Emails to Outlook.com rejected due to a fault or overzealous blocking rules

theregister.com

・

124 points

・

Bender

・

10 hours ago

80 comments

VladVladikoff ・ 2 hours ago

This has plagued us for years. We send quite a lot of transactional email (about 150k emails per day), and there have been several times where Microsoft blocked our server. Usually it is because Microsoft has banned an entire netblock, that our server just happens to be sitting in. I have seen them do this to IPs fro Hetzner, Linode, Amazon AWS (SES), etc. And yeah we've signed up for their junk mail reporting service, and we have all our DNS records dialed in perfectly.

I even went as far as signing up for Azure, in the hopes that if I sent from a Microsoft IP it might not get blocked. But I didn't make it very far, every step of the way was like watching paint dry while the interface loaded or did something. Once I finally got the thing set up in order to send mail, the API was so molasses slow that it couldn't handle our mail throughput. Meaning it would take about 30 seconds to send each transactional email because of how slow their API is. Well that's only 2880 emails per day, that is not a reasonable send rate at all.

I have even lost customers over this mess, it's really hard to explain to them that they can't receive our email because of their provider and not us. Especially when Microsoft has the audacity to return: 250 OK Email Queued (but then not deliver it anyway!)

If anyone has any solutions to this mess I am all ears!

tokyobreakfast ・ 2 hours ago

It's almost certainly because your customers are reporting your emails as spam by moving it into the junk folder which is training their systems.
Once enough of your customers do this to cross a certain threshold, you are identified as an undesirable sender and QED.
- dijit ・ an hour ago
  
  It happens at scale.
  There's like a middle scale where you're not big enough that Microsoft will go out of their way to whitelist you, but you're big enough that your "send to junk" rate is just high in terms of absolute numbers.
  It's certainly not a ratio, it must be based on absolute numbers because I've seen it too many times across too many companies, and the only ones that get away with it are extremely low volume.
  Once you have 1,000,000 mails, even a 0.1% mark as spam rate is 1,000 emails. - and some people treat mark as spam as their delete button, certainly more than 0.1% of people. Don't ask me why.
  EDIT: on inspection; it's worth noting the mechanism is even more insidious than "people mark you as spam". Microsoft also weighs delete-without-opening as a negative signal. So if you're sending transactional mail (receipts, shipping notifications, invoices) and your users get exactly what they wanted, feel satisfied, and bin it without opening. You've just taken a reputation hit for doing your job correctly. The senders most at risk aren't the ones sending rubbish.
  
  andrewmcwatters ・ 3 minutes ago
  
  [dead]
- adrian_b ・ an hour ago
  
  I do not think that is true.
  Once when this happened to me a couple of years ago, it was the opposite.
  My e-mails were put by default by Microsoft as spam into the junk folder, without the customer knowing anything about this.
  After I succeeded to notify him about this, he searched there the e-mails and marked them as "not spam", and then he received my following e-mails.
  So initially the customer did nothing and was not aware that some of the e-mails sent to him are classified as spam, and he had to do active efforts to override this default action by Microsoft.
  There was absolutely nothing suspicious about the e-mail messages classified as spam in their content, their only fault was not coming from one of the few major e-mail providers.

zelphirkalt ・ 4 hours ago

It is my experience, that Outlook is not a reliable e-mail service. Sometimes e-mails are not delivered, or only delivered hours later. When they are delivered, even as a paying customer, they are downloaded so slowly, that I had to wait 10 minutes to get all my e-mails, while my 1 EUR per month Posteo provider delivers in seconds.

My impression is, that the only reason one would want to have MS as a mail provider is, that they are entrenched in the e-mail provider reputation and delivery game. Other than that, it seems to be an all around bad service. Not even talking about the mail client itself.

SoftTalker ・ 2 hours ago

The big reason is enterprises buy into O365 and running their email through Outlook instead of on-prem or at another provider is part of that. For the same reason they use Teams over Zoom or Slack or other alternatives.

Ensorceled ・ 9 hours ago

My clients have been experiencing this forever; the logs SAY "temporarily rate limited due to IP reputation." but really the emails are never going to get delivered. I have to get MailChimp or Mailgun to rotate the IPs.

It looks like all it takes is one person to mark your email as spam, even by accident. Note that these are mailing lists which they signed up for in MailChimp case OR transactional emails in the Mailgun case.

It's only hotmail/outlook that we constantly have this issue with, Google etc. are all fine.

Arainach ・ 4 hours ago

Agreed. I was an early outlook.com user (was working at MS when it launched, I think internal users got slightly early access allowing me to claim a nicer name than my Gmail) but despite having well over a decade of accounts tied to it got so angry at certain messages never appearing that a couple of years ago I reversed the flow of forwarding and swapped to another account as my primary.
Sounds like it's gotten even worse.
- jonathanlydall ・ 2 hours ago
  
  I always thought of outlook.com as a rebranding of Hotmail (which itself had been continually evolving, was probably actually “Live” at that point), I would expect it is the same (ever evolving) infrastructure.
  In which case, people like me with an @hotmail.com address from the 90’s were much earlier users of the outlook.com email boxes than when the domain was “launched” by Microsoft.
scandox ・ 9 hours ago

Often these "spam" reports by end users are just accidental clicks as well. Many of the abuse reports we get are like an email from someone's Mum and visibly legitimate. At other times there are users who use the Report Spam function as a kind of inbox management tool - a way of moving mail away so they don't have to see it because Trash or Delete or whatever is just further away from their pointer.
- pluralmonad ・ 9 hours ago
  
  I tell my friends and family to never click unsubscribe links, unless they had proactively subscribed. Buying something from a company that requires an email does not count. unsolicited marketing emails are spam and should be treated as such. Double so if that company sends marketing emails disguised behind support@company.com.
  
  iamacyborg ・ 9 hours ago
  ・ 5 more
  
  > Double so if that company sends marketing emails disguised behind support@company.com
  That’s typically not a disguise but a clear means of indicating that you can reply to the email
  
  ycombinatrix ・ 4 hours ago
  
  How is it not a disguise? It means you can't block marketing emails without also blocking the legitimate support emails.
  
  pluralmonad ・ 7 hours ago
  ・ 3 more
  
  No, sending marketing from support emails is almost certainly trying to game spam filters. Marketing@company.com would work for the allow replies purpose.
  
  iamacyborg ・ 6 hours ago
  ・ 2 more
  
  > sending marketing from support emails is almost certainly trying to game spam filters
  That is not how spam filters work.
  
  pluralmonad ・ 3 hours ago
  
  If I've interacted with a specific email address, like support@company.com, my email provider will put them in my inbox.
- jeroenhd ・ 9 hours ago
  
  "Report spam" is quicker and easier than "unsubscribe".
  Gmail added a popup asking the user if they want to unsubscribe when flagging a newsletter with the appropriate unsubscribe headers, so it must be common enough to warrant Gmail developer attention.
  
  sumtechguy ・ an hour ago
  
  Pretty sure hotmail/outlook also has the same sort of popup for spam reports. I think accidental would be kind of hard with that popup.
  
  SoftTalker ・ 2 hours ago
  
  Does gmail still insert ads in the free tier? That would be a reason to keep people reading as many emails as possible.
  
  Ensorceled ・ 9 hours ago
  
  > Gmail added a popup asking the user if they want to unsubscribe when flagging a newsletter with the appropriate unsubscribe headers
  Unfortunately close to 100% of the spam I'm flagging causes this popup now :-/
  I'm getting a dozen spam a day now on my Gmail account ... I think they're losing the battle.
undefined ・ 4 hours ago

[deleted]

elcritch ・ an hour ago

For these large services it seems that small companies should be allowed to sue them.

Otherwise there’s no incentive for the big providers to care.

Similarly for anti-virus. It’s a PITA when Windows or Mac falsely flag a program as a virus when it’s not in their app stores.

dqv ・ 20 minutes ago

Yes, at least in the US, being a litigious freak gets results.
Weird trick to get unblocked: follow the standard three-email procedure to sender support, then send a fourth email ccing buscond@microsoft.com telling them to unblock or next step is attorney general.
The thing about a lot of attorney generals is they LOVE to smack down a big corporation like Microsoft for the little guy.

arend321 ・ 10 hours ago

I'm in the privileged position to advise clients to move away from hotmail/live if they want uninterrupted email delivery.

crimsonnoodle58 ・ 2 hours ago

We experienced this exact error this week. Only affected outlook.com users, and not 365 users. Had to supply MS support with proof of ownership of the IP. The whole process took about a week to resolve.

wccrawford ・ 10 hours ago

It feels like there's quite a lot of spin on this. There's no hint as to how many users were actually affected. It only really seems to mention Estonia, and probably only a region of it.

The ISP there claims they haven't received any reports of SPAM. But that sounds wrong. No reports probably means your reporting system is broken.

So putting that together, it seems like a small ISP screwed up and let spammers go wild, and Outlook blocked them for it. I can't really fault Outlook for that.

chao- ・ 12 minutes ago

One IP address (exclusively ours) among our email IPs at my place of employment was affected. We have used that IP for nine years. Emails are strictly transactional (receipts, password resets, et cetera).
The "rate limiting" started two weeks ago, giving us a code that Microsoft's documentation doesn't even list. It remains unresolved. Never had critical issues like this on our transactional IPs prior to this, and this particular IP address is still delivering just fine to other consumer and corporate email systems.
dqv ・ 29 minutes ago

Your intuition is way off, like dangerously off. But your comment is a great example to show a smug lawyer at Microsoft when they try to say there is no basis for the claim that these blocks against legitimate senders are defamatory.
This has been affecting reputable senders who take spam reporting seriously, including MXRoute and Discourse.
> No reports probably means your reporting system is broken.
"No reports" can mean a lot of things. There is no "probably".
The "you" in "your" is Microsoft because under a certain volume of email, they don't even send reports. I regularly test the abuse contact address for my server because of this exact unfair assumption - that it must be my fault. I have never once gotten an abuse report notification from Microsoft, but I have gotten a bounce message saying that I'm blocked because I apparently send spam! Btw, this was in reply to an email from a Microsoft user.
Worse, I figured I'd just disallow any email from a Microsoft property - if an outlook (or hotmail or live or anyone else) sends an email, I can just bounce it and tell them to use a different service to reach me since I can't reply. Nope! Microsoft won't surface the bounce message to the user.
So, I am barred from replying to Microsoft emails. I am also barred from informing the sender that their email won't reach me.
It's defamation - the sender is always going to assume that it is my fault if I didn't reply even if the reason I "didn't reply" is outside of my control.
> So putting that together, it seems like a small ISP screwed up and let spammers go wild, and Outlook blocked them for it. I can't really fault Outlook for that.
Yes, in your imagined scenario, you can't really fault outlook. In the real world, however, outlook is very much to blame.
thedanbob ・ 10 hours ago

My org (USA) was affected. I wasn't the primary person dealing with it, but from what I gather one user marked one of our emails as junk, and then suddenly all of our emails to Outlook users started getting blocked.
shevy-java ・ 10 hours ago

> There's no hint as to how many users were actually affected.
How many users would you see as the threshold then?
Since you stated that there is a spin to this, how many users would go over your defined threshold level?
jeroenhd ・ 9 hours ago

Someone recently leveraged some kind of automated spam attack against my domain using Zendesk's email servers. For some reason, Zendesk doesn't enforce SPF and DKIM checks when opening new tickets, so I got flooded with "your new account has been registered" and "thank you for filing a ticket" emails.
I blocked off Zendesk entirely because they didn't fix their shitty email system. The other newsletter mail services (mailgun/sendgrid/etc.) are just as bad for this.
There are plenty of reasons why large email senders could (and should) be on reputation blacklists. None of these email delivery companies seem to care very much about the spam they send until shit hits the fan, and now that it did it seems everyone blames the people maintaining the blacklists.
- jamespo ・ 4 hours ago
  
  This was widespread, I was also affected. I think you can create spoof tickets / accounts over Https with no verification and zendesk don't want to do anything which adds friction.
shiftpgdn ・ 3 hours ago

This is an extremely widespread issue. I send close to a million emails per month across dozens of different providers (all newsletters.) These are all from high reputation domains and email accounts. We are completely unable to make anything happen with Microslop. It is infuriating.
cromulent ・ 10 hours ago

The article has hyperlinks in it, e.g. to this:
https://learn.microsoft.com/en-us/answers/questions/5786144/...
which comes from an ESP serving millions of users.

bradleyy ・ 3 hours ago

Having to explain to customers that they didn't receive an email because Outlook has a multi-stage set of email servers and the inside ones reject due to the edge (antispam) servers is always interesting.

CrzyLngPwd ・ 9 hours ago

It's not just Outlook, it's all MS email products as well as Yahoo.

These are emails that our customers have specifically requested and we get support tickets blaming us.

It's been like this for years.

lousken ・ 3 hours ago

I was using outlook for communicating with businesses as it is often what they use. Some of them just could not send a response back to me, so I am not using outlook anymore. Just normal Microslop stuff

gzread ・ 10 hours ago

Everyone who runs an email server knows Microslop doesn't care about receiving its customer's emails. The best thing you can do is migrate away.

kijin ・ 9 hours ago

Keep a few throwaway Hotmail/Outlook addresses in your password manager, in case you need to use a Windows PC that demands a Microslop account. That's about the end of their usefulness.
Just like Internet Explorer used to be the program you used once -- and only once -- to download a proper browser.
miohtama ・ 9 hours ago

No worries. If you migrate your email server to Azure(TM) the delivery is guaranteed.

msxanadu ・ an hour ago

A question related to the outlook.com false spam mail problem... Why are incoming emails to outlook.com so large? 15KB minimum for a text email with just a title. Equivalent Gmail to/from Apple Mail is just a couple of KB.

joshstrange ・ 10 hours ago

Just had a friend reach out yesterday about this issue. His outlook account for 10+ years started having issues receiving emails from his dad and a company he works with.

All I could find was that his dad’s email was missing SPF/DMARC but the other email address that was having problems looked like it was configured correctly.

I only was able to get a screenshot of the email voice his dad received and it mentioned being on a block list (like in the article).

mmsc ・ 10 hours ago

I wonder if Microsoft actually likes running their free email service still. They wiped a ton of old Hotmail and Live.com emails some years ago (and then allowed new people to register those deleted names). I imagine they don't get much out of it anymore.

simonw ・ 10 hours ago

I wonder how many accounts on other services were then hijacked using "forgot my password" attacks.
UPDATE: After a bit of digging it looks like they started the username recycling policy in 2013, may have quietly stopped doing that in 2018 but formalized no longer doing that in 2021: https://web.archive.org/web/20230627104616/https://www.micro...
"Summary of changes to the Microsoft Services Agreement – June 15, 2021 [...] In the Outlook and Office Services sections, we’ve removed the Outlook.com section to clarify that an email address or username is not recycled into our system or assigned to another user."
- deltoidmaximus ・ 8 hours ago
  
  It's wild to me they ever started doing this in the first place. And in 2013 no less, it isn't like the hijacking risk was some far off concept at that point.
mrweasel ・ 9 hours ago

It's certainly not free to run and maybe it doesn't really make sense for Microsoft to run Outlook.com anymore, except that it's an easy way to motivate people to having a Microsoft account.
Outlook.com certainly has to show up as an expense, one that Microsoft would like to reduce. When you look at what other providers charge for a single email account, it's hard to see Microsoft making money of Outlook.com. There's obviously something to be said for scale, but still, it must cost them something.
- vladvasiliu ・ 2 hours ago
  
  > it's an easy way to motivate people to having a Microsoft account.
  Can you actually use a non-outlook account for windows? Or are you talking about a different kind of "ms account"?
- john_strinlai ・ 4 hours ago
  
  >It's certainly not free to run and maybe it doesn't really make sense for Microsoft to run Outlook.com anymore, except that it's an easy way to motivate people to having a Microsoft account.
  it also funnels people into using exchange for work. more like a "marketing expense".
ohyoutravel ・ 10 hours ago

They wiped all the emails from my 25 year old Hotmail account. Pretty weak. I refuse to use Microsoft products except if forced, and do my best to evangelize this position.
- expedition32 ・ 9 hours ago
  
  Most people will never pay for email service. Which leaves you Google, MS or god forbid your own ISP.

Alifatisk ・ 10 hours ago

I created my first Outlook account when I was young. Now, 30 years later and its still my primary account. I can't imagine how I would migrate to another email address if Microslop would begin ruining Outlook by forced subscription or something. My digital life is in M$ hands at the moment.

nicbou ・ 10 hours ago

I would start migrating to an email domain that you control. It will come useful at one point or another.
- josephg ・ 10 hours ago
  
  Yep this. I migrated from Gmail to my own domain years ago. It was painful. Weirdly enough, I think the longest holdouts were my parents, who were still sending email to my Gmail account a decade after I stopped using the address.
  I moved my email to Fastmail, and I’ve been very happy ever since. But now that I own the domain, moving to a different provider - if I ever need to - would be trivial.
  
  ohyoutravel ・ 10 hours ago
  
  I moved to Fastmail, set it up with Gmail so I received forwarded emails. Years later there’s still a long tail of senders using my Gmail, but I get the emails forwarded, and only actually log in to Gmail every six months or so.
butILoveLife ・ 10 hours ago

I learned this lesson the hard way with OneDrive.
Now I only use Windows for legacy software that my customers force on me.
Fedora has not just been liberating, but jaw dropping. I actually felt offended that I had wasted so much time on debian-family/ubuntu/mint and windows.
- BLKNSLVR ・ 9 hours ago
  
  OneDrive was born enshittified.
  The concept, way back when, was great. I tried to use it, by a previous name, for replicating / distributing data backups and it always worked great... for a few days, maybe weeks. And then something unrecoverable went wrong, and I had to re-set it up essentially from scratch and it worked great... for a few days, maybe weeks. And then something unrecoverable went wrong.
  In the intervening 15+ years, OneDrive has never made my experience of computing better. It has only ever nagged, slowed, and failed. And that was before Microslop went down the x% AI coding path.
  
  pluralmonad ・ 9 hours ago
  
  I personally like when you open any office doc, do nothing to it before closing and you get the scary warning asking if you want to save your document (to onedrive) implying all is lost if you select no. I am sure millions of tech unsavvy people have been conned into sending their data to Bill Gates.
eviks ・ 10 hours ago

You could start the process now, before the ruin?

undefined ・ 4 hours ago

[deleted]

gus_massa ・ 9 hours ago

A few years ago, in my university we have a big problem at the beginning of the semester to contact ~10K students, in particular when they register to our Moodle platform and the server sends them a message.

Gmail was usually ok.

Yahoo had some max messages per day.

But Hotmail/Live/Outlook/whatever just made the messages disappear, no spam folder, no bounce, just disappear. We had some success telling the students to send us a message from their Hotmail/Live/Outlook/whatever address half an hour before registration. This adds our address to some special secret list for that account, and our later messages (usually) reach them. (It may fail. It may fail. IWOMM. YMMV.)

iamcalledrob ・ 4 hours ago

I was unable to reach a business this week who host their email on Office 365. Any email I sent would bounce with:

  550 5.7.520 Message blocked because it contains content identified as spam. AS(4810)'

For context, I was replying to an existing and very mundane email thread.

Something is rotten in the state of Outlook

spogbiper ・ 3 hours ago

outlook.com and Office 365 are very different beasts. with the latter problems are more often something (mis)configured by the customer/administrator of the 365 account rather than microsoft themselves, and there are steps the customer can take to work around the issue. With outlook.com there is nothing the recipient can do.

ycombinatornews ・ 3 hours ago

Very happy I decided to ditch outlook (and did it) this year after 10+ years. Every other year some part of the system would break, deliverability, authentication or 2FA. More ads, less value.

Eh. Another product driven into ground by Microslop

TonyTrapp ・ 10 hours ago

I've had this exact problem for years. My IP addresses have been used for 15+ years for sending e-mail, they are spam-free, but Microsoft keeps blocking them. Every two months or so I have to ask them to unblock the IP again, then I can send mails to Outlook again, until they just random decide to block me again. It's an absolute clown show.

lucasfin000 ・ 3 hours ago

This is the price every small sender pays. The unblock request process is essentially designed to make you give up or move to a large ESP. There's no appeals process, no SLA, no acknowledgment that your reputation data might just be wrong. You're at the mercy of a system that treats false positives as acceptable damage.

mono442 ・ 10 hours ago

It's has been like this for a long time. For me hotmail is unusable because some emails just never arrive due to their spam filtering.

dismalpedigree ・ 10 hours ago

I’m guessing they connected CoPilot to the inbound filter and it is doing stupid and unexpected things.

rbc ・ 4 hours ago

This is one of those articles that demonstrates why email should be distributed. Letting Google and Microsoft run email for the planet is just asking for problems. There are some technical demands to running email services, but they are still in reach of the technically inclined individual or organization. If for no other reason, it would help keep the big mail service providers honest.

Markoff ・ 9 hours ago

As long term Outlook.com user all I can say it's their service is extremely unreliable, my emails are either not delivered at all or end up in junk mail, some emails I don't receive at all or my partners are rate limited sometimes receiving their emails with hours long delays.

I assume also their junk filters block some emails and there is no way to avoid it, you repeatedly add senders to safe senders list, even to safe subscriptions and their email still end up marked as junk even after years long communication from same addresses.

As backup when something important I write email to recipient from gmail whether they received my email from outlook only to find out my email was never received.

boesboes ・ 9 hours ago

I've stopped diagnosing outlook/hotmail/live delivery issues about 12 years go, they simply do not give a single fuck about their customers. It used to be different, about 18 years ago orso, they had ways to contact them and resolve such issue.

fuck big tech :)

whalesalad ・ 3 hours ago

Days since last Microsoft fuckup: 0 (hard-coded)

tredre3 ・ 28 minutes ago

BTW your domain is missing SPF and DMARC records.

cute_boi ・ 4 hours ago

microslop should start focusing on real world problem than overhyped ai bubble.

throwaway613746 ・ 2 hours ago

[dead]

BLKNSLVR ・ 10 hours ago

[flagged]

shevy-java ・ 10 hours ago

[flagged]

mrweasel ・ 10 hours ago

To be fair, Outlook.com has always been a bit shitty, if you're trying to deliver email to them. Last time it was reasonably good the service was still called Hotmail.
The problem is that we've allowed email to be centralized around a few massive providers, who do not care about customer service. If you're large enough, you probably have a contact at Microsoft for Outlook. Everyone else has to yell into the void and sometimes that works.
- vladvasiliu ・ 2 hours ago
  
  > If you're large enough, you probably have a contact at Microsoft for Outlook.
  For certain very large values of "large". I work for a company which has several thousand Office365 accounts with MS, many of which are the expensive one. It's nigh impossible to get support from them, you're always supposed to go through some partner, who has no idea what they're talking about. And when you do get someone through MS, it's actually still some kind of useless 3rd party who'll ask you to turn your VM off and on again when you complain that it won't turn off (this is actually a true story we had happen on azure).
  In the end, after about an hour on the phone, the dude gave up and called for help higher up. It took something like a week to have a freaking VM unstuck and destroyed on Azure.
  Contrast this with AWS, where we were spending much less at the time, only had the basic free support, and I was with someone on the phone in under five minutes who helped us have our direct connect issue solved in 15 minutes.
JasonADrury ・ 10 hours ago

Why do you feel the need to pollute HN with terrible slashdot jokes?