back to article Microsoft blacklisted TSO Host's email IPs from Hotmail, Outlook inboxes and no one seems to care

Microsoft has blacklisted Brit hosting outfit TSO Host's bulk email domain, meaning anyone trying to send large quantities of mail over its infrastructure cannot deliver it to an Outlook or Hotmail address. Irate resellers got in touch with The Reg to complain that their own customers were moaning that emails sent to any …

  1. Andy Neillans
    FAIL

    Oops

    Just goes to show that whomever is an admin at TSOHost isnt following the correct FBL (Feedback Loop) process for email handling :/ Otherwise they'd have known quickly that this was happening, as well as the customer concerned!

    1. RyokuMas Silver badge
      Stop

      Re: Oops

      Oh, they've known about it for ages. I know, because I'm directly affected by this.

      I've raised a couple of tickets, which have both been replied to along the lines of what is in the article body - they've raised it with Microsoft and are waiting for them to do something about it.

      Given that - in my experience at least - their track record for support with things that they can control directly has been pretty good, I can only guess that this is Microsoft dragging their heels. Which is insanely aggravating.

      1. Anonymous Coward
        Anonymous Coward

        Re: Oops

        I had the displeasure of adding a domain to an Office365 account recently, and it appears that Microsoft has managed to make their online service match their OS: it. is. slow. beyond. belief.

        Adding a domain is a painful exercise - the system may recognise that you've added their magic key to prove ownership quick enough, but it takes friggin' hours (at least when I was doing it) to recognise mailboxes and aliases. Any FOSS IMAP or vanilla Exchange setup does this pretty much from the moment you submit the alias, but not the piece of crap that is Office365 Premium Shiny Platinum Gold Plated and Encrusted with Diamonds (sorry, channeled one of the marketing people - excuse my while I wash my hands).

        I don't trust MS to write a decent OS, let alone offer a service that either will fail at the most opportune moment (which, I must admit IS a speciality of them) or that will be discarded for a new shiny toy for management the moment you finally have it moderately stable (read: after a few years, because they're hopeless as releasing usable v1s).

        Anyway, I had not used my rant quota for this week. I feel better now -> beer for the rest.

        1. TonyJ Silver badge

          Re: Oops

          "..Adding a domain is a painful exercise - the system may recognise that you've added their magic key to prove ownership quick enough, but it takes friggin' hours (at least when I was doing it) to recognise mailboxes and aliases...."

          I've had it take about 15-20 minutes to add an alias before - well when I say add, I mean begin accepting email to that alias but not hours, to date.

          I should caveat that it's been a while since I added one, so things could be worse.

          1. Anonymous Coward
            Anonymous Coward

            Re: Oops

            I've had it take about 15-20 minutes to add an alias before - well when I say add, I mean begin accepting email to that alias but not hours, to date.

            Adding a domain takes hours, even though I can see the propagation having taken place from various places in the world so it must be something internal, and adding an alias to a domain in production really should not take even minutes. There is something seriously wrong with their setup if it takes that long - oh no, wait, it's Microsoft. They don't care about your wasted time, the ribbon was the best evidence of that.

            I should caveat that it's been a while since I added one, so things could be worse.

            It is. Glad I don't normally have to use it. Even better, I'm about to remove a VERY big customer from it because I pointed out a few things to their board which they really, really didn't like (evil grin).

    2. o p

      Re: Oops

      Right. This is a strong hint that Microsoft is Fed up with un-listing them.

      Basically this proves they do not control the emails sent from their ip adresses. So they spam the world with mailing lists with a huge number of invalid adresses, and they are the victim ??

      Come on.

  2. Anonymous Coward
    Anonymous Coward

    A thought

    Maybe this is Microsoft trying to get into the blacklist revenue stream as made popular by the backscatter blocking crowd

    Anon - because some of the blacklist providers have a 'technically legal' ruthless streak with people who say unpleasant things about them (allegedly)

    1. ffoulkes

      Re: A thought

      Let's be fair, only about 90% of the blacklist providers are moneygrubbing scamming crims.

    2. LDS Silver badge

      Re: A thought

      I hate spammers far more than backlist providers, and usually only the former have issues with backlist providers.

      Try to find a real job to make money, harassing people with spam is not one. And only bad products need spam to be sold.

  3. K Silver badge

    There will be some under-lying motive here, they probably for to pay for their email "Sender Certification" i.e. pay us X amount, and we'll white list you.

    If you don't think its a thing, then your delusion is about to shattered (hint, Hotmail/Outlook is one of their biggest partners): https://returnpath.com/solutions/email-deliverability-optimization/ip-certification/

  4. Warm Braw Silver badge

    The IP address quoted is not listed as being blacklisted anywhere at present by mtoolbox and the last report at SORBS is from 18th July, so presumably it's presently just Microsoft. Don't know how responsive they are to requests to being delisted - SORBS will delay your de-listing depending on how much spam they've detected, for example.

    I've had this with my ISP on several occasions - it only takes a few minutes for a determined spammer to get an ISPs mail servers blocked for the rest of its customers and it can take days for the blacklists to be lifted.

  5. TramVanCollision

    I too chose the wrong time to move my domain hosting to TSO and have suffered various email related problems ever since.

    It doesn't surprise me that their servers are blacklisted; there's a serious flaw with their mailbox password policy (I believe that only the first 8 digits are hashed), which means that very often spammers can carry on pouring their junk through unsuspecting subscribers mailboxes, even after they've changed the password!

    I reported this to TSO on 18th June and they responded by saying word to the effect of: oh yeah, we'll get around to fixing that someday.

    I also reported it to the Reg news desk and in comment on this story: https://forums.theregister.co.uk/forum/all/2019/06/18/tsohost_weeklong_outage/

    I've had no further response from anyone, so it seems to me that nobody gives a damn about any of this.

    1. A.P. Veening Silver badge

      I'd say it is time to vote with your wallet, that is about the only argument they listen to (and by that time it is too late for them).

  6. don't you hate it when you lose your account Bronze badge

    Had the same

    With a couple of email servers I've set up on linode. Seems to look like Microsoft will block a hosting service across their whole block of IP address if they detect spam on one of them. A quick ticket to linode and they sorted with Microsoft. Bad service from these guys coupled with a heavy hand from MS.

  7. DougMac

    Large mail providers run their own blacklists

    None of the large mail providers depend on SORBS or the other public RBLs now-a-days, they have their own internal RBL system that they use (seeing the viability and usability of the RBLs out there, I don't blame them).

    Thus you have to deal with each on their own terms. And deal with each large mail provider on their own. Most like Comcast or Yahoo keep you on the block list for some short period, see if you are still sending SPAM and if you are, will renew the blocks. If they see the rate down, you get auto-delisted.

    So if the rate of SPAM in Microsoft SNDS stays up in the red zone, you are unlikely to get cleared.

    Running an ISP mail provider, I find most blocklists are fair, although Microsoft's is the longest to wait and deal with. The appeal process is also backwards (ie. you have to reply to the ticket that says in no uncertain terms do not reply to this ticket). But usually if the auto-delist system hasn't cleared after your SNDS rate has fallen, appealing to the ticket usually gets good results through them. I see a few appeals on mailop, but most of them haven't gone through the proper normal steps that Microsoft has laid down.

    They don't seem capricious or arbitrary to me. They really do make sure you are on the ball with your own rate limiters and compromised account detectors.

    1. stiine Silver badge

      Re: Large mail providers run their own blacklists

      And just how do they expect you to reply to an email from the blocked domain?

      1. ds6 Bronze badge

        Re: Large mail providers run their own blacklists

        "Due to a lack of communication this ticket has been closed." - helpdesk BOFH

      2. LDS Silver badge

        Re: Large mail providers run their own blacklists

        Use one from reputable provider....

  8. Chris Hills

    What I do not understand is...

    Why do Microsoft's customers not get a choice of what to block? Surey they could let the messages be delivered into their junk folder instead of blocking them outright. This is a denial of service attack on their customers.

    1. katrinab Silver badge

      Re: What I do not understand is...

      Because something in the order of 90-99% of all emails sent get blocked, and if they didn't reject it at the gateway, they would be over-run with spam.

    2. Tom Samplonius

      Re: What I do not understand is...

      "Why do Microsoft's customers not get a choice of what to block? Surey they could let the messages be delivered into their junk folder instead of blocking them outright. This is a denial of service attack on their customers."

      You may be surprised to know that, by volume, across the Internet, that 80% of email is spam. So mail providers are already just deleting or blocking 50% to 80% of all email they receive, and most users aren't aware. And a lot of spam is just deleted.

  9. Anonymous Coward
    Anonymous Coward

    TSO - TITSUP Spamming Organisation.

    1. jason 7 Silver badge

      I just mentioned this...

      ...to my other half that does web development.

      She just laughed. She said that it didn't surprise her and that TSO were always going to get burnt by having a bulk email facility openly available.

      Long time coming apparently. Plus she says they are really crap as hosts.

      They all start out good and then just get packed and don't bother to upgrade.

  10. MadonnaC

    Not noticed any difference

    Still see the same amounts of spam to my hotmail account.

    Fortunately, All items that use the hotmail account are spam by definition. I use it for those that require a valid email address, and example@example.com or abuse@theirdomain.whatever doesn't work for them.

    There are no legitimate reasons for email to be sent to the account, and a human reading the name would realize this.

    1. gnarlymarley Bronze badge

      Re: Not noticed any difference

      Still see the same amounts of spam to my hotmail account.

      Fortunately, All items that use the hotmail account are spam by definition. I use it for those that require a valid email address, and example@example.com or abuse@theirdomain.whatever doesn't work for them.

      People still use hotmail? I had just about abandoned my hotmail account almost as soon as microsoft bought it. For more than two decades, I found it easier to just use my hotmail account as a spamtrap. What they have that others do not is the exclusive spam rules that require the email to be on the accept list or else it is considered spam.

  11. LeahroyNake Silver badge

    Add that to the list

    Mass mail spam is a pain in the arse. The TSO IP range is in my list along with the others.

    Using 'legitimate interest' is just an excuse to mail crap to anyone they want to.

    Well tough titties and get off my lawn!

  12. Ian Emery Silver badge

    Back in the G,O.D. (Late 90's ??)

    I see to remember MicroGit Hotmail would block the entire UK for days on end.

    It is why I stopped using any MicroGit mail services.

    1. Anonymous Coward
      Anonymous Coward

      Re: Back in the G,O.D. (Late 90's ??)

      MicroGit. Chortle... go on say it one more time, it might still be funny!

      1. IGotOut

        Re: Back in the G,O.D. (Late 90's ??)

        Makes a change from Micro$haft though.

  13. Kevin McMurtrie Silver badge

    But, but, I'm too important to care!

    I've noticed a large increase in networks thinking that they're too important to be blacklisted so they don't handle abuse complaints. Spammers know exactly which networks these are and jump on them in an instant. I currently have all of these blacklisted for not even having a working abuse contact - Orange, Jumpline, Vodafone, Vox Telecom, Swift Networks, DigitalOcean, Raccom, I-Gate, Vega Telecom, some of Level3/CenturyLink, GTT, Internap, Hetzner, Telefonica, Localweb, Servinga, most of Brazil, and a dozen others. There are probably many more that I've never seen due to quick Spamhaus filtering.

    People complaining about blacklists don't know the scale of spamming. Without them your inbox could receive up to 100 spams per SECOND from botnets. If you're Google with millions of servers and advanced AI, you can perform content filtering at spam scales. For everyone else, the blacklists are needed to manage resource consumption. This is also why Google hosts so many spammers - it's a huge drain on competing mail providers.

    1. LeahroyNake Silver badge

      Re: But, but, I'm too important to care!

      Totally agree. The scale is unbelievable to the point that even my basic mail scanning appliance blocks over 80% of incoming connections based on live IP reputation. Then blocks a few percent more after scanning the mail, all before if gets close to the actual mail server.

      How anyone can get any work done is quite astounding. Just imagine how quick your mailbox would fill up without these protections in place, never mind the load on your systems.

  14. Anonymous Coward
    Anonymous Coward

    SORBS always was and always will be a blight on the internet. It should be totally ignored.

    The fact that Microsoft even use it in the first place is a damning indictment about their own ability to manage spam or their email system generally.

    1. Pascal Monett Silver badge
      Thumb Up

      Amen to that.

  15. Nematode

    BTinternet is another ISP who use blocklists which seem to pick up every tiny indiscretion (and often block gmail addresses =:-o)

    But I saw a friend's TSOhost mail get bounced the other week. AFAICR, the relevant TSOHost IP block blacklisted was only blacklisted by one organisation, so either M$ use that same blacklist or keep their own. That TSOhost account was I think one of their Cloud accounts. My own email & site is a legacy Cpanel site originally on Evohosting (who were bought up by TSO) and I have not had any problems (touch wood).

    Real issue I think is a quick and effective means of saying Oy! this email is genuine. </holdingbreath>

    1. Mike Pellatt

      Real issue I think is a quick and effective means of saying Oy! this email is genuine which the spammers won't find a way around in milliseconds.

      Good luck with that.

  16. Norbie

    Time to move on

    If you haven’t moved on already, I strongly encourage you to look at Stablepoint. Setup by the original TSO founders, it’s proper hosting as it should be (as TSO was back in the day!). They know the TSO systems inside out so can help you easily migrate customers over. They’ve got a community Slack channel too if you want to ask any questions.

    1. Eunos

      Re: Time to move on

      I love how TSO host have a Google Ad entitled "Thinking of Stablepoint? | Try TSOHost Instead | tsohost.com‎"

  17. Anonymous Coward
    Anonymous Coward

    Only incoming?

    When will they start blocking all the spam from Hotmail and outlook?

  18. DocJD

    Spam

    Can anyone give an example of Bulk e-mail that isn't spam? I don't use Microsoft for e-mail but, if I did, I'd thank them for this.

    1. Richard 12 Silver badge
      Megaphone

      Re: Spam

      There's actually quite a lot of things that are bulk but not spam. Couple of examples:

      Announcements that tickets for X are now on sale, where X is a specific event and you have explicitly told the organisers of X that you want to be told when it's going on sale.

      Notification that an annual renewal of a service you buy is due.

      Notification of cancellation or rescheduling of something you are visiting or travelling on (train, plane, concert etc)

      Sadly, that is currently completely indistinguishable from spam, as it relies on information that upstream filters don't have - namely that you're expecting or desire to receive one or more emails from a specific organisation about specific topics, but don't know when or if they will be sent.

      A possible "solution" would be the ability for you to send an email from your account explicitly asking for the update, that the filters could recognise as being a request for a specific set of future email notifications.

      As that doesn't exist, and marketers still send mass email that nobody wants, almost all mass email is blocked, as its it almost certain that the mailbox owner does not want the email.

      1. LDS Silver badge

        Re: Spam

        Just usually such mails aren't blocked by spam filters and block lists because they don't exhibit typical spam behaviours.

        It is not true they are "completely indistinguishable from spam".

  19. Scristopher

    Microsoft typically uses a sender reputation list rather than traditional rbls like sorbs, they are also very difficult to deal with on occasion. The email admins need to sign up for their JMRP and monitor their activitie and take action as needed. I've had to deal with this several times and have had never had an issue that lasted longer than a few days and we have a /18 of email servers.

  20. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921 Bronze badge

    Furthermore, many emails sent via small web hosts often end up in the spam folder for no good reason... Microsoft, Gmail and others should recognise that many small businesses use the smaller web hosting providers - not just email spammers

  21. Anonymous Coward
    Anonymous Coward

    Not cleared....

    Their SORBS listing isn't cleared at all. The /24 in question still has active listings that haven't been dealt with. SORBS won't immediately list a /24, to get a /24 listed you have to be ignoring issues that are coming up on your IPs.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not cleared....

      I also see on their status page that they have 3 open reports with issues with Mircosoft and blocked IP's, with the oldest one being 5th June 2019.

      It would appear they got no outgoing mail filters in place for spam at all.

      1. Eunos

        Re: Not cleared....

        That figures as I am getting loads of spam via their servers.

  22. oiseau Silver badge
    Big Brother

    Not only M$

    I have used the OLX sales site every so often, registering with a well known email provider and a paid (non-free) account.

    Everything went reasonably well till one day, out of the blue and without any warning, my two or three adds were terminated with a notice that they had expired and had to renew them.

    I was not able to log into my account and wrote their support people to ask what was going on and they told me there had been some issue and had to re-register. I was not able to and after jumping through a few loops was finally informed that my email provider had been blacklisted and that I should try using Hotmail or a Google account.

    Yes ...

    Incredibly enough, that's exactly what they said.

    Explaining to them that the email domain that they were blocking was accepted (among others) by three banks, two credit card companies, a worldwide payments service, two professional associations, the local IRS, two federal government agencies as well as two other virtual sales sites did not matter and it was made quite clear that it would not be taken into consideration.

    Eventually, the day will come when you will only be able to work, buy, sell or do anything on the web if not registered with or belonging to the organisation/party that rolls the dice.

    Orwell was undoubtedly a visionary but we are are blind.

    O.

  23. slimer23

    36 days and this is STILL ongoing. https://help.tsohost.com/status/report/9530 has zero updates since it was posted.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019