Hi people, We are evaluating the acquisition of the Fortimail tool for our Datacenter, and we are having trouble protecting IP Pool addresses from falling into Microsoft's reputation list. We have all security requirements enabled, for example: SFP, DKIM, rDNS, DNS. What do you do to avoid falling into this list?
Regards.
Anderson Serra
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Anderson.
If you are not the source of that reputation and only inherited those IPs o block from your ISP/Carrier, nothing else to do with your Fortimail.
Ask them for a new, clean IP block for your service.
Cleaning IP blocks are ISP/Carriers duties. (unless the block had allocated to you)
regards
/ Abel
andersonserra wrote:
What do you do to avoid being blocked by microsoft?
Nothing special actually, spf records for all domains and dmarc for ones that required.
Error or block message from MS gives any clue?
regards
/ Abel
We have no problems with the other domains, only with Microsoft. All security techniques were applied as an example: SPF, DMARC, DKIM. None of the headers used for Microsoft antispam are affected in my opinion.
Authentication-Results: spf=pass (sender IP is my_ip_address) smtp.mailfrom=mydomain.com; outlook.com.br; dkim=pass (signature was verified) header.d=mydomain.com;outlook.com.br; dmarc=pass action=none header.from=mydomain.com;compauth=pass reason=100 Received-SPF: Pass (protection.outlook.com: domain of mydomain.com designates my_ip_address as permitted sender) receiver=protection.outlook.com; client-ip=my_ip_address; helo=myreverseip.mydomain.com; Received: from myreverseip.mydomain.com (my_ip_address) by MW2NAM10FT015.mail.protection.outlook.com (10.13.154.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.22 via Frontend Transport; Mon, 13 Jul 2020 21:59:18 +0000
X-Forefront-Antispam-Report: CIP:my_ip_address;CTRY:BR;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:myreverseip.mydomain.com;PTR:myreverseip.mydomain.com;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:; X-MS-PublicTrafficType: Email X-MS-Exchange-Organization-AuthSource: MW2NAM10FT015.eop-nam10.prod.protection.outlook.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-UserLastLogonTime: 7/13/2020 4:47:55 PM X-MS-Office365-Filtering-Correlation-Id: 1601704d-942a-4d1a-badc-08d82777fdc0 X-MS-TrafficTypeDiagnostic: MW2NAM10HT144: X-MS-Exchange-EOPDirect: true X-Sender-IP: my_ip_address X-SID-PRA: TEST@MYDOMAIN.COM X-SID-Result: PASS X-MS-Exchange-Organization-PCL: 2 X-MS-Exchange-Organization-SCL: 0 X-Microsoft-Antispam: BCL:0; X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Jul 2020 21:59:18.0755
Some messages have a header BCL:4 (bulk messages), but it is a median value.
Regards.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1099 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.