Yahoo! Mail Issue

Nathanael_C_Cariaga1 · April 12, 2011, 4:28am

Hi All,

It seems that we're having some problems receiving emails from selected Yahoo! Mail Accounts. I noticed that there is a commonality between the accounts that fails when sending an email to our domain (see email header below)

Matthew_Petach2 · April 12, 2011, 4:47am

Um...it might be easier to get mail, if your host didn't close
the connection with a 5xx error.

mpetach@hinotori:~> host -t mx stluke.com.ph
stluke.com.ph mail is handled by 20 qc.stluke.com.ph.
stluke.com.ph mail is handled by 20 mx1.stluke.com.ph.
stluke.com.ph mail is handled by 40 gc.stluke.com.ph.
mpetach@hinotori:~> nslookup qc.stluke.com.ph.
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
Name: qc.stluke.com.ph
Address: 219.90.94.56

mpetach@hinotori:~>

mpetach@opstools1:~> telnet 219.90.94.56 25
Trying 219.90.94.56...
Connected to static-host-219-90-94-56.tri.ph.
Escape character is '^]'.
ehlo yahoo.com
554 SMTP synchronization error
Connection closed by foreign host.
mpetach@opstools1:~>

I imagine when port 25 stops giving 5xx
failure message back, mail reception
might improve. ^_^;

Matt

Brian_Bruns · April 12, 2011, 4:54am

Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.

telnet 219.90.94.56 25
Trying 219.90.94.56...
Connected to static-host-219-90-94-56.tri.ph.
Escape character is '^]'.
220 stluke.com.ph ESMTP MailCleaner (Community Edition 2010 beta 3) Tue, 12 Apr 2011 12:51:38 +0800

My systems do it too if you try to send a command before waiting for the 220s to finish:

telnet mail.sosdg.org 25
Trying 2620:64:0:1::2...
Connected to mail.sosdg.org.
Escape character is '^]'.

554 SMTP synchronization error
Connection closed by foreign host.

Its an effective antispam method, because bots rarely bother to wait. They just blast away

Matthew_Petach2 · April 12, 2011, 5:17am

Doh!

See, that's what happens when you ask networking people
to try to troubleshoot mail issues. ^_^;;

Sorry about that.

Matt

Nathanael_C_Cariaga1 · April 12, 2011, 5:29am

Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue

-nathan

Joshua_Klubi · April 12, 2011, 6:41am

Well yahoo's mx tend to do that a lot. i used to have a lot of bounced
emails to yahoo until i implemented dkim, domainkeys and spf then all my
yahoo problems disappeared ,

I just want to know if you have implemented any of
these technologies dkim,domainkeys and spf, other wise you would have all
those problems

Joshua

Nathanael_C_Cariaga1 · April 12, 2011, 6:53am

Just to clarify, the problem we are encountering is that emails sent from yahoo does not seem to reach our mail server (even any of our MX records / anti-spam servers).

We have neither implemented any of the items you have said (still in the process of doing so). I tried to interview our email users regarding this issue. They said that it was working perfectly before March. Then we started to have this isolated problem since then.

Chris_Balmain1 · April 12, 2011, 7:04am

We had a lot of issues delivering mail to yahoo.com.sg about a year ago
(just the .sg domain, plain .com was fine). Could establish connection
but it'd die halfway through transferring mail. A static route to drop
the MTU (for their subnet only) to 1000 fixed the problem right up.

Not sure if pmtud was/is broken or what.

- Chris

Nathanael_C_Cariaga1 · April 12, 2011, 7:12am

Strangely though I noticed that the email accounts that seems to be affected by our concern seems to be related to the Yahoo SG servers.....

Matthew_Petach2 · April 12, 2011, 7:33am

Strangely though I noticed that the email accounts that seems to be affected
by our concern seems to be related to the Yahoo SG servers.....

Oh. You don't seem to want to accept connections from the singapore
servers at all:

-bash-3.2$ telnet qc.stluke.com.ph 25
Trying 219.90.94.56...
Connected to qc.stluke.com.ph.
Escape character is '^]'.
550 Blacklisted: Blocked - see SpamCop.net - Blocking List ( bl.spamcop.net )
Connection closed by foreign host.
-bash-3.2$

So, they really can't send mail to your users--but it's your machine
rejecting the connection.

Matt

Nathanael_C_Cariaga1 · April 12, 2011, 9:22am

Oh well... Just have to inform our users

Thanks! =)

ps. I'm just wondering why yahoo doesn't inform their users that the email that they sent was blocked because of their servers were listed in a blocklist (inspite that the server is able to return a correct reject code 550)

Suresh_Ramasubramani · April 12, 2011, 10:06am

Tell you the truth, you shouldnt be dropping the connection right at
the smtp banner with a 5xx - return it after RCPT TO.

Jay_Ashworth · April 13, 2011, 1:22am

It only happens when the sending server is less than 600 miles from you.

Cheers,
-- jra

Scott_Howard · April 16, 2011, 9:09pm

ps. I'm just wondering why yahoo doesn't inform their users that the email
that they sent was blocked because of their servers were listed in a
blocklist (inspite that the server is able to return a correct reject code
550)

Because 550 is NOT a valid response code at that stage in the conversation.
According to the RFC, the only two valid responses to an initial connection
are a 220 or a 554.

Even then, RFC 2821 doesn't make it clear if a 554 on initial connection
should be considered a fatal error at the message level, and as a result
most mail servers will consider it a temporary failure and will re-try to
send the message multiple times even after getting a 554 (and especially
after getting an invalid 550).

As someone else has already pointed out, the solution is to return the 5xx
response after the rcpt to, not at the initial connection.