locked
How does one submit an abuse report for spam received from MS Online Services? RRS feed

  • Question

  • Strangely, abuse@microsoftonline does not exist and abuse@bigfish.com seems to forward to the frontbridge abuse department who are non-responsive
    Monday, June 6, 2011 7:44 PM

Answers

  • Greetings all! 

    I checked with someone from our FOPE/Forefront group about this header.  His analysis was similiar to mine, there isn't enough information here to work with to even trace.  I check and none of the email addresses/domain names are being used in the BPOS system that I have access to. 

    The appropriate place to send your abuse reports to is abuse@messaging.microsoft.com  


    Vickie - BPOS Technical Support
    Got an Office 365 question? Try the Office 365 Community Forums http://community.office365.com/en-us/f/default.aspx
    Thursday, October 6, 2011 10:44 PM

All replies

  • Greetings WTF Chuck!

    Best thing to do is to call in and open a ticket with FOPE.  I've searched and I haven't been able to find a way to report spam other than an Outlook addin found here : http://www.microsoft.com/downloads/en/details.aspx?FamilyID=53541292-ce94-4c5b-9127-b7d56f11b619&displaylang=en

    Vickie

    Tuesday, June 7, 2011 1:12 AM
  • I am not a customer and opening a ticket is not an option. We are receiving abuse from a Microsoft Hosted customer and there seems to be no way of contacting anyone who can take care of this (i.e. terminating the customer).

    So far I have had direct contact with the Microsoft domains team (DNS) and an individual who works server-side support for Exchange online backend. The former would not provide contact details; the latter is not in a position to fix the issue. I have sent abuse reports to bigfish.com (the Microsoft owned domain for the back-end from where the abusive email is being relayed from) and they appear to automatically forward complaints to FrontBridge. FrontBridge has been completely non-responsive.

    I am sure Microsoft has a legal contract with its customers where the customer agrees to not send unsolicited bulk commercial email. At issue is Microsoft's blatent lack of enforcement of this agreement. See http://www.rfc-ignorant.org/rfcs/rfc2142.php for details on what is wrong. Although my complaint here has to do specifically with the requirements highlighted in orange, it must be said that the requirements highlighted in green should also be addressed at the same time to gain RFC complaince.

    Tuesday, June 7, 2011 4:49 PM
  • Greetings!

    I can let you know that action has been taken on this.  Apparently there have been more than just this one complaint.  Here is some information that came past my desk today:

    Well, if they[customer] are on a major freemail provider like HotMail, Yahoo or AOL, or cable companies like RoadRunner, ComCast, or people who have SpamCop access … clicking on their respective “Report Spam” buttons or equivalent will get IMMEDIATE visibility into the issue.
    ......
     
    We have solutions in place to deal with automated reports, but not one-offs such as this.
    Although sending a complaint to SpamCop should have achieved visibility on this issue.
    Most of the complaints we received in retrospect came from AOL.
    ----------------------
     
    I hope that answers your question.
    Vickie
    Tuesday, June 7, 2011 8:58 PM
  • Thank you for providing this interesting information and gee I wonder where those "other complaints" came from ;) It's wonderful that all the users of freemail providers have been thought of when MS Online Services designed their abuse mitigation strategy.

    So, exactly what is the strategy for handling abuse reports from enterprise users (who don't have a spam button)? Hopefully it's not intended they take the route I just took (squeaking for 3 weeks straight and finally resorting to an insider when it became clear no one there cares what-so-ever). I must point out that Hotmail/MSN do support the intent of RFC 2142 even if not by the letter of the spec; MS Online Services flat ignores it AT YOUR PERIL. If making reports via SpamCop is your abuse desk, why do you not have an auto-responder set up on abuse@microsoftonline.com saying so and outlining the abuse policy (this would at least show you are supporting the intent of RFC 2142)? And, why isn't that fact on any public web pages?

    Although we are a smallish enterprise in the grand scheme of things and the spam in question here is not high-volume, I find it very hard to believe this is entirely a one-off when non-COI marketing (yep, that IS spam) has been running rampent for the last several years, fed by unauthorized list-renting/list-purchasing. As companies move to your "cloud" you are taking on the "responsible person" role. Your automated rate-limit triggers in place do not fill this role. You need a staffed and funded abuse desk in addition to these automated tools.

    It would be nice to know what the pending actions are here; have I have been listwashed or is the spammer being terminated? Likewise, what is the action taken on reports that come to you via SpamCop? How do I know you're not simply allowing the spammers to listwash if I make reports there? I want to see a public statement here or on some easily found web page about how you handle abuse reports. I suggest you model http://mail.live.com/mail/postmaster.aspx

     

    Wednesday, June 8, 2011 8:56 PM
  • Another Spam from your customer this past Saturday. "Action taken" Maybe a slap on the wrist... Why are you letting an Israeli company spear-spam American recipients with impunity?

    Big-company-itus at its finest!

    Tuesday, June 14, 2011 4:43 PM
  • Hi there,

     

    It's been a couple weeks since "action has been taken on this." So, why do we keep getting this same spam every Satueaday like clockwork to the role email address?

    Where you joking?

     

    Sorry for posting under a different name but the live team can't seem to get account linking working correctly ;)

    Monday, June 27, 2011 12:38 PM
  • Just want to add one more voice to this..

    I've been getting spam from one of bigfish customers for months, and tried various means (just like WTFChuck) to contact MS, but no response or action from them yet.

     

    Here are the relevant email headers (names removed):

     

    X-Forefront-Antispam-Report: CIP:50.23.51.33;KIP:(null);UIP:(null);IPVD:NLI;H:pmpsummit.pmpsummit.com;RD:50.23.51.33-static.reverse.softlayer.com;EFVD:NLI
    X-FB-SS: 13,
    Received: from mail26-tx2 (localhost.localdomain [127.0.0.1]) by mail26-tx2
     (MessageSwitch) id 13174072138396_3187; Fri, 30 Sep 2011 18:26:53 +0000 (UTC)
    Received: from TX2EHSMHS025.bigfish.com (unknown [10.9.14.246]) by
     mail26-tx2.bigfish.com (Postfix) with ESMTP id E58DD130004E for
     <billgates@microsoft.com>; Fri, 30 Sep 2011 18:26:52 +0000 (UTC)
    Received: from pmpsummit.pmpsummit.com (50.23.51.33) by
     TX2EHSMHS025.bigfish.com (10.9.99.125) with Microsoft SMTP Server (TLS) id
     14.1.225.22; Fri, 30 Sep 2011 18:26:52 +0000
    Received: from itilsumm by pmpsummit.pmpsummit.com with local (Exim 4.69)
     (envelope-from <bounce@itilsummit.com>) id 1R9hnP-0007BM-Ba for
     billgates@microsoft.com; Fri, 30 Sep 2011 13:26:51 -0500

    (here's hoping that this post will help Google at least associate these pmpsummit $@ss013s with spam)

    Sunday, October 2, 2011 11:38 AM
  • Greetings all! 

    I checked with someone from our FOPE/Forefront group about this header.  His analysis was similiar to mine, there isn't enough information here to work with to even trace.  I check and none of the email addresses/domain names are being used in the BPOS system that I have access to. 

    The appropriate place to send your abuse reports to is abuse@messaging.microsoft.com  


    Vickie - BPOS Technical Support
    Got an Office 365 question? Try the Office 365 Community Forums http://community.office365.com/en-us/f/default.aspx
    Thursday, October 6, 2011 10:44 PM
  • abuse@messaging.microsoft.com seemed to be a direct route to /dev/null (the ol' round file) for outside people (i.e. non-customers) when I tried it months ago. <trying again...>Ahh yes, this is the place the BPOS customers send spam submissions so BPOS can better block spam sent to their customers.

    So unless something big has changed behind the scenes (details Vickie?) I'd recommend people go the spamcop route as Vickie originally recommended for reporting spam sent by BPOS customers. This did work surprisingly well at removing the Israli spammer in our case.

    We get VERY little spam from from BPOS so my assumption is the customer vetting process is a good one, however, for the ones that do sneak through the reporting process is exceedingly difficult when compared even to Microsoft's own Hotmail! Maybe bpos can snag some of the talent from that BU to bring the situation up to speed? :)

    All the best

    • Proposed as answer by JGurtz Tuesday, January 17, 2012 2:15 PM
    Tuesday, January 17, 2012 2:15 PM