I will be rebooting and taking machines down for imaging tonight shortly after midnight.  I should be finished by approximately 2AM.

This is necessary to install kernel upgrades that fix a possible privilege escalation exploit in the kernel as well as to image the machines after adding fail2ban so that if a restoration is necessary at some point, that will get included in the restoration.

In short, these outages will enable us to make some improvements in site security as well as to backup some recently put in place.

Comcast is now accepting mail.  There is no longer any mail stuck in queue, all outbound mail that was queued is now delivered.

I have been able to confirm via the mail log, that today mail is going through to Yahoo, ATT/SBC Global, and Frontier.

Comcast is presently blocking for reasons unknown.  I’ve applied to their feedback program so I will receive e-mails of any spam they receive from us, and have submitted a response on their unblock form.

Today, I received a bunch of bounces from applications for accounts on my Photo Gallery (CopperMine) from Yahoo addresses.

I deleted all of these that were still in queue and disabled account creation in CopperMine.

So this probably hasn’t helped our stance from Yahoo’s perspective, though it would be nice if they’d actually communicate.  It would also be helpful if they’d reject messages with the correct code, permanent rejections should use 5xx not 4xx as Yahoo is using.  Using the latter means people won’t find out there is a problem until a bounce happens perhaps weeks later, and it eats up a lot of mail resources unnecessarily on both ends.

Anyway, per their best practices pages, I’m working on getting DKIM and DMARC installed.  Not that either of these would have prevented a single spam since the spams were sent with hacked accounts, (and it’s not as if Yahoo hasn’t had their own problems with hacked accounts) and thus would have been signed as legitimate if these things had been in place, and really SPF, which is in place, serves the same purpose.

I tried e-mailing support@yahoo.com but just got referred to the same web page that doesn’t work.  Tried calling, just got referred to the same page that doesn’t work.

If anybody knows how to reach an actual human being at Yahoo that might actually care that they’re blocking legitimate e-mail, please let me know.

Frontier has also contracted with Yahoo Mail, and Yahoo is refusing our mail for Frontier:

May 3 15:00:57 mail postfix/smtp[20420]: E17491994: to=<REDACTED@frontier.com>, relay=mta7.am0.yahoodns.net[63.250.192.45]:25, delay=150175, delays=150143/0/32/0.01, dsn=4.7.1, status=deferred (host mta7.am0.yahoodns.net[63.250.192.45] said: 421 4.7.1 [TS03] All messages from 204.122.16.4 will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html (in reply to MAIL FROM command))

That link redirects to: https://help.yahoo.com/kb/postmaster421-ts03.html

Which provides the helpful information:

Sorry, the page you requested was not found.

We suggest you visit Help Central

… Help Central has not been the least bit helpful.  I would ask people to see this article:

http://blog.mailermailer.com/industry-news/yahoo-blocking-legitimate-email

We haven’t had any more problems with compromised accounts since the Thursday before Last, April 24th, yet Yahoo continues to block our e-mail, and since they are now providing e-mail for ATT/SBC Global and Frontier, this affects those providers as well.

I’d ask you folks, if you have a Yahoo, ATT/SBC Global, or Frontier account, please generate a support ticket and/or complaint there.  Please spread the word about Yahoo’s practices.  There has to be a better provider ATT/SBC Global and Frontier could contract with and actually get functional e-mail for their customers.

We used to do e-mail filtering the way Yahoo does it, get a spam on an IP address, block that address, although even then we didn’t leave a block in more than a week after the issue had been addressed.

Presently, we are not on any public blacklists, but Yahoo, ATT/SBC Global, which I have been told contracts with Yahoo for e-mail services (and MX servers for ATT/SBC global do point to servers in Yahoo’s domain) are still blocking us.  We also have about half a dozen pieces of mail in queue that Comcast is refusing.  Other than that, save for some servers that are temporarily down, everything else is going through.

I have gone through the removal procedures with these companies and followed them to the letter.  You can all see what that’s worth.  They’re too big to care.  Or possibly it is their business strategy to try to disrupt e-mail from smaller providers in order to gain a perceived advantage, they’re too big to block.  Well, no doubt the spammers see it as an advantage.

Our customers motivated me to change and modernize the way we do spam filtering, and it has resulted in both a significant reduction in spam and a reduction in lost/blocked legitimate e-mail.

Now instead of blocking a server wholesale, the way Yahoo and Comcast do, we look at each e-mail and score it based on over 100 different checks.  Then if the score exceeds a user defined value (that’s right, YOU can decide the spam threshold), we put it in a spam folder instead of your INBOX so you can still review the mail if you wish.

The only time we reject mail outright is if it contains a virus, and then we send notice to the sending party detailing which virus so they can clean their machine, or if the sending server is misconfigured in a way that makes it appear to be a forgery or unidentifiable (inconsistent DNS, EHLO).

Of course, Yahoo has the advantage of being free.  It’s hard to compete with free, even when there is a huge difference in service quality.  And that folks, is becoming a real frustration in running this business.

So I ask you, if you can’t reach people because of Yahoo’s unreasonable spam filtering policies, then I challenge you to bring them here.  Here, you won’t have your mail arbitrarily blocked.  You will get human help with technical issues.  You won’t have your mail mined to direct advertising at you or for any other purposes.  You can connect securely via SSL, and we transmit your e-mail to other sites securely via SSL IF their servers support it.

Thank you for contacting the AT&T Postmaster Staff.

We investigate each and every block report and removal request
we receive, and take the appropriate action, of which you will
be notified. It is never the intention of the AT&T Postmaster
staff to intentionally block legitimate mail. As a result of
careful yet vigorous anti-spam and abuse measures, it is a
rare but unfortunate occurrence that we would like to rectify
as soon as possible with your help. By emailing this address
you have already taken the first step in resolving this issue.

When the AT&T Postmaster staff receives a request with the
needed information, requests are evaluated and, if granted, the
block will be removed within 24 – 48 hours. There are situations
when mail interruptions or blocks are in place outside the AT&T
domain. In these cases, we will attempt to make contact with the
party initiating the block and seek a resolution. If there is
no change after 48 hours, please go to the following web site:

http://rbl.att.net/block_inquiry.html

There you can find out reasons for blocked email and steps to
take for resolution as well as other information that may assist
you.

We reserve the right to deny or turn down a request if our
research shows the requested IP(s) being a violator of SPAM or
abuse policies currently, or in the past.

We thank you for your patience and cooperation.

AT&T Postmaster Staff

Recently you requested personal assistance from our on-line support
center. Below is a summary of your request and our response.

Subject
—————————————————————
New Bulk Sender Application

Discussion Thread
—————————————————————
Response Via Email(Rafael) – 05/01/2014 01:04 PM
Hi Robert,

Thank you for contacting Yahoo Mail.

Please note that if you are not the administrator for the mail server(s) affected,
we encourage you to contact the administrator so they can address the possible
issues regarding mailings from the mail server.

After looking into the issue, it appears that your emails may have become
deprioritized due to a number of potential issues with your mailings. These
deprioritizations were temporary but may be re-triggered if the sending IP profile
continues to be poor.

To continue to receive prioritized delivery, we recommend ensuring that you conform
to industry standard practices. Then you will not be deprioritized and you should
see improvements in delivery times as well as available connections.

Please visit the following help pages for information on improving list maintenance:

http://help.yahoo.com/kb/index?page=content&id=SLN3435
(http://help.yahoo.com/kb/index?page=content&id=SLN3435)

http://help.yahoo.com/kb/index?page=content&id=SLN3443
(http://help.yahoo.com/kb/index?page=content&id=SLN3443)

http://help.yahoo.com/kb/index?page=content&id=SLN3433
(http://help.yahoo.com/kb/index?page=content&id=SLN3433)

If you are not conforming to the standards listed in the help pages above, then you
will likely experience significant delays in connections, as our system
automatically prioritizes connection availability based on the type of information
contained in these FAQs. By trying the basic suggestions listed on the help page,
you can potentially:

* Decrease your cost of mailings in bandwidth, hardware, AND management.

* Increase the effectiveness of your mailings – non-existent users can’t open your
mail or respond to your offers!

* Increase the speed of your delivery – emails sent to large numbers of non-existent
users can definitely impact the time it takes for you to deliver your important
messages.

Plus, you’ll ensure that your messages are prioritized by our delivery system which
helps us differentiate you from spammers.

Regards,

Rafael

Yahoo Customer Care

Are you an easy target for hackers?
Learn How to Get Hacked in 5 Exciting Steps
(https://www.yahoo.com/tech/how-to-get-hacked-5-exciting-steps-77015513634.html)
from our award winning journalist David Pogue.
–

Auto-Response – 04/29/2014 09:36 PM
This is an automated message acknowledging your recent submission for help to Yahoo
Customer Care. Please do not reply to this automated message as replies will not
been seen or answered by a Yahoo Customer Care representative. • If you reported
abuse, we will investigate and take action where appropriate, and may be contacted
if additional information is required to complete our investigation. We appreciate
your efforts to make our community better. • If you are submitting a request for
assistance, or asking a question, a representative will respond as soon as possible.
Your Incident ID is: 140429-069541 Sincerely,The Yahoo Customer Care Team

We will assume your issue has been resolved if we do not hear from you
within 72 hours.

Thank you for allowing us to be of service to you.

[—001:002963:32595—]

We have been removed from UCEProtect1 Blacklist so at this point our mail server is off all public blacklists.

Yahoo still appears to be blocking us in spite of the fact that I’ve made two requests to be removed from their blacklist, 48 hours apart, per their policy.  I received only a bot response the first time and no response the 2nd.

I don’t know if it’s part of their business model to try to kill other providers by blocking their e-mail or if there are no human beings there to respond to requests or just what the story is but it’s frustrating.