Share via

Microsoft IP addresses blacklisted

Anonymous
2019-06-28T09:23:20+00:00

Hello

I use GoDaddy for my company hosting. Our Office 365 email gets sent out by a Azure cloud (ip addresses are registed in Austria). One set of servers starting with 40.*.*.* are fine and only have a few black listings

The other set of servers 52.101.132.* have a very high proportion of IP black listing.

e.g. 52.101.132.104, 27,78,76,68,13,18,76,42,75,29,33,10,23,30,62,20

This is not a complete list.

The result is that our emails randomly go to spam files - we have suffered late payment of invoices due to this.

I have checked our emails through mail-tester and they get 100% score when they go through the 40.*.*.* servers

I have used glock apps spam tester to identify these ip addresses

A sample report for spam is here 

https://shared-report.******.com/tests/*********/deliverabilty

The same email sent on the same day was also reported like this - not spam:

https://shared-report.******.com/tests/*******/deliverabilty

These are not my servers and the service at https://sender.office.com/ is hard to use for multiple IP addresses and the captur is horrendous

Please can you monitor your IP addresses and ask for the blacklisted ones to be delisted?

thanks

Dave

<--PII and links removed by moderator to protect your privacy-->

Outlook | Windows | Classic Outlook for Windows | For home

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

30 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2019-07-04T15:38:49+00:00

    Hello Dave,

    Thanks for your response. Due to this issue complexity, I further consult our senior tech support engineer. We totally understand your feelings for this issue and your concerns with these MS IPs being marked in third-party black list would affect your business.

    After further consulting, my suggestions is that you may try to add the two IPs I mentioned in Private Message into your domain SPF records, like: v=spf1 ip4:192.168.0.1 ip4:192.168.0.2 include:spf.protection.outlook.com –all  here’s article for your reference: Form your SPF TXT record for Office 365. If you are not familiar with this operation, it is suggested contact your Office 365 Business admin to help you. You may test whether this way can relieve the issue in some degree.

    As per MS IPs, we totally understand that it is what you mostly are concerning about. However, from the message headers we currently haven’t found any IP is in the range you provided, but it doesn’t mean that it won’t affect your other messages. In fact, there are many factors that have the potential to cause lots of messages being marked as spam from specific sender, and what you are concerning is one of that. Your sharing is helpful, to further check this issue, we will also take consideration to these IPs.

    According to this situation, we need to collect further information about at least the mail flow on your side, since without knowing the mail flow, it is hard for us to look into the issue and find the root cause. Since your tenant is hosted on GoDaddy, it is a better idea to confirm the mail flow from GoDaddy firstly. And then we can further analyze it. In general for tenant hosted in Microsoft, emails will goes from EOP outbound server to recipient server, no other third-party server or service involved, but from the message header you provided, the mail flow may be more complicated.

    Sorry again for the issue you encountered, I will spare no effort to help you on this.

    Best Regards,

    Anna

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  2. Anonymous
    2019-07-01T16:02:09+00:00

    Hello Dave,

    Haven't heard back from you, if you have any related information, welcome back to share with us.

    Best Regards,

    Anna

    Was this answer helpful?

    0 comments
  3. Anonymous
    2019-06-29T09:55:04+00:00

    Hello Dave,

    After double-checking, I found the some points and according to these points I came up with my own thought, please feel free to correct me if anything incorrect:

    1. Thanks for the spam test results you afore shared, we did find that these is the MS IPs that go into third-party blacklists, however, I think the root cause of you issue might be different.
    2. In message headers you shared with us, it has 15 hops, so the mail flow seems a little complex. According to my understanding the flow of it should be**:**

    The email was sent from sender (EOP outbound server) -> went to MailControl (seems like a third party service) ->went to IBM related service (since in message hops there mentioned IBM)->went back to MailControl-> delivered to recipient EOP-> redirected to recipient local host server or another party host their services-> went back to recipient EOP->finally delivered to recipient mailbox.

    In hop 3 email was submitted to MailControl, the recipient environment (assuming the MailControl and IBM related services are deployed by recipient side). As far as I can find out, this email was not marked when going out of the sender side, so issue can be related with the recipient side.

    1. This message was submitted multi times by different recipient servers during the flow, and there multi SPF checking occurred either (seems two times), both of them failed due to the sending IPs are not designated submit domain (sender domain). These IPs seems belong to recipient servers. DKIM also failed. I sent you one copy of this reply in private message so that you can check the IP and SPF check details. And I think it may be the root cause of this issue. And then the SCL value is set to 5.
    2. Due to the complexity of mail flow on recipient side, to make it clear and better help you, if it be convenient, may I re-confirm with you what’s detailed mail flow on both sides (sender and recipient)? How they are deployed?

    Best Regards,

    Anna

    Was this answer helpful?

    0 comments
  4. Anonymous
    2019-06-28T12:20:54+00:00

    Anna

    Some points:

    The emails are not sent from these specific IP addresses - the emails are routed through those IP addresses presumably by the exchange server.

    Yes those IPs are added to multiple blacklists and when they are in more than 2 you start to get high spam scores, when the IP address is in 3 or more many mails get marked as spam.

    The original message header in the mails that I sent is blank - I did not receive the emails. However, I have got one header from a customer account - I will send that to the link you gave.

    Regards

    Dave

    Was this answer helpful?

    0 comments
  5. Anonymous
    2019-06-28T12:08:21+00:00

    Hello David,

    Thanks for the detailed information of this issue you shared with us. From your description, I can know that your outbound emails sent from specific IPs are marked as spam and going to recipient spam folder. Please feel free to correct me if there’s any misunderstood.

    By checking the information, I found that these IPs that being blacklisted are belong to Microsoft IP range, and from the testing tool results your shared, it seems that these IPs are added into a third party’s black list. I’m very sorry for the issue you are facing, to further checking it, if it be convenient, may I collect the original message headers of one of these messages that being marked as spam for checking? To protect your privacy, you may send it to me via private messages: https://answers.microsoft.com/en-us/privatemessage/inbox.

    Best Regards,

    Anna

    Was this answer helpful?

    0 comments