Long running DDOS attack, or overzealous mail administrators?


In exchanging emails with friends and colleagues lately I’m getting more and more NDR’s that bounce back with some message that says “We do not accept spam”.  I knew one such company was small enough that my friend would know the email administrator and sure enough, they have a blanket policy to block any email from a microsoft.com address.

Thankfully none of the customers I deal directly with in my role as a support consultant have this issue, but the issue arose today on a support case where the support contact was a subcontractor working for my customer.  The support engineer had trouble sending updates to this sub-contractor.  We’ve got other ways to reach this person, but it definitely made me stop and give pause.  At my friends place, they are a Mac-centric graphics pre-press outfit and I can here the mail administrator chuckling from across town, but after the third time seeing or hearing about this I wondered if it was all part of some grand scheme to launch a slow moving DOS attack against Microsoft.  Here’s how the conspiracy plays out:

Spoof tons of spam from Microsoft over the course of the years to the point where it is so difficult to separate the wheat from the chaff (so to speak.)  Email administrators the world over get fed up and block all email from the microsoft.com domain.  I certainly hope I am wrong, but I get the feeling that someone out there is going to read this blog who looks a lot like the late George Peppard, he’ll chomp on an unlit cigar and decry, “I love it when a plan comes together.”


Comments (2)

  1. Well maybe part of it is an evil plot against microsoft.

    On the other hand, it could be that mail admins are fed up with dealing with backspill from faulty hotmail servers and hotmail abuse desk staff who ignore / misunderstand complaints about the same. So they’ve chosen to block communications from MS netspace.

    Or it could be again people fed up with complaints about bCentral being ignored or misunderstood. So they’ve chosen to block communications from MS netspace.

    See a pattern here?

  2. IT in DC says:

    I do not block your domain, but I filter.

    And what exactly do you mean by the reference to the "A-Team" (c)(tm)(r)…? I ask as I chomp cigars and also talk to myself.

    If your domain is listed in one of my 3 (free) blacklists, you’re dropped, or your domain is blocked because you refuse to unsubscribe (.domain.com or @domain.com), or if you have an AOL account (which they refuse to stop spammers/junkers) you’re dropped (*vote@aol.com or *supprefnum*@citibank.com or *supprefnum*@citizensbank.com).

    Also, if you send any of the 50+ types of executable files, they are deleted.

    And, I filter subject lines for offensive words, key words and characters (free, $, %, mort*, p3n!s, etc.).

    Soon, I’ll have to disable web surfing. Too many holes in IE and with it installing plug-ins at the drop of a hat, I’m having my hands kept full by MS’s security problems.

    The client doesn’t want me to waste my time keeping "crap" out of their computers that should not have been installed in the first place.