Microsoft blocked TSO Host's email IPs from Hotmail, Outlook inboxes and no one seems to care Microsoft has blocked Brit hosting outfit TSO Host's bulk email domain, meaning anyone trying to send large quantities of mail over its infrastructure cannot deliver it to an Outlook or Hotmail address. Irate resellers got in touch with The Reg to complain that their own customers were moaning that emails sent to any Microsoft …
Oh, they've known about it for ages. I know, because I'm directly affected by this.
I've raised a couple of tickets, which have both been replied to along the lines of what is in the article body - they've raised it with Microsoft and are waiting for them to do something about it.
Given that - in my experience at least - their track record for support with things that they can control directly has been pretty good, I can only guess that this is Microsoft dragging their heels. Which is insanely aggravating.
I had the displeasure of adding a domain to an Office365 account recently, and it appears that Microsoft has managed to make their online service match their OS: it. is. slow. beyond. belief.
Adding a domain is a painful exercise - the system may recognise that you've added their magic key to prove ownership quick enough, but it takes friggin' hours (at least when I was doing it) to recognise mailboxes and aliases. Any FOSS IMAP or vanilla Exchange setup does this pretty much from the moment you submit the alias, but not the piece of crap that is Office365 Premium Shiny Platinum Gold Plated and Encrusted with Diamonds (sorry, channeled one of the marketing people - excuse my while I wash my hands).
I don't trust MS to write a decent OS, let alone offer a service that either will fail at the most opportune moment (which, I must admit IS a speciality of them) or that will be discarded for a new shiny toy for management the moment you finally have it moderately stable (read: after a few years, because they're hopeless as releasing usable v1s).
Anyway, I had not used my rant quota for this week. I feel better now -> beer for the rest.
"..Adding a domain is a painful exercise - the system may recognise that you've added their magic key to prove ownership quick enough, but it takes friggin' hours (at least when I was doing it) to recognise mailboxes and aliases...."
I've had it take about 15-20 minutes to add an alias before - well when I say add, I mean begin accepting email to that alias but not hours, to date.
I should caveat that it's been a while since I added one, so things could be worse.
I've had it take about 15-20 minutes to add an alias before - well when I say add, I mean begin accepting email to that alias but not hours, to date.
Adding a domain takes hours, even though I can see the propagation having taken place from various places in the world so it must be something internal, and adding an alias to a domain in production really should not take even minutes. There is something seriously wrong with their setup if it takes that long - oh no, wait, it's Microsoft. They don't care about your wasted time, the ribbon was the best evidence of that.
I should caveat that it's been a while since I added one, so things could be worse.
It is. Glad I don't normally have to use it. Even better, I'm about to remove a VERY big customer from it because I pointed out a few things to their board which they really, really didn't like (evil grin).
There will be some under-lying motive here, they probably for to pay for their email "Sender Certification" i.e. pay us X amount, and we'll white list you.
If you don't think its a thing, then your delusion is about to shattered (hint, Hotmail/Outlook is one of their biggest partners): https://returnpath.com/solutions/email-deliverability-optimization/ip-certification/
The IP address quoted is not listed as being blacklisted anywhere at present by mtoolbox and the last report at SORBS is from 18th July, so presumably it's presently just Microsoft. Don't know how responsive they are to requests to being delisted - SORBS will delay your de-listing depending on how much spam they've detected, for example.
I've had this with my ISP on several occasions - it only takes a few minutes for a determined spammer to get an ISPs mail servers blocked for the rest of its customers and it can take days for the blacklists to be lifted.
I too chose the wrong time to move my domain hosting to TSO and have suffered various email related problems ever since.
It doesn't surprise me that their servers are blacklisted; there's a serious flaw with their mailbox password policy (I believe that only the first 8 digits are hashed), which means that very often spammers can carry on pouring their junk through unsuspecting subscribers mailboxes, even after they've changed the password!
I reported this to TSO on 18th June and they responded by saying word to the effect of: oh yeah, we'll get around to fixing that someday.
I also reported it to the Reg news desk and in comment on this story: https://forums.theregister.co.uk/forum/all/2019/06/18/tsohost_weeklong_outage/
I've had no further response from anyone, so it seems to me that nobody gives a damn about any of this.
With a couple of email servers I've set up on linode. Seems to look like Microsoft will block a hosting service across their whole block of IP address if they detect spam on one of them. A quick ticket to linode and they sorted with Microsoft. Bad service from these guys coupled with a heavy hand from MS.
None of the large mail providers depend on SORBS or the other public RBLs now-a-days, they have their own internal RBL system that they use (seeing the viability and usability of the RBLs out there, I don't blame them).
Thus you have to deal with each on their own terms. And deal with each large mail provider on their own. Most like Comcast or Yahoo keep you on the block list for some short period, see if you are still sending SPAM and if you are, will renew the blocks. If they see the rate down, you get auto-delisted.
So if the rate of SPAM in Microsoft SNDS stays up in the red zone, you are unlikely to get cleared.
Running an ISP mail provider, I find most blocklists are fair, although Microsoft's is the longest to wait and deal with. The appeal process is also backwards (ie. you have to reply to the ticket that says in no uncertain terms do not reply to this ticket). But usually if the auto-delist system hasn't cleared after your SNDS rate has fallen, appealing to the ticket usually gets good results through them. I see a few appeals on mailop, but most of them haven't gone through the proper normal steps that Microsoft has laid down.
They don't seem capricious or arbitrary to me. They really do make sure you are on the ball with your own rate limiters and compromised account detectors.
"Why do Microsoft's customers not get a choice of what to block? Surey they could let the messages be delivered into their junk folder instead of blocking them outright. This is a denial of service attack on their customers."
You may be surprised to know that, by volume, across the Internet, that 80% of email is spam. So mail providers are already just deleting or blocking 50% to 80% of all email they receive, and most users aren't aware. And a lot of spam is just deleted.
...to my other half that does web development.
She just laughed. She said that it didn't surprise her and that TSO were always going to get burnt by having a bulk email facility openly available.
Long time coming apparently. Plus she says they are really crap as hosts.
They all start out good and then just get packed and don't bother to upgrade.
Still see the same amounts of spam to my hotmail account.
Fortunately, All items that use the hotmail account are spam by definition. I use it for those that require a valid email address, and example@example.com or abuse@theirdomain.whatever doesn't work for them.
There are no legitimate reasons for email to be sent to the account, and a human reading the name would realize this.
Still see the same amounts of spam to my hotmail account.
Fortunately, All items that use the hotmail account are spam by definition. I use it for those that require a valid email address, and example@example.com or abuse@theirdomain.whatever doesn't work for them.
People still use hotmail? I had just about abandoned my hotmail account almost as soon as microsoft bought it. For more than two decades, I found it easier to just use my hotmail account as a spamtrap. What they have that others do not is the exclusive spam rules that require the email to be on the accept list or else it is considered spam.
I've noticed a large increase in networks thinking that they're too important to be blacklisted so they don't handle abuse complaints. Spammers know exactly which networks these are and jump on them in an instant. I currently have all of these blacklisted for not even having a working abuse contact - Orange, Jumpline, Vodafone, Vox Telecom, Swift Networks, DigitalOcean, Raccom, I-Gate, Vega Telecom, some of Level3/CenturyLink, GTT, Internap, Hetzner, Telefonica, Localweb, Servinga, most of Brazil, and a dozen others. There are probably many more that I've never seen due to quick Spamhaus filtering.
People complaining about blacklists don't know the scale of spamming. Without them your inbox could receive up to 100 spams per SECOND from botnets. If you're Google with millions of servers and advanced AI, you can perform content filtering at spam scales. For everyone else, the blacklists are needed to manage resource consumption. This is also why Google hosts so many spammers - it's a huge drain on competing mail providers.
Totally agree. The scale is unbelievable to the point that even my basic mail scanning appliance blocks over 80% of incoming connections based on live IP reputation. Then blocks a few percent more after scanning the mail, all before if gets close to the actual mail server.
How anyone can get any work done is quite astounding. Just imagine how quick your mailbox would fill up without these protections in place, never mind the load on your systems.
BTinternet is another ISP who use blocklists which seem to pick up every tiny indiscretion (and often block gmail addresses =:-o)
But I saw a friend's TSOhost mail get bounced the other week. AFAICR, the relevant TSOHost IP block blacklisted was only blacklisted by one organisation, so either M$ use that same blacklist or keep their own. That TSOhost account was I think one of their Cloud accounts. My own email & site is a legacy Cpanel site originally on Evohosting (who were bought up by TSO) and I have not had any problems (touch wood).
Real issue I think is a quick and effective means of saying Oy! this email is genuine. </holdingbreath>
If you haven’t moved on already, I strongly encourage you to look at Stablepoint. Setup by the original TSO founders, it’s proper hosting as it should be (as TSO was back in the day!). They know the TSO systems inside out so can help you easily migrate customers over. They’ve got a community Slack channel too if you want to ask any questions.
There's actually quite a lot of things that are bulk but not spam. Couple of examples:
Announcements that tickets for X are now on sale, where X is a specific event and you have explicitly told the organisers of X that you want to be told when it's going on sale.
Notification that an annual renewal of a service you buy is due.
Notification of cancellation or rescheduling of something you are visiting or travelling on (train, plane, concert etc)
Sadly, that is currently completely indistinguishable from spam, as it relies on information that upstream filters don't have - namely that you're expecting or desire to receive one or more emails from a specific organisation about specific topics, but don't know when or if they will be sent.
A possible "solution" would be the ability for you to send an email from your account explicitly asking for the update, that the filters could recognise as being a request for a specific set of future email notifications.
As that doesn't exist, and marketers still send mass email that nobody wants, almost all mass email is blocked, as its it almost certain that the mailbox owner does not want the email.
Microsoft typically uses a sender reputation list rather than traditional rbls like sorbs, they are also very difficult to deal with on occasion. The email admins need to sign up for their JMRP and monitor their activitie and take action as needed. I've had to deal with this several times and have had never had an issue that lasted longer than a few days and we have a /18 of email servers.
I have used the OLX sales site every so often, registering with a well known email provider and a paid (non-free) account.
Everything went reasonably well till one day, out of the blue and without any warning, my two or three adds were terminated with a notice that they had expired and had to renew them.
I was not able to log into my account and wrote their support people to ask what was going on and they told me there had been some issue and had to re-register. I was not able to and after jumping through a few loops was finally informed that my email provider had been blacklisted and that I should try using Hotmail or a Google account.
Yes ...
Incredibly enough, that's exactly what they said.
Explaining to them that the email domain that they were blocking was accepted (among others) by three banks, two credit card companies, a worldwide payments service, two professional associations, the local IRS, two federal government agencies as well as two other virtual sales sites did not matter and it was made quite clear that it would not be taken into consideration.
Eventually, the day will come when you will only be able to work, buy, sell or do anything on the web if not registered with or belonging to the organisation/party that rolls the dice.
Orwell was undoubtedly a visionary but we are are blind.
O.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
