Microsoft Outlook Email protection rejected forwarding from CloudFlare network

The original email passed SPF and DMARC, with a neutral on DKIM. It failed to forward to my Outlook mailbox, for the following reasons:
upstream ( error: failed to initalize: Unknown error: permanent error (550): 5.7.1 Unfortunately, messages from [] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150). You can also refer your provider to [ 2023-10-17T01:52:05.593Z 08DBCE96B907C9A3]

The IP is registered under Cloudflare AS. I believe this is a discrepancy between Outlook and Cloudflare.

Welcome to the Cloudflare Community. :logodrop:

It’s not a discrepancy. It’s a policy choice by Microsoft to not accept emails from those source IPs, and only they can change it. If you are using a free or consumer Microsoft email product, it is unlikely that you will be able to change it.

If you use a paid Microsoft business email account you (or your email administrator if that is not you) can allow Cloudflare email IPs to bypass the Microsoft blocklist. Of course if you have a paid Microsoft business email plan, you would be better off adding your domain directly to your Exchange Online and routing your email directly there via MX records.

1 Like

The mentioned ip has an rDNS record to, and is registered in the Cloudflare AS. Microsoft blocked the email routing server of Cloudflare as the source of the email, not the sender. If that’s the case, every consumer using email routing server to forward emails to their Outlook mailbox routed to this load balance IP should be affected. For a forwarding service to have good deliverability stats, Cloudflare shall resolve this problem as the owner of the subnet with Microsoft. (In my own case, a huge network owner like Cloudflare or Linode where my own mail server is hosted should get this resolved pretty fast)

I am far less optimistic than you. I discounted forwarding as a viable email practice for general use nearly a decade ago, long before Cloudflare introduced email routing. That is not to say that the method is without any purpose. It can still be effective in scenarios where the receiving server is directly under the control of the forwarding party or where the relay IP is not used to evaluate acceptance for delivery. For general mailbox use with a consumer grade service, especially a free service, it was no longer a reliable option for me by the mid twenty teens.

If your email is important, I encourage the adoption of a more consistently reliable method. Otherwise, just hang in there, and maybe it will get delisted.

1 Like