Yahoo delays, part 3: Yahoo speaks

Yahoo is aware of the recent problems and have been working feverishly to fix them. A Yahoo employee posted to a mailing list earlier today, explaining some of the recent issues. The summary is:
1) The Yahoo delays are a result of a tighter spam filtering policy. The delays are the result of the system erroneously recognizing email as spam and deferring delivery. They do believe that retrying long enough will result in all mail being delivered to Yahoo recipients.
2) They have been continually making fixes to the system over the last few days and senders should see queues start to empty over the next few hours.
3) They believe the adjustments made will resolve the deferral problems. If you continue to see problems, you can contact them through the form at http://postmaster.yahoo.com/.
4) They are working to provide more self-serve information at http://postmaster.yahoo.com/ as well as timely service updates.
Loose ends from my previous Yahoo posts:

  1. The rumors of an attack were just that, rumors.
  2. The Yahoo blog post about outbound servers is unrelated to the problems seen by senders recently. Outbound SMTP servers are not the same as the MX machines.

Good news all around. Thanks to the people at Yahoo for working so diligently to fix the problems.

Related Posts

Articles I read today

It has been a rather busy day today, I do not have a full blog post. I did see a couple posts come across my RSS feeds. Both of them have content I want to talk about and discuss in a little more detail, as I think they touched on some very interesting issues.
Network World has an article interviewing Mark Risher from Yahoo. The article discusses Yahoo’s use of DomainKeys as part of their inbound mail filtering.
Mickey has an article about how to deal with ISPs when attempting to troubleshoot a blocking issue.
More details and commentary on both articles later this week.

Read More

Greylisting: that which Yahoo does not do

Over the last couple days multiple people have asserted to me that Yahoo is greylisting mail. The fact that Yahoo itself asserts it is not using greylisting as a technique to control mail seems to have no effect on the number of people who believe that Yahoo is greylisting.
Deeply held beliefs by many senders aside, Yahoo is not greylisting. Yahoo is using temporary failures (4xx) as a way to defer and control mail coming into their servers and their users.
I think much of the problem is that the definition of greylisting is not well understood by the people using the term. Greylisting generally refers to a process of refusing email with a 4xx response the first time delivery is attempted and accepting the email at the second delivery attempt. There are a number of ways to greylist, per message, per IP or per from address. The defining feature of greylisting is that the receiving MTA keeps track of the messages (IP or addresss) that it has rejected and allows the mail through the second time the mail is sent.
This technique for handling email is a direct response to some spamming software, particularly software that uses infected Windows machines to send email. The spam software will drop any email in response to a 4xx or 5xx response. Well designed software will retry any email receiving a 4xx response. By rejecting anything on the first attempt with a 4xx, the receiving ISPs can trivially block mail from spambots.
Where does this fit in with what Yahoo is doing? Yahoo is not keeping track of the mail it rejects and is not reliably allowing email through on the second attempt. There are a couple reasons why Yahoo is deferring mail.

Read More

Why does everyone tell you to avoid .biz in your emails?

… or Why do spam filters sometimes have some very strange ideas?
It’s been dogma for a long time that if you’re doing email marketing you should avoid using a .biz domain in your mails. Even if your main website was in .biz, you should use something different in your messages, perhaps a website you buy solely for use in email that redirects to your real .biz website. Last year I looked at why that was, and what could be done about it.
One main reason for avoiding it has been resolved (so if you’ve been avoiding using .biz URLs in your mail now might be a good time to re-test that decision). And enough time has gone by that I can share the ugly reasons as to why .biz was considered a sure sign of spam without good reason for so long without upsetting everyone.
The simple reason was SpamAssassin. SpamAssassin is very widely used to filter mail, both in it’s open source version and buried anonymously deep inside countless commercial spam filters and filtering appliances. Not only that, but SpamAssassin is readily available, so most people looking to do pre-mailing content checks or looking at why content-based filters are objecting to a particular email will use SpamAssassin as their model. It’s very widely deployed, and influential far beyond the size of it’s deployed base.
SpamAssassin is a score-based spam filter – it checks an email against hundreds of rules, adds up the scores of each rule that matches and, in typical setups, decides the mail is spam if the total score is five or more. Pretty reasonable, but here are a few of the rules and scores (from the 2006 version of SpamAssassin)

Read More