Maybe they confused Hotmail for Hotmale and thought it was porn spam...
Exchange Online blocked from sending email to AOL and Yahoo
If you're an Exchange Online user wondering why emails to Yahoo and AOL users haven't been getting through, don't worry – it isn't just you. Stricter security rules have tripped up Microsoft's email service. The issue dates back to the end of February and is related to stricter restrictions implemented by AOL and Yahoo. …
COMMENTS
-
-
-
-
-
Thursday 14th March 2024 14:36 GMT Dimmer
Re: Alternatively, perhaps just pick up the phone and have a chat
"I’ve an old US Robotics in a box in a corner"
Same here. As a test, I handed one to a new employee. I told them I would buy them lunch if they could identify it's use without looking it up.
He could not.
- I must be getting old......
-
-
Friday 15th March 2024 19:58 GMT azander
Re: Alternatively, perhaps just pick up the phone and have a chat
This is assuming you can still get an old fashioned copper land-line. They are no longer available around here. Not even for Fax systems. Best you can do is get a digital line, that's fiber to the RT, then copper to the premises. Dialup doesn't work well over those lines, if at all.
I happen to work for an ISP, in Michigan USA, that still offers dialup, because some people can't get anything else, and that includes satellite.
Have a digital line? Best speed we have seen so far is 24K. Most are in the 12 to 14K range.
-
-
Friday 15th March 2024 08:17 GMT Arthur the cat
Re: Alternatively, perhaps just pick up the phone and have a chat
I told them I would buy them lunch if they could identify it's use without looking it up.
As remarked elsewhere, once upon a time you had to explain what a video cassette was to old people, now you have to explain them to young people.
-
-
-
-
Friday 15th March 2024 01:40 GMT PRR
Re: Alternatively, perhaps just pick up the phone and have a chat
> procure a device from the museum called a "dial-up modem" ;-)
When I moved to the woods of Maine in 2009, I thought there was data here, but they did not mean "now".
When we called the telco they got right on it, unlike the TV Cable operator who was and is a bunch of morons. But the telco cables and concentrators were old and tired. I spent the first couple months here at 19,000 baud good days, under 9600 baud other days.
2009 is not all THAT long ago. And this woods is on the way between two "large towns" (large for Maine).
Now I have two data offers, but I keep the modem for reasons.
-
-
-
Thursday 14th March 2024 12:05 GMT Anonymous Coward
Spamhaus and the like can be a pain. When I set up a business about 15 years ago I didn't know
muchanything about domains. The only address I could get for my company was a .uk.com one so I took it. All was well for a couple of years then we had loads of trouble with emails bouncing due to Spamhaus periodically blacklisting virtually the whole of .uk.com and the impossibility of doing much about it because I was on a secondary domain - a thing I hadn't known or understood when I bought it. When the .uk domain came up I changed to it, only to find out that many mail systems automatically put anything .uk into spam. The .uk problem seems to have settled down now - I have a personal .uk which is sometimes, albeit rarely, problematic for some servers - but our company is on a .co.uk now. Moral of the story is that if you're setting up a company then an available web address name is more important than a snappy company name.-
Thursday 14th March 2024 12:17 GMT Yorick Hunt
Spamhaus has never blocked domains; it's always been IP-based.
Frustrating as it may seem to the uninitiated, try being on the receiving end running a mail server receiving thousands of steaming turds from the same compromised sending server.
If you're ever facing a problem with Spamhaus, complain to the operator of your mail service - they're the only ones who can get rid of the problem (by thumping the offending account).
-
-
Thursday 14th March 2024 17:12 GMT perkele
I've found Spamhaus very frustrating...
Report stuff to them and it seems to never be fixed... e.g. Disney spamming you (proper Disney) and no unsubscribe link [former account holder, not renewed]...
But they are scared of the Mouse or perhaps he gives them money?
Stupid spam report form which - if I understand correctly they work on signatures and hashes -- cuts off at a certain size so you can't paste the offending material in. They are (were?) clear they don't JUST want headers and don't even cut off the unwanted... so you can dance several times trimming more and more shit.
I stopped bothering to report to them, even with maybe 1/3 of my reports allegedly being taken seriously, whatever that means in real life.
-
-
-
Thursday 14th March 2024 12:20 GMT Yorick Hunt
Coming home to roost.
Giving every Tom, Dick, Harry, Habib et al a free Exchange account to play with to "trial" the service with a complementary .onmicrosoft.com subdomain was always a recipe for disaster.
Maybe now that larger mail services have started saying "FOaD" to them, Microsoft might actually start taking their responsibilities seriously?
-
Thursday 14th March 2024 13:47 GMT Agent Zoil
Re: Coming home to roost.
I am glad to see someone has enough clout to get Microsnot to actually do something about it. MS has been the biggest spam/scammer source in my system for ages. But as just a drop in the bucket there is no way for little me to get them to give a &$@#.
The mail headers from the daily poundings I get through MS show this...
X-Ms-Exchange-Authentication-Results: spf=fail (sender IP is 45.156.21.51) smtp.mailfrom=t6DGGXCf.onmicrosoft.com; dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t6DGGXCf.onmicrosoft.com;
-
Friday 15th March 2024 18:20 GMT alanjmcf
Re: Coming home to roost.
In the default case email from all ‘vanity’ domains will be DKIM signed with the THING.onmicrosoft.com domain, Google Workspace does something similar. So the receiver will see them only as signed but NOT ‘in alignment’ (eg signing domain isn’t the same as the From domain, etc). With receivers getting more strict, senders need to be fully compliant now.
Of course, the onmicrosoft sourced emails will be DKIM compliant by default. :-,)
-
-
-
-
Thursday 14th March 2024 15:38 GMT rg287
You jest, but I recently took over as Membership Secretary for a small sports association.
Of the 70-odd email addresses in our membership list (told you it was small), the following domains showed up:1
Gmail: 16
Yahoo: 11
btinternet: 10
Hotmail: 8 (plus an @live and @outlook, so 10 for Microsoft)
AOL: 6
Sky: 5
Plus a smattering of oddballs - protonmail, gmx, tiscali, blueyonder
I was surprised at quite how many people have custom domains. I know a couple of those are hosted on M365, so chalk up a couple more for MS. Couple of work-looking domains as well (why do people do this?).
We constantly hear that "mail is just Microsoft vs. Google", but it doesn't seem to be quite the case, at least not for this (admittedly small) sample. At least in the UK, btinternet has a sizeable chunk of the market (at least amongst the older/account-holding demographic. The youth are probably more on the gmail they got when they were 14). Yahoo is surprisingly dominant.
1. .com and .co.uk addresses are aggregated since we're really talking about providers, even though in actual mail terms they'd be treated as totally separate domains.
-
Friday 15th March 2024 01:29 GMT PRR
> the two dozen people with Yahoo email will be distraught at this development
Citation?
Aside from Yahoo, other mega-ISPs moved their freemail to Yahoo. ATT.NET and WORLDNET.ATT.NET moved to Yahoo a decade ago. Yahoo was semi-successful monetizing portals which AT&T was never good at, so they could do free.
For much of the decade ATT/Yahoo mail was as good as G-mail, pretty much. (Aggravating but free, so....)
IMHO MS's mail services are very much worse than Gmail or Yahoo, and have been for a couple of decades.
-
-
Thursday 14th March 2024 12:24 GMT F. Frederick Skitty
Suspect this is similar to the cock up 123 Reg (now a GoDaddy subsidiary) made when moving their hosted email service to a new system. They didn't even implement DKIM, and every email from accounts that has been moved was blocked when sent to a Gmail email address. Took two weeks to get it sorted.
-
-
-
Saturday 16th March 2024 18:26 GMT Mike007
Re: AOL
I always laugh at the fact that it cost them hundreds of £ to write "I am not professional enough to invest in an £8/year domain name for my company" on the side of their van...
One man band with sales@company.co.uk and a memorable phone number with repeating digits on their van? Approved!
-
-
Thursday 14th March 2024 14:58 GMT tony72
One found emails were DKIM signed by the onmicrosoft.com subdomain rather than the actual sending domain. They set up DKIM for the actual sending domain, and all was well.
Microsoft was prompting to check this back in February, if not before, there was an alert either on the 365 admin centre or the Exchange admin page. I sorted ours on the 13th. No idea if that's actually the "fix", but emails to the one AOL contact that I know about seem to have been getting through fine in the last week.
-
Thursday 14th March 2024 15:42 GMT Justin Pasher
Enforcing DMARC
Absolutely. AOL/Yahoo[1] and Google[2] both made announcements about stricter DMARC validation, which requires either SPF or DKIM alignment. SPF alignment can be tricky if you don't have control over the envelope sender (the "internal" address usually used for bounce backs). DKIM alignment requires the signing domain to match the From header. The article itself mentions that someone fixed their problem by setting up proper DKIM signing. It's very unlikely to be IP address based, even though there are miscreants that use Microsoft email services.
All that being said, Yahoo has always been a joke for email deliverability. Their solution to reducing spam is basically "accept fewer emails." If you are a bulk sender (and sometimes not), they will randomly start throttling you and return a generic "deferred due to user complains" message, which is completely bogus. Anyone that has a Yahoo email address should not expect reliable email delivery.
[1] https://blog.postmaster.yahooinc.com/post/730172167494483968/more-secure-less-spam
[2] https://blog.google/products/gmail/gmail-security-authentication-spam-protection/
-
Friday 15th March 2024 08:12 GMT psychonaut
Re: Enforcing DMARC
Exactly this. If they haven't enabled their actual domains dkim on their 365 account and set up the cnames in their dns, along with a proper spf record, with a -all not a ~all and a dmarc record, yahoo and many others will bounce their spam looking emails . I hate yahoo, but this isn't an ms issue or a yahoo issue, this is a "I don't know shit about how to set up 365 properly" issue
-
-
-
Thursday 14th March 2024 15:05 GMT Keith Langmead
Proactive monitoring perhaps?
"However, it is also all too easy to trip up and for users to find themselves on an SBL without realizing it until the emails stop being delivered."
However, it's also all to easy to setup monitoring and alerting to check whether your outbound email IPs have appeared on certain SBLs, so you can do something about it proactively!
Hmmm, maybe that was handled in the past by the same team who tested their patches before they were publically released... so no longer gets done.
-
Thursday 14th March 2024 18:38 GMT Tron
You really need a plan B.
Especially for medical stuff. Tech just isn't resilient. These screw-ups will multiply like tribbles when people switch to increasingly less competent staff and then to AI systems, ditching their customer service for bots.
If you can't work without tech, it is only a matter of time before you are screwed. Have a plan B. Whether you phone or send postcards or accept cash. Have a plan B.
-
-
Friday 15th March 2024 02:08 GMT john.jones.name
no the issue is trusting AV/mailware i.e. .trendmicro.eu
the problem is they only have 1 MX server and thats prefilter.emailsecurity.trendmicro.eu.150.70.226.147 its borked
email has failover and preferences for mail exchanging systems only using 1 trendmicro.eu is a bad design it should have a failover on a different domain at the very least...
even Microsoft know better...
-
-
-
Friday 15th March 2024 06:26 GMT biddibiddibiddibiddi
If people are getting NDRs which indicate the anti-spam service that blocked it, why hasn't that become public instead of us reading an article that repeatedly mentions it being an unknown service that Microsoft is talking to? And why is it taking so long to identify the IPs involved? The NDR usually specifically tells you which one.
-
-
Saturday 16th March 2024 09:48 GMT biddibiddibiddibiddi
Yes but that IP is part of a range. Surely Microsoft can say "Our mail servers use x.x.x.x through y.y.y.y", please allow those through." and the anti-spam provider can scan their list of blocked IPs and uncheck the boxes for all the ones within that range. Surely they don't have a single employee manually looking through a paper list for each IP one by one.
-
-
-
Friday 15th March 2024 18:20 GMT alanjmcf
Can all folks running Office 365 and have admin privileges check that DKIM is enabled for all their domains. Check each domain in https://security.microsoft.com/dkimv2 is Enabled. If not copy the two DNS records it displays into your DNS, wait a wee while, and click Enable again. See https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide#configure-dkim-signing-of-outbound-messages-in-microsoft-365
If you’re in Google Workspace (or whatever they call it now), see https://support.google.com/a/answer/180504?hl=en
The problem here is mail admins who are living in the past and aren’t keeping up to date with email standards, in particular DKIM. We’ve been setting it up for our customers for years, but when we bring new customers on board we find their previous MSP has done nada! Google and Yahoo have started enforcing it on emails they receive, in particular for domains sending more than 5000 emails per 24 hours. https://www.valimail.com/blog/navigating-the-new-gmail-sender-landscape/
There have been multiple Message Centre posts in Office 365 warning of this. It might end up that Microsoft need to start popping-up warnings in Outlook, or even blocking sending if folks don’t get their fingers out and configure DKIM. I suspect they will also make another sending pool for all domains without DKIM enabled properly, so that their bad reputation doesn’t affect the rest.
Finally If you’re on your web hosts’s email say, DKIM might well not be supported. That’s the case for LiveMail at FastHosts for instance. https://help.fasthosts.co.uk/app/answers/detail/a_id/3700/~/what-is-dkim-and-can-i-use-it%3F