Microsoft Blacklist

Last change on 2024-09-11 • Created on 2020-01-20 • ID: RO-EAA35

Microsoft maintains their own internal blacklists, which are used to reject emails coming from specific IP addresses. Any IPs listed on the Spamhaus blacklist are also blacklisted by Microsoft. As far as we know, this is the only external (DNS-based) blacklist that Microsoft uses. The rest of the blacklisted IPs are based on Microsoft's own criteria. These listings are not very transparent, and unfortunately include a large amount of false positives, as Microsoft will often list larger ranges.

There are two distinct blacklists that Microsoft uses, each for different platforms. One is for OLC (Outlook Consumer), which is used by outlook.com, hotmail.com, live.com, and msn.com. The other is for Office365.

If you receive an error message from Microsoft when sending emails from a server you have with us, please check the error message to find out which blacklist the IP is on. Please make sure your server isn’t sending any spam, and that your IP isn’t listed on any DNS-based blacklists. Please also ensure your emails comply with the Microsoft policies, practices and guidelines found on their website: https://postmaster.live.com/pm/policies.aspx

Once you have done that, you can follow the instructions below to get your IP delisted.

OLC (Outlook Consumer)

If an IP is listed on the OLC blacklist, then emails from that IP will be rejected with the following error message:

550 5.7.1 Unfortunately, messages from [x.x.x.x] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors.

Note: there are two error codes that Microsoft uses. S3140 means the IP is fully blocked, while S3150 means it is throttled.

To delist IPs from this blacklist, please fill out the following form: https://olcsupport.office.com/

Once you have filled the form out, you should get a response within a few hours with the results of a first, automated, check on the IP.

In rare cases the result of this check will be that the IP has been "Mitigated", which means it has been delisted from the blacklist.

In most cases, the result will be that "Nothing was detected to prevent your mail from reaching Outlook.com customers" or even that the IP is "Not qualified for mitigation". In those cases, please respond to the email, and provide the information Microsoft requests. When you do so, the ticket will be escalated, and an actual staff member at Microsoft will take a look at the IP. In most cases, they will then manually delist the IP ("We have implemented mitigation for your IP").

If they still refuse to delist the IP, and you’ve only recently been allocated the IP, you should tell them this. They will then require an email or PDF confirmation from us, the ISP, with information on when the IP was allocated. To request this confirmation from us, please contact our support team by opening a support request via your account, and let us know exactly what Microsoft needs.

In those rare cases where all of the above fails, we can fill out the delisting form for the IP. We don't have any special contacts at Microsoft, but their support will sometimes respond differently to a new delisting request. If that doesn’t work for us either, the only solution is to change the IP.

Office365

For Office365 there are two separate, but linked, blacklists, that result in two separate error messages.

The first error message is:

550 5.7.606 Access denied, banned sending IP [x.x.x.x]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to http://go.microsoft.com/fwlink/?LinkID=526655 (AS16012609)

To delist IPs from this blacklist, please fill out the form linked to in the error message: https://sender.office.com/

The error message also contains a link to the workflow to get the IP delisted: http://go.microsoft.com/fwlink/?LinkID=526655

If you follow the instructions, the IP should be automatically delisted.

The second error message is:

550 5.7.511 Access denied, banned sender[x.x.x.x]. To request removal from this list please forward this message to delist@microsoft.com. For more information please go to http://go.microsoft.com/fwlink/?LinkId=526653. AS(1410)

When you contact the email address mentioned in this message, you should get a reply within a fews days that the IP has been delisted:

The IP address you submitted has been reviewed and removed from our block lists. Please note that there may be a 1-2-hour delay before this change propagates through our entire system.

Alternatively, the IP might have already been delisted, which will result in the following reply:

It appears that the IP you submitted is not currently listed on any of our block lists. This may be due to an earlier delisting request that has already been processed.

If you continue to receive Non-Delivery Receipts (NDRs), or "bounce messages," that indicate that the IP address is still blocked by our spam filtering system, please forward one of the messages to us and we will investigate further.

In this case, please follow the instructions and forward a recent error message to delist@microsoft.com. Since we don’t have access to your server, we cannot do this for you.

In those rare cases where Microsoft still won’t delist the IP, please contact our support team by sending a request via your account. We don’t have any special contacts at Microsoft, and we can only send an email to the delist address, but sometimes Microsoft will respond differently to different requests. If that doesn’t work for us either, the only solution is to change the IP.

Microsoft Programs

For advanced users, it can be helpful to join two free programs that Microsoft offers for OLC (not Office365): the Smart Network Data Services (SNDS) and the Junk Email Reporting program (JMRP).

Neither the SNDS nor the JMRP allow you to delist your IP; they simply provide detailed information about the traffic on your sending IP, the sending IP reputation with Microsoft, and the user complaint rates.

As Microsoft says, there is no silver bullet to maintaining or improving good IP reputation, but these programs help you proactively manage your email eco-system to help ensure better deliverability to Microsoft users.

SNDS

This program allows you to monitor the "health" and reputation of your registered IPs by providing data about traffic such as mail volume and complaint rates seen originating from your IPs. This data is only provided for IPs which send more than 100 emails per day to Microsoft OLC accounts.

To register, please visit: https://sendersupport.olc.protection.outlook.com/snds/

You will need to request authorization for the IPs you would like access to. Microsoft uses a combination of WHOIS and rDNS to check who the owner of a particular IP is. In some cases, you will be able to send an email to your own domain to verify ownership. If that is not the case, you can select one of our email addresses to send the verification email to: info@hetzner.com, abuse@hetzner.com, or postmaster@hetzner.com.

Important note: We will only verify ownership if the name you have signed up for in the SNDS matches the name we have on file for your account.

JMRP

This is similar to a feedback loop (FBL), in that it will send you a copy of an email marked as "junk" by the recipient. However, to prevent listwashing, the JMRP will only send a copy of about 1 out of every 1000 emails marked as junk. This limits the usefulness of the JMRP, and means many senders get little to no complaints via JMRP, even though recipients are in fact marking their emails as junk.

You will first need to be authorized for the IP in the SNDS (see above) before you can create a feed for it in the JMRP.

To join, please visit: https://sendersupport.olc.protection.outlook.com/snds/JMRP.aspx

Please note that since we have access to all of our IPs in the SNDS, we can create, change and delete any JMRP feeds for our IPs. At this point in time we don’t have any feeds for IPs belonging to unmanaged servers.

Table of Contents