<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div dir="ltr">
<div>
<div dir="ltr">Had to enable DKIM signing like Cary did. Working now. <span id="ms-outlook-ios-cursor"></span></div>
</div>
<div id="ms-outlook-mobile-signature">
<div dir="ltr"><br>
</div>
<div dir="ltr">
<div style="direction:ltr" dir="ltr"><span style="font-size:14.666667px;display:inline !important">Sent from my iPhone.</span><br>
</div>
<div style="direction:ltr">—</div>
<div style="direction:ltr">Casey Johnson</div>
<div style="direction:ltr">Colorado Interlink LLC</div>
<div style="direction:ltr" dir="ltr"><br>
</div>
</div>
</div>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Outages <outages-bounces@outages.org> on behalf of Cary Wiedemann via Outages <outages@outages.org><br>
<b>Sent:</b> Monday, March 11, 2024 12:04:04 PM<br>
<b>To:</b> bannereddivpool <bannereddivpool@gmail.com>; outages <outages@outages.org><br>
<b>Subject:</b> Re: [outages] yahoo</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div>Okay, just resolved this from my end. My O365 emails were being DKIM signed but by our .
<a href="https://us-east-2.protection.sophos.com?d=onmicrosoft.com&u=aHR0cDovL29ubWljcm9zb2Z0LmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=R3p2ejFlZ2FLb2s5L1lUeG9VcFh2L2NmT0xJV2lidWFLMEd1NTVBbnREWT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA">
onmicrosoft.com</a> subdomain instead of the actual sending domain. Headers would show dkim=pass but the DKIM domain didn't match the FROM address in our envelopes.
<br>
</div>
<div><br>
</div>
<div>Had to enable DKIM signing on the custom domain in O365 here <a href="https://us-east-2.protection.sophos.com?d=microsoft.com&u=aHR0cHM6Ly9zZWN1cml0eS5taWNyb3NvZnQuY29tL2F1dGhlbnRpY2F0aW9uP3ZpZXdpZD1ES0lN&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=NSt3OGFMc2hlMDJTQWpIVDAzbTdCeTF1UEtOSENBUTZnekdBcnY0cy90WT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA">
https://security.microsoft.com/authentication?viewid=DKIM</a> and setup CNAMEs for the proper selectors in DNS.
</div>
<div><br>
</div>
<div>DMARC reports from Yahoo helped me a ton here, but they were confusing. They showed DKIM failed in the policy_evaulated -> disposition section but showed result = pass in the auth_results -> dkim section.
</div>
<div><br>
</div>
<div>Just had my first successful email to Yahoo.com in days. Looks like the O365 DNSRBL inclusion was a red herring.
<br>
</div>
<div><br>
</div>
<div>- Cary <br>
</div>
</div>
<br>
<div class="x_gmail_quote">
<div dir="ltr" class="x_gmail_attr">On Mon, Mar 11, 2024 at 1:34 PM Cary Wiedemann <
<a href="mailto:carywiedemann@gmail.com">carywiedemann@gmail.com</a>> wrote: <br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div>Massive problems with email delivery to Yahoo and AOL today, they share a mail system on the back-end. Microsoft issued advisory EX719348
<span><span dir="ltr">last Thursday for their IPs being included in some DNSRBLs, and I still see some of their IPs on the Spamhaus RBL
</span></span>(40.107.102.127) but I'm not sure if that's the root cause. </div>
<div><br>
</div>
<div>All my emails from O365 to Yahoo and AOL have been failing since 3/7. </div>
<div><br>
</div>
<div>Lots of noise and confusion because Yahoo and AOL recently started enforcing stricter SPF/DKIM/DMARC requirements, but this seems to be unrelated. These emails are DKIM signed, pass SPF, and have a valid DMARC record.
<br>
</div>
<div><br>
</div>
<div>Still investigating, will update the list with the eventual resolution. </div>
<div><br>
</div>
<div>- Cary <br>
</div>
</div>
<br>
<div class="x_gmail_quote">
<div dir="ltr" class="x_gmail_attr">On Mon, Mar 11, 2024 at 1:27 PM bannereddivpool via Outages <
<a href="mailto:outages@outages.org" target="_blank">outages@outages.org</a>> wrote:
<br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Anyone seeing any issues with yahoo email services? I keep getting dropped;
<div><br>
</div>
<div>
<div>telnet <a href="https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">
mta6.am0.yahoodns.net</a> 25 </div>
<div>Trying 67.195.204.74... </div>
<div>Connected to <a href="https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">
mta6.am0.yahoodns.net</a>. </div>
<div>Escape character is '^]'. </div>
<div>220 <a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL210YXByb3h5NTAxLmZyZWUubWFpbC5iZjEueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UXh4OFN0TCtIODE0RlFlZUx3Z3N4Ukx0U21sYmJlTE5oMzlBck1VcG4wND0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">
mtaproxy501.free.mail.bf1.yahoo.com</a> ESMTP ready </div>
<div>EHLO <a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL21haWwueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UEpxSGZMWTdtNm1QRkUrc0ZZcXNPUDdVa2NpcllDdWdpMlJWOWFwWjhOOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">
mail.yahoo.com</a> </div>
<div><a href="https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovLzI1MC1tdGFwcm94eTUwMS5mcmVlLm1haWwuYmYxLnlhaG9vLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=STRvV05tZ0J4VE9sZFFVd2oyYXdEa1FWZU91eGYyM1U1ekJ5UjZva2xtcz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">250-mtaproxy501.free.mail.bf1.yahoo.com</a>
</div>
<div>250-PIPELINING </div>
<div>250-SIZE 41943040 </div>
<div>250-8BITMIME </div>
<div>250 STARTTLS </div>
<div>Connection closed by foreign host. </div>
</div>
<div><br>
</div>
<div>Sending from outlook and I'm getting this as well; </div>
<div><br>
</div>
<div>
<p><b><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Diagnostic information for administrators:</span></b><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><span></span></span></p>
<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Generating server:
<a href="https://us-east-2.protection.sophos.com?d=outlook.com&u=aHR0cDovL1NKMlBSMTRNQjY1NTAubmFtcHJkMTQucHJvZC5vdXRsb29rLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=L1J1Q3Y3Vk9MSkRDNjNxZWJxcFlGNG9tTHg2QkZObHR0SU9ka1JubXBKOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" target="_blank">
SJ2PR14MB6550.namprd14.prod.outlook.com</a><br>
Total retry attempts: 7<span></span></span></p>
<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><a href="mailto:babyereed2013@yahoo.com" target="_blank">sample1@yahoo.com</a><br>
Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred'<span></span></span></p>
<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray"><a href="mailto:jbliqemp@yahoo.com" target="_blank">sample2@yahoo.com</a><br>
Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred'<span></span></span></p>
<p><span style="font-size:10pt; font-family:Tahoma,sans-serif; color:gray">Original message headers:<span></span></span></p>
</div>
</div>
</div>
</div>
_______________________________________________ <br>
Outages mailing list <br>
<a href="mailto:Outages@outages.org" target="_blank">Outages@outages.org</a> <br>
<a href="https://us-east-2.protection.sophos.com?d=nether.net&u=aHR0cHM6Ly9wdWNrLm5ldGhlci5uZXQvbWFpbG1hbi9saXN0aW5mby9vdXRhZ2Vz&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=Q29YbzM0LzQ2Q0tyYzFycEFUQWFNUXBOb2lVYzR0bzdSYm84SXlJRFF4az0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA" rel="noreferrer" target="_blank">https://puck.nether.net/mailman/listinfo/outages</a>
<br>
</blockquote>
</div>
</blockquote>
</div>
</div>
</body>
</html>