AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service.
Starting on Monday, AT&T customers began reporting they could no longer receive email from Microsoft 365 email addresses.
When Microsoft 365 customers attempted to email an address at @att.com, @sbcglobal.net, or @bellsouth.com, AT&T servers would refuse the connection and not accept the email for delivery.
Reason: [{LED=450 4.4.316 Connection refused [Message=Socket error code 10061] [LastAttemptedServerName=att.net] [LastAttemptedIP=144.160.159.21:25]
[SmtpSecurity=-2;-2] [MW2NAM10FT061.eop-nam10.prod.protection.outlook.com
2024-05-08T15:33:54.328Z 08DC6E49E2071EB6]};{MSG=Socket error code 10061};{FQDN=att.net};{IP=144.160.159.. OutboundProxyTargetIP:
144.160.159.22. OutboundProxyTargetHostName: att.net
Reason: [{LED=450 4.4.316 Connection refused [Message=Socket error code 10061] [LastAttemptedServerName=bellsouth.net]
[LastAttemptedIP=144.160.159.22:25] [SmtpSecurity=-2;-2] [CO1NAM11FT004.eop-nam11.prod.protection.outlook.com
2024-05-08T15:54:34.984Z 08DC6EC21DF48CA1]};{MSG=Socket error code 10061};{FQDN=bellsouth.net};{IP=. OutboundProxyTargetIP: 144.160.159.22.
OutboundProxyTargetHostName: bellsouth.net
Since then, AT&T customers have created numerous topics with hundreds of replies in the company's forums about the issue [1, 2, 3, 4], with some claiming it also affects Gmail.
"Same problem. Can't send from multiple 365 accounts or gmail... only to att.net domain... Hey ATT... I cant even email your SALES guys... get this working...," reported someone trying to send an email to an AT&T address.
"I'm having the same problem: nothing from a gmail account is getting into my email account (sbcglobal.net), and nothing is being bounced back to the sending gmail accounts. It's just vanishing. Yet everything was working a few hours ago," a sbcglobal.net user posted.
BleepingComputer could not independently confirm whether Gmail emails are having issues as well.
AT&T told BleepingComputer that the issue is due to an "unusually high volume of spam" originating from Microsoft's servers, causing a mail delay.
"An unusually high volume of spam originating from the Microsoft email platform is causing temporary delays in receiving emails from that platform," an AT&T spokesperson told BleepingComputer.
"This incoming spam is an industry-wide issue that affects multiple email services. We thank our customers for their patience as we work with Microsoft to help protect them from fraud."
BleepingComputer attempted to learn more about this spam campaign but did not receive a response from Microsoft or Gmail, nor was there further information from AT&T by the time of this publication.
Microsoft recently announced it will fight spam originating from its platform by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025.
Google also introduced stricter spam thresholds and authentication requirements for bulk email senders on April 1st to strengthen defenses against spam and phishing attacks.
Comments
sun-devil1999 - 1 month ago
People are still using ISP email accounts?!
thatirish - 1 month ago
I use Gmail, and haven't had any problems thus far...
Lawrence Abrams - 1 month ago
I didn't have any issues either sending to AT&T emails.
ftcm207 - 1 month ago
One of my clients called me with this problem yesterday (May 9th). One gmail message arrived in her @sbcglobal.net (AT&T) inbox about 12 hours after it was sent. Many others were delayed several hours. Same with Microsoft email sent to her to sbc account. Some gmail went through quickly. It was inconsistent and a big problem because she needed to schedule her own customers. Hopefully, she'll start using a gmail account she set up years ago but ignored.
AT&T is horrible with email.
To log into your @sbcglobal.net account, you go to yahoo.com and enter your credentials, then you're redireted to AT&T where you enter your credentials again, then you're redirected back to yahoo to view your inbox.
Some email settings are in the Yahoo interface. Some are in AT&T's. It depends on what setting link you click.
Last year or the year before, hackers roamed around in AT&T's email account (admin?) controls and created app-specific passwords in victims' accounts. Victims still had their own regular email passwords but didn't realize app-specific passwords were also present. Calamity ensued. When victims detected hackers sending emails from their accounts, victims changed their passwords, which had no effect on the rogue app-specific passwords. I helped two clients find and delete rogue app-specific passwords in AT&T's email settings for their @sbcglobal.net accounts.
AT&T old telcom email accounts (@pacbell.net, sbcglobal.net et al.) are so convoluted and untrustworthy. AT&T contracts out its email to Yahoo, which Verizon, a major competitor of AT&T, owns, yet AT&T still controls some email settings and Yahoo others.
To make matters worse, you can't auto-forward your sbcglobal email for free anymore. It's $20/year to enable auto-forwarding, which is the key to help people leave SBC/ATT/Yahoo.
I've helped dozens of people migrate away from their @sbcglobal email over the years but still have maybe two or three left. They freak out when I bring it up but I think one of them is willing now.
I'm super proud of myself for not swearing about this. Feel free to fill in the curse gaps above.
INTREPID-FL - 1 month ago
AT&T should not be blocking "suspected" spam but should instead be delivering it to the User's spam box. This violates industry standard practices. Specifically AT&T servers are refusing connection for Microsoft and some Gmail email. This causes Microsoft servers to defer and queue the email to be tried again later. In some cases, the email is accepted by AT&T hours later. In most cases, a non-delivery report is generated after 24 hours of multiple attempts by Microsoft.
Thousands of AT&T customers are complaining!
Example: https://forums.att.com/conversations/att-mail-login-security/not-receiving-all-incoming-messages/663a6303fcc6915014877ba8?page=1
cliftonprince - 1 month ago
This is probably just a cover story, a lie. They're doing something seedy and they need to backtrack to prevent further investigation into the real causes of their errors.
So, personally, I do not believe the story about it being a deliberate anti-spam measure. They didn't inform their help desk staff, emails incoming from sources other than Microsoft also fail, they often don't deliver (but sometimes do deliver) failure or blockage notifications to the senders such as the old familiar "connection refused", the blockages are intermittent, some messages arrive after long delay while some disappear permanently (unpredictable results are not generally a feature of deliberate programming) and most important, I think nobody (not even an ATT exec!) is stupid enough to try to block all emails originating from or passing through all Microsoft products, that would be like literally 95% of all email traffic on the entire internet!
lhgolfer - 1 month ago
So what's the fix? Can I do anything in Microsoft 365 to allow user's emails to go through to AT&T systems? SPF, DKIM, DMARC changes?
teufulhunden07 - 1 month ago
Negative. DMARC Compliance will not help with this issue.
HereForTheNews - 1 month ago
Has anyone been able to get an update? I contacted AT&T and the tech informed me that they have not been informed of this issue. They also checked the status of servers on their end and stated that everything was showing up. Client is still having issues emailing people with the domain of sbcglobal.net.
teufulhunden07 - 1 month ago
It appears that the delivery rate is better now, but the delivery time is still abysmal.
HereForTheNews - 1 month ago
Thanks for the reply, I found a comment on a reddit post from 5/13 where a user stated "I just spoke to an AT&T technical rep and he said that there's a systemwide security update that's going to take possibly another week until this issue is fixed."