About 70% of my spam originates from *.onmicrosoft.com. Unfortunately I can't easily block the whole thing because there is also legitimate email traffic from Office365/Azure.
I have tried sending Microsoft reports, but have not heard back, and the spam continues.
Yes, Microsoft is very slow in blocking their customers from sending spam, yet very quick in blocking external senders for that reason (same for Google, Salesforce, Amazon, etc. BTW). Funny how that works...
But, if you can, record the `X-MS-Exchange-CrossTenant-Id` header value for the spam you receive. If it ends in 'aaaa', that means it comes from the public outlook.com/hotmail.com service, and you'll need to do text content/from-address filtering to get rid of spam.
But otherwise, deny-listing the GUID you get, will do wonders to eliminate future spam from that source...
PreInternet01|1 year ago
But, if you can, record the `X-MS-Exchange-CrossTenant-Id` header value for the spam you receive. If it ends in 'aaaa', that means it comes from the public outlook.com/hotmail.com service, and you'll need to do text content/from-address filtering to get rid of spam.
But otherwise, deny-listing the GUID you get, will do wonders to eliminate future spam from that source...
X-Istence|1 year ago
https://gist.github.com/digitalresistor/03ea1b8798c519a71f06...
Edit: moved list to Gist.