Forum: Too Lazy BBS

Reporting Spam from Microsoft

From David E. Ross@nobody@nowhere.invalid to alt.comp.microsoft.windows,alt.windows7.general on Thu Feb 26 09:15:09 2026

From Newsgroup: alt.windows7.general

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different reporting process.

How can I tell which Microsoft service is the source of spam?
--
David E. Ross
<http://www.rossde.com/>
--- Synchronet 3.21b-Linux NewsLink 1.2

From Paul@nospam@needed.invalid to alt.comp.microsoft.windows,alt.windows7.general on Thu Feb 26 15:58:01 2026

From Newsgroup: alt.windows7.general

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

*******

Please note, that you are the second person in a few days,
to be phished... while presenting a real-email address in
a USENET message. The other poster, he does not use that
email address for official Microsoft related purposes,
making the attempted phish easy to detect.

Looks like there is a campaign underway
feeding off recent USENET usage and some harvested email
addresses. It's OK to use a real email... if you have
the skillz to handle the incoming phish. It would
not be a good idea to use your posted email address, as
part of registering for a Microsoft MSA for W10/W11 usage.
As then the phish could be believable.

Paul
--- Synchronet 3.21b-Linux NewsLink 1.2

From David E. Ross@nobody@nowhere.invalid to alt.comp.microsoft.windows,alt.windows7.general on Thu Feb 26 14:59:59 2026

From Newsgroup: alt.windows7.general

On 2/26/2026 12:58 PM, Paul wrote:

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different
reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

[snipped]

Paul

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

and

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

and

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

and

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.
--
David E. Ross
<http://www.rossde.com/>
--- Synchronet 3.21b-Linux NewsLink 1.2

From Shimon@invalid@invalid.invalid to alt.comp.microsoft.windows,alt.windows7.general on Thu Feb 26 23:05:42 2026

From Newsgroup: alt.windows7.general

On 26/02/2026 22:59, David E. Ross wrote:

On 2/26/2026 12:58 PM, Paul wrote:

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different
reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

[snipped]

Paul

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

and

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

and

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

and

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.

<https://www.abuseipdb.com/check/52.101.126.89>

--- Synchronet 3.21b-Linux NewsLink 1.2

From Paul@nospam@needed.invalid to alt.comp.microsoft.windows,alt.windows7.general,alt.comp.os.windows-10,alt.comp.os.windows-11 on Thu Feb 26 20:48:34 2026

From Newsgroup: alt.windows7.general

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different reporting process.

How can I tell which Microsoft service is the source of spam?

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.

*******

Forwarded from alt.windows7.general to W10/W11 for comments...

I can see in some discussion threads, that Azure tenant takeover is a thing, and while the emails coming out may look half-legit, there should be a way
to determine they're spoofed.

Then the next step would be reporting a tenant issue perhaps. That's about
all I'm finding by looking at discussions with outbound.protection.outlook.com .

Paul

--- Synchronet 3.21b-Linux NewsLink 1.2

From Daniel70@daniel47@nomail.afraid.org to alt.comp.microsoft.windows,alt.windows7.general on Fri Feb 27 20:22:33 2026

From Newsgroup: alt.windows7.general

On 27/02/2026 9:59 am, David E. Ross wrote:

On 2/26/2026 12:58 PM, Paul wrote:

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different
reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

[snipped]

Paul

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

and

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

and

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

and

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.

Did they actually tell you what this "different way to complain" was??
--
Daniel70
--- Synchronet 3.21b-Linux NewsLink 1.2

From David E. Ross@nobody@nowhere.invalid to alt.comp.microsoft.windows,alt.windows7.general on Fri Feb 27 08:24:33 2026

From Newsgroup: alt.windows7.general

On 2/27/2026 1:22 AM, Daniel70 wrote:

On 27/02/2026 9:59 am, David E. Ross wrote:

On 2/26/2026 12:58 PM, Paul wrote:

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different >>>> reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

[snipped]

Paul

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

and

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

and

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

and

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.

Did they actually tell you what this "different way to complain" was??

They told me the different way, but only after I sent a complaint. They
did NOT tell me how to distinguish the different sources within Microsoft.
--
David E. Ross
<http://www.rossde.com/>
--- Synchronet 3.21b-Linux NewsLink 1.2

From Daniel70@daniel47@nomail.afraid.org to alt.comp.microsoft.windows,alt.windows7.general on Sat Feb 28 20:04:33 2026

From Newsgroup: alt.windows7.general

On 28/02/2026 3:24 am, David E. Ross wrote:

On 2/27/2026 1:22 AM, Daniel70 wrote:

On 27/02/2026 9:59 am, David E. Ross wrote:

On 2/26/2026 12:58 PM, Paul wrote:

On Thu, 2/26/2026 12:15 PM, David E. Ross wrote:

NO! This is not spam. I try to report spam to the spammer's host.
Spam from Microsoft, however, requires that I know which Microsoft
service is the origin (e.g., Azure, 360). Each service has a different >>>>> reporting process.

How can I tell which Microsoft service is the source of spam?

When you look at the raw email with all of its fancy header text,
is there anything that resembles a Microsoft domain in there ?

[snipped]

Paul

When I view the raw source, I see

Received: from TYPPR03CU001.outbound.protection.outlook.com ([52.101.126.89])
by cmsmtp with ESMTP
id tZmEvnrCkG1vutZmFvdrxB; Fri, 20 Feb 2026 23:19:16 +0000

and

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;...

and

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

and

Content-Type: multipart/alternative; boundary="XtbYproQFDqr7Z2Z91H6ahOZLQg4moK9MZiUnYsSZZJIzVx"
X-ClientProxiedBy: PR3P189CA0057.EURP189.PROD.OUTLOOK.COM

When I complained to <junk@office365.microsoft.com>, they replied that
this was from Azure and required a different way to complain.

Did they actually tell you what this "different way to complain" was??

They told me the different way, but only after I sent a complaint. They
did NOT tell me how to distinguish the different sources within Microsoft.

How helpful the Help Desk was ..... NOT!!
--
Daniel70
--- Synchronet 3.21d-Linux NewsLink 1.2

Who's Online
Recent Visitors
- Geek2
  Tue Mar 3 10:26:12 2026
  from Euclid, Oh via Telnet
- Geek2
  Mon Mar 2 11:22:09 2026
  from Euclid, Oh via Telnet
- Geek2
  Mon Mar 2 07:52:57 2026
  from Euclid, Oh via Telnet
- Geek2
  Sun Mar 1 19:00:04 2026
  from Euclid, Oh via Telnet

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	59
Nodes:	6 (1 / 5)
Uptime:	16:04:01
Calls:	810
Calls today:	1
Files:	1,287
D/L today:	10 files (21,017K bytes)
Messages:	193,341

Reporting Spam from Microsoft

Who's Online

Recent Visitors

System Info