Regarding Account Activation and Outlook Email

Hey all,

If you've read my welcome post, you'd know we are hosted on a VPS at Linode. Normally, this wouldn't present any real problems--the server is stable, fast and cheap and provides us with all the resources we need to run this website. However, the issue comes when we need to send out account activation emails to new registrations. Let me explain.

If you've been on the Internet for longer than a month, you've had to deal with them before--you register for a new website and they send you an email containing a link to confirm your account. This is one of the oldest and still most effective anti-spam techniques on the Internet, since it requires user interaction and spammers are cheap, so most won't pay humans to read emails and click links so their bots can operate. It is, however, these exact spammers that are the root cause of much of the issue we've been experiencing: Outlook, and until recently, Gmail, have been rejecting our account activation emails.

I know they've been bouncing since I receive a bounce notification that generally looks like this:

(Names and IPs redacted for privacy reasons)

Now, there's a few things to unpack here. First, the emails are getting bounced by Microsoft's spam catcher servers before they even reach the destination mail server due to our IP being listed on their S3140 mail blacklist (that's a whole other can of worms--more on that later!). Second, the SMTP (Simple Mail Transfer Protocol) error code--550 5.7.1: Google were giving us bounces with this code as well until I went to the trouble of setting up authentication and encryption (though it seems Linode rightly use packet sniffing on their outbound routers to combat spam so it will appear unencrypted in your inbox--rest assured our mail server has an SSL certificate!) for all outbound mail leaving our mail server. Microsoft's Outlook spam catchers don't seem to care if you've done this if you're on the S3140 list--they'll block you anyway! The problem? 550 5.7.1 is a generic server error code--Google has many different versions of this code for different conditions, some more broad than others. It tells us very little about what the underlying problem is.

Now, on to the block list itself. From what I've been able to dig up with Google-fu, it seems that the Microsoft Outlook S3140 mail server blacklist blocks all new or rehomed mail servers by default and is very difficult to get yourself removed from--more information here--which presents another problem: we are a small community and an even smaller development team. Microsoft won't listen to direct inquiries from us. This leaves us little recourse apart from opening a ticket with Linode--which I've done--and seeing if they can wave the might of Akamai at Microsoft to get them to delist our server.

What can you do to mitigate this issue for now? Avoid using Outlook when registering. Google has removed us from their new server blacklist (though we're still a new sender so we'll end up in spam for a while!), so if you have a Gmail account, use that to register instead. Other email providers like Yahoo and hosted email services should also work.

Hope to see you on the forums and Discord server!