Campaign Started - Now Microsoft hits my website with thousands of anonymous IPs in a few minutes. WHY?


Mautic 4.4.9
I have been using Mautic for several years. We are an authorized Microsoft Partner. We use Mautic instead of Salesforce for outbound campaigns.
Over the past few months I have been hit by thousands of anonymous IP’s belonging to Microsoft. All within two or three minutes.

Between campaigns of every 6 to 8 weeks Microsoft stops hitting my website.

As soon as the next campaign starts; Microsoft hits my site with thousands of anonymous IP hits within a few minutes.

  1. Why is Microsoft hitting my website thousands of times with anonymous IP’s all within a few minutes?
  2. Why would they do this only when I have a campaign running?
  3. Has anyone else experienced this issue with Microsoft?
  4. Any thoughts on why this is happening and how to stop it?

Thanks for any input you have.

Not possible, that once you run campaign and emails are delivered to outlook mailboxes, some spamfilter checks the content of your landing page te determine if it’s safe?

June 28th I started the campaign. The campaign is broken into daily sends of about 2,500 contacts. This prevents one huge hit to my website statistics and disburses the hits over about 16 work days. It also allows us to follow up the day contacts show interest. I don’t believe we are emailing any Microsoft contacts.

On Jun 29th thousands of Microsoft anonymous IP’s started appearing in Mautic. (Maybe they aren’t hitting our website but going to the AWS server directly?)

I have 12 screen images of 12 pages of Microsoft IP’s in Mautic if you are interested in seeing this.

Any thoughts on how to stop it?

You can block IP ranges in cloudflare.
You can also do it in apache config.
You can block Bing.
I can’t give you specifics, that depends on your setup, but maybe someone here can chime in.
This is not a Mautic related issue, rather a server admin issue.

Is it microsoft ip’s or azure’s?
What do they do?
If it is the cloud it might be bots running in their cloud with good/bad intenssions. Can even be related to the infrastructure you are running on.
I had an issue with ips from azure that i had to block using the user agent string.

They are Microsoft IPs. Looking into adding a firewall and will block the IP ranges.
Microsoft IP Ranges to block
2a02:fe80::/29 (in case of IPv6 support)

Thanks for responding.

I"m not a developer so “user agent string” isn’t familiar to me. Is this easier than adding a firewall?

Be Well,

I looked into 2 of the ips using a whois service.
Didnt see how they relate to microsoft.
Looks like a godaddy and sucurri ip’s which is also a godaddy company.

User agent string is a browser brand / version kind of id that is submitted by the browser (and bots) to the server. So it is a way to identify many requests from many ips when you can identify a non standard user agent.
It can be used in cloudflare firewall.

I don’t have cloudflare set up with the Mautic instance.

Not sure why the IP’s don’t return as Microsoft. I must have the wrong range.

Here are some of the individual 950 IP’s
Just a few of the 900+ IP’s.