MS Exchange Online and SPAMCOP - Please Help

Hello,
Currently, our email is hosted with Microsoft Exchange Online. The IP address we believe we have from Microsoft is 40.107.220.130. Historically, we haven’t encountered issues with inbox deliverability; however, we’ve recently found ourselves listed in SPAMCOP. I’ve reached out to both Microsoft and SPAMCOP for assistance, but unfortunately, they have not provided much help and have only pointed fingers at each other. Can anyone offer advice on resolving this issue?

Last Message from SPAMCOP:
This IP is assigned to a Microsoft/Outlook server. Approximately ten weeks ago, we started seeing a large increase in phishing spam and scams coming from Microsoft servers to our traps and users, resulting in their ratios being above our listing threshold at times.
Five weeks ago, Microsoft finally managed to reduce the amount of spam being sent down to normal levels for them, but a week later, the spam volume climbed again, causing many IP addresses to fall into the poor reputation status and get listed.
There is nothing I can do to stop or slow the spam from Microsoft. This is entirely in their control. We are supplying as much information as we can to assist them in stopping this spamming operation under way from their servers.
You will have to take your complaint to Microsoft, as only they can control the spam volume from their network so the IP will delist. Ten weeks should be plenty of time for them to secure their network from these large volume spammers.

Last Message from Microsoft:
No, you cannot obtain a new IP address simply because Spam Cop has blocked your current one. The issue seems to be specific to Spam Cop, as it is the only server that appears to be blocking your account. To resolve this, you’ll need to collaborate with Spam Cop to remove your IP address from their block list.
Additionally, as mentioned in my previous email, consider adding a DKIM (DomainKeys Identified Mail) record to your DNS registrar. A DKIM record provides an extra layer of email security by digitally signing outgoing emails. This signature helps verify the sender’s identity, ensuring that your emails are not being spoofed or sent from malicious sources. [Here’s a resource on how to use DKIM for email in your custom domain](Microsoft Learn link).

I wouldn’t waste much time worrying about Microsoft Exchange Online IPs being listed by SpamCop. There is nothing you can do about that, and there is no single IP assigned to your domain. Your email may be sent from any one of the 491,520 individual IPv4 addresses authorized by your SPF record, or one of the IPv6 addresses that are available in staggeringly incomprehensible quantities.

You have already published DKIM records for your Microsoft Exchange Online service, so it is unclear why this would be recommended to you, unless this is for a different domain than the one we discussed here in December.

None of what you mentioned has any connection to Cloudflare. Do you have a question about Cloudflare that we can help you with?

1 Like

Thank you for your knowledge and expertise. While I had some initial thoughts on this matter, I lack your experience in dealing with it directly. I’ve been utilizing Cloudflare for its CDN benefits, and to be frank, I was struggling to find honest answers. I appreciate your assistance immensely.

1 Like

My domains with Cloudflare and Exchange Online are specialtouchcomputers.com and omahamediaservicepros.com. Both are experiencing issues with SpamCop. Could you confirm if DKIM has been published for both domains? I apologize for my lack of experience in this area.

Both of your domains have published DKIM records for both of the default Microsoft 365 selectors (selector1 and selector2).

SpamCop can be an aggressive list at times, but is usually quite dynamic, and tends to only block addresses during active spamming in progress.

You already have working DMARC, DKIM, and SPF. There is not going to be anything else that Cloudflare Community can suggest you change.

You may need to open communication with the postmaster of any of your recipients’ email providers that are blocking M365 due to the way they have chosen to implement the SpamCop DNSbl and ask if they can adjust their filtering policies.

Alternately, you may need to find a smarthost operator with higher standards of abuse prevention than Microsoft and use them in conjunction with a transport rule to send email from a network that isn’t being abused by spammers.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.