If you have clients who run their own mail servers and are having trouble getting mail to Xtra customers then this may help or interest you. While the tone of this post has a distinctly ironic / sarcastic ring to it - it does contain helpful trouble shooting steps - painfully ecked out of xtra through hours of depressingly circular and frustrating phone calls.
YahooXtra have implemented a new 'security measure' that basically black lists peoples servers if they don't measure up to yahoos standards. We have a customer who doesn't show up on any of the 200 DNSBL Lists we checked with and who is definitely not sending spam, bulk mail or an open relay of any sort, yet, all mail from them to @xtra.co.nz is being dropped and black listed by Yahoo. Ironically Xtra does show up on those DNS Black Lists.
This customer has an xtra supplied static ip address and an exchange server running from that address. They do not however receive email on that address - instead off load collection to a third party spam filter and mail bagging system then pull it down from there. However Xtra tell us mail servers on other ISPs have also been treated in this cavalier fashion. It is not a one off but wider spread issue.
Yahoo are denying our client access to send email to other xtra customers but do not send bounce notifications, NDR, or other standard information back to show there is a problem. We only got it finally figured out telneting into send.xtra.co.nz and manually trying to submit an email using telnet.
Further more if you are silly enough to try resending the emails, send more than one email or connect to their server multiple times they implement a time out that leaves your mail servers smtp threads/processes hanging in retry mode waiting for them to respond (a reposnse which didn't happen within 30 minutes when we tested it).
This can seriously affect your mail delivery times as threads in your server are tied up waiting for yahoo to respond - but they don't. However if you telnet to their mail server, to test the mail sending issue, you get held up with a 421 code. The 421 also leaves you a pretty url to go to. Unfortunatley my mail server cant read. Oh yes - after issuing an ehlo command to their mail server don't wait to get a 250 OK response. It wont ever come.
In order to resolve this problem the following steps have had to be taken.
1 - A PTR record needs to be set up by Xtra with the mail servers fixed IP address (supplied by xtra) resolving to their mail server name (e.g. 125.xxx.xxx.xxx now resolves to server01.bogusname.co.nz) This stops yahoo rejecting their email out of hand. However this still ends up with all their emails to xtra customers being dumped into the junk mail folder by yahoo. These PTR records may also be required for other ISPs customers.
2 - An SPF record needs to be created. An SPF record is a TXT record in the DNS that states who can send email on behalf of the domain and what the IP addresses for all mail servers allowed to send mail for the domain are. Unfortunately if the sales person from the company goes to a hotel, connects via their ISP, sends email as being from firstname.lastname@example.org and that hotels IP address or the hotels ISP ip address are not in the SPF records you are normall bounced, banned or junked.
A valid SPF record creates a higher probability of mail rejection from non SPF record listed IP addresses. Ironically Yahoo and xtra do not have their own SPF records as they are "Big ISPs" and dont need them.
In our situation we cannot use an SPF record as this customer has managers and sales staff logging onto the internet from their own ISPs, hotels, dial up accounts, T3G hand sets ... ... ... We tested sending from various hotels ISPs and failed using SPF records.
3 - There are a series of forms you can fill out. Don't fill out the White List Application Form ( http://help.yahoo.com/l/us/yahoo/mail/postmaster/postmaster_wl.html ) unless you send bulk mail or have subscription mailing lists. If you fill out section four or five of the form as "Not applicable bacause we dont spam, send bulk mail or run mailing lists", your form will be rejected by Yahoo leaving you blacklisted.
You need to fill out the Mail Issues Form (http://help.yahoo.com/l/us/yahoo/mail/postmaster/defer.html ) telling them Xtra have set up PTR records for you. However the form will take 2 to 7 working days to be processed (if you can get the stupid thing to submit at all) so yahoo can check you really don't send spam. If you are sight impaired or just cant decipher particularly bad Captcha pictures you are stuffed at this point. Yahoo don't comply with basic W3 accessability standards on their forms. It took me 6 goes to get the captcha right
(No I'm not blind but an r or y next to an a or 4 that has a bent t or possibly a j and what could be an l next to an n or else just an h all jammed together and fuzzed over is hard to get right).
If the form submits and comes back blank (happened three times) don't assume it has gone through. It took four successful submissions (not counting the misread captcha attempts) to finally get a "your form has been received" message on the screen. You will have more success using IE6 or above than using Safari, Firefox, Opera, Netscape or any other W3 complient browser.
I don't know if this is the difinitive fix, I am still trying to belt my way through beauraracy but it might point the way forward for others who have the same issues.
START EDIT - MORE INFO - 22 Sept 2008
There turns out to be one extra step. The fixes above gets your mail delivered to their junk folder and not just completely banned.
To get out of their junk folder and into normal inbox seems to require one extra step - but I am not holding my breath it will work either.
Our exchange server is called server01.bogusCompany.local and is part of an internal lan domain named bogusCompany.local which as an organisation has an internet domain bogusCompany.co.nz
Our clients email addresses are @boguscompany.co.nz
When our Exchange server connects to an SMTP server it sends ehlo server01.bogusCompany.local
This raises the suspicion of yahoo so thay junk mail us - even though the external ip address is the same as the domain we claim to be sending from (eg.joBlogg@server01.bogusCompany.co.nz)
To use a .local internal lan domain is normal MS practice. It stops the lan domain and DNS creeping out to the internet DNS and domain and removes general confusion for over worked techs like me. Either I'm working with an internet domain or their lan - no confusion between .local and .co.nz.
Now we have to teach the server01 to use server01.bogusComany.co.nz instead of server01.local in its ehlo. Xtra claim this will stop yahoo dumping us in the junk bin.
I'll let you know how I get on and how to do the ehlo change - I'm not that conversant with exchange to know it off the cuff. Any one else out there knows - please chime in.
END EDIT MORE INFO 22 Sept 2008
How To Change EHLO 22 Sept 2008
Solution: (SBS 2003)
- Open Exchange Server Manager drill down to
- Administrative groups
- Your server
- Virtual Server, Properties
Deliver, and Advance, under Full qualified domain name, (VSEX1.smtp25.org) replace the entry with your public host record of your mail server FQDN (mail.smtp25.org), click Check DNS to make sure it is valid.
Stop and restart your Exchange Virtual server, now if you telnet into your server on port 25 you will get SMTP banner as mail.smtp25.org
End Edit How To Change EHLO 22 Sept 2008
Ironically if you use a different ISP, have a static IP address with them, send mail from that static IP address and receive email at that static IP address then yahoo will probably let you send email to xtra customers to your hearts content. Just don't be an xtra client with an xtra static ip address and your own domain name sending to other xtra customers.
Along the way -
I have also learnt that xtra can only communicate with yahoo via email or web forms, have no control over all the changes yahoo are making and have disabled their 0800 103 104 phone number to get through to Managed Customer Support.(try 0800 482 029 now)
I have also learnt that Xtra fervantly believe this is all designed to make the internet a safer place. On that I can agree. If you cant send email and you cant recevie email and you spend your time on the telephone to xtra and the rest of your time filling out meaningless forms then the internet is indeed a safer place. You are after all not using it - therefore it is a safer place. Well done Xtra - you have succeeded in that goal.