Microsoft blocked TSO Host's email IPs from Hotmail, Outlook inboxes and no one seems to care

Apart from the poor sods paying for the service, that is


Microsoft has blocked Brit hosting outfit TSO Host's bulk email domain, meaning anyone trying to send large quantities of mail over its infrastructure cannot deliver it to an Outlook or Hotmail address.

Irate resellers got in touch with The Reg to complain that their own customers were moaning that emails sent to any Microsoft domain were bouncing.

Those resellers were using TSO Host's infrastructure for their operations – including the hosting firm's dedicated bulk IP.

"Rather a lot of our clients have mailboxes with TSO/Paragon," reflected one. "Apparently TSO's 'senior team' have requested the removal a while ago but Microsoft aren't interested."

TSO couldn't be bothered to reply when The Register messaged them asking what was going on, despite them inviting us to do so. Microsoft is probably still rewriting Bing in the hope of seeing relevant search results that tell it what TSO Host is, but we wait with bated breath for their reply.

Messages sent over TSO Host's infrastructure to an Outlook, Hotmail or Live email address bounce. The bounce message is pretty unequivocal:

550 5.7.1 Unfortunately, messages from [195.26.90.72] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [VE1EUR02FT020.eop-EUR02.prod.protection.outlook.com]

TSO Host's website contains a status update from nine days ago at the time of writing, which says: "We have requested a delist from SORBS for the Daily mail IP range 195.26.90.0/24 and they have confirmed that the IP is not listed any more." [sic]

Combined with the IP address in the bounce message above, it's not looking good for TSO Host and its ability to deliver mail to Microsoft-controlled addresses.

In its status page message, TSO Host added: "We are still awaiting an update on the matter with Microsoft. Once we have information from them, we will further update."

Email issues are nothing new, though they tend to consist of ISPs overblocking potential spam messages – as infamously kept happening with Virgin Media over the past few years.

A fed-up source caustically commented: "So, as long as people with TSO mailboxes don't have any friends on Hotmail you're fine. D'oh!" ®

Similar topics

Broader topics


Other stories you might like

  • Start using Modern Auth now for Exchange Online
    Before Microsoft shutters basic logins in a few months

    The US government is pushing federal agencies and private corporations to adopt the Modern Authentication method in Exchange Online before Microsoft starts shutting down Basic Authentication from the first day of October.

    In an advisory [PDF] this week, Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) noted that while federal executive civilian branch (FCEB) agencies – which includes such organizations as the Federal Communications Commission, Federal Trade Commission, and such departments as Homeland Security, Justice, Treasury, and State – are required to make the change, all organizations should make the switch from Basic Authentication.

    "Federal agencies should determine their use of Basic Auth and migrate users and applications to Modern Auth," CISA wrote. "After completing the migration to Modern Auth, agencies should block Basic Auth."

    Continue reading
  • Microsoft gives its partners power to change AD privileges on customer systems – without permission
    Somewhat counterintuitively, this is being done to improve security

    Microsoft has created a window of time in which its partners can – without permission – create new roles for themselves in customers' Active Directory implementations.

    Which sounds bonkers, so let's explain why Microsoft has even entertained the prospect.

    To begin, remember that criminals have figured out that attacking IT service providers offers a great way to find many other targets. Evidence of that approach can be found in attacks on ConnectWise, SolarWinds, Kaseya and other vendors that provide software to IT service providers.

    Continue reading
  • FabricScape: Microsoft warns of vuln in Service Fabric
    Not trying to spin this as a Linux security hole, surely?

    Microsoft is flagging up a security hole in its Service Fabric technology when using containerized Linux workloads, and urged customers to upgrade their clusters to the most recent release.

    The flaw is tracked as CVE-2022-30137, an elevation-of-privilege vulnerability in Microsoft's Service Fabric. An attacker would need read/write access to the cluster as well as the ability to execute code within a Linux container granted access to the Service Fabric runtime in order to wreak havoc.

    Through a compromised container, for instance, a miscreant could gain control of the resource's host Service Fabric node and potentially the entire cluster.

    Continue reading

Biting the hand that feeds IT © 1998–2022