Comments
They also started using new IPs without PTR records to send out mail. Though so has Microsoft just recently. Both heavily frown upon that when receiving mail themselves. Do as we say...
I hate getting a report telling me my work domain is blocked because it is missing a PTR record and we use Exchange Online. I can’t do anything about that!
By bongodongobob 2025-03-294:353 reply Yep, whenever I start a new job I say "Don't worry, because iamverysmart, you don't need any Microsoft products!" I am then hailed as a genius, everyone claps, and I get a big fat raise.
By 486sx33 2025-03-2910:35 [flagged]
By darthrupert 2025-03-296:471 reply This sort of anti-progress sentiment doesn't belong here, I feel.
The snarky „just don’t use Exchange, duh!“ doesn’t either. It’s a non-solution that armchair experts provide, who aren’t responsible for managing mailing for lots of people.
By johnisgood 2025-03-2911:032 reply There is no alternative to Exchange that does not involve Microsoft?
There are many environments where people don’t have a choice but to maintain what is in production.
Whether or not viable alternatives exist, those alternatives don’t magically change org structure, office politics, budget, current business priorities, etc.
Bottom line: many people managing exchange don’t have the luxury of evaluating this problem in terms of alternatives.
By johnisgood 2025-03-2911:13 I do not disagree with this.
I don’t know any that come close in functionality, configurability, and maintainability. Exchange scales from a one-person handyman to Fortune 500 without a hitch, it comes with an office suite and cloud storage space, you find specialists for it on every corner, and it mostly just works. That’s pretty hard to beat, even if I’m personally more than unhappy to be so dependent on Microsoft, a US product, and closed-source software; there’s just not much I can do about it.
what did people do before Exchange Online (or whatever the cloud offering is called)? they just didn't have email?
Thing is, I’ve been doing this since before Exchange Online, I know.
People used a few different groupware solutions, worked with bespoke IMAP installations on Linux servers, or (the vast majority) had on-premises Exchange servers running locally. It all required lots of tech wizardry, tinkering, duct tape and hope.
It was a long while before we had turn-key solutions, and you needed actually knowledgeable folks running your IT operations, and nothing was as fully integrated or cheaply available as Exchange Online.
what was hotmail using?
a.k.a. i think you're missing the point. It's ok. You want knowledgeable people running your key infra. Outsourcing that to a company that doesn't respect privacy seems to be shooting oneself in the foot.
By SSLy 2025-03-2920:35 >what was hotmail using?
IIRC as they've been acquihired they had their own software stack back in 90's.
By 9dev 2025-03-2920:25 No, sorry, I think you're missing the point. There is one Hotmail, and a million businesses that need reliable email. I don’t want to outsource my key infra, but that’s the only viable option for most companies.
Getting email right requires lots of infra expertise, steady financial expenses, and time. Most companies just don’t have any of these available, and it makes zero economic sense as well if a product like Microsoft 365 exists.
By bongodongobob 2025-03-2919:27 I don't know man, what did people do before computers? Why does what people used to do have any bearing on the world now?
By SSLy 2025-03-2920:34 On-prem Exchange. And as someone on the user end, it was even worse.
It’s a minor (but annoying) issue to make the reason to migrate 1,500 users. Who many of which would still need licenses for Excel anyway.
Microsoft being annoying and frustrating and having so many issues is why I have a well paying job in IT.
that sounds like the lump of labor fallacy. there's plenty of things to do in IT besides babysitting hypocrite hypergiants.
By ZeroTalent 2025-03-2916:57 I hear you, but some people just want an easy high-paying job where they essentially work a few hours a week. Not everyone wants to fold proteins.
By alsetmusic 2025-03-3118:39 Because I get to make those calls, not people two or three or four levels above me.
By solid_fuel 2025-03-300:54 Complain to your provider. You're paying for the service, right? They should run a properly configured mail exchange and part of that is having PTR records. If they can't manage that then it's time for a serious discussion about changing vendors.
By cyberax 2025-03-294:54 You can set up a reflector on a properly set up host, and have your Exchange server use it to route the outgoing mail.
By wildekek 2025-03-2912:05 Be glad you receive a report. Apple just silently drops the email.
By wildekek 2025-03-2912:04 Not only does Apple frown upon that, they just silently drop emails that are sent from a server without PTR records. Yes, that includes their own servers. Yes, sending email from iCloud to iCloud is silently dropped if they decide you get assigned an outgoing server without PTR. The absolute amateurism just blows my mind.
By walrus01 2025-03-294:33 It's incredibly entitled of some big cloud based operator to send mail from an SMTP source that doesn't have proper reverse DNS. Any normal independent small operator sending mail without proper reverse DNS will increase its likelihood of spam rank by a thousand percent. Or get flat out rejected at the SMTP negotiation process or relay attempt.
But things like icloud, office365, google workspace and similar are "too big to fail", right? They don't have to play by the same rules as the rest of us peons.
as referenced here, from the post on the 'mailop' mailing list
https://news.ycombinator.com/item?id=43512353
This is either an astonishing level of technical fuck-up from what has to be an entire work group of people with six figure salaries whose jobs are nothing but running email server infrastructure, so they must clearly know better, or a lack of regard for the internet community and accepted standards. I really cannot think of a third possible explanation for it.
To be clear for those people who don't run their own email servers: Having proper reverse DNS for the IP of your outbound SMTP sending server is one of the absolute bare minimum requirements for accepted mail flow, and is a standard that's probably 25 years old or older now. It significantly pre-dates SPF, DKIM, DMARC and all the rest. Proper RDNS is literally one of the first things you verify before you set up everything else.
So, Apple sends the wrong EHLO domain when trying to send emails out. This results in them dropping emails to their own users. Can't get past Apple's level 1 support. How can I get to someone that maintains their SMTP k8s cluster?
We usually ask around on the NANOG mailing list. Someone on that list usually already knows the contact method or a person at an ISP, datacenter or hyperscaler.
By sammy2255 2025-03-296:00 [flagged]
By systemswizard 2025-03-290:261 reply By nikanj 2025-03-2910:16 > How can I get to someone that maintains their SMTP k8s cluster?
By posting on Hacker News and making it to the front page. The same support strategy also works for all the other major providers
By rreichel03 2025-03-293:13 A few years ago, when iCloud custom domains first launched, I found a bug where Apple would permanently cache the MX record. If an iCloud user had ever used a custom domain, future emails from iCloud to that domain would still get routed to their iCloud inbox—even if the domain’s MX record no longer pointed to Apple. They eventually fixed it, but didn’t think it deserved a bounty, which was a bit surprising.
I'm sure there's a ton of interesting surface area here.
