Virtually all spam is now sent via Microsoft and Gmail.

Posted by on April 1, 2024

Like most days, this morning our hosting clients received dozens of phishing, fake invoice and spam emails.  Most are automatically marked as spam and/or deleted, but some get through.  Want to guess where they come from?  Virtually all are from Microsoft hosted accounts.  Specifically, and MSN .

Yet, when we contact the MSN and postmasters, our complaints BOUNCE.   Why?  Because the IP addresses our mail servers now use were used to send some spam by a different provider YEARS AGO.

AT SRO Hosting, we haven’t had a serious spam/phish incident on our servers for over a decade and we’re not on any blacklists, however we are often unable to contact companies currently pumping the internet full of this crap.   Even worse, we occasionally get “sorry, we have fixed the issue” replies back from Microsoft postmasters only to have their “fix” undone a week or so later when they are forced to roll back their bug ridden Exchange servers due to another zero day exploit being found.

Microsoft postmasters can barely keep their servers running securely, much less be bothered to stay up to date OR to maintain postmaster addresses which can be reached for resolution as per RFCs, so why do keep using them?  In recent decades, the world lost most corner markets as people began shopping at Walmart and Amazon to save money.  This trend didn’t stop with physical products.  Many people and companies now source their entire online presence to one or more massive corporate conglomerates (specifically Google, Amazon and Microsoft), but at what cost?

Serious question: Have you ever contacted Microsoft or Gmail for support? How did that go for you?   Was it anything like this (actual quote from a customer):

I talked to Lenovo for an hour.  He uninstalled the Microsoft app twice and finally said this is a problem he has never seen and I need to call Microsoft.  I did and it was the worse computer experience of my life

We are victims to the culture WE create.   Please stop supporting massive companies who DO NOT CARE!  If you elect to give all the power to huge companies, rest assured they will take it . . . and abuse it.


Update: November 2023. They’re doing it again. and MSN blocked us for no reason without citing a single spam email coming from our servers. Unsurprisingly, this once again happened shortly after yet another Exchange server zero day exploit.

Meanwhile, we continue to receive fake invoice and phishing emails from Outlook and Gmail with no end in sight.


Update: March 2024.  Yes, they still suck at Microsoft. blocked us without notice although our IPs are clean at  every public blacklist and Microsoft’s own JMRP (junk mail reporting program).  Of course, this yet again occurred immediately after  another Exchange server zero day exploit this February  and that’s no coincidence.  The timing of these rejections makes it obvious these postmasters have no idea how to properly administrate a  mail server and  “hack means roll back”.

To be fair… email scams aren’t Microsoft’s only business, however the fact that they directly benefit from spam and phishing by monetizing ‘throwaway’ accounts while ignoring spam and phishing complaints from other providers is a HUGE part of the problem.

If you can, please spend a tiny bit more money/effort and support small, local companies who care… whether that’s your corner market, local pet store, book store or your web/mail hosting provider. 

On the “App end” of things, maybe spend a bit LESS money by cancelling your Office 365 subscription and donating some fraction of that to support Libre Office.



Be the first to comment.

Leave a Reply

Simple Business by Nimbus Themes