MicrosoftMicrosoftI can't comment on the techical details but I can confirm that the aggressiveness of Microsoft's approach here is causing real pain to real people. This week we purchased event tickets via axs.com using a forwarded personal domain email address which we have used for well over 20 years. It was (is) set to resolve to an outlook.com address. We received the first 2 emails confirming the purchase and that the tickets were available, that must be accessed in the app. Downloaded the app, tried to sign in, told email address is unverified: must click link to verify. But no verify email address was ever received: now sure it was bounced by outlook.com, presumably sent by a service system configured differently from the sales one. With axs support this was overcome but required a password reset. The password reset email was never received! Just in desparation I altered the email forwarding for our address to add a gmail address (so it would go to both there and outlook) and re-requested. Result: the password reset arrived in gmail, but not in outlook. We were now fixed, could sign in the app, get our tickets and go to our event. But only after 2 very stressful days caused by Microsoft's actions. How many others might not have such a workaround? Because you are not told an incoming mail has been bounced how many people have never received an essential email but have no way of knowing? We've also now seen emails bounced from kobo and asda. This is terrible and needs sorting very urgently.
It is best not to use a forwarding service, or if you still want to, choose one that uses the Sender Rewrite Scheme (http://www.open-spf.org/SRS/). This is the only way to avoid a forwarded email being rejected by Outlook. Also, if the email author's address domain is a high-volume sender, they must sign the email with an aligned DKIM.
Thanks, that is interesting information, but as mentioned I have been using the forwarding (by the same domain host) for over 20 years with no problem. Plus, of course, the first two emails from AXS's sales systems were delivered successfully. Since it seems gmail has no issues with the forwarded email why should I have to take action to resolve what appears to be a Microsoft specific problem?
Microsoft has decided to strengthen its inbound filtering to let less phishing slip through the net. This is fundamentally a good decision for security reasons, but it excludes redirection servers that don't use the Sender Rewriting Scheme. This scheme was already recommended to avoid the risk of SPF laundering. It has now become necessary for secure delivery to the MAGY (Microsoft, Apple, Google, and Yahoo).
