We're having some problems with 44net email to and from hotmail.com. Mail from that domain is getting delayed, sometimes for hours, and mail going to addresses in that domain is received by the server but not delivered to the users mailbox.
I think I've fixed the delay problem by adding more IP addresses to the greylister 'whitelist', but I don't know of anything I can do about the delivery problem. - Brian
Greylisting works by refusing incoming mail with a code 421 the first time it's offered by the sending IP address, forcing the sender to retry the delivery at least a minute later. (421 means "temporary failure, too busy, try again later"). This works against a lot of spam because generally, most spammers are "hit and run"; they don't retry.
Hotmail was doing the right thing there, retrying a few minutes later, but the retry was coming from a different IP address each time, so it never managed to establish that it was a retry and get past the greylister.
A more sophisticated greylister might have noticed that the hostname retrying was coming from the same domain (*.protection.outlook.com), but the greylister we have only works with IP addresses, not domains.
I solved the inbound problem, at least in the short term, by getting a list of all the IP addresses used by hotmail and its cousins, and adding those addresses to the greylister's "whitelist", thus allowing the mail in on the first try. This list is available from Microsoft as a 'technet' article:
https://technet.microsoft.com/en-us/library/dn163583(v=exchg.150).aspx
This will work until they add more addresses, but they claim that changes to the list are rare. There are thousands of addresses in the list so maybe they have enough and it'll remain static for a while.
(We didn't used to have this problem because the mailing list host was 'hamradio.ucsd.edu' and was behind UCSD's spam filters, which use a different mechanism. But 'hamradio' is being shut down so the list had to move to a different provider.
So the inbound problem is solved for now. Outbound mail disappearing inside hotmail remains a problem. Some hotmail people seem to be getting the mailing list mail, others not. I've asked one (Ronen) who has not been getting the mailing list mail to check his spam settings carefully, and make sure that the mail isn't being routed to his 'junk' mailbox. But there may be nothing we can do about it except to have him change email services. I'm not sure gmail will be better, but so far it's been less of a bother. - Brian
We're having some problems with 44net email to and from hotmail.com. Mail from that domain is getting delayed, sometimes for hours, and mail going to addresses in that domain is received by the server but not delivered to the users mailbox.
I think I've fixed the delay problem by adding more IP addresses to the greylister 'whitelist', but I don't know of anything I can do about the delivery problem.
For what it's worth, I run my own mailserver and have the same issues delivering to hotmail. Logs show that the message is accepted by hotmail's servers, but the message never arrives at the end user's inbox, junk or any other folders. There is also no bounceback to indicate that the message failed to deliver.
I have opened multiple tickets with hotmail support but always get the same answer "there are no blocks against your IP address that should cause delivery issues." DMARC/DKIM, SPF and PTR records are all correct and I have never had any delivery problems with other bulk mail providers like Gmail or Yahoo . Eventually, I was forced to move my primary domain to O365 to ensure messages were actually received.
If you guys ever manage to get through to hotmail, let me know! I'd be very interested in the solution :)
Cheers, Chris VE7ALB
On 10/3/2017 2:26 AM, Brian Kantor wrote:
Greylisting works by refusing incoming mail with a code 421 the first time it's offered by the sending IP address, forcing the sender to retry the delivery at least a minute later. (421 means "temporary failure, too busy, try again later"). This works against a lot of spam because generally, most spammers are "hit and run"; they don't retry.
Hotmail was doing the right thing there, retrying a few minutes later, but the retry was coming from a different IP address each time, so it never managed to establish that it was a retry and get past the greylister.
A more sophisticated greylister might have noticed that the hostname retrying was coming from the same domain (*.protection.outlook.com), but the greylister we have only works with IP addresses, not domains.
I solved the inbound problem, at least in the short term, by getting a list of all the IP addresses used by hotmail and its cousins, and adding those addresses to the greylister's "whitelist", thus allowing the mail in on the first try. This list is available from Microsoft as a 'technet' article:
https://technet.microsoft.com/en-us/library/dn163583(v=exchg.150).aspx
This will work until they add more addresses, but they claim that changes to the list are rare. There are thousands of addresses in the list so maybe they have enough and it'll remain static for a while.
(We didn't used to have this problem because the mailing list host was 'hamradio.ucsd.edu' and was behind UCSD's spam filters, which use a different mechanism. But 'hamradio' is being shut down so the list had to move to a different provider.
So the inbound problem is solved for now. Outbound mail disappearing inside hotmail remains a problem. Some hotmail people seem to be getting the mailing list mail, others not. I've asked one (Ronen) who has not been getting the mailing list mail to check his spam settings carefully, and make sure that the mail isn't being routed to his 'junk' mailbox. But there may be nothing we can do about it except to have him change email services. I'm not sure gmail will be better, but so far it's been less of a bother.
- Brian
We're having some problems with 44net email to and from hotmail.com. Mail from that domain is getting delayed, sometimes for hours, and mail going to addresses in that domain is received by the server but not delivered to the users mailbox.
I think I've fixed the delay problem by adding more IP addresses to the greylister 'whitelist', but I don't know of anything I can do about the delivery problem.
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
I host my own email as well the thing about hosting your own email is that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
This is only an example from my server but you will have to adjust accordingly to each email server etc..
txt Record v=spf1 a mx ip4:167.114.6.213 -all txt Record v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@lorentedford.com
I hope this helps..
On 2017-10-03 09:15, Christopher S. Munz-Michielin wrote:
For what it's worth, I run my own mailserver and have the same issues delivering to hotmail. Logs show that the message is accepted by hotmail's servers, but the message never arrives at the end user's inbox, junk or any other folders. There is also no bounceback to indicate that the message failed to deliver.
I have opened multiple tickets with hotmail support but always get the same answer "there are no blocks against your IP address that should cause delivery issues." DMARC/DKIM, SPF and PTR records are all correct and I have never had any delivery problems with other bulk mail providers like Gmail or Yahoo . Eventually, I was forced to move my primary domain to O365 to ensure messages were actually received.
If you guys ever manage to get through to hotmail, let me know! I'd be very interested in the solution :)
Cheers, Chris VE7ALB
On 10/3/2017 2:26 AM, Brian Kantor wrote:
Greylisting works by refusing incoming mail with a code 421 the first time it's offered by the sending IP address, forcing the sender to retry the delivery at least a minute later. (421 means "temporary failure, too busy, try again later"). This works against a lot of spam because generally, most spammers are "hit and run"; they don't retry.
Hotmail was doing the right thing there, retrying a few minutes later, but the retry was coming from a different IP address each time, so it never managed to establish that it was a retry and get past the greylister.
A more sophisticated greylister might have noticed that the hostname retrying was coming from the same domain (*.protection.outlook.com), but the greylister we have only works with IP addresses, not domains.
I solved the inbound problem, at least in the short term, by getting a list of all the IP addresses used by hotmail and its cousins, and adding those addresses to the greylister's "whitelist", thus allowing the mail in on the first try. This list is available from Microsoft as a 'technet' article:
https://technet.microsoft.com/en-us/library/dn163583(v=exchg.150).aspx
This will work until they add more addresses, but they claim that changes to the list are rare. There are thousands of addresses in the list so maybe they have enough and it'll remain static for a while.
(We didn't used to have this problem because the mailing list host was 'hamradio.ucsd.edu' and was behind UCSD's spam filters, which use a different mechanism. But 'hamradio' is being shut down so the list had to move to a different provider.
So the inbound problem is solved for now. Outbound mail disappearing inside hotmail remains a problem. Some hotmail people seem to be getting the mailing list mail, others not. I've asked one (Ronen) who has not been getting the mailing list mail to check his spam settings carefully, and make sure that the mail isn't being routed to his 'junk' mailbox. But there may be nothing we can do about it except to have him change email services. I'm not sure gmail will be better, but so far it's been less of a bother.
- Brian
We're having some problems with 44net email to and from hotmail.com. Mail from that domain is getting delayed, sometimes for hours, and mail going to addresses in that domain is received by the server but not delivered to the users mailbox.
I think I've fixed the delay problem by adding more IP addresses to the greylister 'whitelist', but I don't know of anything I can do about the delivery problem.
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Loren, you may be interested to know that your email triggered a spam rejection at oricom.ca for 'spam URL in message'. You might want to review the number of URLs in your signature. - Brian
On Tue, Oct 03, 2017 at 09:29:34AM -0500, Loren Tedford wrote:
I host my own email as well the thing about hosting your own email is that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
I have the same experience and went through the same process for my domains a couple of years ago with them.
Bob VE3TOK
On 2017-10-03 10:29 AM, Loren Tedford wrote:
I host my own email as well the thing about hosting your own email is that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
This is only an example from my server but you will have to adjust accordingly to each email server etc..
txt Record v=spf1 a mx ip4:167.114.6.213 -all txt Record v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@lorentedford.com
On the note of spammy URLs to consider for amateur radio operators is that domain names that contain our callsigns also look spammy to non-hams and there are certainly times that they would have triggered rules that I’ve had in place.
Cheers, Mike KF5JXV
On Tue, Oct 3, 2017 at 3:08 PM Boudewijn (Bob) Tenty bobtenty@gmail.com wrote:
I have the same experience and went through the same process for my domains a couple of years ago with them.
Bob VE3TOK
On 2017-10-03 10:29 AM, Loren Tedford wrote:
I host my own email as well the thing about hosting your own email is
that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
This is only an example from my server but you will have to adjust
accordingly to each email server etc..
txt Record v=spf1 a mx ip4:167.114.6.213 -all txt Record v=DMARC1;p=reject;pct=100;rua=mailto:
postmaster@lorentedford.com
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Quick question as to what methods you guys are using to "send in exceptions" Is there a way of contacting hotmail support that doesn't involve an endless loop of "we see no problems" with their tier 1 techs?
FYI I do already have SPF, PTR and DMARC records published in DNS which has ensured reliable delivery to gmail addresses, but hotmail seems to have their own internal scoring system, and without being a large provider sending large amounts of non-spam mail you get treated to a very poor reputation.
On 10/3/2017 2:06 PM, Boudewijn (Bob) Tenty wrote:
I have the same experience and went through the same process for my domains a couple of years ago with them.
Bob VE3TOK
On 2017-10-03 10:29 AM, Loren Tedford wrote:
I host my own email as well the thing about hosting your own email is that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
This is only an example from my server but you will have to adjust accordingly to each email server etc..
txt Record v=spf1 a mx ip4:167.114.6.213 -all txt Record v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@lorentedford.com
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
According to my notes i logged in and sent the reports through this link.. http://postmaster.live.com/snds/ now i did this almost 3 years ago with out any issues to my knowledge at this time..
I hope this helps ~ Loren
On 2017-10-03 18:30, Christopher S. Munz-Michielin wrote:
Quick question as to what methods you guys are using to "send in exceptions" Is there a way of contacting hotmail support that doesn't involve an endless loop of "we see no problems" with their tier 1 techs?
FYI I do already have SPF, PTR and DMARC records published in DNS which has ensured reliable delivery to gmail addresses, but hotmail seems to have their own internal scoring system, and without being a large provider sending large amounts of non-spam mail you get treated to a very poor reputation.
On 10/3/2017 2:06 PM, Boudewijn (Bob) Tenty wrote:
I have the same experience and went through the same process for my domains a couple of years ago with them.
Bob VE3TOK
On 2017-10-03 10:29 AM, Loren Tedford wrote:
I host my own email as well the thing about hosting your own email is that you need to make sure that you send in exceptions to the big 3 providers Yahoo hotmail and AOL after you have validated that your ip is static and that your domain name matches to the ip look up you need to make sure you had spf stuff to your dns.. Typically speaking it should look like this..
This is only an example from my server but you will have to adjust accordingly to each email server etc..
txt Record v=spf1 a mx ip4:167.114.6.213 -all txt Record v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@lorentedford.com
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
On 3/10/2017 7:48 AM, Brian Kantor wrote:
I think I've fixed the delay problem by adding more IP addresses to the greylister 'whitelist', but I don't know of anything I can do about the delivery problem.
Hotmail is notorious for silently deleting mail. Had a similar problem many years ago when working with a database developer who was working on the company's electronic booking system. The system sent out confirmation emails when people booked onto a course. However, we were getting complaints about confirmations not being received. On further investigation, we discovered that ALL of the affected people had Hotmail addresses. Further testing showed that Hotmail was silently deleting the automated emails, but manually sent email (i.e. from a regular client) worked fine. Never worked out what Hotmail didn't like, but it was highly annoying that it arbitrarily deleted email. Hotmail didn't even place them in the spam folder, they were simply deleted.
Only surefire solution is for those affected to ditch their Hotmail accounts. Anything else will work fine.
-
Boudewijn (Bob) Tenty -
Brian Kantor -
Christopher S. Munz-Michielin -
Loren Tedford -
Mike Nabhan -
Tony Langdon