Re: [exim] [Exim-Users] Problem setting up exim 4.80.1 with …

Top Page
Delete this message
Reply to this message
Author: Alexandru Vladulescu
Date:  
To: exim-users
Subject: Re: [exim] [Exim-Users] Problem setting up exim 4.80.1 with Domain Keys signing
The most spam-related issues with my legit outgoing email I had were
with Yahoo ...

IIRC from my tests which drove me insane, Yahoo seemed to check if the
From header has matching words as the From envelope (note that these
two are not one and the same) and also does similar check on the
Return-Path header. It was extremely hard to send email on-behalf-of
style. Adding Reply-To was making it worse IIRC. They also don't explain
the checks they are doing and it's close to impossible to reach them to
inquire about this in order to adjust your setup.

I just gave up on Yahoo in the end. Not that I adore Google, but I had
far less trouble with Gmail.

Exim does not directly support DomainKeys (it does DKIM) but Yahoo
checks both. There seems to be nothing wrong with your DKIM setup.

@Lena: Blacklisting entire IP blocks at first spam is a bit harsh ... or
maybe Romania has a special place in your heart.

Alex.


On 24 Jul 13 3:20 pm, Lena [at] lena wrote:
>> From: Alexandru Vladulescu <avladulescu [at] hosthub>
>
>> we have mail service providers like Yahoo, that
>> still decide to look-up over the Domain Keys for email headers
>> signature.
>
> yahoo looks for either DomainKeys or DKIM.
>
>> The result is that my emails to them are getting marked as SPAM.
>
> Not because you sign with DKIM without DomainKeys.
> Sign up for http://feedbackloop.yahoo.net
> http://help.yahoo.com/kb/index?locale=en_US&page=content&id=SLN3438
>
>> SPF check: pass
>> DomainKeys check: neutral
>> DKIM check: pass
>
> That's enough signing.
>
>> SpamAssassin check: ham/
>
> If your yahooMail recipients click "this is spam" then yahoo believes
> that it is spam.
> If your yahooMail recipient reads your message in Spam folder and then
> deletes the message then you'll get feedback loop message and yahoo will
> consider that as the user's confirmation that the message was spam -
> stupid, but that's yahoo for you.
>
> I blacklist entire blocks of IP-addresses in Romania at first spam.
>


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


Interesting feedback !

Still, how to make exim sign both DKIM and DomainKeys while it can
increase the delivery score ? I know it's possible with postfix,
although I love both.

Another trick that I consider doing in this case is to setup a 25 port
postfix (buffer-localhost-relay; dummy forward only from outside to
inside and inside to outside, but not open relay ) that could handle the
signing of both.

The scenario I will setup for test is the following:

  * Port 25 Internet <----> Postfix (relay buffer & singing practices
    through opendkim milter ) <---> <Some other port, eg localhost:2525
     > Delivery to Main Exim Framework
  * For remote user accounting, we can still use the 465, 587 going
    directly to Exim Framework.



Going to get back to you after the integration of the upper scheme.


Thanks,
Alex V