microsoft
One assumes the rendering tools like Email on Acid and Litmus have already been updated with this new desktop client, the Outlook for Windows email app that just launched, since it has been available in a public preview since May 2022.If you’re a Windows user, you’re longing for a desktop email client, and you want a new email client, Microsoft’s got you covered. Reports say that this new Outlook for Windows application will eventually replace the built-in Windows Mail and Calendar app. But if you’re curious and want to try it now, just after its official release, click on through.Read more here.
Sending mail to Microsoft domains can mean you get different types of bounces back for what is effectively the same problem. Check out these three different bounces, as an example:Your message to nobodyhome@kickbox857.onmicrosoft.com couldn’t be delivered.firstname.lastname wasn’t found at company.com.550 5.1.10 RESOLVER.ADR.RecipientNotFound; Recipient firstname.lastname@company.com not found by SMTP address lookup550 5.5.0 Requested action not taken: mailbox unavailable (S2017062302). [HE1EUR01FT020.eop-EUR01.prod.protection.outlook.com 2023-09-19T15:05:34.324Z 08DBB71928CA8F8E]: host company-com.mail.protection.outlook.com[52.101.40.6] said: 550 5.4.1 Recipient address rejected: Access denied. [CY4PEPF0000EE3C.namprd03.prod.outlook.com 2023-09-18T12:48:32.808Z 08DBB45899852BA7] (in reply to RCPT TO command)All of these are essentially “user unknown” or “invalid user” bounces, returned from attempting to send mail to an invalid or closed address at a Microsoft-hosted email domain.The first one is the more “plain english” version that Microsoft builds into the DSN (Delivery Status Notification) that O365 will send back in some cases.The second one? Seems self explanatory. O365 again, very clearly saying “recipient not found.”The third one? This is your
When sending to Microsoft OLC (Outlook Consumer – i.e. hotmail.com, outlook.com, msn.com, live.com, etc.) domains, are you seeing this bounce message?Microsoft: 5.4.4 (unable to route: no mail hosts for domain)If you’re seeing that error message, or something similar, here’s what’s happening, I think, based on what some smart folks have shared with me.All of those domains have an MX record that points to outlook-com.olc.protection.outlook.com. And when you look up the IP addresses for that server mentioned in the MX record, what do you get? Well, when I do it from here, I get just two IPs: 104.47.58.33 and 104.47.55.33.But other folks showed me examples where they were receiving 25+ IP addresses in response. I can’t reproduce it, so I don’t know if it’s geo-specific, intermittent, or if overall, the whole thing has been addressed. I suspect some combination of all of that. But anyway, I’m told that when the results
Looks like Microsoft has run into email authentication issues today. Specifically, the domain hotmail.com appears to have a broken SPF record wherein messages sent by Hotmail/Outlook.com/Microsoft OLC using a hotmail.com from address aren’t passing SPF authentication. Here’s a link to a KBXSCORE report I’ve run, showing the failure.While hotmail.com is affected, the outlook.com domain doesn’t appear troubled — my test sends from an outlook.com from address seem to pass SPF. (Microsoft has many other domains; I’ve only checked these two.)Looking at the SPF records for hotmail.com, here’s what I see:hotmail.com descriptive text “v=spf1 include:spf-a.outlook.com include:spf-b.outlook.com ip4:157.55.9.128/25 include:spf-a.hotmail.com include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com -all”outlook.com descriptive text “v=spf1 include:spf-a.outlook.com include:spf-b.outlook.com ip4:157.55.9.128/25 include:spf-a.hotmail.com include:_spf-ssg-b.microsoft.com include:_spf-ssg-c.microsoft.com include:spf.protection.outlook.com ~all”The hotmail.com SPF record is missing “include:spf.protection.outlook.com” — which is present in the outlook.com SPF record. And I see it present in a cached copy of Hotmail’s SPF record that I collected last month. So, I suspect that to be
Starting on August 16th, Microsoft seems to have stopped sending feedback loop reports. Microsoft’s FBL is called the “JMRP” (Junk Mail Reporting Program) and multiple folks are indicating that the email feed of complaint reports that this entails seems to have dried up. Microsoft has been notified but I’ve not heard of any ETA for a fix at this time. I’ll be sure to update this post if/when I receive more information.[ H/T: LB Blair and others ]
If you’re seeing intermittent DKIM authentication failures at Microsoft domains (outlook.com, hotmail.com, etc.) — meaning you’re seeing “dkim=fail (body hash did not verify)” instead of “dkim=pass (signature was verified)” in your “Authentication Results” email headers — then what likely has happened is that Microsoft has modified one or more characters in your email message.See, there’s multiple ways to encode email messages for sending them via the Internet — the oldest, default way of just plain text (7-bit ASCII text) doesn’t allow for emojis, accented characters, special character sets, Kanji, anything beyond just the simple characters used to write English-language text. And to allow email to be transmitted in this simplistic character set, but allow for additional, extended characters and alternative character sets, methods of encoding were created that allowed email platforms to do things like specify complicated multi-byte characters by “encoding” them into Quoted-Printable or Base64, to allow them to
Here’s some long-time-coming news from Microsoft, one of the world’s largest mailbox providers: they have started rolling out changes to honor DMARC policies as published in a domain’s DNS. Microsoft will now be treating the p=reject policy as intended; email failing DMARC authentication will not be delivered. Microsoft had been treating the DMARC policies of p=quarantine and p=reject the same way; email failing DMARC with a p=reject policy was delivered to the spam folder. Microsoft said they had operated this way “because some legitimate email may fail DMARC. For example, a message might fail DMARC if it’s sent to a mailing list that then relays the message to all list participants. If Microsoft 365 rejected these messages, people could lose legitimate email and have no way to retrieve it. Instead, these messages will still fail DMARC but they’ll be marked as spam and not rejected.” Microsoft signaled the change to
Microsoft’s SNDS (Smart Network Data Service) reputation feedback portal is having trouble at the moment. For at least the past week, people have been reporting that attempts to register and verify new IP addresses or ranges with SNDS are failing, because the verification email is not being sent by Microsoft. A few folks have mentioned discussing the issue with Microsoft, and being told to try again — and have done so, to no avail.At first I was assuming that Microsoft’s SNDS verification request emails were bouncing off of various folks’ spam filters. But in my testing, I don’t even see any attempt by Microsoft to connect to and deliver a message to my IP range’s verification address at my self-hosted email domain. So, something is definitely and significantly broken — I’ve got no proof that the SNDS system is even attempting to send verification messages.Thus, at this time, I don’t
Florent Destors, Deliverability Manager at Marigold, recently found and shared some very good and timely information related to an increase of mailbox full (over quota) bounces that folks are seeing when sending to Microsoft domains. With his permission (thank you!), I’m sharing his info here:Florent writes:In case you noticed a drop these last weeks on your delivery rates towards Microsoft domains and see an increase in mailbox full bounces received, you should be aware that Microsoft recently changed their cloud storage calculation method.Starting February 1, 2023, cloud storage used across Microsoft 365 apps and services will now include Outlook.com attachments data and OneDrive data. This update may reduce how much cloud storage users have available to use with their OneDrive. If they reach their cloud storage quota, their ability to send and receive emails in Outlook.com will be disrupted.According to Microsoft, the new quota bar should have been gradually rolled
It looks like Microsoft are getting pickier about email address syntax, rejecting mail that uses illegal address formats. That might be what’s causing that “550 5.6.0 CAT.InvalidContent.Exception: DataSourceOperationException, proxyAddress: prefix not supported – ; cannot handle content of message” rejection. Why do we care? It’s good to send syntactically valid email in a warm fuzzies sort of way – it shows we know what we’re doing, and aren’t dodgy spamware – but it’s increasingly important to delivery as mailbox providers are tightening up on their syntax checks. But why are mailbox providers doing that? One reason is that authentication tech like DKIM and DMARC is built around them only being applied to email. Not to messages that kinda look like email. There are ways to bypass DKIM protections by sending invalid messages. As one example, if you send multiple copies of the From: header with different values a DKIM checker
