Email from secondary domains being routed to junk in Outlook / Office 365 / Hotmail

Hello,
Email from my mailinabox server seems to be getting routed directly to spam for Office 365 / Hotmail / Outlook.com folks. Here is a pastebin of the source from an impacted message: http://pastebin.com/fnZZ845g
Everything seems to “pass” correctly, however it gets stamped with an SCL of 5 for no reason that jumps out to me.
A few relevant notes:
-I have completed the “Sender Information for Outlook.com Delivery” form multiple times ( http://bit.ly/2j2PZDv ).
-I do not do any form of bulk email transmission from this server / IP.
-I subscribe to both Microsoft JMRP and SNDS
-This has been happening since I migrated my box to a new IP in October
Really stumped. Microsoft is responsive getting you off their actual blacklist, but has been nonresponsive / useless in helping me track down why these messages are receiving a high SCL. I host email for a few small businesses / contractors, so this issue is crippling to them. I will move them to google apps / office 365 if I have to to see this fix, but would prefer to fix in place if at all possible.
-Alex

Any input on this greately appreciated! I am more than happy to provide any information required to troubleshoot this.

Ok, I think I am officially at my wit’s end with this! I have gone as far as spinning up a fresh mailinabox instance, on a different domain, on a fresh IP with good reputation, and am receiving the EXACT SAME issue when attempting to send to Office 365 / Hotmail / Outlook.com folks!
http://pastebin.com/2G9nm6FS

This is baffling to me - I have an incredibly generic configuration of MIAB; I am stunned that this issue is impacting a brand new box in an identical manor, yet I am not seeing other reports of this.
Here is my attempt to reach out to Microsoft on the forums: https://social.technet.microsoft.com/Forums/security/en-US/c37957a1-3e45-4eff-a05b-41b74f846eff/receiving-an-scl-of-5-emailing-office-365-outlookcom-hotmail-subscribers?forum=onlineservicesexchange

I should add - this is impacting ALL domains hosted in MIAB on both my servers (not just secondary ones as my initial topic stated)

This has nothing to do with MiaB and everything to do with Microsoft, as they are the ones who administrate their spam filter.

I set up MiaB on a residential ISP that is on one minor blacklist, and I’m straight into Gmail’s inbox and declare only the first few messages not spam and Yahoo! puts me straight into their inbox.

I don’t have a single Microsoft managed email address, and when I went there to set one up for testing, they made it so incredibly difficult to just set up a free email address I passed on the whole affair - don’t care.

However, you may have some reason to care so I recommend comparing Microsoft spam filters against other spam filters before blaming MiaB.

Hi openletter,
Thanks for taking the time to reply! My experience with Yahoo and Gmail has been consistent with yours - gmail let my messages right in, Yahoo spammed the first couple but then seemed to be happy.
Unfortunately, Microsoft spamming my email is a huge deal for me, since a lot of (30% or so) people I am trying to reach on a day to day basis are hosting on Office 365. This makes this issue crippling. I am able to stand up an exchange server and get email through to Forefront protected mailboxes without issue, so this issue does seem to be isolated to MIAB or the environment MIAB is creating. MIAB is effortless to configure and maintain, so ideally I would see this mended in place rather than replacing with another product.
If anyone has suggestions for getting rid of this SCL when emailing MS, I would greatly appreciate!
I have tried:
Subscribing to SNDS and JMRP; neither have provided useful information.
I have forwarded dozens of false-positives to Forefront-legit@submit.cloudmark.com
I have forwarded several messages to delist@messaging.microsoft.com
I have forwarded several impacted messages to false_positive@messaging.microsoft.com
I have created 6 or 8 tickets here: https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0&wfname=capsub&productkey=edfsmsbl3&locale=en-us&wa=wsignin1.0&ccsid=636211413269431605 (seems to be helpful if you are BLACKLISTED (which I am not blacklisted as of the conditional mitigation 10/31/2016))
I have completed the form here: https://sender.office.com/ - again only useful in the event of blacklisting

What service did you previously use for email on these domains? I don’t see anything that indicates switching to a service besides MiaB will resolve this issue.

Note that complaints from domain owners are probably a lower concern than complaints from paying Office 365 customers. Microsoft, as with most firms, will need financial motivation to do anything, and if their mail service is so brutal that receiving desired mail to the inbox is difficult, they will begin losing customers, and, hopefully, they care about that.

I sometimes learn things from https://www.mail-tester.com/, which will evaluate incoming mail, though it is set up more for bulk mail analysis, but you can just ignore the bulk-related warnings.

I’m trying to learn something here, so if I’m making no sense, someone please correct me.

In the header @amarsaudon showed it says

X-Forefront-Antispam-Report: EFV:NLI;SFV:SPM;SFS:(28900001);DIR:INB;SFP:;SCL:5;…

That means that this message is regarded as spam (SCL:5) but it also says SFV:SPM. That means the message was marked as spam by the content filter.

Which leads me to believe this has more to do with the actual content of the mail (e.g. a link in it that is always there) than with the fact that a MIAB server sent it.

Paul

1 Like

I’m experiencing the same thing as @amarsaudon, even when the email contains only plain ASCII text without any links.