<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

</head>

<body>

<div dir="ltr">

<div>

<div dir="ltr">Had to enable DKIM signing like Cary did. Working now. <span id="ms-outlook-ios-cursor"></span></div>

</div>

<div id="ms-outlook-mobile-signature">

<div dir="ltr"><br>

</div>

<div dir="ltr">

<div style="direction:ltr" dir="ltr"><span style="font-size:14.666667px;display:inline !important">Sent from my  iPhone.</span><br>

</div>

<div style="direction:ltr">—</div>

<div style="direction:ltr">Casey Johnson</div>

<div style="direction:ltr">Colorado Interlink LLC</div>

<div style="direction:ltr" dir="ltr"><br>

</div>

</div>

</div>

</div>

<hr style="display:inline-block;width:98%" tabindex="-1">

<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Outages <outages-bounces@outages.org> on behalf of Cary Wiedemann via Outages <outages@outages.org><br>

<b>Sent:</b> Monday, March 11, 2024 12:04:04 PM<br>

<b>To:</b> bannereddivpool <bannereddivpool@gmail.com>; outages <outages@outages.org><br>

<b>Subject:</b> Re: [outages] yahoo</font>

<div> </div>

</div>

<div>

<div dir="ltr">

<div>Okay, just resolved this from my end. My O365 emails were being DKIM signed but by our .

<a href="https://us-east-2.protection.sophos.com?d=onmicrosoft.com&u=aHR0cDovL29ubWljcm9zb2Z0LmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=R3p2ejFlZ2FLb2s5L1lUeG9VcFh2L2NmT0xJV2lidWFLMEd1NTVBbnREWT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA">

onmicrosoft.com</a> subdomain instead of the actual sending domain.  Headers would show dkim=pass but the DKIM domain didn't match the FROM address in our envelopes.

<br>

</div>

<div><br>

</div>

<div>Had to enable DKIM signing on the custom domain in O365 here <a href="https://us-east-2.protection.sophos.com?d=microsoft.com&u=aHR0cHM6Ly9zZWN1cml0eS5taWNyb3NvZnQuY29tL2F1dGhlbnRpY2F0aW9uP3ZpZXdpZD1ES0lN&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=NSt3OGFMc2hlMDJTQWpIVDAzbTdCeTF1UEtOSENBUTZnekdBcnY0cy90WT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA">

https://security.microsoft.com/authentication?viewid=DKIM</a> and setup CNAMEs for the proper selectors in DNS.

</div>

<div><br>

</div>

<div>DMARC reports from Yahoo helped me a ton here, but they were confusing.  They showed DKIM failed in the policy_evaulated -> disposition section but showed result = pass in the auth_results -> dkim section.

</div>

<div><br>

</div>

<div>Just had my first successful email to Yahoo.com in days.  Looks like the O365 DNSRBL inclusion was a red herring.

<br>

</div>

<div><br>

</div>

<div>- Cary <br>

</div>

</div>

<br>

<div class="x_gmail_quote">

<div dir="ltr" class="x_gmail_attr">On Mon, Mar 11, 2024 at 1:34 PM Cary Wiedemann <

<a href="mailto:carywiedemann@gmail.com">carywiedemann@gmail.com</a>> wrote: <br>

</div>

<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">

<div dir="ltr">

<div>Massive problems with email delivery to Yahoo and AOL today, they share a mail system on the back-end.  Microsoft issued advisory EX719348

<span><span dir="ltr">last Thursday for their IPs being included in some DNSRBLs, and I still see some of their IPs on the Spamhaus RBL

</span></span>(40.107.102.127) but I'm not sure if that's the root cause. </div>

<div><br>

</div>

<div>All my emails from O365 to Yahoo and AOL have been failing since 3/7. </div>

<div><br>

</div>

<div>Lots of noise and confusion because Yahoo and AOL recently started enforcing stricter SPF/DKIM/DMARC requirements, but this seems to be unrelated.  These emails are DKIM signed, pass SPF, and have a valid DMARC record.

<br>

</div>

<div><br>

</div>

<div>Still investigating, will update the list with the eventual resolution. </div>

<div><br>

</div>

<div>- Cary <br>

</div>

</div>

<br>

<div class="x_gmail_quote">

<div dir="ltr" class="x_gmail_attr">On Mon, Mar 11, 2024 at 1:27 PM bannereddivpool via Outages <

<a href="mailto:outages@outages.org" target="_blank">outages@outages.org</a>> wrote:

<br>

</div>

<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">

<div dir="ltr">

<div dir="ltr">

<div dir="ltr">Anyone seeing any issues with yahoo email services?  I keep getting dropped;

<div><br>

</div>

<div>

<div>telnet  <a href="https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">

mta6.am0.yahoodns.net</a> 25 </div>

<div>Trying 67.195.204.74... </div>

<div>Connected to <a href="https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">

mta6.am0.yahoodns.net</a>. </div>

<div>Escape character is '^]'. </div>

<div>220 <a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL210YXByb3h5NTAxLmZyZWUubWFpbC5iZjEueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UXh4OFN0TCtIODE0RlFlZUx3Z3N4Ukx0U21sYmJlTE5oMzlBck1VcG4wND0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">

mtaproxy501.free.mail.bf1.yahoo.com</a> ESMTP ready </div>

<div>EHLO <a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL21haWwueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UEpxSGZMWTdtNm1QRkUrc0ZZcXNPUDdVa2NpcllDdWdpMlJWOWFwWjhOOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">

mail.yahoo.com</a> </div>

<div><a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovLzI1MC1tdGFwcm94eTUwMS5mcmVlLm1haWwuYmYxLnlhaG9vLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=STRvV05tZ0J4VE9sZFFVd2oyYXdEa1FWZU91eGYyM1U1ekJ5UjZva2xtcz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">250-mtaproxy501.free.mail.bf1.yahoo.com</a>

</div>

<div>250-PIPELINING </div>

<div>250-SIZE 41943040 </div>

<div>250-8BITMIME </div>

<div>250 STARTTLS </div>

<div>Connection closed by foreign host. </div>

</div>

<div><br>

</div>

<div>Sending from outlook and I'm getting this as well; </div>

<div><br>

</div>

<div>

<p><b><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Diagnostic information for administrators:</span></b><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><span></span></span></p>

<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Generating server:

<a href="https://us-east-2.protection.sophos.com?d=outlook.com&u=aHR0cDovL1NKMlBSMTRNQjY1NTAubmFtcHJkMTQucHJvZC5vdXRsb29rLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=L1J1Q3Y3Vk9MSkRDNjNxZWJxcFlGNG9tTHg2QkZObHR0SU9ka1JubXBKOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">

SJ2PR14MB6550.namprd14.prod.outlook.com</a><br>

Total retry attempts: 7<span></span></span></p>

<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><a href="mailto:babyereed2013@yahoo.com" target="_blank">sample1@yahoo.com</a><br>

Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred'<span></span></span></p>

<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><a href="mailto:jbliqemp@yahoo.com" target="_blank">sample2@yahoo.com</a><br>

Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred'<span></span></span></p>

<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Original message headers:<span></span></span></p>

</div>

</div>

</div>

</div>

_______________________________________________ <br>

Outages mailing list <br>

<a href="mailto:Outages@outages.org" target="_blank">Outages@outages.org</a> <br>

<a href="https://us-east-2.protection.sophos.com?d=nether.net&u=aHR0cHM6Ly9wdWNrLm5ldGhlci5uZXQvbWFpbG1hbi9saXN0aW5mby9vdXRhZ2Vz&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=Q29YbzM0LzQ2Q0tyYzFycEFUQWFNUXBOb2lVYzR0bzdSYm84SXlJRFF4az0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/outages</a>

<br>

</blockquote>

</div>

</blockquote>

</div>

</div>

</body>

</html>