Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
andersonserra
New Contributor

IP reputation Microsoft

Hi people, We are evaluating the acquisition of the Fortimail tool for our Datacenter, and we are having trouble protecting IP Pool addresses from falling into Microsoft's reputation list. We have all security requirements enabled, for example: SFP, DKIM, rDNS, DNS. What do you do to avoid falling into this list?

 

Regards.

 

Anderson Serra

4 REPLIES 4
abelio
Valued Contributor

Hello Anderson.

If you are not the source of that reputation and only inherited those IPs o block from your ISP/Carrier, nothing else to do with your Fortimail.

Ask them for a new, clean IP block for your service.

Cleaning IP blocks are ISP/Carriers duties.  (unless the block had allocated to you)

 

 

 

 

 

 

regards




/ Abel

regards / Abel
andersonserra

thanks for the reply, we have our own addresses as we are autonomous system. I tried to follow the policies informed in the https://sendersupport.olc...k.com/pm/policies.aspx url, but I still can't understand why they are blocking our MTA addresses. We have an ippool with 5 outgoing IP addresses. What do you do to avoid being blocked by microsoft?   Anderson Serra
abelio

andersonserra wrote:
What do you do to avoid being blocked by microsoft?

Nothing special actually, spf records for all domains and dmarc for ones that required.

 

Error or block message from MS gives any clue?

 

 

regards




/ Abel

regards / Abel
andersonserra

We have no problems with the other domains, only with Microsoft. All security techniques were applied as an example: SPF, DMARC, DKIM. None of the headers used for Microsoft antispam are affected in my opinion.

 

Authentication-Results: spf=pass (sender IP is my_ip_address) smtp.mailfrom=mydomain.com; outlook.com.br; dkim=pass (signature was verified) header.d=mydomain.com;outlook.com.br; dmarc=pass action=none header.from=mydomain.com;compauth=pass reason=100 Received-SPF: Pass (protection.outlook.com: domain of mydomain.com designates my_ip_address as permitted sender) receiver=protection.outlook.com; client-ip=my_ip_address; helo=myreverseip.mydomain.com; Received: from myreverseip.mydomain.com (my_ip_address) by MW2NAM10FT015.mail.protection.outlook.com (10.13.154.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.22 via Frontend Transport; Mon, 13 Jul 2020 21:59:18 +0000

X-Forefront-Antispam-Report: CIP:my_ip_address;CTRY:BR;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:myreverseip.mydomain.com;PTR:myreverseip.mydomain.com;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:; X-MS-PublicTrafficType: Email X-MS-Exchange-Organization-AuthSource: MW2NAM10FT015.eop-nam10.prod.protection.outlook.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-UserLastLogonTime: 7/13/2020 4:47:55 PM X-MS-Office365-Filtering-Correlation-Id: 1601704d-942a-4d1a-badc-08d82777fdc0 X-MS-TrafficTypeDiagnostic: MW2NAM10HT144: X-MS-Exchange-EOPDirect: true X-Sender-IP: my_ip_address X-SID-PRA: TEST@MYDOMAIN.COM X-SID-Result: PASS X-MS-Exchange-Organization-PCL: 2 X-MS-Exchange-Organization-SCL: 0 X-Microsoft-Antispam: BCL:0; X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Jul 2020 21:59:18.0755

 

Some messages have a header BCL:4 (bulk messages), but it is a median value.

 

Regards.

Labels
Top Kudoed Authors