[sf-lug] Yahoo email highly NOT recommended: Re: REQUEST FOR HELP: Fwd: Mail delivery failed: returning message to sender
Michael Paoli
Michael.Paoli at cal.berkeley.edu
Sun Apr 26 18:03:12 PDT 2020
Must say, I quite to highly recommend NOT using Yahoo email.
And for more than just the (ample) reasons Rick mentioned.
Oh, I did also try on the BALUG-Test list. It "works" ... very marginally,
but dear knows for how long.
I'll also add some additional key points in addition ...
"Of course" there's all the annoying advertising / promotional goop
('nough said).
So, ... Yahoo email, I have a yahoo email account, had it for a
very very long time. Mostly gave up on in may years ago, for
various reasons ... but I still keep it around and rarely make any
(semi-)"real" use of it. As for years ago, basically gave up on it
'cause their spam handling was absolutely horrible and highly annoying,
and there was about zilch effective user control over it. So, I mostly
relegated it to, long ago, if/when I'm about to use an email for something
and don't care or want to get email responses, and figure any I get off
it will be mostly or entirely spam anyway ... I'll use ye olde yahoo
email address, as it sucks at spam anyway, and I almost never look at it,
having long ago mostly given up on it for any more general purpose
reasonably usable email. That being said ...
So, I login there, first time in quite a while (likely many months to a
couple years or so). Very oddly, "Inbox" - completely and totally empty,
likewise "Spam", and "Sent". Well, me thinks that kind'a odd. I mean sure,
I'd mostly expect nothing "interesting" or of particular use/value there,
but ... absolutely nothing? I mean surely there must be spam attempts
still going at the email, and they can't even bother to put those in the
"Spam" "folder"?
Also, the BALUG-Test list ... my yahoo email is and has been subscribed to
it ... not a lot of traffic, but some fairly recent ... none of it delivered
in there at all, just totally missing. And as far as I can tell on the
mailman side, at least at quick glance, hasn't been dropped for being
bounced/refused either (haven't looked at all the logs, so ... who knows).
So, ... I send a couple fresh test messages. They make it ... after
bit 'o delay (greylisting - alas, yahoo also quite the spam source! -
so my server slowed 'em down a bit too). Okay, those messages made it,
but, e.g. why is message from earlier this month (the 19th) completely and
totally missing? So, yeah, yahoo sucks, not to be trusted or relied upon
for email - that's my most current conclusion, downgrading 'em from
annoying and horribly poor at spam, now I add to that highly to exceedingly
unreliable for receiving legitimate email. That makes 'em a "no go"*
in my book.
*possibly excepting for testing of a pathologically poor email provider,
and maybe a place to pile up spam - but they don't seem to even be able
do to that last part anymore either.
> From: "Rick Moen" <rick at linuxmafia.com>
> Subject: Re: [sf-lug] REQUEST FOR HELP: Fwd: Mail delivery failed:
> returning message to sender
> Date: Sun, 26 Apr 2020 17:25:49 -0700
> Quoting Jim Stockford (jim at well.com):
>
>> I got several email messages from the SF-LUG email server
>> noting that a number of subscribers have been fatally dropped.
>> Attached to each email was the email message down below.
>>
>> Note that every user has a YAHOO account and there is the
>> following reference for each user:
>>
>> See https://help.yahoo.com/kb/postmaster/SLN7253.html
>>
>> The short story is that Yahoo's DNS policies are rejecting
>> emails sent from the SF-LUG server along the lines that
>> the Yahoo DNS policies do not recognize the SF-LUG server's
>> domain as valid.
>
> Short story: Yahoo is breaking mailing lists mail using an overly
> aggressive implmentation of their 'DMARC' antiforgery method.
>
> Long story: Yahoo Mail implements a particularly pathological
> implementation of DMARC that is mailing list-hostile. All mailing list
> software is having a difficult time dealing with that. If my server
> were running a much more recent version of GNU Mailman, it would be
> possible to enable a mitigation technique that does an ugly header
> rewrite ('munging' the From: header) selectively on mail arriving at
> Mailman from domains with overly aggressive DMARC policies declared in
> their DNS (as does domain yahoo.com, yahoo.co.in, etc.)
>
> In fact, this overly aggressive policy hurts not only the posters
> sending mail from domain yahoo.com (and yahoo.co.in, etc.), but also
> other subscribers whose
> MTAs implement the yahoo.com (etc.) policy to verify authenticity of mail
> looped through the mailing list. Example:
>
> joeuser at yahoo.com is subscribed to sf-lug at linuxmafia.com, and posts.
> This mail arrives at linuxmafia.com and is handed off to Mailman, which
> then remails copies to all subscribers including janeuser at gmail.com .
> Gmail.com's MTA (SMTP server) receives janeuser's subscriber copy of
> joeuser's post and tests it against claimed sending domian yahoo.com's
> DMARC antiforgery policy, which is so strict that mail routed through a
> non-yahoo.com mailing list tests as 'forged' upon arrival at GMail.
> GMail duly refuses delivery of janeuser's copy, which results in a
> non-delivery notification back to linuxmafia.com, which notifies
> Mailman, which increments the 'bounce score' for subscriber janeuser.
> If this cycle repeats too frequently, then janeuser's subscription gets
> delivery disabled on grounds of too high a bounce score. (Eventually,
> such subscribers can get dropped.) So, janeuser gets hurt by Yahoo's
> DMARC policy even though janeuser isn't even a Yahoo user.
>
>
> Since for the time being I am stuck on the version of Mailman my server
> runs, that kludge (mitigation of the DMARC disaster) is unavailable to
> me. I will not be able to run a more-recent Mailman version until after
> a successful total migration of linuxmafia.com to new hardware and
> software (which I will do when I find time, which will be when I'm
> damned good and ready for a long and exhausting project).
>
> Short of that, I can only suggest that people ought not to use mail
> domains run by people who publish overly aggressive DMARC policies.
>
> Yahoo was the developer of DKIM, so naturally their implementation of it
> is overly aggressive, pathological, and famous for breaking mail
> delivery through even standards-compliant forwarders such as mailing
> list software. Therefore, asking them to please cease implementing
> their badly designed anti-forgery system isn't likely to have useful
> results: They know they implemented something that breaks a lot of
> mail, and they don't care.
>
> There are _way_ better free-of-charge webmail providers than Yahoo Mail.
> The smart solution for users is to stop using it.
>
> But you'd like a magic wand that makes the problem Yahoo created go
> away. Unfortunately, there isn't one.
>
>
> Meanwhile, it would have been very useful if you as listadmin had
> bothered to uncheck the 'nomail' column entries with letter 'B'
> (meaning 'mail delivery disabled on account of too high a bounce
> score') in the membership list page. I notice you didn't bother, so
> I've done that work.
>
> Would you mind please bothering in the future? Thanks.
>
> The reason I had to add myself as a listadmin was that I discovered
> after a few years that you were failing to do the job, and subscribers
> were having various problems to which you as listadmin were completely
> oblivious. It would be nice if you were to step up to the plate, Jim.
> I'm not supposed to have to do that job. You were supposed to. It was
> a condition you agreed to when I said I was willing to give SF-LUG a
> hand and give it replacement mailing list hosting in 2005 when the group
> suffered that total loss of its mailing list setup that you've never
> been willing to explain (like, what happened, and why were there no
> backups)?
More information about the sf-lug
mailing list