Jump to content

Yahoo spam


Recommended Posts

Hello everyone,

I'm quite happy with my SMTP (postfix) spam protection, it uses several RBL's and also a list of milters for content scanning, including grey listing.

But, I do get some spam, all of them seem to have one common characteristic, they come from yahoo. Maybe yahoo with its current financial problems has started accepting "donations" to forward spam?

My question is what to do with yahoo. Their servers pass all the typical tests (SPF, etc) so their emails seem quite legitimate. Since I don't want to block yahoo entirely, is there some other trick that you guys have come up with?

Thank you.

Link to comment
Share on other sites

That is always a problem. Everyone struggles with the issue of the balance between false-positives, missing valid emails, and false-negatives, getting some spam.

This is often a problem with large providers like Yahoo where you can not use the domain nor IP addresses to filter incoming email.

Link to comment
Share on other sites

Ah, Yahoo. When I was running my own server a few years back, also Postfix, at least 90% of the incoming mail that had some kind of connection with Yahoo (either implied by the alleged sender, or arriving via one of their servers) was spam. My solution was to have a blanket ban on mail from Yahoo. There was the occasional bit of work on my part reviewing what had been rejected, so I could manually maintain a small list of exceptions.

Link to comment
Share on other sites

  • 1 month later...

I would have to concur with this post. 95% of the spam I receive comes from Yahoo e-mail servers.

Received: from [] by tm13.bullet.mail.bf1.yahoo.com

Received: from [] by nm18.bullet.mail.bf1.yahoo.com

Received: from [] by tm17.bullet.mail.bf1.yahoo.com

Received: from [] by nm16.bullet.mail.bf1.yahoo.com

Received: from nm16.bullet.mail.bf1.yahoo.com ([])

Received: from [] by tm17.bullet.mail.bf1.yahoo.com

Received: from [] by nm1.bullet.mail.bf1.yahoo.com

Received: from [] by nm23.bullet.mail.ne1.yahoo.com with NNFMP; 31 Mar 2016 21:48:26 -0000

Received: from [] by tm14.bullet.mail.ne1.yahoo.com with NNFMP; 31 Mar 2016 21:48:26 -0000

And then, they domain name for the spamming site is from goDaddy.
Hardly get spam from other e-mail servers....maybe I should knock on wood.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...