I just found out that Microsoft supports users sending high-risk
eMail messages by sending spam and backscatter from different sets
of IP addresses, according to the following quoted text from
Microsoft's web site:

HRDP: "High-risk delivery pool"

"To prevent our IP addresses from being blocked, all outbound
messages from Microsoft 365 datacenter servers that are determined
to be spam are sent through the high-risk delivery pool."

"The high risk delivery pool is a separate IP address pool for
outbound email that's only used to send "low quality" messages
(for example, spam and backscatter." (The punctuation error is
not from me; that's how it's written on their web site.)

Source: https://learn.microsoft.com/en-us/defender-office-365/outbound-spam-high-risk-delivery-pool-about

Since they're publicly admitting to operating a spam sewer by
knowingly supporting users who send spam and backscatter, I'd like
to at least block those IP addresses, but Googling for what the
HRDP addresses are didn't yield the needed results (and the Search
function on Microsoft's web site finds mostly sales pitches).

Does anyone know where to find documentation on which IP addresses
are part of Microsoft's HRDP? Or is there a reliable resource
documenting what those IP addresses are? I'd rather not block
their entire netblocks to close the valve for the HRDP spam sewer.

Thanks.

--
Randolf Richardson 張文道, CNA - [email protected]
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 18 Jul 2025 14:01:47 -0700, Randolf Richardson ??? <[email protected]> wrote:

I just found out that Microsoft supports users sending high-risk
eMail messages by sending spam and backscatter from different sets
of IP addresses, according to the following quoted text from
Microsoft's web site:
HRDP: "High-risk delivery pool"
"To prevent our IP addresses from being blocked, all outbound
messages from Microsoft 365 datacenter servers that are determined
to be spam are sent through the high-risk delivery pool."
"The high risk delivery pool is a separate IP address pool for
outbound email that's only used to send "low quality" messages
(for example, spam and backscatter." (The punctuation error is
not from me; that's how it's written on their web site.)
Source: https://learn.microsoft.com/en-us/defender-office-365/outbound-spam-high-risk-delivery-pool-about
Since they're publicly admitting to operating a spam sewer by
knowingly supporting users who send spam and backscatter, I'd like
to at least block those IP addresses, but Googling for what the
HRDP addresses are didn't yield the needed results (and the Search
function on Microsoft's web site finds mostly sales pitches).
Does anyone know where to find documentation on which IP addresses
are part of Microsoft's HRDP? Or is there a reliable resource
documenting what those IP addresses are? I'd rather not block
their entire netblocks to close the valve for the HRDP spam sewer.

just curious . . .

"we will begin disallowing traffic from the HRDP by default on July 22nd"

(using Tor Browser 14.5.4) https://knowledge.broadcom.com/external/article/403405/relaying-email-from-the-microsoft-high-r.html

Relaying Email from the Microsoft High Risk Delivery Pool (HRDP)
Article ID: 403405
Updated On: 07-07-2025
Issue/Introduction
How to prevent attackers using EchoSpoofing from sending spoofed email through >your email security cloud tenant from the Microsoft High Risk Delivery Pool. >EchoSpoofing is a process that allows a bad actor to spoof the From address of >domains registered in ClientNet by relaying a message through Microsoft 365 >Exchange Online (O365). EchoSpoofing is possible because the O365 SMTP relay >allows O365 customers to send mail from any domain.
Environment
Email security cloud
Cause
In July 2024, a vulnerability in Microsoft O365 was discovered, allowing >attackers to bypass email authentication checks when a message is relayed. >Attackers were able to send millions of spoofed emails impersonating large brands
that used O365 to host their email.
One of the indicators of EchoSpoofing is that the spoofed emails emanate from a
different range of IP addresses than regular production O365 email. This range is
known as the Microsoft High-Risk Delivery Pool (HRDP). Microsoft created the HRDP
exclusively to send low-quality messages, and you can learn more about it here.
https://learn.microsoft.com/en-us/defender-office-365/outbound-spam-high-risk-delivery-pool-about
Accepting emails from the HRDP increases the risk of our service being added to
IP blocklists. Most organizations don�t send emails from this range, so we will
begin disallowing traffic from the HRDP by default on July 22nd. Therefore, if >you would like to continue allowing traffic from the HRDP, you must explicitly >designate the Microsoft High-Risk Delivery Pool as an allowed delivery option >within Clientnet, as per the instructions below. Please note that we are aware >that non-delivery reports (NDRs) and similar emails are occasionally sent from >this range legitimately, and we will continue to process them.
Resolution
First, check to see if your organisation has a legitimate use for the HRDP. The
easiest way to do this is by running message traces on your outbound mail using
the O365 tools and checking the delivery pool.
If you are an existing customer and you do not have any outbound email using the
HRDP, you do not need to take any further action. Broadcom will be separating the
production and high-risk IP pools on July 22nd. From this point onwards, we will
disallow any outbound emails from the HRDP unless they have been explicitly >selected.
If you are an existing customer with a legitimate requirement for the HRDP, >please follow the instructions below before July 22nd. If you are a new customer
requiring the use of the HRDP, please follow the instructions below when >initially configuring the service.
Configure your outbound routes to permit email from the HRDP.
Access the ClientNet portal and navigate to Dashboard> Platform> Outbound
Routes
Select Hosted Email Services
Select the "Microsoft Office 365 High Risk Delivery Pool" from the drop-down
menu (select both the HRDP AND Microsoft Office 365 if you are a new customer) >and click Add.
Email Security.cloud
You are here: Dashboard > Platform > Outbound Routes
...
IMPORTANT: Do not select "Microsoft Office 365 High-Risk Delivery Pool" unless >you are certain you need it, else your domains are at risk of abuse by other >Microsoft tenants. If you require the Microsoft HRDP, we strongly recommend >implementing our recommended data protection policy for EchoSpoofing, as outlined
in this article.

[end quoted plain text]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/18/25 11:01 PM, Randolf Richardson 張文道 wrote:
..

Does anyone know where to find documentation on which IP addresses
are part of Microsoft's HRDP?

I can only imagine that they are already on lists. eg dial up lists

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In article <105fl3n$2lc3b$[email protected]>, tjoen <[email protected]d> wrote: >On 7/18/25 11:01 PM, Randolf Richardson 張文道 wrote:

..

Does anyone know where to find documentation on which IP addresses
are part of Microsoft's HRDP?

I can only imagine that they are already on lists. eg dial up lists

https://www.nk.ca/blog/index.php?/categories/13-Microsoft-Outlook-Hotmail-Spam --
Member - Liberal International This is [email protected] Ici [email protected]
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism ;
All I want to hear from JEsus Christ is WEll done Good and Faithful servant

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/19/25 4:30 PM, The Doctor wrote:
...

https://www.nk.ca/blog/index.php?/categories/13-Microsoft-Outlook-Hotmail-Spam

OpenAI, ChatGPT and HRDP not to be trusted

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 19 Jul 2025 14:30:31 -0000 (UTC)
[email protected] (The Doctor) wrote:

In article <105fl3n$2lc3b$[email protected]>, tjoen <[email protected]d> wrote: >On 7/18/25 11:01 PM, Randolf Richardson 張文道 wrote:

..

Does anyone know where to find documentation on which IP addresses
are part of Microsoft's HRDP?

I can only imagine that they are already on lists. eg dial up lists

https://www.nk.ca/blog/index.php?/categories/13-Microsoft-Outlook-Hotmail-Spam

Thanks for all that fodder fog. I'll check into some of
the DULs, although I'm not so confident about that since
Microsoft probably isn't providing any dial-up services.

--
Randolf Richardson 張文道, CNA - [email protected]
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 7/19/25 8:51 PM, Randolf Richardson 張文道 wrote:
..

Thanks for all that fodder fog. I'll check into some of
the DULs, although I'm not so confident about that since
Microsoft probably isn't providing any dial-up services.

I remember reading about smarthost. I did a grep in my tldp directory.
It is in Mail-Administrator-HOWTO-6.html

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 20 Jul 2025 08:02:13 +0200
tjoen <[email protected]d> wrote:

On 7/19/25 8:51 PM, Randolf Richardson 張文道 wrote:
..

Thanks for all that fodder fog. I'll check into some of
the DULs, although I'm not so confident about that since
Microsoft probably isn't providing any dial-up services.

I remember reading about smarthost. I did a grep in my tldp directory.
It is in Mail-Administrator-HOWTO-6.html

If they used Qmail, the eMail would get delivered a lot
faster. These days I'm mostly using Postfix, which has
"transport_maps."

--
Randolf Richardson 張文道, CNA - [email protected]
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)