We have found it necessary to turn on SPF checking for the hotmail.com on the smtp2 (backup MX) pool after a massive dictionary attack on a customer domain using forged hotmail.com addresses got us blackholed at hotmail’s servers. This meant we were not able to send over legitimate hotmail.com mail from the smtp2 pool.
Now most hotmail.com destinations from here are used in mail forwarding, not backup spooling, so nobody really noticed. But that said, microsoft mail admins made it clear to us in no uncertain terms, this is our problem, not theirs and we’re facing more connectivity issues with them if it happens again.
This left us few options (and paying Microsoft to forward their mail to them was not high on the list of solutions for us) , which left us with SPF. Hotmail.com publishes SPF data and we are now checking all mail that claims to come from hotmail.com against this data on the smtp2 pool and refusing mail that doesn’t match.
Leave a Reply