I am getting rejections from Hotmail
Jan 18 14:42:22 mail postfix/smtp[6571]: 046713F914: to=< helen_maryd@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.58.161]:25, delay=0.14, delays=0.06/0.03/0.04/0.01, dsn=5.7.1, status=bounced (host hotmail-com.olc.protection.outlook.com[104.47.58.161] said: 550 5.7.1 Unfortunately, messages from [167.99.151.239] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [ BN8NAM11FT014.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command))
I have submitted a ticket to https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-81...
Not sure why they are blocking me. Not on any other blacklists per mxtoolbox...
Anyone else experienced this? How to resolve?
My mail server is on Digital Ocean if that makes any difference.
Thanks for any help
-- Tom for the Gather Team https://info.gather.coop
On 1/22/21 4:11 PM, Tom @ Gather wrote:
I am getting rejections from Hotmail
Jan 18 14:42:22 mail postfix/smtp[6571]: 046713F914: to=< helen_maryd@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.58.161]:25, delay=0.14, delays=0.06/0.03/0.04/0.01, dsn=5.7.1, status=bounced (host hotmail-com.olc.protection.outlook.com[104.47.58.161] said: 550 5.7.1 Unfortunately, messages from [167.99.151.239] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [ BN8NAM11FT014.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command))
I have submitted a ticket to https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-81...
Not sure why they are blocking me. Not on any other blacklists per mxtoolbox...
Anyone else experienced this? How to resolve?
Yes, I've had this block at times. All the affected servers subscribe to SNDS and JMRP and never receive any bad reports. The process is to submit the form as you have done. This may result in mitigation without further action on your part, but if they reply to the ticket with
Not qualified for mitigation (IP address) Our investigation has determined that the above IP(s) do not qualify for mitigation.
The next step is to reply to that with an explanation of what you do.
Here's a copy of such a reply:
Beginning around 14:43 -0500 on Dec 31, mail from mail.python.org (IP 188.166.95.178) to various hotmail.com, outlook.com. live.com, etc. addresses is being blocked.
A typical response to such mail is
Jan 4 19:11:49 mail postfix/smtp[14283]: 4D8tGD3YZSzpFbf: to=<marksapiro@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.17.161]:25, delay=0.69, delays=0.55/0.01/0.11/0.03, dsn=5.7.1, status=bounced (host hotmail-com.olc.protection.outlook.com[104.47.17.161] said: 550 5.7.1 Unfortunately, messages from [188.166.95.178] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [VI1EUR05FT004.eop-eur05.prod.protection.outlook.com] (in reply to MAIL FROM command))
This mail is virtually all messages to confirmed opt-in subscribers of various python.org email lists. We do not send spam and we have various filters in place to block spam from reaching these lists.
We publish SPF and DMARC records for our domain and DKIM sign our outgoing mail.
We subscribe to your Junk Email Reporting Program (JMRP) and Smart Network Data Services (SNDS) and see no reports or unusual complaint rates.
Our IP 188.166.95.178 is not found on any blacklists checked at <https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a188.166.95.178&run=toolpage>
Please stop blocking our mail.
This usually works. If not, you just have to persist.
My mail server is on Digital Ocean if that makes any difference.
It may. All of my recent blocks have been DigitalOcean servers including mail.python.org, but I think I've had this in the past from non- DigitalOcean servers.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mark Sapiro writes:
On 1/22/21 4:11 PM, Tom @ Gather wrote:
My mail server is on Digital Ocean if that makes any difference.
It may. All of my recent blocks have been DigitalOcean servers including mail.python.org, but I think I've had this in the past from non- DigitalOcean servers.
My (very limited) experience with DigitalOcean is that they harbor bad actors. That's probably only because they're a very large provider, but YMMV (more important, Microsoft's mileage apparently does). Details follow for the curious.
I need to find out who was knocking over my webserver every so often, so I did some cave-diving in the logs. In the process, I discovered that about 95% of vulnerability probes (attempts access to scripts not installed on my server averaging 5X/day) were coming from DigitalOcean netblocks, almost all of those from something called stretchoid.com. I've blocked the whole /18 where stretchoid lives:
DROP tcp -- 192.241.192.0/18 0.0.0.0/0
Security analysts on the web have different opinions of stretchoid; some classify them as "malicious activity", others seem to think they're some sort of researcher. I think they're a PITA, and there are zero legit connections from that netblock in my logs, so "bye-bye". Now I see unexpected access attempts about 1/5 days. :-)
Oh, and who *was* knocking over my server? It turned out that once a month my employer tried about 9000 different hacks in rapid sequence and it took a couple hours for the backlog to clear, so my students couldn't access their wiki accounts or my schedule page during that period. Blocked connections from the vulnerability probing host, and there have been no black helicopters over my office, so I guess that's that. :-)
Steve
Yes, I went through the same thing. I'm hosting at Linode, and they were very helpful. Generally Microsoft (hotmail, outlook, etc.) won't budge from their block unless the request comes from the owner of the IP address (Digital Ocean). Linode support did a great job for me.
Scroll through the page referenced in the error message (https://postmaster.live.com/pm/troubleshooting.aspx#errors) and find the link to the Junk Email Reporting Program and sign up with them.
Go through all the hoops.
It took me about a week. Eventually they'll take a look at the email coming from your IP address and make a decision.
It's such a pain to move an email server to a new IP address -- I lived with a machine with software that was so hopelessly out of date I couldn't update any packages, knowing I'd have to go through this when I rebuilt it on a new IP address.
Good luck! Best regards, Mojo
On 1/22/2021 4:11 PM, Tom @ Gather wrote:
I am getting rejections from Hotmail
Jan 18 14:42:22 mail postfix/smtp[6571]: 046713F914: to=< helen_maryd@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.58.161]:25, delay=0.14, delays=0.06/0.03/0.04/0.01, dsn=5.7.1, status=bounced (host hotmail-com.olc.protection.outlook.com[104.47.58.161] said: 550 5.7.1 Unfortunately, messages from [167.99.151.239] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [ BN8NAM11FT014.eop-nam11.prod.protection.outlook.com] (in reply to MAIL FROM command))
I have submitted a ticket to https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-81...
Not sure why they are blocking me. Not on any other blacklists per mxtoolbox...
Anyone else experienced this? How to resolve?
My mail server is on Digital Ocean if that makes any difference.
Thanks for any help
-- Morris Jones, Monrovia, CA BridgeMojo <http://bridgemojo.com> Old Town Sidewalk Astronomers <http://otastro.org> Mojo's Blog <http://mojo.whiteoaks.com>
On Jan 22, 2021, at 5:06 PM, Morris Jones <mojo@whiteoaks.com> wrote:
Yes, I went through the same thing. I'm hosting at Linode, and they were very helpful. Generally Microsoft (hotmail, outlook, etc.) won't budge from their block unless the request comes from the owner of the IP address (Digital Ocean). Linode support did a great job for me.
I just went through this 2 days ago. A local user on my server had their password cracked and spammers were relaying mail through their account.
Microsoft was actually super helpful about mitigation once I’d described how I fixed the problem and the steps I took, even though it’s a Digital Ocean IP.
Give it a try.
- Mark
mark@pdc-racing.net | 408-348-2878
participants (5)
-
Mark Dadgar
-
Mark Sapiro
-
Morris Jones
-
Stephen J. Turnbull
-
Tom @ Gather