Hi All, It seems that we're having some problems receiving emails from selected Yahoo! Mail Accounts. I noticed that there is a commonality between the accounts that fails when sending an email to our domain (see email header below) From: "MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com" <MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com> To: *-*-*-*-*a@yahoo.com Sent: Fri, April 8, 2011 6:26:08 PM Subject: Failure Notice Sorry, we were unable to deliver your message to the following address. <xxxxxxxxxa@stluke.com.ph>: Mail server for "stluke.com.ph" unreachable for too long --- Below this line is a copy of the message. Received: from [115.178.12.220] by nm1.bullet.mail.sg1.yahoo.com with NNFMP; 06 Apr 2011 10:19:19 -0000 Received: from [115.178.12.229] by tm1.bullet.mail.sg1.yahoo.com with NNFMP; 06 Apr 2011 10:19:19 -0000 Received: from [127.0.0.1] by omp1006.mail.sg1.yahoo.com with NNFMP; 06 Apr 2011 10:19:19 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 233210.48944.bm@omp1006.mail.sg1.yahoo.com Received: (qmail 90809 invoked by uid 60001); 6 Apr 2011 10:19:19 -0000 From: "MAILER-DAEMON@nm7.bullet.mail.sg1.yahoo.com" <MAILER-DAEMON@nm7.bullet.mail.sg1.yahoo.com> To: *-*-*-*-*r@yahoo.com Sent: Saturday, April 9, 2011 3:28:47 PM Subject: Failure Notice Sorry, we were unable to deliver your message to the following address. <*-*-*-*-*@stluke.com.ph>: Mail server for "stluke.com.ph" unreachable for too long --- Below this line is a copy of the message. Received: from [115.178.12.220] by nm7.bullet.mail.sg1.yahoo.com with NNFMP; 07 Apr 2011 07:22:41 -0000 Received: from [115.178.12.217] by tm1.bullet.mail.sg1.yahoo.com with NNFMP; 07 Apr 2011 07:22:41 -0000 Received: from [127.0.0.1] by omp1002.mail.sg1.yahoo.com with NNFMP; 07 Apr 2011 07:22:41 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 714595.68144.bm@omp1002.mail.sg1.yahoo.com Received: (qmail 6504 invoked by uid 60001); 7 Apr 2011 07:22:41 -0000 Any comment from Yahoo off the list would be greatly appreciated. Thank you. -nathan
On Mon, Apr 11, 2011 at 9:28 PM, Nathanael C. Cariaga <nccariaga@stluke.com.ph> wrote:
Hi All,
It seems that we're having some problems receiving emails from selected Yahoo! Mail Accounts. I noticed that there is a commonality between the accounts that fails when sending an email to our domain (see email header below)
From: "MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com" <MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com> To: *-*-*-*-*a@yahoo.com Sent: Fri, April 8, 2011 6:26:08 PM Subject: Failure Notice
Sorry, we were unable to deliver your message to the following address.
<xxxxxxxxxa@stluke.com.ph>: Mail server for "stluke.com.ph" unreachable for too long
Um...it might be easier to get mail, if your host didn't close the connection with a 5xx error. :/ mpetach@hinotori:~> host -t mx stluke.com.ph stluke.com.ph mail is handled by 20 qc.stluke.com.ph. stluke.com.ph mail is handled by 20 mx1.stluke.com.ph. stluke.com.ph mail is handled by 40 gc.stluke.com.ph. mpetach@hinotori:~> nslookup qc.stluke.com.ph. Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: qc.stluke.com.ph Address: 219.90.94.56 mpetach@hinotori:~> mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~> I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^; Matt
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine. telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. 220 stluke.com.ph ESMTP MailCleaner (Community Edition 2010 beta 3) Tue, 12 Apr 2011 12:51:38 +0800 My systems do it too if you try to send a command before waiting for the 220s to finish: telnet mail.sosdg.org 25 Trying 2620:64:0:1::2... Connected to mail.sosdg.org. Escape character is '^]'. 554 SMTP synchronization error Connection closed by foreign host. Its an effective antispam method, because bots rarely bother to wait. They just blast away -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org
On Mon, Apr 11, 2011 at 9:54 PM, Brielle Bruns <bruns@2mbit.com> wrote:
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.
Doh! See, that's what happens when you ask networking people to try to troubleshoot mail issues. ^_^;; Sorry about that. :( Matt
Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue :) -nathan On 4/12/2011 1:17 PM, Matthew Petach wrote:
On Mon, Apr 11, 2011 at 9:54 PM, Brielle Bruns<bruns@2mbit.com> wrote:
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.
Doh!
See, that's what happens when you ask networking people to try to troubleshoot mail issues. ^_^;;
Sorry about that. :(
Matt
-- Nathanael C. Cariaga Network & Security Administrator St Luke's Medical Center Tel (QC) : +63 2 723 0101 ext 5520 / 4206 Tel (GC) : +63 2 789 7700 ext 6035 / 6036 Tel : +63 2 356 5686 Mobile : +63 922 8735686 EMail : nccariaga@stluke.com.ph
We had a lot of issues delivering mail to yahoo.com.sg about a year ago (just the .sg domain, plain .com was fine). Could establish connection but it'd die halfway through transferring mail. A static route to drop the MTU (for their subnet only) to 1000 fixed the problem right up. Not sure if pmtud was/is broken or what. - Chris On Tue, 2011-04-12 at 15:29 +1000, Nathanael C. Cariaga wrote:
Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue :)
-nathan
On 4/12/2011 1:17 PM, Matthew Petach wrote:
On Mon, Apr 11, 2011 at 9:54 PM, Brielle Bruns<bruns@2mbit.com> wrote:
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.
Doh!
See, that's what happens when you ask networking people to try to troubleshoot mail issues. ^_^;;
Sorry about that. :(
Matt
Strangely though I noticed that the email accounts that seems to be affected by our concern seems to be related to the Yahoo SG servers..... On 4/12/2011 3:04 PM, Christopher Balmain wrote:
We had a lot of issues delivering mail to yahoo.com.sg about a year ago (just the .sg domain, plain .com was fine). Could establish connection but it'd die halfway through transferring mail. A static route to drop the MTU (for their subnet only) to 1000 fixed the problem right up.
Not sure if pmtud was/is broken or what.
- Chris
On Tue, 2011-04-12 at 15:29 +1000, Nathanael C. Cariaga wrote:
Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue :)
-nathan
On 4/12/2011 1:17 PM, Matthew Petach wrote:
On Mon, Apr 11, 2011 at 9:54 PM, Brielle Bruns<bruns@2mbit.com> wrote:
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.
Doh!
See, that's what happens when you ask networking people to try to troubleshoot mail issues. ^_^;;
Sorry about that. :(
Matt
-- Nathanael C. Cariaga Network & Security Administrator St Luke's Medical Center Tel (QC) : +63 2 723 0101 ext 5520 / 4206 Tel (GC) : +63 2 789 7700 ext 6035 / 6036 Tel : +63 2 356 5686 Mobile : +63 922 8735686 EMail : nccariaga@stluke.com.ph
On Tue, Apr 12, 2011 at 12:12 AM, Nathanael C. Cariaga <nccariaga@stluke.com.ph> wrote:
Strangely though I noticed that the email accounts that seems to be affected by our concern seems to be related to the Yahoo SG servers.....
Oh. You don't seem to want to accept connections from the singapore servers at all: -bash-3.2$ telnet qc.stluke.com.ph 25 Trying 219.90.94.56... Connected to qc.stluke.com.ph. Escape character is '^]'. 550 Blacklisted: Blocked - see http://www.spamcop.net/bl.shtml?115.178.12.223 Connection closed by foreign host. -bash-3.2$ So, they really can't send mail to your users--but it's your machine rejecting the connection. :/ Matt
On 4/12/2011 3:04 PM, Christopher Balmain wrote:
We had a lot of issues delivering mail to yahoo.com.sg about a year ago (just the .sg domain, plain .com was fine). Could establish connection but it'd die halfway through transferring mail. A static route to drop the MTU (for their subnet only) to 1000 fixed the problem right up.
Not sure if pmtud was/is broken or what.
- Chris
On Tue, 2011-04-12 at 15:29 +1000, Nathanael C. Cariaga wrote:
Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue :)
-nathan
On 4/12/2011 1:17 PM, Matthew Petach wrote:
On Mon, Apr 11, 2011 at 9:54 PM, Brielle Bruns<bruns@2mbit.com> wrote:
On 4/11/11 10:47 PM, Matthew Petach wrote:
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Works fine for me, your getting an error because your trying to send a command before receiving the first 220, aka RFC violation. As long as you connect, wait a moment without trying to send a command, your fine.
Doh!
See, that's what happens when you ask networking people to try to troubleshoot mail issues. ^_^;;
Sorry about that. :(
Matt
-- Nathanael C. Cariaga Network & Security Administrator St Luke's Medical Center
Tel (QC) : +63 2 723 0101 ext 5520 / 4206 Tel (GC) : +63 2 789 7700 ext 6035 / 6036 Tel : +63 2 356 5686 Mobile : +63 922 8735686 EMail : nccariaga@stluke.com.ph
Oh well... Just have to inform our users :( Thanks! =) ps. I'm just wondering why yahoo doesn't inform their users that the email that they sent was blocked because of their servers were listed in a blocklist (inspite that the server is able to return a correct reject code 550) On 4/12/2011 3:33 PM, Matthew Petach wrote:
-bash-3.2$ telnet qc.stluke.com.ph 25 Trying 219.90.94.56... Connected to qc.stluke.com.ph. Escape character is '^]'. 550 Blacklisted: Blocked - seehttp://www.spamcop.net/bl.shtml?115.178.12.223 Connection closed by foreign host. -bash-3.2$
--
Tell you the truth, you shouldnt be dropping the connection right at the smtp banner with a 5xx - return it after RCPT TO. On Tue, Apr 12, 2011 at 2:52 PM, Nathanael C. Cariaga <nccariaga@stluke.com.ph> wrote:
Oh well... Just have to inform our users :(
Thanks! =)
ps. I'm just wondering why yahoo doesn't inform their users that the email that they sent was blocked because of their servers were listed in a blocklist (inspite that the server is able to return a correct reject code 550)
-- Suresh Ramasubramanian (ops.lists@gmail.com)
On Tue, Apr 12, 2011 at 2:22 AM, Nathanael C. Cariaga < nccariaga@stluke.com.ph> wrote:
ps. I'm just wondering why yahoo doesn't inform their users that the email that they sent was blocked because of their servers were listed in a blocklist (inspite that the server is able to return a correct reject code 550)
Because 550 is NOT a valid response code at that stage in the conversation. According to the RFC, the only two valid responses to an initial connection are a 220 or a 554. Even then, RFC 2821 doesn't make it clear if a 554 on initial connection should be considered a fatal error at the message level, and as a result most mail servers will consider it a temporary failure and will re-try to send the message multiple times even after getting a 554 (and especially after getting an invalid 550). As someone else has already pointed out, the solution is to return the 5xx response after the rcpt to, not at the initial connection. On 4/12/2011 3:33 PM, Matthew Petach wrote:
-bash-3.2$ telnet qc.stluke.com.ph 25 Trying 219.90.94.56... Connected to qc.stluke.com.ph. Escape character is '^]'. 550 Blacklisted: Blocked - seehttp:// www.spamcop.net/bl.shtml?115.178.12.223
Connection closed by foreign host.
Closing the connection immediately after sending the 5xx is also not RFC compliant. You "MUST" give the client the opportunity to close down the connection with a quit command. Scott
----- Original Message -----
From: "Nathanael C. Cariaga" <nccariaga@stluke.com.ph>
Thanks anyway. I just find this issue intriguing since not all Yahoo mail accounts are affected. In addition, incoming mails from other domain doesn't seem to be affected. That is why I want to check if it is a network issue :)
It only happens when the sending server is less than 600 miles from you. Cheers, -- jra
Well yahoo's mx tend to do that a lot. i used to have a lot of bounced emails to yahoo until i implemented dkim, domainkeys and spf then all my yahoo problems disappeared , I just want to know if you have implemented any of these technologies dkim,domainkeys and spf, other wise you would have all those problems Joshua On Tue, Apr 12, 2011 at 4:47 AM, Matthew Petach <mpetach@netflight.com>wrote:
On Mon, Apr 11, 2011 at 9:28 PM, Nathanael C. Cariaga <nccariaga@stluke.com.ph> wrote:
Hi All,
It seems that we're having some problems receiving emails from selected Yahoo! Mail Accounts. I noticed that there is a commonality between the accounts that fails when sending an email to our domain (see email header below)
From: "MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com" <MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com> To: *-*-*-*-*a@yahoo.com Sent: Fri, April 8, 2011 6:26:08 PM Subject: Failure Notice
Sorry, we were unable to deliver your message to the following address.
<xxxxxxxxxa@stluke.com.ph>: Mail server for "stluke.com.ph" unreachable for too long
Um...it might be easier to get mail, if your host didn't close the connection with a 5xx error. :/
mpetach@hinotori:~> host -t mx stluke.com.ph stluke.com.ph mail is handled by 20 qc.stluke.com.ph. stluke.com.ph mail is handled by 20 mx1.stluke.com.ph. stluke.com.ph mail is handled by 40 gc.stluke.com.ph. mpetach@hinotori:~> nslookup qc.stluke.com.ph. Server: 127.0.0.1 Address: 127.0.0.1#53
Non-authoritative answer: Name: qc.stluke.com.ph Address: 219.90.94.56
mpetach@hinotori:~>
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph. Escape character is '^]'. ehlo yahoo.com 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Matt
Just to clarify, the problem we are encountering is that emails sent from yahoo does not seem to reach our mail server (even any of our MX records / anti-spam servers). We have neither implemented any of the items you have said (still in the process of doing so). I tried to interview our email users regarding this issue. They said that it was working perfectly before March. Then we started to have this isolated problem since then. On 4/12/2011 2:41 PM, Joshua William Klubi wrote:
Well yahoo's mx tend to do that a lot. i used to have a lot of bounced emails to yahoo until i implemented dkim, domainkeys and spf then all my yahoo problems disappeared ,
I just want to know if you have implemented any of these technologies dkim,domainkeys and spf, other wise you would have all those problems
Joshua
On Tue, Apr 12, 2011 at 4:47 AM, Matthew Petach <mpetach@netflight.com <mailto:mpetach@netflight.com>> wrote:
On Mon, Apr 11, 2011 at 9:28 PM, Nathanael C. Cariaga <nccariaga@stluke.com.ph <mailto:nccariaga@stluke.com.ph>> wrote: > Hi All, > > It seems that we're having some problems receiving emails from selected > Yahoo! Mail Accounts. I noticed that there is a commonality between the > accounts that fails when sending an email to our domain (see email header > below) > > From: "MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com <mailto:MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com>" > <MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com <mailto:MAILER-DAEMON@nm1.bullet.mail.sg1.yahoo.com>> > To: *-*-*-*-*a@yahoo.com <mailto:a@yahoo.com> > Sent: Fri, April 8, 2011 6:26:08 PM > Subject: Failure Notice > > Sorry, we were unable to deliver your message to the following address. > > <xxxxxxxxxa@stluke.com.ph <mailto:xxxxxxxxxa@stluke.com.ph>>: > Mail server for "stluke.com.ph <http://stluke.com.ph>" unreachable for too long
Um...it might be easier to get mail, if your host didn't close the connection with a 5xx error. :/
mpetach@hinotori:~> host -t mx stluke.com.ph <http://stluke.com.ph> stluke.com.ph <http://stluke.com.ph> mail is handled by 20 qc.stluke.com.ph <http://qc.stluke.com.ph>. stluke.com.ph <http://stluke.com.ph> mail is handled by 20 mx1.stluke.com.ph <http://mx1.stluke.com.ph>. stluke.com.ph <http://stluke.com.ph> mail is handled by 40 gc.stluke.com.ph <http://gc.stluke.com.ph>. mpetach@hinotori:~> nslookup qc.stluke.com.ph <http://qc.stluke.com.ph>. Server: 127.0.0.1 Address: 127.0.0.1#53
Non-authoritative answer: Name: qc.stluke.com.ph <http://qc.stluke.com.ph> Address: 219.90.94.56
mpetach@hinotori:~>
mpetach@opstools1:~> telnet 219.90.94.56 25 Trying 219.90.94.56... Connected to static-host-219-90-94-56.tri.ph <http://static-host-219-90-94-56.tri.ph>. Escape character is '^]'. ehlo yahoo.com <http://yahoo.com> 554 SMTP synchronization error Connection closed by foreign host. mpetach@opstools1:~>
I imagine when port 25 stops giving 5xx failure message back, mail reception might improve. ^_^;
Matt
-- Nathanael C. Cariaga Network & Security Administrator St Luke's Medical Center Tel (QC) : +63 2 723 0101 ext 5520 / 4206 Tel (GC) : +63 2 789 7700 ext 6035 / 6036 Tel : +63 2 356 5686 Mobile : +63 922 8735686 EMail : nccariaga@stluke.com.ph
participants (8)
-
Brielle Bruns
-
Christopher Balmain
-
Jay Ashworth
-
Joshua William Klubi
-
Matthew Petach
-
Nathanael C. Cariaga
-
Scott Howard
-
Suresh Ramasubramanian