[outages] yahoo

Cary Wiedemann carywiedemann at gmail.com
Mon Mar 11 14:04:04 EDT 2024 

Okay, just resolved this from my end. My O365 emails were being DKIM signed
but by our .onmicrosoft.com subdomain instead of the actual sending
domain.  Headers would show dkim=pass but the DKIM domain didn't match the
FROM address in our envelopes.

Had to enable DKIM signing on the custom domain in O365 here
https://security.microsoft.com/authentication?viewid=DKIM and setup CNAMEs
for the proper selectors in DNS.

DMARC reports from Yahoo helped me a ton here, but they were confusing.
They showed DKIM failed in the policy_evaulated -> disposition section but
showed result = pass in the auth_results -> dkim section.

Just had my first successful email to Yahoo.com in days.  Looks like the
O365 DNSRBL inclusion was a red herring.

- Cary

On Mon, Mar 11, 2024 at 1:34 PM Cary Wiedemann <carywiedemann at gmail.com>
wrote:

> Massive problems with email delivery to Yahoo and AOL today, they share a
> mail system on the back-end.  Microsoft issued advisory EX719348 last
> Thursday for their IPs being included in some DNSRBLs, and I still see some
> of their IPs on the Spamhaus RBL (40.107.102.127) but I'm not sure if
> that's the root cause.
>
> All my emails from O365 to Yahoo and AOL have been failing since 3/7.
>
> Lots of noise and confusion because Yahoo and AOL recently started
> enforcing stricter SPF/DKIM/DMARC requirements, but this seems to be
> unrelated.  These emails are DKIM signed, pass SPF, and have a valid DMARC
> record.
>
> Still investigating, will update the list with the eventual resolution.
>
> - Cary
>
> On Mon, Mar 11, 2024 at 1:27 PM bannereddivpool via Outages <
> outages at outages.org> wrote:
>
>> Anyone seeing any issues with yahoo email services?  I keep getting
>> dropped;
>>
>> telnet  mta6.am0.yahoodns.net 25
>> Trying 67.195.204.74...
>> Connected to mta6.am0.yahoodns.net.
>> Escape character is '^]'.
>> 220 mtaproxy501.free.mail.bf1.yahoo.com ESMTP ready
>> EHLO mail.yahoo.com
>> 250-mtaproxy501.free.mail.bf1.yahoo.com
>> 250-PIPELINING
>> 250-SIZE 41943040
>> 250-8BITMIME
>> 250 STARTTLS
>> Connection closed by foreign host.
>>
>> Sending from outlook and I'm getting this as well;
>>
>> *Diagnostic information for administrators:*
>>
>> Generating server: SJ2PR14MB6550.namprd14.prod.outlook.com
>> Total retry attempts: 7
>>
>> sample1 at yahoo.com <babyereed2013 at yahoo.com>
>> Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message
>> temporarily deferred'
>>
>> sample2 at yahoo.com <jbliqemp at yahoo.com>
>> Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message
>> temporarily deferred'
>>
>> Original message headers:
>> _______________________________________________
>> Outages mailing list
>> Outages at outages.org
>> https://puck.nether.net/mailman/listinfo/outages
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages/attachments/20240311/317f3fb7/attachment.htm>

More information about the Outages mailing list