SoylentNews is people
SoylentNews
This actually seem to have started at least early in December. Microsoft (Hotmail) seemed to block all incoming mail from Linode, without alerting the recipient or routing to the spam folder. Looks like the problem is still afflicting Linode customers.
Email Blocklisting: A Christmas Gift From Microsoft That Linode Cant Seem to Return:
"Microsoft appears to have delivered the unwanted Christmas gift of email blocklisting to Linode IP addresses, and two weeks into 2022 the company does not seem ready to relent.
Problems started as large chunks of the world began packing up for the festive period. Complaints cropped up on Linode's support forums when customers began encountering problems sending email to Microsoft 365 accounts from their own email servers.
[...] More recently, the Linode team has offered to swap out affected IPv4 addresses for unaffected ones – or, for a fee, it will add some new ones to users faced with the problem. "While we cannot control how long it takes for Microsoft to address the issues on their end," said Linode, "we do have potential solutions that we can offer in order to help customers avoid the current 'Banned Sender' bounces."
[...] Blocklisting IP addresses to prevent the delivery of unwanted emails is not a particularly complicated concept, although Microsoft has perhaps been a little more enthusiastic about this than is strictly necessary over the years. In 2019, tsoHost's bulk email domain found itself on the naughty step for Outlook and Hotmail addresses and getting itself off again proved a bit of a challenge.
Linode itself is an infrastructure-as-a-service outfit, with data centres spread around the world. One can host one's applications (including email services) and data on its platform as an alternative to the bigger boys. Right up until Microsoft decides to slap the IP addresses one is sending from on to a blocklist.
(Score: 5, Informative) by Anonymous Coward on Friday January 21 2022, @08:49PM
At my prior employer, We had a combination of Google Apps for student accounts and self-hosted for staff and faculty email.
New upper management person insisted that faculty/staff mail be moved to Microsoft Office 365 (o365).
I went from 1 or 2 spam mails in my inbox every month or two with our old on-prem email, to 10-25 spam mails per day in my inbox with o365; my email address was published publicly on ARIN records, the website, etc., so it was the target of a lot of spam.
I had written some anti-phishing rules that were very effective for the postfix setup (nearly 100% with 0 false positives ever reported). As a failsafe/canary, I also had postix setup to hold (not deliver) responses to known phishing addresses, and we would get an alert telling us the sending address, so we could let the person know they responded to a phishing mail (it never caught anything besides my test messages; our anti-phishing rules pre-o365 worked well). Upon moving to o365, we had four credential compromise incidents, in the first week, due to successful phishing attacks (o365's crap spam filters didn't catch *any* of the phishing mails that I received-- including phishing emails claiming to come from Microsoft?!!! ). Our user support group began sending out at least one notice per month reminding people to be careful of phishing emails, since it was impossible to block them with o365.
o365 spam filtering is so bad that I even got Nigerian prince spam mail in all caps in my inbox?!!!
o365 has terrible options* available to the admin to reduce missed spam, the options provided will cause a high false positive rate-- they only let you match things like keywords?!!! Our prior rules looked for things like quirks in headers sent using common spamming software for 0% false positives. Or, regexes on content that when tested on a corpus of many millions of ham messages, triggered 0 false positives. I added headers that could be used to track down, and fix, the responsible rule(s) if anyone ever sent a message to our email account to report legit mail that was marked as spam. We tried for 0% false positives, and yet we were still a million times better at blocking spam than o365. On o365, even with their shit rate of catching spam, I personally had many legit mails, every day, incorrectly marked as spam (mailing lists were unusable with o365).
And, o365 allows discarding mail after it has been received based on their crappy keyword matching. Once you finish the SMPT conversation, and accept mail, that is a contract to deliver said mail. You may flag it as spam, but it must be delivered. If you don't want to deliver mail, it needs to be rejected during the SMTP conversation, so the sender is aware the intended recipient never received the mail (and, no backscatter is generated). Any competent mail admin is horrified when they find out what MS does.
Then there were reports about external entities that could not send us mail because o365 was blocking them. If they didn't publish DKIM, SPF, DMARC etc., I'd try to help them get things setup properly. But, even folks doing everything correctly would be blocked by o365 broken filtering / blacklists.
I commented about how o365 is a dumpster fire to a guy who is the mail admin at a different school that also switched to o365 from on-prem. He said they ended up putting their old spam filtering stuff (with postfix) in front of o365, so they could get spam filtering that didn't suck.
Everything about MS hosted email screams incompetent morons are running the show.
MS's downtime was so bad that I used to always refer to it as, "Office 356" in email with that management moron who forced us to use it.
* Google didn't offer anything for fine tuning spam filtering, but Google did a million times better job, at filtering spam, than o365, so it was less of a concern.