Microsoft flags all email as SPAM

Hello everyone,

Here i am again, with a new problem ;)

I am sending/receiving my email through Sophos now.

When i send an email to a Microsoft address (hotmail/live/outlook) it automatically gets flagged as SPAM.

At the moment i have SPF/DMARC/rDNS/TTL 3600 (DKIM in the past) all configured.

I have had this problem before i start using Sophos.

I have tried everything, sending through MX, smarthost ISP, Sendgrid Smarthost, SpamExperts Smarthost. I even bought different IP addresses and then use a GRE tunnel.

After a few emails Microsoft SmartScreen Filter flags the emails as SPAM.

Always with:

X-MS-Exchange-Organization-SCL: 5
X-MS-Exchange-Organization-PCL: 2

I have emailed MS at https://support.microsoft...&ccsid=636338228758026326

Then i get a standard answer that the SmartScreen Filter is blocking my emails and they don't know why.

I have also checked for blacklisting at sender.office.com. Which is also not the case.

Does somebody here have an ideas maybe? Maybe an (ex) Microsoft employee :)

This is been bugging me for a long time.... Starting to think it is a business model to drive people crazy and then make them use Office365 instead of on premise Exchange. Maybe also because MS is working on one new Exchange version (2018 i think) but after that no more on premise Exchange servers. If i am not mistaking.

  • This is not a UTM issue and UTM cannot fix it.

    Are you a business on a static IP, or a home user on a dynamic IP?  Some spam filters block traffic coming from dynamic IP addresses.   If you are running a mail server, you should have a business account with your ISP and you should have a static IP address.  The better ISPs will block SMTP port 25 traffic from home users, the rest of them should, because SMTP from home usually means a malware-infected and bot-controlled PC.   Your traffic appears to be getting out, so your ISP is apparently not blocking anything.

    Do you have an infected machine on your network?   Any device on your network which shares the same internet address can affect your mail reputation.   You have to have a clean network.   Once you have a clean network, you need to get off the blacklists.

    Create a (free) account with MXToolbox.com, and have them monitor your IP address and your mail domain reputations.   Assuming that you have a clean network, Contact each of the services that have you blacklisted, and ask to be removed.   Then monitor to ensure that you stay removed.

    Are you sending to mailing lists?   Most of the major sources like Microsoft, Google, and AOL have a registration service for organizations that send high volumes of legitimate mail.   Each service has there own rules for qualifying.  At minimum, they want to know how to contact you if there is a hint of a problem, and they want to know that you comply with the U.S. CAN-SPAM act.

    This is nothing personal between you and Microsoft.   This is a response to the high volume of spam and spam-based malware.

  • In reply to DouglasFoster:

    O yes sorry, do we have a appropriate subforum?

    My answers:

    Yes we have a full business line. 5 static IP's.

    No infected machines. Mxtoolbox, mail-tester.com (gives as an 10/10) cannot see any problems.

    We don't use mailing lists, we only send email to people who are expecting our mails. About 100 per day.

    Google accepts the mail fine. So do all the other mail servers, it is really only MS.

    This IS something "personal" (not really of course) between MS en me.

  • In reply to Nick Janssen:

    MS uses "precedence" to. If you send just an email per day to your domain or  vice versa they move you to queue. The same think with their whitelist, you have to send more test emails to change your reputation

  • In reply to oldeda:

    Have tried this.  3 days we have sent over 300 e-mails per day to MS accounts.

  • In reply to Nick Janssen:

    This appears to be the link for establishing communication with Microsoft about your problem

    Df

  • In reply to DouglasFoster:

    Thanks for this website. Senderscore.org is new to me.

    I have checked and it said:

    Volume LOW

    Score 99

    SPF/MX GREEN

    SSL RED

    So i am changing SSL certificate (including rDNS/HELO name) so i am hoping that all the boxes will become GREEN then. At the moment my SSL certificate includes: Autodiscover.domain.nl, MailSrv01.ad.domain.nl, DC01.ad.domain.nl.

    But 99 is a really good score, right?. I had already joined JMRP a few month ago. When you log in it says you will have to send at lease a 100 emails per day to be able to show a result. Well i tried that like i says before and it never showed a result.

    But maybe it will help if all the above boxes are GREEN.