Mailing List ecs-isp@2rosenthals.com Archived Message #1181 previous message next message back to list

From: "Lewis G Rosenthal" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: Re: [eCS-ISP] Trouble getting mail delivered to Office365 (outlook.com), ProofPoint, and Barracuda protected domains
Date: Thu, 24 Apr 2025 14:28:57 -0400
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Hi, Peter...

On 04/23/25 09:46 pm, Peter Moylan wrote:
On 24/04/25 10:18, Peter Moylan wrote:

The big problem, I suspect, is that some big mail services might be
adopting a "silently reject" policy, simply discarding mail they
don't like instead of returning a failure reply. My choir uses a
Yahoo mail account (against my advice), and a problem we had was
that messages to all members went only to some members, and we were
never notified about the failures. I'm no longer on the choir
organising committee, so I don't know whether they are still doing
it.

You might be asking "why were there delivery failures?". In that case it
was because Yahoo mail was (and possibly still is) a major source of
spam, so it was often blacklisted. Because of this, Yahoo adopted a
policy of not telling senders when their mail wasn't deiivered.

The 2rosenthals server is not blacklisted, but it could be on someone's
private blacklist.


It's even more sinister than that.

Apparently, some of the latest deep scanning techniques probe the website(s) associated with the sender domain. In my case, the 2rosenthals.com site was compromised (again; good ol' WordPress). The hack was trivial (a malicious plugin with a payload blocked outbound by the firewall, so essentially harmless), though it did also include a wonky referrer in the index page, which was (thanks to the miracle of WordPress dynamic page caching) cached. Yech.

I was able to set the site back to normal in short order, and I can confirm that emails from other hosted domains here (e.g., arcanoae.com) do get through the affected filters (e.g., <client-domain>.mail.protection.outlook.com).

I think it should just be a mater of time, now, until we get re-probed and drop off of the internal blocklists. I keep sending test emails.

What an ordeal.

And to your point, it is indeed frustrating when not only is the email blackholed (and I can almost agree with that for syntactic issues and/or lack of proper RDNS pointer or sending from a dynamic IP), but when Microsoft support actually responds to my ticket telling me "Nothing was detected to prevent your mail from reaching Outlook.com customers." Not very helpful, that.

So far, I've tested from arcanoae.com going to addresses behind ProofPoint and Office365 for Business domains, and all is working as it should. Still waiting for 2rosenthals.com to get let off the naughty list.

12 hours of my life I'll never get back.

Thanks for the thoughts, all.

--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC                www.2rosenthals.com
visit my IT blog                www.2rosenthals.net/wordpress
-------------------------------------------------------------
Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster