Yahoo and their mail filters..
chort at smtps.net
Wed Feb 25 14:47:41 CST 2009
On Feb 24, 2009, at 6:27 PM, Micheal Patterson wrote:
> This may be old news, but I've not been in the list for quite some
> time. At any rate, is anyone else having issues with Yahoo
> blocking / deferring legitimate emails?
> My situation is that I host our corporate mx'ers on my network, one
> of the companies that we recently purchased has Yahoo hosting their
> domains mail. Mail traffic to them is getting temporarily deferred
> with the "421 4.7.0 [TS01] Messages from xxx.xxx.xxx.xxx temporarily
> deferred due to user complaints - 220.127.116.11;
> see http://postmaster.yahoo.com/421-ts01.html"
> The admin of the facility has contacted Yahoo about this but their
> response was for "more information" when they were told that traffic
> from my mx to their domain was to being deferred. I may end up just
> having them migrate to my systems just to maintain company
> communications if we can't clear this up in a timely manner.
> Micheal Patterson
A few comments on this thread in general (speaking only for myself,
not in any way representing my employer)...
Yes, Yahoo! tend to throttle IPs at the drop of a hat, but those
blocks are often gone in a few hours as well. Others have pointed out
some procedures to follow to minimize the possibility of being
blocked. At least they give you a useable SMTP error (usually).
Incidentally this is why all my test accounts are on Gmail, because
delivery to Yahoo! is often deferred for minutes to hours. Of course,
given the recent Gmail outages I might have to diversify even more...
As for "blackholes" that messages fall into, what is the alternative?
You could say reject it in session with a readable error, but that
would give spammers instant confirmation on whether their campaign is
working. Also, the majority of anti-spam products I've seen have to
spool the message before they scan it, so rejecting in session is
simply not an option on a lot of commercial platforms.
The other options is to stuff all the spam messages in a folder and
expose them to the user, taking up a huge amount of storage space for
something the vast majority of users are never going to look at any
way. Again, a lot of commercial solutions have a scoring methodology
where you can be pretty certain stuff at the top end of the scale is
virtually never going to be a false positive. The amount of savings
in not having to handle and store that crud massively outweighs one or
two users missing a newsletter once in a while. It can make sense to
expose the "mid-range spam" to users and let them decide, but why
store terabytes of stuff that only a tiny fraction of the users may
ever care about?
If you're sending important mail that's not reaching the recipient,
and you have the server logs to prove you handed it off to the
destination MTA, open a ticket with them and they'll have logs to
track it down.
Regarding taking automatic action based on luser feedback, that is
ridiculous in my opinion. From the data I see, the lusers classify
mail incorrectly far more than correctly. In fact there's a running
joke around here that we should simply flip the false-positive and
false-negative feeds and enable auto-train, since the only thing you
can reliably count on users to do is get things wrong. Submissions
from administrators are _far_ more accurate (although even then, not
to the point that it always makes sense to take automatic action).
Blocking an entire site just because one John Doe user clicked a
button they don't even understand just does not make sense.
Last, anywhere that I've seen extensive use of forwards has had a maze
of difficult to untangle abuse problems related to forwarded spam.
Any site allowing forwarding should apply very robust filtering of
More information about the NANOG