Problems with microsoft mail addresses

[William Unruh]

Microsoft has decided that My machine is for some reason dangerous, and
refuses to accept mail for any microsoft type address (eg msn.com,
hotmail.com,...). I certainly have not engaged in spamming anyone, or
any of the other "bad things" and neither has my machine. They of course
refuse to tell me why they are blackballing me.

Since we have friends who use microsoft mail addresses, this makes it
almost impossible to get mail to them, and we cannot ask them all to
change to some more reasonable mail address.

Is there some way of rewriting the headers so that the mail appears to
come from another machine, eg, the one pointed to by our return address,
instead of the machine the mail is actuall coming from.
Eg, the return address is phy.univer.ca, but my machine is
theory.phy.univer.ca, and thus the source (Received: header) is the
latter. Is there someway I can get postfix to rewrite the header so that so it appears
to come from phy.univer.ca?

[KIKI]

Is it your real domain - univer.ca ?
How does your mail look like? us...@univer.ca ?

[Ellenor Agnes Bjornsdottir]

Really, you're going to have to provision your friends with their own
email accounts on your server. This is not a difficult task and they
don't even require a shell in some setups.

[William Unruh]

I presume this was a joke, or that you have very very few friends or
collegues.

[Ellenor Agnes Bjornsdottir]

Nope. 100% serious.

[J.O. Aho]

On 14/06/2022 21.44, William Unruh wrote:
> Microsoft has decided that My machine is for some reason dangerous, and
> refuses to accept mail for any microsoft type address (eg msn.com,
> hotmail.com,...). I certainly have not engaged in spamming anyone, or
> any of the other "bad things" and neither has my machine. They of course
> refuse to tell me why they are blackballing me.

Microsoft don't look at individual IP's, they look at IP-span from the
same network provider, so if one or more IP-numbers have sent too much
spam in a time frame, then the whole span will be blocked.

The owner of the IP address (usually your hosting company) has to
request that your IP will be cleared. Can nowadays be done from:
https://sendersupport.olc.protection.outlook.com/snds/

For looking at the status of your IP and the IP-span you belong to, check:
http://www.uceprotect.net/en/rblcheck.php
If UCE Protect flags your span to send out a lot of spam, then you will
be more than likely blocked at microsoft's mail service.

> Since we have friends who use microsoft mail addresses, this makes it
> almost impossible to get mail to them, and we cannot ask them all to
> change to some more reasonable mail address.

You could use a smarter host to send to microsoft, you should talk a bit
with your hosting company, so that you can use their mail server as a
smarter host.

Not sure how to configure this in postfix.

> Is there some way of rewriting the headers so that the mail appears to
> come from another machine, eg, the one pointed to by our return address,
> instead of the machine the mail is actuall coming from.

Yeah, but will not help you due of spf record for domains, will just
make you look more like a spammer.

--
//Aho

[William Unruh]

On 2023-01-02, J.O. Aho <us...@example.net> wrote:
> On 14/06/2022 21.44, William Unruh wrote:
>> Microsoft has decided that My machine is for some reason dangerous, and
>> refuses to accept mail for any microsoft type address (eg msn.com,
>> hotmail.com,...). I certainly have not engaged in spamming anyone, or
>> any of the other "bad things" and neither has my machine. They of course
>> refuse to tell me why they are blackballing me.
>
> Microsoft don't look at individual IP's, they look at IP-span from the
> same network provider, so if one or more IP-numbers have sent too much
> spam in a time frame, then the whole span will be blocked.
>
> The owner of the IP address (usually your hosting company) has to
> request that your IP will be cleared. Can nowadays be done from:
> https://sendersupport.olc.protection.outlook.com/snds/

My IP is "NOT LISTED" and Listing risk "LOW"
So, that ain't it.

>
> For looking at the status of your IP and the IP-span you belong to, check:
> http://www.uceprotect.net/en/rblcheck.php
> If UCE Protect flags your span to send out a lot of spam, then you will
> be more than likely blocked at microsoft's mail service.
>
>
>
>> Since we have friends who use microsoft mail addresses, this makes it
>> almost impossible to get mail to them, and we cannot ask them all to
>> change to some more reasonable mail address.
>
> You could use a smarter host to send to microsoft, you should talk a bit
> with your hosting company, so that you can use their mail server as a
> smarter host.

What is a "smarter host"?
As far as I know, my IP is the only one that has trouble.

[J.O. Aho]

On 03/01/2023 06.49, William Unruh wrote:
> On 2023-01-02, J.O. Aho <us...@example.net> wrote:
>> On 14/06/2022 21.44, William Unruh wrote:
>>> Microsoft has decided that My machine is for some reason dangerous, and
>>> refuses to accept mail for any microsoft type address (eg msn.com,
>>> hotmail.com,...). I certainly have not engaged in spamming anyone, or
>>> any of the other "bad things" and neither has my machine. They of course
>>> refuse to tell me why they are blackballing me.
>>
>> Microsoft don't look at individual IP's, they look at IP-span from the
>> same network provider, so if one or more IP-numbers have sent too much
>> spam in a time frame, then the whole span will be blocked.
>>
>> The owner of the IP address (usually your hosting company) has to
>> request that your IP will be cleared. Can nowadays be done from:
>> https://sendersupport.olc.protection.outlook.com/snds/
>
> My IP is "NOT LISTED" and Listing risk "LOW"
> So, that ain't it.

Now it can be a while ago and no one has whitelisted the IP-span for
Microsoft will not whitelist anyone automatically.

I suggest you take a look at "DETAILS ABOUT ALL ABUSER IP's LISTED IN
LEVEL 1 AND THEIR IMPACTS CAN BE FOUND HERE!" at UCE Protect, which you
find further down on the result page. Sure UCE and Microsoft ain't the
same, but usually you can use UCE to figure out which hosts are fucking
things for you.

>> You could use a smarter host to send to microsoft, you should talk a bit
>> with your hosting company, so that you can use their mail server as a
>> smarter host.
>
> What is a "smarter host"?

You can configure a smart host for your mailserver, so that all mail is
sent over a mail relay, in sendmail this can only be done for all mail,
not sure if postfix has the option to do this on domain base level, but
to relay all mail you would configure something like:

smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [relay-smtp.example.com]:587

the sasl_passwd should look like

[relay-smtp.exmaple.com]:587 yourSMTPUsername:yourSMTPPassword

of course you need to add the relay server in the spf record or else
those mails would bounce back. The MX records should be unchanged, as
you want still handle your incoming mail as the smart host will not do
it for you.

And, no you can't use which ever old email address you have for this,
you need a host that has been setup as a relay, it do not be hosted by
your hosting company, but they tend to have services for their customers.

> As far as I know, my IP is the only one that has trouble.

How do you know that? you talked with the person who has the IP+1 or IP-1?

Also, did you setup a correct spf for your mail domain, you have MX
record for your mail domain, setup dmarc and share your dkim public key
and then of course sign all outgoing mail?

--
//Aho