Hi, Max...

On 04/24/25 03:17 am, Massimo S. wrote:

Il 23/04/2025 21:03, Lewis G Rosenthal ha scritto:

Hi, Max...

On 04/23/25 01:28 pm, Massimo S. wrote:

Il 22/04/2025 22:50, Lewis G Rosenthal ha scritto:

Hi, all...

For the past few days, I've been dealing with an issue of mail from 2rosenthals.com apparenly getting blackholed by certain providers. We do not receive any kind of DSN. From all accounts, the email is going out for delivery and that's that. However, on the other end, recipients aren't seeing the messages, nor are they getting any kind of spam notification or other warning that a message could not be delivered.

Affected domains seem to be hosted with a handful of providers, Office365 among them, which uses outlook.com. Naturally, I've checked both the outlook.com and live.com internal lists, and both show that neither of our IPs is listed.

Other MXs which seem to be behaving similarly are:

gpphosted.com (ProofPoint)
barracudanetworks.com

Multiple multiple-RBL checks come up clean for both IPs and our domain. SPF, DKIM, and DMARC configurations all look fine (read: pass specific checks by various third parties, including mxtoolbox.com).

Mail flows without incident to gmail.com and yahoo.com.

Is anyone else seeing anything like this?

TIA

Hi Lewis,

yes, since i use Weasel as MTA and some european domain is start to refusing SMTP plain,
they only accept STARTTLS.

Anyway Peter plans to add TLS in the next months.

Here i had to use external SMPTs as intermediary SMTP to keep on receiving emails
from this domain.

STARTTLS has been enabled at the firewall for years, requiring a minimum of TLS v1. I just bumped that up to 1.2, in case that was some cause for concern (though I don't see why; negotiation always takes place at the highest level agreed upon by both parties).

I've also disabled outbound AV and spam scanning (I already added affected domains to the list to skip adding the "Scanned by..." footer), just to exclude any additional headers which may be misconstrued.

So far, no positive results sending to domains hosted behind outlook.com (and I have not re-tested the others, as yet, except to confirm that we are getting through Barracuda's scanners).

that's strange

here my emails sent to my outlook account or to other ppl/firms emails using 365
arrive directly into the inbox folder

i had an issue in the past that they were being put in the spam folder
since i had a problem the reverse zone on bind

anyway there is an MS website to test this kind of issues that may help you

https://testconnectivity.microsoft.com/tests/O365InboundSmtp/input

That's an interesting link, however, I think what it wants to test is an email address from a domain hosted behind Microsoft's servers. My 2rosenthals.com address failed with the following explanation about my MX:

    MX Records don't exist or aren't correctly configured for your domain in
    Microsoft 365. The MX value 'secmgr-va.2rosenthals.com' doesn't match
    one of the allowed values: mail.eo.outlook.com,
    mail.protection.outlook.com, mail.messaging.microsoft.com,
    invalid.outlook.com, mx.microsoft


Clearly, my MX will never be any of those "allowed values." I don't see another tool there which would let me test an outside sender's address against a recipient on Office365 for Business (i.e., one of their hosted domains).

I'll add the link to my bookmarks, though. Thanks for that.