Discussion:
outlook.com everywhere
(too old to reply)
Michael Uplawski
2023-06-21 05:28:57 UTC
Permalink
Supersedes for style.

Good morning

Please pardon my ignorance, I do not have access to a Microsoft® system and
thus cannot really verify my assumptions: Let us say for a year or so, I
receive answers to my own enquiries by mail, especially when they come from
organisms « abroad » (outside France), that are injected by a server at
“outlook.com”, although the sender has a complete infrastructure and
mail-servers at her/his/its disposal.

Am I right to assume that outlook.com in this cases is something integrated in
their communication policy, rather by convenience than by necessity, and part
of some bigger software-monster which just does it that way as mail is not the
operator's main concern.

There were “systems” like this in my time, but I am not up to date on what is
custom, today. It is only boring to receive badly written messages of
presumably unknown origin and then have to reconstruct a context that might
explain the references to something that I am really involved with.

Even the BBC (UK radio) does it. I call that a problem.

Cheerio
Marco Moock
2023-06-21 07:51:02 UTC
Permalink
Post by Michael Uplawski
Please pardon my ignorance, I do not have access to a Microsoft®
system and thus cannot really verify my assumptions: Let us say for a
year or so, I receive answers to my own enquiries by mail, especially
when they come from organisms « abroad » (outside France), that are
injected by a server at “outlook.com”, although the sender has a
complete infrastructure and mail-servers at her/his/its disposal.
IIRC the outlook app for smartphones sends mails out via the
outlook.com SMTP servers by default.
Post by Michael Uplawski
Am I right to assume that outlook.com in this cases is something
integrated in their communication policy, rather by convenience than
by necessity, and part of some bigger software-monster which just
does it that way as mail is not the operator's main concern.
Some also use Exchange online, this service might use servers inside of
.outlook.com for outgoing SMTP.
Post by Michael Uplawski
There were “systems” like this in my time, but I am not up to date on
what is custom, today. It is only boring to receive badly written
messages of presumably unknown origin and then have to reconstruct a
context that might explain the references to something that I am
really involved with.
Do the domains have SPF?
Is the MS server listed in the SPF?
Michael Uplawski
2023-06-21 16:02:48 UTC
Permalink
Post by Marco Moock
Do the domains have SPF?
Is the MS server listed in the SPF?
I have not checked, but I can try for two of the companies concerned. Give me a
little time, as I have to find, read about and understand the tools.., again.
;)

Michael
Marco Moock
2023-06-21 20:21:54 UTC
Permalink
Post by Michael Uplawski
I have not checked, but I can try for two of the companies concerned.
Give me a little time, as I have to find, read about and understand
the tools.., again.
Read the RFC for Sender Policy Framework.
You need to know what mx, a, ip4/ip6 include, +-~ etc. means.

The use dig.

dig -t txt domain.of.sender.address
Michael Uplawski
2023-06-22 05:10:08 UTC
Permalink
Post by Marco Moock
dig -t txt domain.of.sender.address
A quick example, before I leave for work – and will be finished for the
remainder of the day.
--------
bbc.co.uk. 900 IN TXT "v=spf1 a ip4:212.58.224.0/19
ip4:132.185.0.0/16 ip4:78.136.53.80/28 ip4:78.136.14.192/27 ip4:78.136.19.8/29
ip4:89.234.10.72/29 ip4:89.234.53.236 ip4:212.111.33.181 ip4:78.137.117.8
ip4:46.37.176.74 ip4:185.184.237.181" " ip4:185.119.233.144/30
ip4:185.119.232.158 +include:sf.sis.bbc.co.uk +include:spf.messagelabs.com
~all"
----------

The ranges apart, I will see what the specific IPs are for.

Thanks already.

Michael
Doc O'Leary ,
2023-06-24 14:51:35 UTC
Permalink
For your reference, records indicate that
Post by Michael Uplawski
Am I right to assume that outlook.com in this cases is something integrated in
their communication policy, rather by convenience than by necessity, and part
of some bigger software-monster which just does it that way as mail is not the
operator's main concern.
Yes, it is common these days for organizations large and small to outsource
essential services like email to cloud providers like Google, Amazon,
Microsoft, and many others. Spammer and other malicious actors also love
this practice, because it allows them to use legitimate customers of those
services as human shields for their abuse. For that reason, I largely block
cloud providers.
Post by Michael Uplawski
There were “systems” like this in my time, but I am not up to date on what is
custom, today. It is only boring to receive badly written messages of
presumably unknown origin and then have to reconstruct a context that might
explain the references to something that I am really involved with.
Without any specific messages/headers, it is not possible to say if the
messages you’re receiving are spam or not, but the certainly sound
unwanted. The best technique I have found to deal with email abuse is:

<https://en.wikipedia.org/wiki/Disposable_email_address>
--
"Also . . . I can kill you with my brain."
River Tam, Trash, Firefly
Michael Uplawski
2023-06-24 19:44:56 UTC
Permalink
Post by Doc O'Leary ,
Yes, it is common these days for organizations large and small to outsource
essential services like email to cloud providers like Google, Amazon,
Microsoft, and many others. Spammer and other malicious actors also love
this practice, because it allows them to use legitimate customers of those
services as human shields for their abuse. For that reason, I largely block
cloud providers.
I am prepared for this and the cases that are at the origin of my post are
already subject to filtering or exempted from filtering.
Post by Doc O'Leary ,
Without any specific messages/headers, it is not possible to say if the
messages you’re receiving are spam or not, but the certainly sound
unwanted.
They are not SPAM and not even unwanted, as most are reactions to my own
enquiries, be it belated. What unnerves me is that I contact an organisation,
then get responses via unpredictable services. If I am late with the
configuration of my filters, the responses land in /dev/null or some bucket
where I rarely take a look at them.

outlook.com is by far the most used “unexpected service” that I encounter.
Post by Doc O'Leary ,
<https://en.wikipedia.org/wiki/Disposable_email_address>
I do not need a disposable address. Bayesian filters here, on the server of my
hosting association and my IP-filters are sufficient for the time. It is also
possible that I just do not attract so much SPAM. This thread is about
something else, anyway.

Cheerio

Michael
Doc O'Leary ,
2023-06-25 15:04:53 UTC
Permalink
For your reference, records indicate that
Post by Michael Uplawski
They are not SPAM and not even unwanted, as most are reactions to my own
enquiries, be it belated. What unnerves me is that I contact an organisation,
then get responses via unpredictable services.
They’re only unpredictable in the sense that you’re seeing email as an
essential service whereas most organizations see it as a commodity. *They*
don’t care if one batch of messages is sent with AWS and another with
SendGrid, so long as saves them a nickel. They may even switch providers
for a campaign they think might be a bit spammy and they don’t want to take
a deliverability hit with their normal provider.
Post by Michael Uplawski
I do not need a disposable address. Bayesian filters here, on the server of my
hosting association and my IP-filters are sufficient for the time. It is also
possible that I just do not attract so much SPAM. This thread is about
something else, anyway.
It’s all related. As soon as abusive email became “acceptable” at any level,
it made everything messy. That made it harder to run a simple email server,
which drove people to the outsourcing you see. And *that* in turn made the
abuse I’m talking about easier.

No amount of filtering on your end will create accountability for an
organization (or their outsourced service providers) for being hacked and
having your personally identifying information stolen, but a DEA can do just
that. But my point is that, if you want a more “predictable” way to identify
the source of the emails you’re getting, there are common ways to do that.
Done right, it means you don’t have to do content filtering at all, because
the provenance of all your messages is established.
--
"Also . . . I can kill you with my brain."
River Tam, Trash, Firefly
Loading...