[Mailman-Users] Yahoo spam detection

Mark Sapiro mark at msapiro.net
Fri Dec 26 04:21:10 CET 2014


On 12/25/2014 05:04 PM, Steven D'Aprano wrote:
> 
> The Received headers look like this:
> 
> Received:
>     from 127.0.0.1 (EHLO ipmail06.adl2.internode.on.net) 
>     (150.101.137.129) by mta1310.mail.bf1.yahoo.com with SMTP;
>     Sat, 20 Dec 2014 10:32:13 +0000
> X-IronPort-Anti-Spam-Filtered:
>     true
> X-IronPort-Anti-Spam-Result:
>     [gibberish removed]
> X-IronPort-SPAM:
>     SPAM
> Received:
>     from ppp118-209-76-106.lns20.mel4.internode.on.net (HELO 
>     pearwood.info) ([118.209.76.106]) by
>     ipmail06.adl2.internode.on.net with ESMTP; 20 Dec 2014 21:01:15 +1030
> Received:
>     from ando.pearwood.info (localhost.localdomain [127.0.0.1]) by 
>     pearwood.info (Postfix) with ESMTP id B67FE120737; Sat, 20 Dec 2014 
>     21:11:52 +1100 (EST)


So, assuming the report from the Yahoo user has the headers in the
actual order that they appear in the message, the X-IronPort-* headers
were added by ipmail06.adl2.internode.on.net just after receiving the
message from what appears to be your pearwood.info outgoing MTA and
prior to delivering the message to mta1310.mail.bf1.yahoo.com.


> Internode is my ISP, and I shall talk to them, but I don't see any sign 
> that they are adding X-IronPort-* headers to my outgoing mail. I 
> subscribe my work email address, and they don't get any IronPort headers.


So that's an inconsistency, but only internode can explain why.

In any case, I'm sure that Yahoo didn't add those headers, and I doubt
that they took them into account in their decision to deliver the mail
to the user's spam folder. Then again. only Yahoo knows for sure and
they won't tell.


> Do you think I should set up an A record for pearwood.info?


I don't think it would help. Plus, since it is a dynamic IP, you would
have to do this through some dynamic DNS service.


>> Note that it is not necessary that the server's canonical name be the
>> domain of the list. It helps if SPF permits the server for the domain
>> and it does in your case, but if I had to guess, I'd guess the
>>
>>> X-YahooFilteredBulk:
>>>     150.101.137.129
>>
>> is the relevant header and it means Yahoo doesn't like your IP for some
>> reason.
> 
> I shall certainly talk to my ISP. Is it worth trying to talk to Yahoo?


I don't know. Based on my experiences with similar, non-yahoo ESPs and
ISPs, it depends on your tenacity and your tolerance for frustration.

My experience is if you hammer long, hard and intelligently enough, you
will never get an intelligent response that actually addresses the real
issue, but the problem will 'magically' resolve.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


More information about the Mailman-Users mailing list