1. Forum
  2. Usenet
  3. COMP.MAIL.MISC

  • outlook.com everywhere

    From Michael Uplawski@21:1/5 to All on Wed Jun 21 07:28:57 2023
    Supersedes for style.

    Good morning

    Please pardon my ignorance, I do not have access to a Microsoft® system and thus cannot really verify my assumptions: Let us say for a year or so, I receive answers to my own enquiries by mail, especially when they come from organisms « abroad » (outside France), that are injected by a server at “outlook.com”, although the sender has a complete infrastructure and mail-servers at her/his/its disposal.

    Am I right to assume that outlook.com in this cases is something integrated in their communication policy, rather by convenience than by necessity, and part of some bigger software-monster which just does it that way as mail is not the operator's main concern.

    There were “systems” like this in my time, but I am not up to date on what is
    custom, today. It is only boring to receive badly written messages of presumably unknown origin and then have to reconstruct a context that might explain the references to something that I am really involved with.

    Even the BBC (UK radio) does it. I call that a problem.

    Cheerio

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Wed Jun 21 09:51:02 2023
    Am 21.06.2023 um 07:28:57 Uhr schrieb Michael Uplawski:

    Please pardon my ignorance, I do not have access to a Microsoft®
    system and thus cannot really verify my assumptions: Let us say for a
    year or so, I receive answers to my own enquiries by mail, especially
    when they come from organisms « abroad » (outside France), that are injected by a server at “outlook.com”, although the sender has a
    complete infrastructure and mail-servers at her/his/its disposal.

    IIRC the outlook app for smartphones sends mails out via the
    outlook.com SMTP servers by default.

    Am I right to assume that outlook.com in this cases is something
    integrated in their communication policy, rather by convenience than
    by necessity, and part of some bigger software-monster which just
    does it that way as mail is not the operator's main concern.

    Some also use Exchange online, this service might use servers inside of .outlook.com for outgoing SMTP.

    There were “systems” like this in my time, but I am not up to date on what is custom, today. It is only boring to receive badly written
    messages of presumably unknown origin and then have to reconstruct a
    context that might explain the references to something that I am
    really involved with.

    Do the domains have SPF?
    Is the MS server listed in the SPF?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Uplawski@21:1/5 to Marco Moock on Wed Jun 21 18:02:48 2023
    Marco Moock wrote in comp.mail.misc:

    Do the domains have SPF?
    Is the MS server listed in the SPF?

    I have not checked, but I can try for two of the companies concerned. Give me a little time, as I have to find, read about and understand the tools.., again. ;)

    Michael

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Moock@21:1/5 to All on Wed Jun 21 22:21:54 2023
    Am 21.06.2023 um 18:02:48 Uhr schrieb Michael Uplawski:

    I have not checked, but I can try for two of the companies concerned.
    Give me a little time, as I have to find, read about and understand
    the tools.., again.

    Read the RFC for Sender Policy Framework.
    You need to know what mx, a, ip4/ip6 include, +-~ etc. means.

    The use dig.

    dig -t txt domain.of.sender.address

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Uplawski@21:1/5 to Marco Moock on Thu Jun 22 07:10:08 2023
    Marco Moock wrote in comp.mail.misc:

    dig -t txt domain.of.sender.address

    A quick example, before I leave for work – and will be finished for the remainder of the day.
    --------
    bbc.co.uk. 900 IN TXT "v=spf1 a ip4:212.58.224.0/19 ip4:132.185.0.0/16 ip4:78.136.53.80/28 ip4:78.136.14.192/27 ip4:78.136.19.8/29 ip4:89.234.10.72/29 ip4:89.234.53.236 ip4:212.111.33.181 ip4:78.137.117.8 ip4:46.37.176.74 ip4:185.184.237.181" " ip4:185.119.233.144/30 ip4:185.119.232.158 +include:sf.sis.bbc.co.uk +include:spf.messagelabs.com ~all"
    ----------

    The ranges apart, I will see what the specific IPs are for.

    Thanks already.

    Michael

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Doc O'Leary ,@21:1/5 to Michael Uplawski on Sat Jun 24 14:51:35 2023
    For your reference, records indicate that
    Michael Uplawski <michael.uplawski@uplawski.eu> wrote:

    Am I right to assume that outlook.com in this cases is something integrated in
    their communication policy, rather by convenience than by necessity, and part of some bigger software-monster which just does it that way as mail is not the
    operator's main concern.

    Yes, it is common these days for organizations large and small to outsource essential services like email to cloud providers like Google, Amazon, Microsoft, and many others. Spammer and other malicious actors also love
    this practice, because it allows them to use legitimate customers of those services as human shields for their abuse. For that reason, I largely block cloud providers.

    There were “systems” like this in my time, but I am not up to date on what is
    custom, today. It is only boring to receive badly written messages of presumably unknown origin and then have to reconstruct a context that might explain the references to something that I am really involved with.

    Without any specific messages/headers, it is not possible to say if the messages you’re receiving are spam or not, but the certainly sound
    unwanted. The best technique I have found to deal with email abuse is:

    <https://en.wikipedia.org/wiki/Disposable_email_address>

    --
    "Also . . . I can kill you with my brain."
    River Tam, Trash, Firefly

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Michael Uplawski@21:1/5 to Doc O'Leary on Sat Jun 24 21:44:56 2023
    Doc O'Leary wrote in comp.mail.misc:

    Yes, it is common these days for organizations large and small to outsource essential services like email to cloud providers like Google, Amazon, Microsoft, and many others. Spammer and other malicious actors also love this practice, because it allows them to use legitimate customers of those services as human shields for their abuse. For that reason, I largely block cloud providers.

    I am prepared for this and the cases that are at the origin of my post are already subject to filtering or exempted from filtering.

    Without any specific messages/headers, it is not possible to say if the messages you’re receiving are spam or not, but the certainly sound unwanted.

    They are not SPAM and not even unwanted, as most are reactions to my own enquiries, be it belated. What unnerves me is that I contact an organisation, then get responses via unpredictable services. If I am late with the configuration of my filters, the responses land in /dev/null or some bucket where I rarely take a look at them.

    outlook.com is by far the most used “unexpected service” that I encounter.

    The best technique I have found to deal with email abuse is: <https://en.wikipedia.org/wiki/Disposable_email_address>

    I do not need a disposable address. Bayesian filters here, on the server of my hosting association and my IP-filters are sufficient for the time. It is also possible that I just do not attract so much SPAM. This thread is about something else, anyway.

    Cheerio

    Michael

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Doc O'Leary ,@21:1/5 to Michael Uplawski on Sun Jun 25 15:04:53 2023
    For your reference, records indicate that
    Michael Uplawski <michael.uplawski@uplawski.eu> wrote:

    They are not SPAM and not even unwanted, as most are reactions to my own enquiries, be it belated. What unnerves me is that I contact an organisation, then get responses via unpredictable services.

    They’re only unpredictable in the sense that you’re seeing email as an essential service whereas most organizations see it as a commodity. *They* don’t care if one batch of messages is sent with AWS and another with SendGrid, so long as saves them a nickel. They may even switch providers
    for a campaign they think might be a bit spammy and they don’t want to take
    a deliverability hit with their normal provider.

    I do not need a disposable address. Bayesian filters here, on the server of my
    hosting association and my IP-filters are sufficient for the time. It is also possible that I just do not attract so much SPAM. This thread is about something else, anyway.

    It’s all related. As soon as abusive email became “acceptable” at any level,
    it made everything messy. That made it harder to run a simple email server, which drove people to the outsourcing you see. And *that* in turn made the abuse I’m talking about easier.

    No amount of filtering on your end will create accountability for an organization (or their outsourced service providers) for being hacked and having your personally identifying information stolen, but a DEA can do just that. But my point is that, if you want a more “predictable” way to identify
    the source of the emails you’re getting, there are common ways to do that. Done right, it means you don’t have to do content filtering at all, because the provenance of all your messages is established.

    --
    "Also . . . I can kill you with my brain."
    River Tam, Trash, Firefly

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)