

Yahoo Mail Is The Worst - twampss
http://oneshotblog.com/posts/zedshaw@zedshaw.com/yahoo.blows.html

======
SwellJoe
Welcome to the wonderful world of email, Zed. Self-righteousness won't solve
the problem.

I suspect the problem is that the IP in question has been used in the past for
nefarious purposes. The whole "It's a new server" argument is moot if the IP
address it lives on had been used in the past (and it certainly has).

Get right with RFC Jesus, make sure your DNS resolves both ways, get your SPF
records right, and if that still doesn't do it, setup DKIM. If that _still_
doesn't allow mail to go through to Yahoo addresses unimpeded, you'll have to
contact them.

~~~
schammy
Exactly what I was going to say. Very likely, the IP of this guy's server is
the same IP that an old spamming server used to have. It's happened to me more
than once, and that's very likely the case here.

------
pilif
What is going on here is a process called "Greylisting"
(<http://en.wikipedia.org/wiki/Greylisting>).

The idea is that spammers don't use real mail queues and thus, if you send a
temporary error, genuine clients will requeue the message, whereas spammers
will just drop it.

Over time, this assertion has become false and now it's just annoying.

~~~
asjo
_The idea is that spammers don't use real mail queues and thus, if you send a
temporary error, genuine clients will requeue the message, whereas spammers
will just drop it._

 _Over time, this assertion has become false and now it's just annoying._

Do you have some evidence for this claim?

Greylisting heavily reduced the amount of spam I received when I started using
greylisting years ago.

I still see large amounts of spam rejected, so I'd like to hear more about how
it doesn't work any more - it seems to reduce the spam-level significantly for
me.

------
thwarted
I'm having a similar problem with hotmail currently, although hotmail seems to
have firewalled our source IP (can't even connect) anymore, and the various
contacts we have at Microsoft/hotmail can't even acknowledge that they are
blocking a certain IP range, and keep making us run around asking us to "try
connecting with telnet" (how do they think I've been verifying that one IP is
blocked and other isn't?) and what our email client settings are, and how
we've configured Exchange. And yes, reverse DNS is proper, as is SPF, and
we've had this IP for years and hotmail has accepted mail from it in the past,
and hotmail correctly accepts and delivers mail when sent from another IP.

I don't mind the blocking, I recognize that as a legit way of controlling
access, but what is really frustrating is that the hotmail folks assume that I
don't know anything about email and that they can't even acknowledge that they
have a certain IP blocked. If they could just say "Yes, we've blocked that,
and there's nothing you can do or say to get us to unblock it", then we could
move on; but when it looks like no one at hotmail knows what's going on,
everyone continuously believes that if they just say the magic words or
contact the right person, it can all be cleared up.

~~~
jonursenbach
The problem that I've experienced with Hotmail is even with proper SPF, if you
do not stay below their 1% spam threshold, they reject your IP.

The solution that I came to in the past to overcome this, working for a large
online dating site, was to build a mail relay system that would monitor the
response ratio on each IP, and if it dropped below a certain percentage to
switch it off onto another. Worked fairly well, only downside is having to
manage a lot of IP addresses on your mailer boxes.

------
sil3ntmac
About a year ago I worked in support at a large webhosting company. 99% of the
blacklisted email issues we _ever_ had came from Yahoo. Some of the cases were
legitimate (or is it illegitemate?) spam being sent out from our servers, but
we would always find and eliminate these accounts. Unfortunately, Yahoo would
blacklist the entire server IP, so none of the other users on the shared
server could send email to yahoo either. This caused obvious problems, and we
would spend days contacting support at yahoo to explain and get us un-
blacklisted.

I also remember this happening with emailing addresses on the entire AT&T ISP.
That effected about 40 shared servers (around 16000 hosting accounts, each
with unlimited email). So yeah. Bad news.

~~~
SwellJoe
You're speaking of a whole other kettle of fish. You had high volume servers
providing mail service for barely trusted users. This post is about one mail
server providing service for, presumably, one guy. It's entirely possible to
reliably send mail to Yahoo if you control the server. In fact, it's not even
that hard. I've explained how in another post.

We have a few hundred (mostly small) hosting providers running our software
which includes a mail processing stack, and quite frequently they ask about
stuff like this (and yes, Yahoo comes up more than GMail, but about the same
as Hotmail). And, there is very often anger involved, just as in this case.
But, the fact is...if you follow RFCs strictly (Zed has written his own
newfangled mail server in Python; I suspect he's made some mistakes, as the
mail RFCs are notoriously difficult to get right, though the MTA isn't
necessarily dealing with _all_ of the messiness of the protocols), have DNS
that resolves in both directions, and have accurate SPF records, delivering to
Yahoo will work reliably and fast.

We've occasionally gotten comments that DKIM is necessary to deliver to Yahoo,
but whenever I hear it, I'm surprised to hear that a major provider has
finally started actually blocking on DKIM. So, I go check. I always find that
no, DKIM is still not required to deliver to Yahoo. It probably helps, though.

I'm not saying Yahoo doesn't have an itchy trigger finger on the blacklisting
process. Maybe they do. They certainly aren't as good as Google at non-
obtrusively, but effectively, blocking spam, but very few providers are.

------
prodigal_erik
At first glance, this is an autoresponder that doesn't require a confirmed
subscription. If that's correct, when some idiot spammer sends it a message
with a spoofed envelope address (because they don't realize or care that
88fortunes is an autoresponder, not a person), it will send an unsolicited
message to whatever address the spammer used. Anyone know how many "this is
spam" clicks it takes for them to ban a sender having no history with them?

