Outlook.com blocking mxc01.zoneedit.com
- Thread starter simes
- Start date
PhantomTom
New Member
I'm not getting any NDRs, but I am also not getting any emails that are supposed to be forwarded to my @outlook.com email for 14 hours now.
Please check!
Please check!
I'd concur with @PhantomTom. I've now had no emails forwarded to my @outlook.com address since sometime after 21:00 Thu (UK Time).
I've just sent some test emails from two different accounts - so far neither have been delivered and I've not received an NDR to either test sender account.
I've just sent some test emails from two different accounts - so far neither have been delivered and I've not received an NDR to either test sender account.
Last edited:
PhantomTom
New Member
Thank you - I've had a flood of emails in the last few minutes including my test emails and others that hadn't been delivered this AM.
How permanent is this latest "shunt" or are we likely to experience the problem again when that gets blocked as well (given that the last one appeared to work for a few hours and then stop).
How permanent is this latest "shunt" or are we likely to experience the problem again when that gets blocked as well (given that the last one appeared to work for a few hours and then stop).
Chris Cherry
Zoneedit Support
As long as spam exists through email, it is always possible to happen again. We're just a relay for domain email addresses that are directed to external email hosts. How often your destination mail provider decides to block us is in their hands. We do our best to keep as much spam clear of being relayed, but with mailboxes all over the internet being compromised and sending from legitimate sources, that is getting harder to detect and block.
One tip is this: if spam happens to make it through via your Zoneedit mailmap, marking it as "spam" at your email host can have a negative effect and cause our relay server to be blocked. Most of these blocks are temporary, but some require us to request delisting, which can take time.
One tip is this: if spam happens to make it through via your Zoneedit mailmap, marking it as "spam" at your email host can have a negative effect and cause our relay server to be blocked. Most of these blocks are temporary, but some require us to request delisting, which can take time.
I have the opposite problem with outlook.com - Microsoft marks everything as SPAM. This means that I have to explicitly whitelist every new email address (or domain) that emails me. Even after doing that emails from some senders (even bill reminders from people like British Telecom here in the UK) that I've whitelisted and marked as "not junk" many many in the past times still go to my Junk email folder on a regular basis.
I've never been able to get MS support to fix this in the past but I've always suspected it was (something?) to do with the forwarding via Zoneedit. Unfortunately as all my email is forwarded in this way I've no way of telling for sure.
I've never been able to get MS support to fix this in the past but I've always suspected it was (something?) to do with the forwarding via Zoneedit. Unfortunately as all my email is forwarded in this way I've no way of telling for sure.
Chris Cherry
Zoneedit Support
Email forwarding is a lot tougher these days (due to how much spam and phishing occurs daily). There are protection features on domains (via DNS) that help guard against phishing. Specifically SPF, DMARC and DKIM.
When we relay a message from your British Telecom provider, the receiving email server (Outlook) needs to check that the server sending them the message is valid for the domain in the From address. Our Zoneedit forwarding server is *not* going to be listed in the SPF record for your BT-UK sender domain. We have to do something called Sender Rewrite Scheme to work around this.
More information on SRS is posted on our parent company site here: https://easydns.com/features/srs-enabled-email-forwarding/
- Email forwarding wouldn't work or be very unreliable without doing this.
Some domains may also have DMARC set up, which can cause validation checks to fail and raise/lower the spam score threshold set by your email provider, thus having them mark it as SPAM. It's dependent on how strict your email provider's anti-spam policies are. Gmail has been going pretty hard against spam so emails struggle to get through - and that's when they're not blocking our forwarding server IPs which they've recently been doing. It's an ongoing battle to keep the flow consistent with Microsoft and Google.
BTW, the headers of the message that went into spam should indicate what check failed and provide information on why it went into spam. Look for any SPF, DMARC, DKIM failures. If it's none of those, it could be the IP reputation of the relaying server or possibly a link within the email that leads to a website or host with a poor reputation.
When we relay a message from your British Telecom provider, the receiving email server (Outlook) needs to check that the server sending them the message is valid for the domain in the From address. Our Zoneedit forwarding server is *not* going to be listed in the SPF record for your BT-UK sender domain. We have to do something called Sender Rewrite Scheme to work around this.
More information on SRS is posted on our parent company site here: https://easydns.com/features/srs-enabled-email-forwarding/
- Email forwarding wouldn't work or be very unreliable without doing this.
Some domains may also have DMARC set up, which can cause validation checks to fail and raise/lower the spam score threshold set by your email provider, thus having them mark it as SPAM. It's dependent on how strict your email provider's anti-spam policies are. Gmail has been going pretty hard against spam so emails struggle to get through - and that's when they're not blocking our forwarding server IPs which they've recently been doing. It's an ongoing battle to keep the flow consistent with Microsoft and Google.
BTW, the headers of the message that went into spam should indicate what check failed and provide information on why it went into spam. Look for any SPF, DMARC, DKIM failures. If it's none of those, it could be the IP reputation of the relaying server or possibly a link within the email that leads to a website or host with a poor reputation.
Looking at the two most recent BT ones (one pass, one fail) I can't see anything about DMARC. One failed (via mxc01.zoneedit.com) because of DKIM but with the other DKIM passed (via mxc02.zoneedit.com). Both passed SPF:
SPAM:
NO SPAM
(Full headers available privately)
It does seem very strange for one to work but another almost identical email to fail but I've not yet had time to read your link on Sender Rewrite Scheme...
However these examples aren't the ones that bother me most, (and to an extent I've learnt to live with them...). It's the ones that just fail silently with no NDR sent back to the sender (as occurred on Friday and reported by @PhantomTom) or that still occurs with new aliases I added to my domain that forward to the same destination (See New mailmaps don't seem to work).
SPAM:
Code:
Authentication-Results: spf=pass (sender IP is 64.68.198.23)
smtp.mailfrom=srszone.org; dkim=fail (signature did not verify)
header.d=info.bt.com;dmarc=fail action=oreject
header.from=info.bt.com;compauth=fail reason=000
Received-SPF: Pass (protection.outlook.com: domain of srszone.org designates
64.68.198.23 as permitted sender) receiver=protection.outlook.com;
client-ip=64.68.198.23; helo=mxc01.zoneedit.com;
<snip>
DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; c=relaxed/relaxed; t=1644491836;
s=kcim; d=info.bt.com; i=btcomms@info.bt.com;
h=Date:From:To:Message-ID:Subject:MIME-Version;
bh=V1cIaMOlgaxloWsQbxYCEDoXB1U=;
b=bq33JIPJJgF0zZoFalPiW+TTXFDNdu8fH3goRjVAguzEey/hTuBr7XMzvijQM54u
arvzWLAAD/46nq9dcwwCJdGEhr/glA+1yBzpvwiAXChC3IwFj7d8jkrgOJ/L8vQTLiD
JxfR9zATNd328bEhCfepqhFRq37quYAzd/xkhA5E=
Date: Thu, 10 Feb 2022 11:17:16 +0000
From: <btcomms@info.bt.com>NO SPAM
Code:
Authentication-Results: spf=pass (sender IP is 64.68.198.24)
smtp.mailfrom=srszone.org; dkim=pass (signature was verified)
header.d=info.bt.com;dmarc=pass action=none
header.from=info.bt.com;compauth=pass reason=100
Received-SPF: Pass (protection.outlook.com: domain of srszone.org designates
64.68.198.24 as permitted sender) receiver=protection.outlook.com;
client-ip=64.68.198.24; helo=mxc02.zoneedit.com;
<snip>
DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; c=relaxed/relaxed; t=1646914456;
s=kcim; d=info.bt.com; i=btcomms@info.bt.com;
h=Date:From:To:Message-ID:Subject:MIME-Version;
bh=iVe0lKeJ6b7BA5W5Rjreuy5bYgo=;
b=IhqVFDrlQEIt8fob7WCtZ3fUSMrFtESkUmAUNduW8dak9FcomZ9cx+VENxfPnP4U
CEJ52RR/+bP2YhOGhmQmaWmd5FXx5o910INcG0jnYGWHBuyvdhj0aRbliHv+AX8fXIc
WlkU5AhZVMjd72WTvH1L+cmmjR5Fhp2jBkWBD1HY=
Date: Thu, 10 Mar 2022 12:14:16 +0000 (GMT)
From: btcomms@info.bt.com(Full headers available privately)
It does seem very strange for one to work but another almost identical email to fail but I've not yet had time to read your link on Sender Rewrite Scheme...
However these examples aren't the ones that bother me most, (and to an extent I've learnt to live with them...). It's the ones that just fail silently with no NDR sent back to the sender (as occurred on Friday and reported by @PhantomTom) or that still occurs with new aliases I added to my domain that forward to the same destination (See New mailmaps don't seem to work).
I have email mapping for my website radarz.id.au to several email addresses and it has been working properly for over 10 years. Any problems I have had have been on the ISP end and not Zone Edits.
Over the past few days my email fwd's have been extremely slow. I have emails fwd'd to several places, one being GMail and another to TPG. In the past, I have recieved the GMail mails imediatley and the TPG emails have slow, however I am now finding that ALL emails are being delayed for hours sometimes the next day. Previously to the last few days it was operating as expected.
If I send an email directly to GMail or directly to TPG it gors thru straight away. But if I use the mailmaps it has significant delays.
Is Zone Edit experiencing problems with mailmaps or is there something else going on?
Over the past few days my email fwd's have been extremely slow. I have emails fwd'd to several places, one being GMail and another to TPG. In the past, I have recieved the GMail mails imediatley and the TPG emails have slow, however I am now finding that ALL emails are being delayed for hours sometimes the next day. Previously to the last few days it was operating as expected.
If I send an email directly to GMail or directly to TPG it gors thru straight away. But if I use the mailmaps it has significant delays.
Is Zone Edit experiencing problems with mailmaps or is there something else going on?
Looking through the emails sent to my main mailmap address over the weekend some (but not all) emails are being delayed by many hours. Over Sunday and today they are either delivered straight away or delayed by 6-7 hours. The most recent example was sent Mon 21/03/2022 03:39 but not received until 10:46. That is my most recent received email to my main mailmap address.
I opened a MS support ticket about these issues on Sunday citing this thread and my previous one (Microsoft Support [Case #:1036914925] - Emails forwarded by Zoneedit keep being blocked - sometimes silen...) but I have yet to receive any response from them. [Perhaps because their own emails are blocked/delayed - alert email for new posts in this thread certainly have been...]
I opened a MS support ticket about these issues on Sunday citing this thread and my previous one (Microsoft Support [Case #:1036914925] - Emails forwarded by Zoneedit keep being blocked - sometimes silen...) but I have yet to receive any response from them. [Perhaps because their own emails are blocked/delayed - alert email for new posts in this thread certainly have been...]
