Microsoft actively blocking DO IP range

March 27, 2018 646 views
Email Ubuntu

Mail sent from my droplet is being returned when the recipient is MSN, Outlook or Hotmail

Mail.log excerpt;

Mar 25 19:40:58 box postfix/qmgr[4566]: 4AFDA2036C: from=clubmanager@-------------.co.uk, size=1477, nrcpt=1 (queue active)
Mar 25 19:40:58 box postfix/submission/smtpd[28496]: disconnect from localhost[127.0.0.1]
Mar 25 19:40:58 box postfix/smtp[28928]: 4AFDA2036C: to=<---------------@msn.com>, relay=msn-com.olc.protection.outlook.com[104.47.45.33]:25, delay=0.67, delays=0.09/0/0.43/0.14, dsn=5.7.1, status=bounced (host msn-com.olc.protection.outlook.com[104.47.45.33] said: 550 5.7.1 Unfortunately, messages from [159.65.85.119] weren't sent. Please contact your Internet service provider since part of their network is on our block list (AS3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [CO1NAM04FT006.eop-NAM04.prod.protection.outlook.com] (in reply to MAIL FROM command))
Mar 25 19:40:58 box postfix/smtp[28928]: 4AFDA2036C: lost connection with msn-com.olc.protection.outlook.com[104.47.45.33] while sending RCPT TO
Mar 25 19:40:58 box postfix/bounce[28974]: 4AFDA2036C: sender non-delivery notification: F003928C01
Mar 25 19:40:58 box postfix/qmgr[4566]: 4AFDA2036C: removed

(I redacted the source domain and destination email ----------)

I have contacted DO support and they just say maintaining reputation is hard for them and to try changing regions or using a third party to relay email.

Anyone have practical experience of this issue and how to get around it.

I have a bunch of users that are seriously unhappy at the moment!

4 Answers

Do you use SPF/DMARC/DKIM? And why don't you use a service like Sendgrid if deliverability is important?

  • Yes, SPF and DKIM records are set.

    I would not say deliver-ability is especially important - this is just a mail server for a small voluntary organisation that deals with members of the public. They are all distributed users. I'm running mail-in-a-box so that they can use webmail.

    Many of their enquiries are from outlook and hotmail users.

    I do use postmark for transactional emails, but this is just general run of the mill email.

    • It's near impossible to maintain IP reputation. Some providers like Mailgun offer free packages.

Something else I have found with Microsoft is they also look to see if the PTR Records are present for the server. I have run into the issue with most cloud providers including Azure and AWS.

Here is another discussion that touches on this topic...
https://www.digitalocean.com/community/questions/how-do-i-setup-a-ptr-record

As DO mentioned, try an external service, you can use Mailgun for it, it works nicely

As far as I know, Mailgun is of no use for general mail services, eg sending SMTP from a mail server (including attachments) - its just for transactional email?

Have another answer? Share your knowledge.