Cannot receive emails from outlook/microsoft

I cannot receive emails from outlook.com, for one (the main) domain hosted at MIAB, and even if I try to create a Microsoft account using that email, I don’t receive the verification code.

They connect to my MIAB and disconnects immediately.

/var/log/mail.log:

Mar 18 16:40:50 mail postfix/smtpd[2109062]: connect from mail-am6eur05olkn2026.outbound.protection.outlook.com[40.92.91.26]
Mar 18 16:40:50 mail postfix/smtpd[2109062]: disconnect from mail-am6eur05olkn2026.outbound.protection.outlook.com[40.92.91.26] ehlo=1 starttls=1 quit=1 commands=3
Mar 18 16:40:50 mail postfix/smtpd[2104414]: connect from mail-am6eur05olkn2080d.outbound.protection.outlook.com[2a01:111:f400:7e1b::80d]
Mar 18 16:40:50 mail postfix/smtpd[2104414]: disconnect from mail-am6eur05olkn2080d.outbound.protection.outlook.com[2a01:111:f400:7e1b::80d] ehlo=1 starttls=1 quit=1 commands=3

I can send emails to outlook.com and they get delivered in inbox, so it’s not an IP reputation issue.

If I send to another domain hosted in the same MIAB, it works.
What could be the issue or how could I see more logs?

It’s weird because the outlook servers try again after a few minutes, with the same output.

for example:

• me@mydomain.com: doesn’t work
• administrator@box.mydomain.com: doesn’t work
• me@anotherdomain.com: works

Solved!

It was the DANE TLSA records, such as:

The DANE TLSA record for incoming mail (_25._tcp.mail.XXX.com) is not correct. It is ‘3 1 1 b4fXXXXXX…’ but it should be ‘3 1 1 0acXXXXXX…’. It may take several hours for public DNS to update after a change.

It seems that when I upgraded the server from ubuntu 20 to 22 this value changed.

Apparently Microsoft is the only one checking these values, because I could receive mails from Gmail just fine.

I leave the thread in case someone has the same issue.

This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.