Had to enable DKIM signing like Cary did. Working now. Sent from my iPhone. — Casey Johnson Colorado Interlink LLC
________________________________ From: Outages <[email protected]> on behalf of Cary Wiedemann via Outages <[email protected]> Sent: Monday, March 11, 2024 12:04:04 PM To: bannereddivpool <[email protected]>; outages <[email protected]> Subject: Re: [outages] yahoo Okay, just resolved this from my end. My O365 emails were being DKIM signed but by our . onmicrosoft.com<https://us-east-2.protection.sophos.com?d=onmicrosoft.com&u=aHR0cDovL29ubWljcm9zb2Z0LmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=R3p2ejFlZ2FLb2s5L1lUeG9VcFh2L2NmT0xJV2lidWFLMEd1NTVBbnREWT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> subdomain instead of the actual sending domain. Headers would show dkim=pass but the DKIM domain didn't match the FROM address in our envelopes. Had to enable DKIM signing on the custom domain in O365 here https://security.microsoft.com/authentication?viewid=DKIM<https://us-east-2.protection.sophos.com?d=microsoft.com&u=aHR0cHM6Ly9zZWN1cml0eS5taWNyb3NvZnQuY29tL2F1dGhlbnRpY2F0aW9uP3ZpZXdpZD1ES0lN&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=NSt3OGFMc2hlMDJTQWpIVDAzbTdCeTF1UEtOSENBUTZnekdBcnY0cy90WT0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> and setup CNAMEs for the proper selectors in DNS. DMARC reports from Yahoo helped me a ton here, but they were confusing. They showed DKIM failed in the policy_evaulated -> disposition section but showed result = pass in the auth_results -> dkim section. Just had my first successful email to Yahoo.com in days. Looks like the O365 DNSRBL inclusion was a red herring. - Cary On Mon, Mar 11, 2024 at 1:34 PM Cary Wiedemann < [email protected]<mailto:[email protected]>> wrote: Massive problems with email delivery to Yahoo and AOL today, they share a mail system on the back-end. Microsoft issued advisory EX719348 last Thursday for their IPs being included in some DNSRBLs, and I still see some of their IPs on the Spamhaus RBL (40.107.102.127) but I'm not sure if that's the root cause. All my emails from O365 to Yahoo and AOL have been failing since 3/7. Lots of noise and confusion because Yahoo and AOL recently started enforcing stricter SPF/DKIM/DMARC requirements, but this seems to be unrelated. These emails are DKIM signed, pass SPF, and have a valid DMARC record. Still investigating, will update the list with the eventual resolution. - Cary On Mon, Mar 11, 2024 at 1:27 PM bannereddivpool via Outages < [email protected]<mailto:[email protected]>> wrote: Anyone seeing any issues with yahoo email services? I keep getting dropped; telnet mta6.am0.yahoodns.net<https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> 25 Trying 67.195.204.74... Connected to mta6.am0.yahoodns.net<https://us-east-2.protection.sophos.com?d=yahoodns.net&u=aHR0cDovL210YTYuYW0wLnlhaG9vZG5zLm5ldA==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=aitmVzVySnBqUzY3TVdqWGhrM0F2TEUwb1B5L3oyVmNna0pJRzlQRS9Scz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA>. Escape character is '^]'. 220 mtaproxy501.free.mail.bf1.yahoo.com<https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL210YXByb3h5NTAxLmZyZWUubWFpbC5iZjEueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UXh4OFN0TCtIODE0RlFlZUx3Z3N4Ukx0U21sYmJlTE5oMzlBck1VcG4wND0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> ESMTP ready EHLO mail.yahoo.com<https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovL21haWwueWFob28uY29t&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=UEpxSGZMWTdtNm1QRkUrc0ZZcXNPUDdVa2NpcllDdWdpMlJWOWFwWjhOOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> 250-mtaproxy501.free.mail.bf1.yahoo.com<https://us-east-2.protection.sophos.com?d=yahoo.com&u=aHR0cDovLzI1MC1tdGFwcm94eTUwMS5mcmVlLm1haWwuYmYxLnlhaG9vLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=STRvV05tZ0J4VE9sZFFVd2oyYXdEa1FWZU91eGYyM1U1ekJ5UjZva2xtcz0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> 250-PIPELINING 250-SIZE 41943040 250-8BITMIME 250 STARTTLS Connection closed by foreign host. Sending from outlook and I'm getting this as well; Diagnostic information for administrators: Generating server: SJ2PR14MB6550.namprd14.prod.outlook.com<https://us-east-2.protection.sophos.com?d=outlook.com&u=aHR0cDovL1NKMlBSMTRNQjY1NTAubmFtcHJkMTQucHJvZC5vdXRsb29rLmNvbQ==&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=L1J1Q3Y3Vk9MSkRDNjNxZWJxcFlGNG9tTHg2QkZObHR0SU9ka1JubXBKOD0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA> Total retry attempts: 7 [email protected]<mailto:[email protected]> Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred' [email protected]<mailto:[email protected]> Remote server returned '550 5.4.300 Message expired -> 451 [RL01] Message temporarily deferred' Original message headers: _______________________________________________ Outages mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/outages<https://us-east-2.protection.sophos.com?d=nether.net&u=aHR0cHM6Ly9wdWNrLm5ldGhlci5uZXQvbWFpbG1hbi9saXN0aW5mby9vdXRhZ2Vz&i=NWM2NmQ4MGVmMGQyZjYxNmUwOGU4ZDIw&t=Q29YbzM0LzQ2Q0tyYzFycEFUQWFNUXBOb2lVYzR0bzdSYm84SXlJRFF4az0=&h=989758b7bcca4d3aba5e865a6b230530&s=AVNPUEhUT0NFTkNSWVBUSVa4W_XrGtx3Ajnr7Zxyq0IQZFZgu8f9tPFF4SoRdZDJkA>
_______________________________________________ Outages mailing list [email protected] https://puck.nether.net/mailman/listinfo/outages
