Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

Long delays receiving email from Office365 users

Long delays receiving email from Office365 users

2015-03-20 by Brett Charbeneau

We have been seeing 5-21 hour delays from the time an Office365  
user sends us email and our users actually receiving it.
      After several posts to the sendmail user list it appears  
(unsurprisingly) that Microsoft is only loosely adhering to the  
protocol when it comes to greylisting. I found an enormously helpful  
post here

http://forum.mailenable.com/viewtopic.php?t=27715

      and wanted to share this with the list in case anyone else is  
having the same issue with milter-greylist. I took the entry from the  
post above and added a bunch of hostnames for Office365 posted at

https://technet.microsoft.com/en-us/library/hh373144.aspx


      and I think I've arrived at a decent solution. The chunk of code  
I added to my greylist.conf file is below - I hope this helps someone!



racl whitelist from /^mail-.*\.outbound\.protection\.outlook\.com$/ spf pass
racl whitelist from /^mail-.*\.prod\.outlook\.com$/ spf pass
racl whitelist from /^mail-.*\.live\.com$/ spf pass
racl whitelist from /^mail-.*\.officeapps\.live\.com$/ spf pass
racl whitelist from /^mail-.*\.microsoft\.com$/ spf pass
racl whitelist from /^mail-.*\.glbdns\.microsoft\.com$/ spf pass
racl whitelist from /^mail-.*\.microsoftonline.com\.com$/ spf pass
racl whitelist from /^mail-.*\.office365\.com$/ spf pass
racl whitelist from /^mail-.*\.office\.com$/ spf pass
racl whitelist from /^mail-.*\.Portal\.Office\.com$/ spf pass
racl whitelist from /^mail-.*\.onmicrosoft\.com$/ spf pass
racl whitelist from /^mail-.*\.microsoftonline-p\.com$/ spf pass
racl whitelist from /^mail-.*\.microsoftonline-p\.net$/ spf pass
racl whitelist from /^mail-.*\.microsoftonlineimages\.com$/ spf pass
racl whitelist from /^mail-.*\.microsoftonlinesupport\.net$/ spf pass
racl whitelist from /^mail-.*\.msecnd\.net$/ spf pass
racl whitelist from /^mail-.*\.msocdn\.com$/ spf pass
racl whitelist from /^mail-.*\.msn\.com$/ spf pass
racl whitelist from /^mail-.*\.msn.co.jp$/ spf pass
racl whitelist from /^mail-.*\.msn.co.uk$/ spf pass
racl whitelist from /^mail-.*\.office\.net$/ spf pass
racl whitelist from /^mail-.*\.aadrm\.com$/ spf pass
racl whitelist from /^mail-.*\.cloudapp\.net$/ spf pass
racl whitelist from /^mail-.*\.activedirectory\.windowsazure\.com$/ spf pass
racl whitelist from /^mail-.*\.phonefactor\.net$/ spf pass


      I also added these to the "broken mta" section:

         65.54.190.0/26 \ # outlook.com - (added 3/19/2015)
         65.54.190.64/26 \ # outlook.com - (added 3/19/2015)
         65.54.190.128/26 \ # outlook.com - (added 3/19/2015)
         65.54.190.192/26 \ # outlook.com - (added 3/19/2015)
         65.55.116.0/26 \ # outlook.com - (added 3/19/2015)
         65.55.111.64/26 \ # outlook.com - (added 3/19/2015)
         65.55.116.64/26 \ # outlook.com - (added 3/19/2015)
         65.55.111.128/26 \ # outlook.com - (added 3/19/2015)
         65.55.34.0/26 \ # outlook.com - (added 3/19/2015)
         65.55.34.64/26 \ # outlook.com - (added 3/19/2015)
         65.55.34.128/26 \ # outlook.com - (added 3/19/2015)
         65.55.34.192/26 \ # outlook.com - (added 3/19/2015)
         65.55.90.0/26 \ # outlook.com - (added 3/19/2015)
         65.55.90.64/26 \ # outlook.com - (added 3/19/2015)
         65.55.90.128/26 \ # outlook.com - (added 3/19/2015)
         65.55.90.192/26 \ # outlook.com - (added 3/19/2015)
         65.54.51.64/26 \ # outlook.com - (added 3/19/2015)
         65.54.61.64/26 \ # outlook.com - (added 3/19/2015)
         207.46.66.0/28 \ # outlook.com - (added 3/19/2015)
         157.55.0.192/26 \ # outlook.com - (added 3/19/2015)
         157.55.1.128/26 \ # outlook.com - (added 3/19/2015)
         157.55.1.128/26 \ # outlook.com - (added 3/19/2015)
         157.55.2.64/26 \ # outlook.com - (added 3/19/2015)
         65.52.0.0/14 \ # outlook.com - (added 3/19/2015)




-- 
********************************************************************
Brett Charbeneau
Network Administrator
Williamsburg Regional Library
7770 Croaker Road
Williamsburg, VA 23188-7064
(757)259-4044          www.wrl.org
(757)259-4079 (fax)    brett@...
********************************************************************

Re: [milter-greylist] Long delays receiving email from Office365 users

2015-03-20 by Vincent Fox

On 03/20/2015 10:15 AM, Brett Charbeneau brett@... [milter-greylist] 
wrote:
>        We have been seeing 5-21 hour delays from the time an Office365
> user sends us email and our users actually receiving it.
>        After several posts to the sendmail user list it appears
> (unsurprisingly) that Microsoft is only loosely adhering to the
> protocol when it comes to greylisting.
This is always frustrating to me when I talk to people about
Microsoft and to some degree Google.    They see the flashiest
fanciest car, but don't perceive that it doesn't have seatbelts
or other "boring" items.

I checked my mail logs for Greylisting related to a lot of the IP
you reference, and find I am already exempting them due to SPF.
Now SPF is admittedly a really lousy measure, but at least it's
*easy* to enable and cut out a lot of false-positive complaints.

My 2 cents.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.