Oct 25 2018 02:26 AM
Oct 25 2018 02:26 AM
Emails being sent from one of our Office 365 tenancy is going to spam for Yahoo/AOL mailbox. We contacted the Yahoo support and as per their update, the IP address used by Office 365 servers are currently blacklisted, hence all emails from this IP goes to spam.
We have done several testing by sending emails with just content "test" and most of the time it goes to spam in Yahoo. The header in each email has below tag and the IP address is blacked listed by BACKSCATTERER.
Test 1: X-YahooFilteredBulk: 18.104.22.168
Test 2: X-YahooFilteredBulk: 22.214.171.124
Test 3: X-YahooFilteredBulk: 126.96.36.199
We raised this with Office 365 support [Ticket #:11813136] and below was the response received.
"As discussed, after analysing the headers collected from recipient end, we found that the emails are not considered as SPAM:
The emails are being marked as Bulk by Yahoo:
You will have to check with Yahoo to find why those emails are being marked as Bulk whereas you are not sending bulk emails.
If you will have to provide Office 365 EOP IP addresses, you can find them in the below link:
Based on our last communication, it appears that your issue is resolved and the case# 11813136 is ready to be archived."
Please, can you let me know why we should be contacting Yahoo to unblock a dozen IP addresses belonging to Microsoft? Also let me know the reason why everytime an email is sent from our tenancy gets a blacklisted IP address assigned. Even a blank message sent with a subject "test" is going to spam. So this has nothing to do with content.
Oct 25 2018 08:06 AM
Hey @Tharun Jacob George,
So looking at the link you gave me to check the IP I only see it on one blacklist - backscatter.
Backscatter is one of the more... frustrating blacklists to deal with. When your IPs get listed there, essentially there response amounts to this - "well we have allot of information to go through, and we are unsure if your IP is now safe. If you want to pay us some money, we will expedite your review, which if you are good will result in you getting removed much quicker. If not we will continue to review logs and remove any IPs we feel are now safe in due time."
Now they cant outright keep IPs on there that are safe, especially ones from companies like O365, but they are just kind of frustrating to deal with. From the perspective of someone who has been involved in the higher up technical aspects of a multiple million mailbox hosted system, backscatter was the blacklist we liked the least.
The fact that the IP itself is not listed anywhere else, tells me the IPs are in a fine state. So now on to why Microsoft said what they said. If this was just a server a random IT shop was running for you, then the owness would somewhat fall on them. But they would just reach out to yahoo and say hey we are not spamming what can we do to help, and it would be up to yahoo to make changes. In this case, Microsoft is saying they have done everything to ensure their IP is in a good state, and from looking at the blacklist check, atleast for this IP, I agree with them.
The reason you got the response from Microsoft, is because of the tag you got back from Yahoo indicating that they flagged your message as bulk. In essence Yahoo is taking an active step to blacklist that IP/message.
Because this is a decision by Yahoo, and for all intents and purposes to Microsoft the IP seems fine (again backed up by the fact that the IP is in essence not listed anywhere but backscatter,) then there is nothing Microsoft is going to be able to do for you.
I would contact yahoo from your account, say that the message got filtered out, and that it is legitimate mail. From what I can tell, yahoo seems somewhat trigger happy applying their own "bulk" tag to ip's messages.
Additionally O365 uses an absolute metric ton of ips. The chances that you will be sending from the same server for all your users, or systems, over any extended period of time is just not likely. I would test again to see if you get the same error.
Finally as a closing thought, this wont stay for long as its just bad business for yahoo. The most recent number i can find is from over a year ago stating that O365 had 120 million users. I am sure that had grown allot since then. - https://www.zdnet.com/article/microsoft-office-365-now-has-120-million-business-users/
If Yahoo is blacklisting O365 ips, they are essentially running the risk of their users not getting mail from any of those millions and millions of users. In the world of email, the gorillas can kind of set their own rules, as long as they are mostly reasonable. Well in this case O365 is not just a gorilla, its King Kong.
I do not expect that IP to stay listed on yahoo for long. Additionally I think you should have luck getting different IPs, and if you wanted to force the issue, you could setup your outbound server in outlook/application to be hardcoded to an IP. (use smtp.office365.com or something like that instead of automatic). And last but not least, if you want to try to work this out through IT support, you will need to go through yahoo, as they are the ones actively taking measures to block it. They may be willing the white list the IP for your user/domain, they may be willing to take action system wide knowing its O365, but since they are the ones specifically doing something to stop the message, they are the ones who will need to intervene to fix it.
Oct 26 2018 12:03 AM
Thanks for the detailed response.
I think the reason why people opt for cloud mail solution like office 365 has to do with the fact that they don't have to worry about the underlying infrastructure and deal with issues like IP blacklist. If the IP was owned by us or was a dedicated Ip assigned just for our use, then I agree it should be us contacting Yahoo. However, this is not the case and we are just one of your many users using that IP.
If going by the case customer should contact mail providers to get Office 365 IPs whitelisted is quite unpractical. Firstly, the IPs are owned by Microsoft and customer don't have any control over. Secondly, the IPs are dynamic and shared with multiple O365 customers. Therefore, we need to ask Yahoo to unblock a million IPs used by over billion users. I don't think any provider would do that. Thirdly, as a basic condition for removing from the blacklist, most of them ask for a declaration stating that no more spam email will be sent from the IP. How can anyone provide such declaration for IPs owned by Microsoft and shared with a million customers?
Further, this is not a case of a few random IPs, almost all emails send to yahoo are going to spam and each has a unique IP that is blacklisted. Since Yahoo/AOL is still one of the prominent email providers out there, this should be affecting many Office 365 users. I believe this is something Microsoft should deal with Yahoo rather than asking the customer to deal with it.
Oct 26 2018 06:53 AM
Hey @Tharun Jacob George,
I do not disagree at all with the premise of your point. If you want, you could reach out to Microsoft again (perhaps try to reach the postmaster) and see if they can have their postmaster reach out to yahoo on your behalf.
By all means, one of the benefits of being on O365 should be that you dont have to deal with this junk.
The only reason I suggested that was because from all the details you provided, I do not think that IP is in a bad state with ANYONE but yahoo at this point. I would say the fact that the IP is clean everywhere but backscatter is proof Microsoft did do some due-diligence to get the address removed.
Hell there is a good chance now, a few days later, it has been taken off.
For now, if you are still impacted, I would adjust my SMTP settings away from an automatic setup, and hardcode in smtp.office365.com which should give you different sending IPs.