- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IP reputation Microsoft
Hi people, We are evaluating the acquisition of the Fortimail tool for our Datacenter, and we are having trouble protecting IP Pool addresses from falling into Microsoft's reputation list. We have all security requirements enabled, for example: SFP, DKIM, rDNS, DNS. What do you do to avoid falling into this list?
Regards.
Anderson Serra
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Anderson.
If you are not the source of that reputation and only inherited those IPs o block from your ISP/Carrier, nothing else to do with your Fortimail.
Ask them for a new, clean IP block for your service.
Cleaning IP blocks are ISP/Carriers duties. (unless the block had allocated to you)
regards
/ Abel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
andersonserra wrote:
What do you do to avoid being blocked by microsoft?
Nothing special actually, spf records for all domains and dmarc for ones that required.
Error or block message from MS gives any clue?
regards
/ Abel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have no problems with the other domains, only with Microsoft. All security techniques were applied as an example: SPF, DMARC, DKIM. None of the headers used for Microsoft antispam are affected in my opinion.
Authentication-Results: spf=pass (sender IP is my_ip_address) smtp.mailfrom=mydomain.com; outlook.com.br; dkim=pass (signature was verified) header.d=mydomain.com;outlook.com.br; dmarc=pass action=none header.from=mydomain.com;compauth=pass reason=100 Received-SPF: Pass (protection.outlook.com: domain of mydomain.com designates my_ip_address as permitted sender) receiver=protection.outlook.com; client-ip=my_ip_address; helo=myreverseip.mydomain.com; Received: from myreverseip.mydomain.com (my_ip_address) by MW2NAM10FT015.mail.protection.outlook.com (10.13.154.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.22 via Frontend Transport; Mon, 13 Jul 2020 21:59:18 +0000
X-Forefront-Antispam-Report: CIP:my_ip_address;CTRY:BR;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:myreverseip.mydomain.com;PTR:myreverseip.mydomain.com;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:; X-MS-PublicTrafficType: Email X-MS-Exchange-Organization-AuthSource: MW2NAM10FT015.eop-nam10.prod.protection.outlook.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-UserLastLogonTime: 7/13/2020 4:47:55 PM X-MS-Office365-Filtering-Correlation-Id: 1601704d-942a-4d1a-badc-08d82777fdc0 X-MS-TrafficTypeDiagnostic: MW2NAM10HT144: X-MS-Exchange-EOPDirect: true X-Sender-IP: my_ip_address X-SID-PRA: TEST@MYDOMAIN.COM X-SID-Result: PASS X-MS-Exchange-Organization-PCL: 2 X-MS-Exchange-Organization-SCL: 0 X-Microsoft-Antispam: BCL:0; X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Jul 2020 21:59:18.0755
Some messages have a header BCL:4 (bulk messages), but it is a median value.
Regards.