this post was submitted on 17 Apr 2024
27 points (100.0% liked)

Technology

37727 readers
603 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

I work for the support department of a large multinational imaging company. Starting yesterday, we started getting tons of calls from customers who have been sending email from their devices from Gmail domains who are not able to send emails to M365 users. A bit of snooping in our test M365 domain shows that they are being dropped as spam from M365. What's odd is that I cannot find any mention of this behavior anywhere on the Internet. Has anyone else seen this yet?

you are viewing a single comment's thread
view the rest of the comments
[–] HiImDannyGanz@beehaw.org 3 points 7 months ago (2 children)

I don't see any indication of that from the simple output provided from the message trace.

Also, it only seems to affect messages sent from Gmail via SMTP. Messages sent from the web interface are delivered properly.

[–] mark@infosec.pub 2 points 7 months ago (1 children)

can you drop the header in here: https://mha.azurewebsites.net/pages/mha.html

it might have some more info for you

[–] HiImDannyGanz@beehaw.org 2 points 7 months ago (1 children)

That's a great suggestion, but the message gets tossed by the M365 spam filters before it reaches the inbox and I never have a chance to see the headers. All I'm able to see is the snippet of information that doesn't show anything actionable.

[–] mark@infosec.pub 1 points 7 months ago

Are you using defender for o365? If so, usually uou can get a copy of Any rejected messages at security.microsoft.com and get more info from the message explorer