Our service health telemetry indicates that the previously mentioned service optimizations have had the desired effect, and we've observed a significant reduction in the volume of impacted messages. We're continuing to implement further optimizations to reduce or eliminate impact as quickly as possible, and in parallel we're continuing our efforts in coordination with the third-party anti-spam service to identify and implement a long-term solution to fully remediate the issue.
Posted Apr 18, 2024 - 07:47 CDT
Update
Update from Microsoft:
We’re continuing the process of identifying the IP addresses that are causing the third-party anti-spam service to activate and block a segment of Microsoft’s email IP address ranges. While we are seeing signs of improvements to some IP address ranges that we've identified thus far, we'll share an updated timeline for this investigation and the steps being taken to remediate the impact when more information is available.
Posted Mar 28, 2024 - 15:36 CDT
Update
Update from Microsoft:
We're continuing our operation to identify and isolate IP addresses which are responsible for triggering the third-party anti-spam service to block a portion of Microsoft's email IP address range, although more time is needed for this to complete. Once complete, we'll work towards mitigation by limiting the mail flow from these IP addresses.
Posted Mar 25, 2024 - 11:09 CDT
Update
Update from Microsoft:
Current status: Our operation to isolate the IP addresses that are causing the third-party anti-spam service to block a portion of Microsoft’s email IP address ranges is taking longer than expected. After this is complete we'll proceed with limiting the mail flow to prevent the issue from reoccurring.
Posted Mar 22, 2024 - 08:17 CDT
Update
Update from Microsoft:
Current status: Our mitigation efforts are underway as we continue to work with the third-party anti-spam service to monitor the relevant IP ranges and isolate which IP addresses may be responsible for the malicious email messages causing the service to block Microsoft IP ranges. We'll be able to limit the mail flow from these once identified, which should serve as a long-term solution for this issue.
Scope of impact: The problem may impact some users sending outbound email messages if they're leveraging a specific third-party anti-spam service mentioned within the NDR.
Root cause: A third-party anti-spam service is blocking a portion of Microsoft’s email IP address ranges to protect organizations that use their services.
Posted Mar 20, 2024 - 07:04 CDT
Update
Update from Microsoft:
Current status: We're continuing our efforts of working with the third-party anti-spam service to monitor the IP address ranges affected by this problem and identify which IP addresses may be causing the mass delivery of malicious email messages. Once we've isolated the IP addresses that are causing the third-party anti-spam service to block a portion of Microsoft’s email IP address ranges, we'll limit the mail flow as a long-term solution to prevent the issue from reoccurring.
Posted Mar 13, 2024 - 08:19 CDT
Update
Update from Microsoft:
Current status: We're continuing to work with the third-party anti-spam service to monitor the IP address ranges affected by this problem and identify which may be sources of potentially malicious email messages so we can determine our next troubleshooting steps for reducing such email messages and the frequency of those IP addresses being blocked. In parallel, we're continuing to assess potential long-term solutions to address this and similar problems in the future.
Posted Mar 08, 2024 - 14:39 CST
Monitoring
Updated from Microsoft:
Users' outbound Exchange Online email messages are marked as spam and not delivered
2024-03-06 2:48:27 PM (CST)
Title: Users' outbound Exchange Online email messages are marked as spam and not delivered
User impact: Users' outbound Exchange Online email messages are marked as spam and not delivered.
More info: This isn’t connection method specific and thus occurs in all Exchange Online connection methods. Users will receive a Non-Delivery Report (NDR) message that references the third-party anti-spam service name that has added the IP to their block list. Current status: We're working with the third-party anti-spam service to better identify the IP ranges affected by this problem so that we can more quickly identify and manage sources of potentially malicious email messages. This will help reduce the frequency of spam and phishing email which also reduces the number of reported and blocked IPs, returning some mail flow as expected. In parallel, we're reviewing long-term solutions to preventing similar problems.
Scope of impact: Your organization is impacted by this event, and the problem impacts all users sending outbound email messages.
Root cause: A third-party anti-spam service is blocking a portion of Microsoft’s email IP address ranges to protect organizations that use their services. Next update by: Friday, March 8, 2024, at 9:00 PM UTC
Posted Mar 05, 2024 - 11:58 CST
Investigating
We are investigating reports of some users receiving bounce back notices indicating Microsoft 365 sending IP listed on a third party blocklist.
We will post a health service alert once we have received confirmation from Microsoft. We will provide updates as we receive them.