microsoft
Brian Krebs posted his usual “Patch Tuesday” update for Fat Tuesday (yesterday, February 13th) and listed in there was a doozy, an email-client specific bug that I almost missed: “CVE-2024-21413, a critical remote code execution bug in Microsoft Office that could be exploited just by viewing a specially-crafted message in the Outlook Preview pane.” Brian points out today: “Microsoft has updated its security advisory for [this] critical Outlook bug they patched on Tuesday: They’re now saying it’s under active attack.” Not good. Be safe, and make sure you’re up to date with latest versions and all security patches!
Bounce message. SMTP rejection. Deferral message. Non-delivery report (NDR). 5xx error. 4xx error. No matter what you call them, there are a zillion different kinds of them out there. Heck, Microsoft’s got at least four different ways to tell you “user unknown.” Memorizing all of these is hard. Probably impossible. So, if you’re looking for a big ole’ list of all (or at least most) of the different rejections or deferrals you can run into when sending emails to Microsoft, let’s be grateful that they’ve got a very handy chart that breaks down just about all of the different types of 4xx and 5xx responses you can receive when trying to send to Exchange Online / Office 365. There are close to 70 different types of NDRs listed; and it’s a good and handy resource that you should bookmark, though I admit that I don’t know if it covers absolutely
If you’re one of those weirdos (like me) who tracks what email providers hosts mail for what domains, you’ll want to take note of this. In the email industry’s ongoing efforts to improve email security, Microsoft is adding the ability for Microsoft-hosted domains to implement DANE with DNSSEC. As Microsoft explains, “SMTP DANE is a security protocol that uses DNS to verify the authenticity of the certificates used for securing email communication with TLS and protecting against TLS downgrade attacks. DNSSEC is a set of extensions to DNS that provides cryptographic verification of DNS records, preventing DNS spoofing and adversary-in-the-middle attacks to DNS.” Anyway, my point is not to dissect the potential value of DANE or theorize how long it’ll take for a majority of customer domains to be updated (Microsoft hosts mail for 750,000 of the top ten million domains, and I’m sure many more beyond that). Instead, I
It’s time for another entry in the DELIVTERMS dictionary! Today, let’s define JMRP. JMRP is the “Junk Mail Reporting Program,” the mechanism by which email sending platforms and internet service providers can receive complaints back whenever an Outlook.com (Microsoft OLC) user clicks the “report spam” button to tell Microsoft that they think a particular email message is spam. You might find some older documentation that refers to this as the “Junk Mail Reporting Partner Program” (JMRPP) – that’s an older name for the same thing. Overall, mailbox providers and internet service providers call these types of mechanisms “Feedback Loops.” Thus, the JMRP is the Microsoft Outlook.com ISP feedback loop. A sender must utilize a dedicated sending IP address to sign up for JMRP; the intent is for the owner of an IP address to get complaints back about mail sent from their own IP address. (Platform owners, whether or not
Microsoft’s SNDS (Smart Network Data Services), the reputation portal that provides deliverability feedback for folks sending to Microsoft Outlook.com/Hotmail, appears to be down at the moment. Microsoft has set an “under maintenance” static page in its place, as of my last check at 9:15 am US central time on Wednesday, October 18th.I’ll update this page as I get more information.What is SNDS? Click here to learn more.
Today, Wednesday, October 11th, many senders are reporting trouble (specifically, delayed mail) when attempting to send email to Microsoft-hosted subscribers. Here’s more on the issue from Steve Atkins from Word to the Wise. I’m keeping a close eye on my Office365 admin dashboard to watch for updates on this issue. Microsoft has logged this as “incident EX680695” and those with O365 admin access can go to Home -> Health -> Exchange Online -> Health to see the current status and click on the incident/advisories there to find the latest details. Here’s a direct link to that incident information, which likely only works if you have appropriate access.Many (but not all) senders were impacted, seeing “451 4.7.500 Server busy” delivery delays when sending to email domains hosted by Office 365 / Exchange Online. Many of the senders reporting trouble were located in the EU; suggesting that the issue may be EU-specific, or specific
If you’re seeing a lot of “451 4.7.500 Server busy. Please try again later” from Office365 this morning you’re not alone. Microsoft are aware of the issue, and incident EX680695 says: Current status: We’ve identified that specific IP addresses are being unexpectedly limited by our anti-spam procedures, causing inbound external email delivery to become throttled and delayed. We’re reviewing if there have been any recent changes to our anti-spam rules to understand why the IP addresses are being limited. In the meantime, we’re manually adding reported affected IP addresses to an allowed list to provide immediate relief.
One assumes the rendering tools like Email on Acid and Litmus have already been updated with this new desktop client, the Outlook for Windows email app that just launched, since it has been available in a public preview since May 2022.If you’re a Windows user, you’re longing for a desktop email client, and you want a new email client, Microsoft’s got you covered. Reports say that this new Outlook for Windows application will eventually replace the built-in Windows Mail and Calendar app. But if you’re curious and want to try it now, just after its official release, click on through.Read more here.
Sending mail to Microsoft domains can mean you get different types of bounces back for what is effectively the same problem. Check out these three different bounces, as an example:Your message to nobodyhome@kickbox857.onmicrosoft.com couldn’t be delivered.firstname.lastname wasn’t found at company.com.550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient firstname.lastname@company.com not found by SMTP address lookup550 5.5.0 Requested action not taken: mailbox unavailable (S2017062302). [HE1EUR01FT020.eop-EUR01.prod.protection.outlook.com 2023-09-19T15:05:34.324Z 08DBB71928CA8F8E]: host company-com.mail.protection.outlook.com[52.101.40.6] said: 550 5.4.1 Recipient address rejected: Access denied. [CY4PEPF0000EE3C.namprd03.prod.outlook.com 2023-09-18T12:48:32.808Z 08DBB45899852BA7] (in reply to RCPT TO command)All of these are essentially “user unknown” or “invalid user” bounces, returned from attempting to send mail to an invalid or closed address at a Microsoft-hosted email domain.The first one is the more “plain english” version that Microsoft builds into the DSN (Delivery Status Notification) that O365 will send back in some cases.The second one? Seems self explanatory. O365 again, very clearly saying “recipient not found.”The third one? This is your
When sending to Microsoft OLC (Outlook Consumer – i.e. hotmail.com, outlook.com, msn.com, live.com, etc.) domains, are you seeing this bounce message?Microsoft: 5.4.4 (unable to route: no mail hosts for domain)If you’re seeing that error message, or something similar, here’s what’s happening, I think, based on what some smart folks have shared with me.All of those domains have an MX record that points to outlook-com.olc.protection.outlook.com. And when you look up the IP addresses for that server mentioned in the MX record, what do you get? Well, when I do it from here, I get just two IPs: 104.47.58.33 and 104.47.55.33.But other folks showed me examples where they were receiving 25+ IP addresses in response. I can’t reproduce it, so I don’t know if it’s geo-specific, intermittent, or if overall, the whole thing has been addressed. I suspect some combination of all of that. But anyway, I’m told that when the results