Good morning,
Yes sorry. That's my point. You cannot filter MS junk by its headers
(as far as I know)
No, but there are techniques in SpamAssassin for things such as
transaction reputation and whether it's coming from a freemail
provider. This is not a new phenomenon in the anti-spam world that
spammers are using freemail systems and it can be a good data point in
analysis.
Perhaps you were just showing the IPs but I think you will find that
hotmail/live/msn/outlook use all the same IPs but I could be wrong.
They likely come under the "to big to block" so content and
transaction analysis is what I use with Apache SpamAssassin.
I was hoping that maybe they used a separate address range for free
Hotmail accounts. That would be helpful.
Your email was too much of a red herring IMO so you might re-ask that
specific question. Some notes from me on the topic:
Microsoft, at a minimum, has 4 domains under their freemail umbrella:
hotmail.com, msn.com, live.com and outlook.com.
Checking a few days on one server and I see inbound freemail emails from
IPs in in 104.47.108 & 104.47.109 rarely and the bulk in in 40.92.x.x.
Checking the logs for inbound on the same server for the same date range
that isn't from the 4 freemail that advertises
*.outbound.protection.outlook.com, shows at least some in 104.47. and 40.92/
And per
https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide,
40.92 is listed for *.mail.protection.outlook.com, so at least according
to their documentation there is overlap and my logs appear to confirm
it. They are big ranges though so they might have it carved out but
likely you have to ask Microsoft.
Regards,
KAM
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
