Yahoo and Spamhaus

Y

Yahoo has updated and modified their postmaster pages. They have also put a lot of work into clarifying their response codes. The changes should help senders identify and troubleshoot problems without relying on individual help from Yahoo.
There is one major change that deserves its own discussion. Yahoo is now using the SBL, XBL and PBL to block connections from listed IP addresses. These are public blocklists run by Spamhaus. Each of them targets a different type of spam source.
The SBL is the blocklist that addresses fixed spam sources. To get listed on the SBL, a sender is sending email to people who have never requested it. Typically, this involves email sent to an address that has not opted in to the email. These addresses, known as spamtraps, are used as sentinel addresses. Any mail sent to them is, by definition, not opt-in. These addresses are never signed up to any email address lists by the person who owns the email address. Spamtraps can get onto a mailing list in a number of different ways, but none of them involve the owner of the address giving the sender permission to email them.
Additionally, the SBL will list spam gangs and spam supporters. Spam supporters include networks that provide services to spammers and do not take prompt action to remove the spammers from their services.
The XBL is a list of IP addresses which appear to be infected with trojans or spamware or can be used by hackers to send spam (open proxies or open relays). This list includes both the CBL and the NJABL open proxy list. The CBL list machines which appear to be infected with spamware or trojans. The CBL works passively, looking only at those machines which actively make connections to CBL detectors. NJABL lists machines that are open proxies and open relays.
The Policy Block List (PBL) is Spamhaus’ newest list. Spamhaus describes this list as

The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer’s use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.
PBL IP address ranges are added and maintained by each network participating in the PBL project, working in conjunction with the Spamhaus PBL team, to help apply their outbound email policies.
Additional IP address ranges are added and maintained by the Spamhaus PBL Team, particularly for networks which are not participating themselves (either because the ISP/block owner does not know about, is proving difficult to contact, or because of language difficulties), and where spam received from those ranges, rDNS and server patterns are consistent with end-user IP space…

Generally, email service providers and bulk senders only need to be concerned about the SBL. Being listed on the SBL is a sign that your subscription processes allow addresses to be subscribed by people who do not own those addresses. Removal from the SBL involves fixing subscription processes and verifying that all recipients do actually want to receive your email.
Generally ESPs and bulk senders should not be listed on either the XBL or the PBL. I am aware of a couple cases where senders were listed on the XBL, but in all these cases there was a Windows machine inside the company infected with a trojan sending spam. Once the machine was cleaned, the listing was removed promptly. Senders listed on the PBL should talk to their ISP for resolution.

About the author

8 comments

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Yes. We have a server that has never been listed on Spamhaus but Yahoo claims its on the PBL. Four requests to Yahoo and no response although they promise to respond within 48 hours.
    Looks like their PBL list isn’t working properly.

  • Yes I have the same problem. Our mail server is not listed on any of Spamhauses databases yet I am getting bounces back from Yahoo stating that we are in fact on the Spamhaus XBL. I would like to co-op with whoever else is having the problem to get it fixed.
    Tyler Kasten
    415-328-5403
    tyler@onixwebdesign.com

  • If anyone having this problem would like me to ask both Yahoo and Spamhaus about it, please send me an email with the IP address that was rejected, when it was rejected and the full rejection message. My email address is laura at wordtothewise.com. I will see if I can get an explanation from either entity and let people know.

  • Just to let you gals and guys know that Yahoo no longer seems to be rejecting emails sent from PBL-listed IP addresses (PBL-Public Policy List). Those emails now seem to be pushed straight into the spam folder, probably without being processed by spam filters, instead of being rejected outright. How do I know that? I have received 2 100% non-spam emails in my spam folder in the last 24 hours and they were both listed in PBL and PBL only.
    Hoping that this is a permanent policy change on Yahoo’s part.
    (I originally posted this message and some further background to the PBL blocklist in ‘Yahoo delays, part 4’ on this website.)

By laura

Recent Posts

Archives

Follow Us