blocking them! (I didn't even touch the servers, just desktop support.)

        This was in a spam epidemic (we didn't yet know how bad spam would get) so blocking un-DNS IPs was a very valid thing to do, to take load off our tightly funded mail server.

        Over several weeks, the university postmaster and I documented a large block of MS IPs that were sending email but not registered in DNS.

        My impression was that MS was replacing about 5% of their email machines every month, but NOT putting the replacements on the old IP (one logical process). When someone eventually noticed that only 99% of emails went through (maybe 1 in 5 destinations were checking IP/DNS) they appointed a geek to try to figure it out. And frequently they fixed the ONE machine the geek had found, and ignored the larger problem. (I did once see ~~200 MS DNS updates at once, but that geek musta been promoted {or left} because it never happened again.)

        My off-the-record advice to senders was "skip MS-Mail, use Gmail." Not that Gmail is fault-free but they do think about things like DNS and IPs. MS may have lost many email customers in that period.

  5. Dr Paul Taylor

    Same with Google

    My website and email are hosted by a small company (with which I have excellent first-name relations) who are in turn hosted by Linode. During 2020 my emails to Gmail and other Google-managed addresses was going astray, with no error reports or accessible blacklist. My hosting company gave me advice but couldn't fix it, so I re-routed my outgoing email. I don't know whether Google has yet un-blacklisted this IP address.

    1. bpfh

      Re: Same with Google

      Google has a regular issue with 250 OK'ing incoming mails but silently dropping them between their incoming gateway and the inbox, even when the mail is clean, with a years long reputation on a dedicated IP range that has never given problems in the past and no suspicious activity at all. All we can do is get our deliv team to try to talk to Google's postmaster, and get the client to contact Google's support with the 250 OK acceptation from google and ask WTF.

      Getting assistance is marginally better if you are a gsuite client, but it's still touch and go...

  6. msobkow Silver badge

    "We've been screwing things up since April 4th, 1975. With all that practice, we've become quite good at it. We're even proud of it."

    -- Microsoft Management

    1. Anonymous Coward
      Anonymous Coward

      "We also asked Microsoft for its take. We will update this piece should it respond."

      Or even respond with a <bounce> message...

  7. J27

    Sending email directly from a cloud-hosted server isn't the best practice. You're better off going with a reputable mass email provider because enforcing very strict policies on emailing will mostly prevent this from happening. With Linode, you could be sharing IP address ranges with any number of bad actors, but with an email provider, they watch and make sure their customers aren't sending mass scam emails and the like so you'll much less likely to have this issue.

    1. Yet Another Anonymous coward Silver badge

      Sending email from Linux isn't the best practice, with Linux you could be using the same operating system as any number of bad actors.

      By paying for IBM Z/OS you are sure that IBM's customers aren't sending mass scam emails

      1. gerdesj Silver badge
        Boffin

        I know you are taking the piss but there is no reason to show any ankle to a connection. Mine all say something like:

        220 smtp.example.co.uk OK

        They don't list OS, mailer daemon name, version and inside leg measurement.

        My weapon of choice is Exim and I see it runs (or did in the past) on z/OS from a quick search 8)

        There's no blue suit icon but this looks appropriate ------------------------------->

    2. Anonymous Coward
      Anonymous Coward

      $

      And the difference in price is ...

    3. doublelayer Silver badge

      I have a server that can send emails or act as a VPN endpoint. It has a dedicated IP. I'm the only one who can use it. It shouldn't matter what the person who controls my IP + 1 is doing. If they're spamming, block that address, not the address block or the hosting provider altogether.

      Also, you may be overestimating how much other providers are monitoring to prevent spam. I don't get a lot of spam, but it often comes in from addresses controlled by email systems rather than home-run mailservers. Sometimes it's basic GMail addresses. Sometimes it's from an Office 365 account they've gotten access to. Often, it's from a domain provider they've just used to set up the endpoint for the phishing link. In each case, it's a place that can't be blocked because too many other users use it. Because of this overeager approach to spam prevention, the spammers can still do their thing, but individual mailservers are restricted. This is harmful and unproductive.

    4. John Brown (no body) Silver badge

      "but with an email provider, they watch and make sure their customers aren't sending mass scam emails and the like so you'll much less likely to have this issue."

      I wish! Have you seen the shit that still comes out of MSHotmail. It'd be nice if they lead by example.

  8. Robert Grant Silver badge

    I wonder if 365 checks if a spam email IP is one of its sender IPs before adding it to the blocklist. What happens if someone starts sending spam from a 365 account?

    1. Anonymous Coward Silver badge
      Linux

      Oh, please. 'Starts' sending spam from 365? MS have been a hotbed of such things since they assimilated hotmail and they haven't improved anything since.

      1. Zippy´s Sausage Factory

        Microsoft operates by the principle of "rules for thee, but not for me" when it comes to spam, it seems

    2. Pirate Dave Silver badge

      After a couple of hundred spams, the account gets restricted and the admin has to remove it from the restricted list. This is a commonplace problem with less-sophisticated users who fall for phishing scams. And some folks fall for them time after time after time.

      1. Anonymous Coward
        Anonymous Coward

        I can narrow that down. That number is in the range from 750 to below 900.

        We (our company) were since october under a persistent spam/virus attack from MS asian datacenters / O 365 IPs. That averaged to about 1 million connection attempts per day (about 10 times of our normal load, but not hindering, we are used to some interesting load surges). Sometimes way more, some day less. Automatic scoring got about 10000 IP addresses per day to "will not accept" levels.

        Geolocation rate limiting had to be enabled for all countries in the asian MS datacenter vicinity. They even used up IPv6 at an astonishing rate. MS support was asleep on the helm.

        And then shortly after log4j hit us -- it stopped. All affected countries dropped of the daily top 50 list and that has never happened in the last 10 years. And I had just gotten permission to let our DDOS provider handle it (their approch is more ham fisted, but sometimes you need a sledge hammer)

        Log4j gave is much grief, but this was a good side effect.

  9. VoiceOfTruth

    I am not surprised

    The only email traffic I ever receive from Linode is SMTP auth attempts and spam attempts to non-existent accounts. In an ongoing process I am slowly gathering all of their network ranges and blocking them from making any sort of email connection to my systems. Not once have I ever had a legitimate email from any Linode host.

    1. mark l 2 Silver badge

      Re: I am not surprised

      You don't say whether it a personal server or to do with business. But to say you haven't received any legitimate email from a Linode server, does not mean you won't every do so in future.

      What if in the future an important email from some who does use Linode to send their email can't get through because you have blocked it?

      1. VoiceOfTruth

        Re: I am not surprised

        So I'm supposed to leave my systems open to SMTP auth and spamming attempts from Linode hosts to allow for a maybe one day in the future I might get a legitimate email from there? In YEARS I have never received even one useful legitimate email from a Linode host. I will cross the hypothetical problem if and when I encounter it. That's my problem, not yours.

        The basic problem with cheap VPSs from companies like Linode is that management of many of these systems is in the hands of people who lack the knowledge and experience to manage a UNIX (or UNIX-like) system. They have bought into (or have been sold) the idea that Linux is magically secure, and that keeping their systems secure is as easy as apt-something or yum-something. The result of this blatant miss-selling of Linux is compromised hosts used to send spam, used to make SMTP auth attempts, etc. That is what I see. For somebody knows how to manage a UNIX system, Linode is a good solution.

        1. Peter2 Silver badge

          Re: I am not surprised

          Welcome to El Reg; the home of cynical sysadmins the world around and congratulations on your first two posts.

          Do you actually individually check the IP for each and every email you've ever received and if it's spamming or not? Because I have to say that running my own spam filter myself that appears like an immensely huge amount of work to go through and find all emails from a particular IP range and then determine that they are all spam, as that's going to have to be done manually and banning IP ranges is always subject to a high level of false positives.

          What tools did you use to do the checking?

          1. VoiceOfTruth

            Re: I am not surprised

            >> Do you actually individually check the IP for each and every email you've ever received and if it's spamming or not?

            Not for spam attempts, but we do for SMTP auth attempts. As far as I'm concerned that is in a different category from spamming, because somebody is deliberately trying to compromise an account on our systems. Even a tiny shell script doing whois lookups will show you this is not such a big task, and the network ranges are then extracted and used to create firewall rules for the ranges.

            We have never had a false positive for a SMTP auth attempt. We can identify every case of this. Not one of our customers or end users is using a Linode box to try and send authenticated SMTP email via our systems. We did try using automated blacklists for SMTP auth failures (actually we still use them), but it's pointless for Linode. As I keep on pointing out, we have never had even one legitimate email from a Linode box. Not a single one. So it's easier for us to block them all and then ignore them.

            1. Clausewitz 4.0
              Devil

              Re: I am not surprised

              You made a good point. Maybe a lot of the kids are running SMTP Auth script checkers or credential stuffing via web of O365, using Linode boxes.

            2. Mike_R
              Linux

              Re: I am not surprised

              Agreed.

              Had satisfactory results using fail2ban

              Quite a few Linode addresses caught and blocked over the years

        2. doublelayer Silver badge

          Re: I am not surprised

          "So I'm supposed to leave my systems open to SMTP auth and spamming attempts from Linode hosts to allow for a maybe one day in the future I might get a legitimate email from there?"

          That's what I would recommend. Use something more targeted to deal with the spammers themselves. Fail2ban is a good starting point, and you can build on that or custom-build your system if it's not good enough. That locks individuals out without having to ban everything. Your system should be secure enough that you don't need to eliminate bot probes to keep them out, and assuming it already is, then you don't need to go nuclear on background noise.

      2. Ken Moorhouse Silver badge

        Re: Whatif [] important email from [] Linode [user] can't get through because you have blocked it?

        Can you ask that question to the Big Providers being discussed on this thread? (Replace Linode with their Big Provider).

    2. l8gravely

      Re: I am not surprised

      Then you're not going to get email from me, since my personal domain (25+ years now) is hosted in Linode and I run a clean domain on an IP address which is pretty damn static.

      Yes, I understand your frustration, but I'm not the problem!!!! Sheesh.

      Use postscreen, do temporary blocks.

      Now I do admit in a fit of honesty that I should probably put my DNS into Linode's hands so that I can get the forward and reverse DNS entries to match up. That would hopefully help.

      But honestly, I'm don't generate spam, I'm a 90% incoming only server, if not higher.

    3. gerdesj Silver badge
      Mushroom

      Re: I am not surprised

      Don't bother curating your own lists. Use a proper job like "Lashback" which is a monster, so if you load it into a firewall, make sure you have enough RAM allocated for a whopper of an ipset.

      pfSense has the magnificent pfblocker-ng (use the devel version) which makes managing IP and DNS lists quite easy.

  10. badger31

    Is this new?

    I have a small mail server running on a Linode VPS. It was up and down as to whether emails got delivered. Google, Microsoft and Apple were the most likely to refuse delivery. I traced the block to UCEPROTECTL3. I looked into their policy, as all the other blacklist sites were fine. Turned out that although MY IP address was clean, as were all other in the subnet, I still get marked as spam because I'm with Linode. They are asking for £20pm to whitelist my IP. Sounds like a protection racket to me. Thankfully, the server is so low volume I can use a reputable mail forwarder for next to nothing.

    Rant over

    1. Anonymous Coward
      Anonymous Coward

      Re: Is this new?

      That sounds like a fine admission of guilt should someone decide to take MS to task over it. Banning a whole competitor and then offering to unblock their clients for a fee is ... beyond dodgy, especially given some of the legal undertakings they made to make their previous legal problems go away.

  11. DomDF
    Devil

    Anticompetitive

    Given that Linode compete with Microsoft Azure, I can only assume Microsoft are doing this to try and put Linode out of business.

    1. Clausewitz 4.0
      Devil

      Re: Anticompetitive

      Cannot be rules out. A lot of cases in the past years, oldest I remember was Microsoft vs. Netscape

  12. Franco Silver badge

    Hardly a new issue

    As much as people will love to bash Microsoft for this, it's been going on for years. Someone will have reported an IP or range of IPs and it will have gone on to a blocklist without anyone ever checking why it was reported or if it's a genuine spammer.

    I used to see this about once every 6 months, common issues were a malicious report of a BT smarthost IP to the usual blacklist providers, or after that when cloud providers started to become a thing both Message Labs and GFI MaxMail were also very quick to block IPs for a single report and very reluctant to take them back off again.

  13. Anonymous Coward
    Anonymous Coward

    A few weeks ago

    I wrote a comment about how my business does not have a website or an email address.

    We use a standalone fax machine, snailmail and telephone only.

    This article makes me feel vindicated.

    1. Clausewitz 4.0
      Devil

      Re: A few weeks ago

      You must be pretty good at what you do.

      For not having an email and still running smoothly.

    2. keithpeter Silver badge
      Windows

      Re: A few weeks ago

      @idiot taxpayer

      I recollect fax-spam was a problem back pre-millennium. Is that still a thing?

      I actually miss the days when I could run everything off a phone and a fax (voluntary sector).

      I'm assuming that your business must be in a good niche and that you have long term customers. Best of luck with it.

  14. Joe 3

    This has been going on for years!

    I run a server with just ONE email user – a friend of mine with a small business – who sends no more than a few emails a day in total. Despite this, about every six months Microsoft blocks the IP address, citing unspecified bad behaviour.

    We've got DKIM and SPF set up. Searching the server logs reveals nothing suspicious. Microsoft flat-out refuses to tell us anything at all about why we've been blocked. No other spam blocklist shows us as blocked, and even Microsoft's own tools (JMRP and SNDS) give us the all-clear.

    The only way to get unblocked is to follow a back-and-forth dance through the Microsoft help system (they always refuse to do anything at first, you have to send an annoyed reply) and wait a few days.

    I suspect that the reason is that our IP address sends so few emails, it's being reclassified as a newly-in-service IP address. But Microsoft won't tell us anthing, so that's just a guess.

    Long thread here: https://github.com/MicrosoftDocs/microsoft-365-docs/issues/592

    1. Ken Moorhouse Silver badge

      Re: Microsoft flat-out refuses to tell us anything at all about why we've been blocked

      The reputable, responsible blockers can give you the time and date when you triggered their block, without giving too much away.

      Your friend might be falling foul of a "backscatter" event to a honeypot, for example.

    2. frenchy128

      Re: This has been going on for years!

      Same, I run and small web/email host for some small business's in a small town in northern ontario. Running since 2006, no issues with email. All setup with DKIM, SPF, DMARC, the works. Using an open source spam solution (mailcleaner) for years, prior to that Barracuda Email Security.. Never had an issue.

      One day, users report issue with emails, same issue as the article. Event offered to have the agents remotely connect to show the issue, they remoted in, and proceeded to uninstall my antivirus saying it was causing the issue. After months of back and forth, frustrated customer, I was forced to change external Ip's for clients, and the host in general. Still working on IP rep now, daily battle to get back to the stability I had before. I had logs, proof of an MS Issue, but they refused to look at it or work with me.

      I'm going to use the "Secret List" that was mentioned, archiving this article as ammo for my next battle with MS.

  15. xyz123 Bronze badge

    Is this going to be like previous "accidents" where Microsoft wants to buy Linode for cheap and is illegally devaluing their product via email blocking?

  16. Pan_Handle

    Thought it was just me. Linode support seems to have gone downhill recently as well!

    smtp2go seem pretty good as a stopgap - in fact, not sure I need the Linodes now...

  17. Ian Johnston Silver badge

    You think that's bad? I have a domain on UK2.NET and they block any emails sent to that domain through their own SMTP server. Apparently this is for spam reasons, or something. The SMTP server is password protected and encrypted.

  18. Roland6 Silver badge

    Tried 'block' 'unblock'?

    >"Requesting to delist via their automated portal doesn't work as it claims the IPs aren't blocked,"

    I've often found (and I'm sure other have) when systems (especially Windows 10) do this a good option is to throw the switch to force an update down the chain ie. get all the ducks in a row, and then throw the switch back again to force another update cascade.

  19. DeathSquid

    That's a Microsoft problem...

    Sounds like a Microsoft problem. Their customers are not getting email they want. They should take it up with their email provider or find a more reputable one.

    1. SImon Hobson Silver badge

      Re: That's a Microsoft problem...

      That won't work except with a very small number of tech savvy users - small enough that MS won't g.a.s.

      MS customer contacts MS to complain. MS tell then that the problem is with the sender's system. Unless the user is both tech savvy AND persistent, that's as far as it will get and it will still be down to you to fixfind a workaround for MS's sh*t.

  20. masterbaiter

    Fight back?

    Perhaps some email providers should - even if only for an hour - ban Office365 emails, with an autoresponder stating, "Your email has not been delivered because you are using Office 365" and an explanation of why. Also stating, "Please contact Microsoft to get your email address unblocked".

    Might get their attention for their incompetence and anti-competitive tactics.

    Whatever happened to simply just sending messages to the spam folder?

    1. SImon Hobson Silver badge

      Re: Fight back?

      And what do you really think will happen ?

      Customer complains, MS tells then that it's a fault with your service, unless a tech savvy user who is very persistent, then they'll simply take MS's word for it and assume you don't know your SMTP from your USB. So you look bad in the minds of your customers.

      I've had this problem in the past with AOL - blanket block for all "residential" and "dynamic" ranges. I was in a group and one of the group members was with AOL. The fact that I could not send email to him was my fault - not his fault to get AOL to unbreak their system, but my problem to sort out. Because fo the nature of the group, "sorry, can't communicate with you" was not an option. For a long time I did have a reject for anything AOL that told the sender to ask AOL to unbreak their system (not that I dealt with anyone else on AOL). IIRC it was a couple of years before (yet another) session browsing around their user-unfriendly help pages found me a method for asking for my IP to be unblocked.

      As for the spam folder, you may well ask.

      Many people I know simply assume that if it's in that folder then it's spam. Select all, delete - or just right click and empty (whatever their MUA does). But it would be one step better than accept it with a "yes, we'll deliver that" SMTP response before silently deleting it. But that latter is what ALL the big players do, it's fundamentally broken, but they've persuaded enough of the population that it's "a good idea" that people don't understand just how broken it is.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022