Problems with Yahoo FBL

There are a couple problems I’ve been alerted to with the Yahoo FBL today.
The first comes from Michael Ellis and is about broken FBL reporting at Yahoo.

[In Firefox and Chrome] If you see a email in the junk folder and open it, then click this is not spam; it tosses you out of the email and back into the junk folder list view and the email is still there. It has also reported it as another Feedback Loop complaint. Only if you hit this is not spam in the junk folder list view does it go to the Inbox.

The second is from Al Iverson. Currently the Yahoo FBL management page is down. A issue has been opened to get this fixed.

Related Posts

Happy Sweet 16, Yahoo.

Yahoo mail turns 16 today, and in celebration Yahoo is giving all their mail users presents.

Read More

Yahoo update

It has been quite a while since I have had the opportunity to share information about Yahoo here on the blog, but there is new information to share.
Yesterday, Mark Risher from Yahoo spent some time talking with people about all things spam over at Yahoo. Matt from EmailKarma posted the transcripts as well as some excerpts from the talk. The really interesting bit, for me, was confirmation that Yahoo will be bringing back their FBL in the next few weeks. I have been hearing rumors about the return of the FBL for a while now, and it seems the general timeline (fall-ish) is accurate.
Speaking of the feedback loop, there have also been rumors that Yahoo is not accepting any changes to existing feedback loops. This does not seem to be the case. According to an internal person, companies who are currently in the beta FBL program can make changes to the program by contacting the postmaster team.

Read More

Open relays

Spamhaus wrote about the return of open relays yesterday. What they’re seeing today matches what I see: there is fairly consistent abuse of open relays to send spam. As spam problems go it’s not as serious as compromised machines or abuse-tolerant ESPs / ISPs/ freemail providers – either in terms of volume or user inbox experience – but it’s definitely part of the problem.
I’m not sure how much of a new problem it is, though.
Spammers scan the ‘net for mailservers and attempt to relay email through them back to email addresses they control. Any mail that’s delivered is a sign of an open relay. They typically put the IP address of the mailserver they connected to in the subject line of the email, making it easy for them to mechanically extract a list of open relays.
We run some honeypots that will accept and log any transaction, which looks just like an open relay to spammers other than not actually relaying any email. They let us see what’s going on. Here’s a fairly typical recent relay attempt:

Read More