Order Status emails from Frame.work domain via Mailgun not getting delivered to Outlook.com hosted inboxes

Dan_Ryan · December 2, 2023, 2:12am

Outlook.com (and Microsoft 365) hosted email addresses appear to be losing the order status and shipment notification emails sent from Frame.work like those with a title of “Your order has shipped #R09423014”. A mail trace inside the Microsoft ecosystem does not show the order status email, nor are these ending up in Microsoft’s oddball quarantine for email or the user’s spam folder.

One of my friends who ordered a Framework 13 recently told me he thought Framework’s communication of his order status was poor. This caused me to compare with him which emails were received. It appears mentioning large amounts of money in the shipment notification email combined with other spam scoring factors being high already causes Microsoft to blackhole these emails (as is tradition with Microsoft hosted email services).

MXroute rated this email as an 8.8 out of 100 for spam, whereas other Frame.work originated emails only scored 5.2 out of 100. Microsoft’s email spam scoring is likely using similar logic.

 Content analysis details:   (8.8 points)
 
  pts rule name              description
 ---- ---------------------- -----------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was blocked.
                             See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URI: aftership.com]
                             [URI: frame.work]
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
 -0.1 DKIM_VALID_EF          Message has a valid DKIM or DK signature from
                             envelope-from domain
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily valid
  2.0 PDS_OTHER_BAD_TLD      Untrustworthy TLDs
                             [URI: mail.frame.work (work)]
  0.0 HTML_IMAGE_RATIO_06    BODY: HTML has a low ratio of text to image area
  1.5 HTML_MESSAGE           BODY: HTML included in message
  0.5 KAM_NUMSUBJECT         Subject ends in numbers excluding current years
  0.8 KAM_OTHER_BAD_TLD      Other untrustworthy TLDs
  1.7 LOTS_OF_MONEY          Huge... sums of money
  0.5 FROM_SUSPICIOUS_NTLD   From abused NTLD
  2.0 T_REMOTE_IMAGE         Message contains an external image
SpamTally: Final spam score: 88

Hopefully the Framework team can remediate these email deliverability issues and optimize for inboxing. It can be a real struggle!

From what I have seen in the past, Microsoft will accept suspicious emails without greylisting, then discard them prior to delivery to the end user. Whitelisting the sender does help emails that would otherwise be black holed to be delivered.

Bernd_Steinzimmer · December 2, 2023, 8:56am

On a standard spamassassin installation with spam score decreased to 4.5 I got these results for the charge preparation mail (money included):

X-Spam-Flag: NO
X-Spam-Score: -1.39
X-Spam-Level:
X-Spam-Status: No, score=-1.39 tagged_above=-999.99 required=4.5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
FROM_SUSPICIOUS_NTLD=0.499, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
T_PDS_OTHER_BAD_TLD=0.01, T_REMOTE_IMAGE=0.01,
T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no