locked
Yahoo and RFC violations RRS feed

  • Question

  • Hi guys

    Maybe this is a bit off topic, but I would like to know the opinion from other Admin's.

    We have the problem that we get always complaint from some customers who use Yahoo email they can't get through very often. That's not a Exchange problem, because we use a Spamfilter Aplliance in front of the Exchange which has the Greylist feature active.

    The problem is Yahoo, unfortunately Yahoo do not respect the RFC and is violating the rules! So many providers and Mailserver Admins have this annoying problem with Yahoo and we all have to recommend our customers to not use a Yahoo email address anymore.

    That's because instead of having the sending SMTP server retry after a few minutes, Yahoo delegate the delivery to another of their outbound SMTP servers on a different subnet. As this new SMTP server will be making its initial connection for the very first time to the destination SMTP with activated greylinst feature, it will be rejected by the greylist filter. Yahoo will again not follow RFC requirements, and will pass on for delivery the email to yet another SMTP server. The story then repeats itself continuously, causing huge delays in the delivery of the email, until the email is eventually delivered by an SMTP server that was used in the past (which allows it to pass the greylist filter).

    To try avoiding this issue, we are now generating weekly a Yahoo SMTP server whitelistwith trusted IPs. But the hell, I'm tired of hunting always their IP's.

    So I tried often to get an answer from a Yahoo Mail responsible person, but yeah, no way to reach there somebody, they have only this stupid webbased formulars and nobody will reply.

    How do you guys handle it?

    Thx
    Wayne

    • Edited by wayne7215 Tuesday, October 18, 2011 10:02 AM
    • Changed type Mike Crowley Thursday, December 1, 2011 4:59 AM
    Tuesday, October 18, 2011 10:01 AM

All replies

  • On Tue, 18 Oct 2011 10:01:43 +0000, wayne7215 wrote:
     
    >Maybe this is a bit off topic, but I would like to know the opinion from other Admin's.
    >
    >We have the problem that we get always complaint from some customers who use Yahoo email they can't get through very often. That's not a Exchange problem, because we use a Spamfilter Aplliance in front of the Exchange which has the Greylist feature active.
    >
    >The problem is Yahoo, unfortunately Yahoo do not respect the RFC and is violating the rules! So many providers and Mailserver Admins have this annoying problem with Yahoo and we all have to recommend our customers to not use a Yahoo email address anymore.
     
    When you come right down to it, greylisting is an abuse of SMTP
    standards. Your server isn't really busy at all so sending a 4xx
    status code isn't the way the protocol was designed.
     
    I'm not sure that the RFCs say anything about always using the same
    server to retry failed connections.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Wednesday, October 19, 2011 12:02 AM
  • Hi Rich

    "Large companies with big pools of sending machines typically break RFCs and greylisting systems by returning greylisted mail to the sending pool of servers, but to be fully compliant the sending server and its corresponding unique IP address are solely responsible for the delivery of the message. The practice of returning a message back into a pool for later delivery breaks this rule and is generally discouraged and will cause mail delays."

    I also not agree with your opinion that greylisting is an abuse of the SMTP standards. Where is the difference in the handlig of a protocol if the server is really busy or just pretending to be? There isn't one as far as I understand.

    Anyway, greylisting is still a great weapon agains spam and very common since years. We are able to filter out almost 60% of spam just in this first stage.

    But thanks for your opinion.

    Wednesday, October 19, 2011 10:52 AM
  • I have to admit, I am not a fan of greylisting myself. I think you are depending too much on the legitimate sending servers to do the right thing and resend the message. I have seen "name-brand" SMTP products mess this up and despite the fact they get a 4XX, they never resend or it takes much longer than expected.

     

     

     

    Wednesday, October 19, 2011 11:11 AM
  • About the only thing I can think of would be to use a script to read through your SMTP protocol log periodically, looking for email delivery attempts from Yahoo addresses, and start sending them an email explaining that their email may be delayed or undeliverable, and why. Yahoo is more likely to pay attention to complaints from it's customers than from a foreign domain email admin.


    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "
    Wednesday, October 19, 2011 11:30 AM
  • On Wed, 19 Oct 2011 10:52:02 +0000, wayne7215 wrote:
     
    >
    >
    >Hi Rich
    >
    >"Large companies with big pools of sending machines typically break RFCs and greylisting systems by returning greylisted mail to the sending pool of servers, but to be fully compliant the sending server and its corresponding unique IP address are solely responsible for the delivery of the message. The practice of returning a message back into a pool for later delivery breaks this rule and is generally discouraged and will cause mail delays."
     
    The last time I checked wikipedia wasn't a standard. I agree with the
    "This article has multiple issues" notation on the page, too
    (http://en.wikipedia.org/wiki/Greylisting). The "SMTP client"
    mentioned in the article assumes that it's a single machine.
     
    >I also not agree with your opinion that greylisting is an abuse of the SMTP standards. Where is the difference in the handlig of a protocol if the server is really busy or just pretending to be?
     
    If the server was always busy the result would be the same as the one
    you're complaining about -- the message would never be delivered. But
    the server probably isn't always going to be busy and then it wouldn't
    matter which IP address was used to deliver the message when the
    connection was finally accepted.
     
    >There isn't one as far as I understand.
     
    Your understanding may be too narrow.
     
    >Anyway, greylisting is still a great weapon agains spam and very common since years. We are able to filter out almost 60% of spam just in this first stage.
     
    And some it is filtered 100% of the time, even if it's legitimate!
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Thursday, October 20, 2011 12:02 AM
  • If the server was always busy the result would be the same as the one
    you're complaining about -- the message would never be delivered. But
    the server probably isn't always going to be busy and then it wouldn't
    matter which IP address was used to deliver the message when the
    connection was finally accepted.
     
    >There isn't one as far as I understand.
     
    Your understanding may be too narrow.

     

    Ok, got it now and I agree, that is a difference. My understandig was too narrow.

    Thursday, October 20, 2011 12:54 PM