And this is why Microsoft is still 'the enemy'. If it was as simple as a missing key they could have said as much and fixed the problem. But Microsoft is Microsoft (repeat for Google and Amazon...
And this is why Microsoft is still 'the enemy'.
If it was as simple as a missing key they could have said as much and fixed the problem.
But Microsoft is Microsoft (repeat for Google and Amazon for that matter), and they see the writing on the wall for Operating Systems. Browser-based SaaS is the new cash cow, so expect ever-increasing hostilities to stuff that provides a compatible alternative to their offerings.
I mean, if you're going to offer email as a service to others, the responsibility for keeping up to date with the latest security measures is on you. MS could definitely be clearer about things,...
I mean, if you're going to offer email as a service to others, the responsibility for keeping up to date with the latest security measures is on you. MS could definitely be clearer about things, but I also suspect the reason they aren't is because something more is going on here than just the missing DKIM. It could be that someone is using disroot's email service for spam and/or phishing attacks, which is what precipitated the sudden rejections, and would also explain why MS support is being so cagey right now.
If that was true then why not say the service is being exploited by providing the offending addresses? , or even just saying it is used for something like spam could give disroot a direction to...
If that was true then why not say the service is being exploited by providing the offending addresses? , or even just saying it is used for something like spam could give disroot a direction to check, instead they would rather the accounts would stay active on disroot and spam other email services?
in this case i can't think of a way to refute the cynical explanation.
Because MS support likely has no idea who the hell disroot is, or if they can be trusted, and by revealing addresses they caught spamming/phishing they could potentially reveal how elements of...
If that was true then why not say the service is being exploited by providing the offending addresses?
Because MS support likely has no idea who the hell disroot is, or if they can be trusted, and by revealing addresses they caught spamming/phishing they could potentially reveal how elements of their filter work, making it easier for bad actors to slip by it in the future.
p.s. I am not saying MS is entirely in the right here in how they are responding... but automatically going down the overly cynical route for an explanation isn't really productive here, IMO. The email exchange ecosystem is insanely complicated, and there are very valid security reasons for all the hurdles in place. Spam and phishing are a massive problem that is not easily solved, and trust plays a huge part in how we currently combat them, which means new providers unfortunately need to work hard to earn that trust. Just look at how long it took ProtonMail to establish itself, and how many obstacles they had to overcome first.
"Good news. Microsoft has decided finally to look yet again at our case and this time, we have gotten whitelisted. This means emails to hotmail and outlook are not blocked anymore."
I just checked MXToolbox and they appear to have valid SPF and DMARC records, and they don't appear to be on any of the major blacklists:
https://mxtoolbox.com/SuperTool.aspx?action=spf%3adisroot.org%3a178.21.23.139&run=toolpage
https://mxtoolbox.com/SuperTool.aspx?action=dmarc%3adisroot.org&run=toolpage
https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3adisroot.org&run=toolpage
However, they are lacking a DKIM key, which could potentially be what's causing their emails to be rejected:
https://mxtoolbox.com/SuperTool.aspx?action=dkim%3adisroot.org%3aemail&run=toolpage
And this is why Microsoft is still 'the enemy'.
If it was as simple as a missing key they could have said as much and fixed the problem.
But Microsoft is Microsoft (repeat for Google and Amazon for that matter), and they see the writing on the wall for Operating Systems. Browser-based SaaS is the new cash cow, so expect ever-increasing hostilities to stuff that provides a compatible alternative to their offerings.
I mean, if you're going to offer email as a service to others, the responsibility for keeping up to date with the latest security measures is on you. MS could definitely be clearer about things, but I also suspect the reason they aren't is because something more is going on here than just the missing DKIM. It could be that someone is using disroot's email service for spam and/or phishing attacks, which is what precipitated the sudden rejections, and would also explain why MS support is being so cagey right now.
If that was true then why not say the service is being exploited by providing the offending addresses? , or even just saying it is used for something like spam could give disroot a direction to check, instead they would rather the accounts would stay active on disroot and spam other email services?
in this case i can't think of a way to refute the cynical explanation.
Because MS support likely has no idea who the hell disroot is, or if they can be trusted, and by revealing addresses they caught spamming/phishing they could potentially reveal how elements of their filter work, making it easier for bad actors to slip by it in the future.
p.s. I am not saying MS is entirely in the right here in how they are responding... but automatically going down the overly cynical route for an explanation isn't really productive here, IMO. The email exchange ecosystem is insanely complicated, and there are very valid security reasons for all the hurdles in place. Spam and phishing are a massive problem that is not easily solved, and trust plays a huge part in how we currently combat them, which means new providers unfortunately need to work hard to earn that trust. Just look at how long it took ProtonMail to establish itself, and how many obstacles they had to overcome first.
If you (or anyone else) is interested in helping you can open a issue on the project board .
Well that's annoying, my primary email is on disroot. It hasn't impacted me yet, but I hope this gets cleared up.
"Good news. Microsoft has decided finally to look yet again at our case and this time, we have gotten whitelisted. This means emails to hotmail and outlook are not blocked anymore."