I'm not an email expert—I'm just the person who manages public IPs. Many of the public IPs provided by Azure are blocked by Spamhaus, which creates issues for our customers. They see us as a managed service provider but aren't willing to pay for the authentication needed for an O365 relay, so they need us to whitelist the public IP addresses. The problem is that if Spamhaus blocks those IPs, things just don't work. I have a PowerShell script to check Spamhaus, but it's failing quite often, and I suspect something might be going on with Spamhaus's end. Has anyone else faced a similar challenge?
2 Answers
Have you reached out to Microsoft about unblocking outgoing traffic on Port 25? If you’re sending emails directly from a VM in Azure, it’s crucial to ensure you have email security measures, reverse DNS, and everything else set up properly. Maintaining an SMTP server, especially for reliable delivery to providers like Gmail or Microsoft, can take a lot of effort. Is the Spamhaus entry giving you any additional info?
Everything works fine when we can get a non-blocked IP, but finding one from Azure is tough these days. I used to have a PowerShell script for checking Spamhaus, but it broke down. They now want you to buy their API, which isn't expensive, but I’m looking for alternatives.
Just a heads up, Microsoft won't unblock you unless you're on an MCA subscription. If you’re on PAYG or CSP, Port 25 access isn't available.